Crash in [@ mozilla::detail::MutexImpl::lock | nsZipArchive::GetItem]
Categories
(Core :: Networking: JAR, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr91 | --- | unaffected |
firefox98 | --- | unaffected |
firefox99 | --- | unaffected |
firefox100 | --- | fixed |
People
(Reporter: calixte, Assigned: jesup)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: crash, csectype-nullptr, sec-other, Whiteboard: [post-critsmash-triage])
Crash Data
Attachments
(1 file)
Crash report: https://crash-stats.mozilla.org/report/index/9a0842e6-4bc1-4d46-acd5-2ee5a0220326
Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Top 10 frames of crashing thread:
0 libsystem_pthread.dylib pthread_mutex_lock
1 libmozglue.dylib mozilla::detail::MutexImpl::lock mozglue/misc/Mutex_posix.cpp:118
2 XUL nsZipArchive::GetItem modules/libjar/nsZipArchive.cpp:413
3 XUL mozilla::FileLocation::GetData xpcom/build/FileLocation.cpp:156
4 XUL mozilla::URLPreloader::URLEntry::ReadLocation js/xpconnect/loader/URLPreloader.cpp:632
5 XUL mozilla::URLPreloader::Read js/xpconnect/loader/URLPreloader.cpp:523
6 XUL nsComponentManagerImpl::RegisterManifest xpcom/components/nsComponentManager.cpp:703
7 XUL nsComponentManagerImpl::AddBootstrappedManifestLocation xpcom/components/nsComponentManager.cpp:1845
8 XUL NS_InvokeByIndex
9 XUL XPCWrappedNative::CallMethod js/xpconnect/src/XPCWrappedNative.cpp:1130
There are 4 crashes (from 1 installation) in nightly 100 with buildid 20220325214737. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1744043.
[1] https://hg.mozilla.org/mozilla-central/rev?node=17a501a19918
Reporter | ||
Updated•2 years ago
|
Reporter | ||
Updated•2 years ago
|
Updated•2 years ago
|
Comment 1•2 years ago
|
||
This is a null deref, so I'll mark it sec-other. It probably doesn't really need to be hidden.
The URL preloader is in the stack, so maybe this is related to bug 1724336.
Assignee | ||
Comment 2•2 years ago
|
||
So, really one crash -- appears to be a single installation, just multiple reports. Also a startup crash. Very likely the file was not accessible, and so OpenArchive returned null (which causes the crash). The old code set mZip to an empty nsZipArchive, then called OpenArchive on that -- and ignored the result. GetItem would simply fail in that case, and we'd return NS_ERROR_FILE_UNRECOGNIZED_PATH.
Assignee | ||
Comment 3•2 years ago
|
||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Comment 4•2 years ago
|
||
Handle failed OpenArchive in FileLocation r=nika
https://hg.mozilla.org/integration/autoland/rev/1bdd52fa9b1c0746ad6738c4dd79d571419ec4aa
https://hg.mozilla.org/mozilla-central/rev/1bdd52fa9b1c
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Description
•