Closed
Bug 200119
Opened 21 years ago
Closed 19 years ago
crash when I shutdown (StopCRLUpdateTimer) [@ nsHashtable::Reset ]
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: bugzilla, Assigned: KaiE)
References
Details
(Keywords: crash, fixed1.8.1)
Crash Data
Attachments
(3 files, 5 obsolete files)
965 bytes,
patch
|
Details | Diff | Splinter Review | |
4.69 KB,
patch
|
Details | Diff | Splinter Review | |
2.72 KB,
patch
|
darin.moz
:
review+
Bienvenu
:
superreview+
KaiE
:
approval-branch-1.8.1+
|
Details | Diff | Splinter Review |
I seem to crash when I shutdown mozilla TB18687205X
Comment 1•21 years ago
|
||
build id?
Reporter | ||
Comment 2•21 years ago
|
||
2003033108
Reporter | ||
Comment 3•21 years ago
|
||
also crash when I shutdown after XPI install: TB18690017G not sure if the crash is the same...
Comment 4•21 years ago
|
||
Henrik: Still a problem ? If yes: we need a new Tb ID
Reporter | ||
Comment 5•21 years ago
|
||
TB20651765Y still crash everytime I'm using Proxomitron as Proxy
Comment 6•21 years ago
|
||
Incident ID 18687205 Stack Signature 0x002801fc 373b2b99 Product ID MozillaTrunk Build ID 2003033105 Trigger Time 2003-04-01 07:18:06 Platform Win32 Operating System Windows NT 5.0 build 2195 Module URL visited User Comments shutting down mozilla Trigger Reason Access violation Source File Name Trigger Line No. Stack Trace 0x002801fc nsHashtable::Reset [c:/builds/seamonkey/mozilla/xpcom/ds/nsHashtable.cpp, line 337] nsHashtable::Reset [c:/builds/seamonkey/mozilla/xpcom/ds/nsHashtable.cpp, line 322] nsNSSComponent::StopCRLUpdateTimer [c:/builds/seamonkey/mozilla/security/manager/ssl/src/nsNSSComponent.cpp, line 888] 0x80000000 nsObserverService::NotifyObservers [c:/builds/seamonkey/mozilla/xpcom/ds/nsObserverService.cpp, line 212] nsProfile::ShutDownCurrentProfile [c:/builds/seamonkey/mozilla/profile/src/nsProfile.cpp, line 1331] DoOnShutdown [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 777] main [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1650] WinMain [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1666] WinMainCRTStartup() KERNEL32.dll + 0x2847c (0x77ea847c) Gemal: And you also crash with a more recent build ? -> XPCOM (or NSS ?)
Assignee: asa → dougt
Component: Browser-General → XPCOM
Keywords: stackwanted
QA Contact: asa → scc
Whiteboard: TB18687205X
Comment 7•21 years ago
|
||
NSS first.
Assignee: dougt → mstoltz
Component: XPCOM → Security: General
QA Contact: scc → carosendahl
Comment 8•21 years ago
|
||
Everyone seems to think that mstoltz is the NSCP TOP developer (because he get's all the PSM/NSS Bugs) -> PSM (looks more like PSM than NSS if I watch CVS log for that file)
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: carosendahl → bmartin
Version: Trunk → unspecified
Reporter | ||
Comment 9•21 years ago
|
||
I still crash and submit talkback's everytime... TB20953069E
Reporter | ||
Comment 10•21 years ago
|
||
Now I've been crashing at shutdown for the last 4 month! HELP! I keep submitting crash reports so it must be a top crash...:( TB21752103Y
Reporter | ||
Comment 11•21 years ago
|
||
it seems to have something to do with enabling the CRL update. Whenever I have the Certificate Revoke list enabled I crash after browsing around on https sites.
Summary: crash when I shutdown → crash when I shutdown (StopCRLUpdateTimer)
Comment 12•21 years ago
|
||
Same here with 1.4 on MacOSX , both 1.4 and 1.5a on RH 8.0. Only happens with CRL autoupdate enabled and software security device logged in. Then it happens every "quit" but CRL autoupdate only works once. Talkback is enabled. Perhaps related to http://bugzilla.mozilla.org/show_bug.cgi?id=198371 ?
Comment 13•21 years ago
|
||
1.5b, no change. Still crashes every shutdown with security device logged in and crl autoupdate enabled.
Comment 14•21 years ago
|
||
Adding NSS folks to CC list.
Comment 15•21 years ago
|
||
The crash is not in NSS, but PSM, according to the posted stack in comment #6. I couldn't access the talkback server tonight to look at the other incidents.
Comment 17•20 years ago
|
||
The CRL timer code looks dodgy. It looks like shutdown could happen while the timer is firing, causing the update thread to lock a lock that was freed by the shutdown thread.
Comment 18•20 years ago
|
||
*** Bug 201230 has been marked as a duplicate of this bug. ***
Updated•20 years ago
|
Summary: crash when I shutdown (StopCRLUpdateTimer) → crash when I shutdown (StopCRLUpdateTimer) [@ nsHashtable::Reset ]
Comment 19•20 years ago
|
||
*** Bug 242328 has been marked as a duplicate of this bug. ***
Comment 20•20 years ago
|
||
I have submitted 242328 which is a dup of this bug and did some testing : If i uncheck "Enable Automatic Update for this CRL" in Edit / Preferences / Privacy & Security / Validation / Manage CRLs / Settings the crash does not happen anymore. Hope this helps a little. PS : In my experience, contrary to what is said in comment #11, the crash happens whether or not you browse https sites or not when the auto update is enabled.
Comment 21•20 years ago
|
||
*** Bug 249177 has been marked as a duplicate of this bug. ***
Comment 22•20 years ago
|
||
Firefox 0.9.1 crash (Windows 2000) on exit when auto updated crl checking is on and https-page with certificate affiliated to this crl is visited. In my opinion this is very bad sign of instability since it's in security features, even though it occurs only on exit.
Comment 23•20 years ago
|
||
*** Bug 251746 has been marked as a duplicate of this bug. ***
Comment 24•20 years ago
|
||
Ahhh. I did update the CRL also.
Comment 25•20 years ago
|
||
*** Bug 253350 has been marked as a duplicate of this bug. ***
Comment 26•20 years ago
|
||
*** Bug 273605 has been marked as a duplicate of this bug. ***
Comment 27•19 years ago
|
||
*** Bug 261062 has been marked as a duplicate of this bug. ***
Updated•19 years ago
|
Assignee: nobody → kaie
QA Contact: bmartin
Comment 28•19 years ago
|
||
*** Bug 289837 has been marked as a duplicate of this bug. ***
Comment 29•19 years ago
|
||
*** Bug 301546 has been marked as a duplicate of this bug. ***
Comment 30•19 years ago
|
||
I submitted the latest bug report to marked as a dupe pointing back to this ancient report. This is an extremely old bug and yet no progress seems forthcoming. Is anyone actively looking at the problem- this bug report is not even marked ASSIGNED? I have solved the problem locally by disabling CRL auto-updating as described in the earlier commens, but it seems like something that should be fixed promptly..
Reporter | ||
Comment 31•19 years ago
|
||
people have other tasks/little time but if you're a c++ coder you're more than welcome to try to where/why it crashes and submit a patch.
Comment 32•19 years ago
|
||
I realize there are many tasks and too few people to perform them. Unfortunately, I'm not a C++ programmer (Java or .NET/C# though) or I would have loved to look at the bug myself. My question was directed to the fact that the bug is verified and is classified as 'critical' and yet seems not to have received any real attention since march 2004 (comment #17). If we are content to leave the bug for now, shouldn't it be reclassified to a lower priority?
Comment 33•19 years ago
|
||
*** Bug 299253 has been marked as a duplicate of this bug. ***
Comment 34•19 years ago
|
||
*** Bug 307186 has been marked as a duplicate of this bug. ***
Comment 35•19 years ago
|
||
I've been crashing at shutdown for at least the last 12 months ! Win2000 SP4(5) with Firefox 0.8-1.0.6 I confirm behaviour in comment #20 and comment #22 I am a Thawte + CAcert user, it is really *annoying* The linux version with X11 emulator under W2K is fine but not in my field of interest. crash short list (2 last months) TB9235831W, TB9226332W, TB9219120M, TB9215502X, TB9195940K, TB9191779Z, TB9188974G, TB9165282W, TB9161987M, TB9127629Q, TB9120003E, TB9096718K, TB9088098E, TB9066816G, TB9059890Q, TB9048507Z, TB9048113W, TB9023519K, TB9015509M, TB9014218K, TB9009760G, TB9005945H, TB9003289X, TB8986740H, TB8967545Y, TB8953333Q, TB8941189W, TB8915950K, TB8905466H, TB8883899E, TB8879257X, TB8878256E, TB8873573K, TB8856706E, TB8843859K, TB8839111Q, TB8834382X, TB8830604Y, TB8827832E, TB8827457W, TB8820963E, TB8820907X, TB8820815H, TB8809542X, TB8784361G, TB8784010M, TB8782845Q, TB8781567W, TB8717824E, TB8717278Z, TB8690024Y, TB8689721H, TB8689571G, TB8689092Y, TB8688111X, TB8680259H, TB8677712Q, TB8654833W, TB8652708H, TB8647012X, TB8644353Y, TB8643055E, TB8640792G, TB8622034E, TB8598884Y, TB8597882K, TB8597386Q, TB8596694K, TB8587150X, TB8587080W, TB8586533Q, TB8585845M, TB8584814G, TB8583866H, TB8583805E, TB8583759Z, TB8583581X, TB8583476E, TB8582669G, TB8579858Q, TB8576133W, TB8574543Y, TB8573678K, TB8572431Y, TB8561041Y, TB8560747G, TB8560208M, TB8552728G, TB8552289M, TB8535921M, TB8532981G, TB8531521W, TB8522511Y, TB8519345W, TB8503753Z, TB8500933E, TB8499538E, TB8496484E, TB8495539H, TB8495095Q, TB8493590X, TB8485094E, TB8483936M, TB8470636Q, TB8468064M, TB8465143Z, TB8439475Y, TB8435314K, TB8405022Y, TB8404791Z, TB8404719E, TB8389926E, TB8387919X, TB8385416W, TB8376406Y, TB8375648W, TB8372257Z, TB8371489Z, TB8363646M, TB8363497H, TB8363487K, TB8363361E, TB8363252G, TB8363227K, TB8363083E, TB8363007Z, TB8362924W, TB8362636W, TB8362500M, TB8355492K, TB8348579X, TB8348323E, TB8315428W, TB8314919Q, TB8312681K, TB8311804H, TB8310409G, TB8309940Y, TB8309546K, TB8293587Q, TB8275481K, TB8274424M, TB8255640Y, TB8241399Y, TB8234389Y
Comment 36•19 years ago
|
||
Occurs also with lastest beta of Deeper Park
Comment 37•19 years ago
|
||
related question : does the CRL auto-update stopped affect OCSP responder requests ? (my guess : no) if not, CAcert offers OCSP so it's a less important problem.
Comment 38•19 years ago
|
||
after reactivating all the CRL, I can no longer reproduce the bug ???
Comment 39•19 years ago
|
||
Arg ! it's back... annoying
Assignee | ||
Comment 40•19 years ago
|
||
Looking at the code, I see one possibility for a crash: If a call to StopCRLUpdateTimer happens at about the same time as singleton nsNSSComponent gets destroyed. The call to StopCRLUpdateTimer is triggered by an event, PROFILE_BEFORE_CHANGE_TOPIC. If that event were synchronous and happened before destroying nsNSSComponent, we should not see the crash. As I have no idea if that is true, let's try to make our code safer. Both function StopCRLUpdateTimer and the destructor of nsNSSComponent have similar cleanup code. Looking at the stack trace in comment 6, I conclude variable crlsScheduledForDownload had a valid pointed at the time we called Enumerate(), but the variable was no longer valid when it executed the following line, trying to execute Reset(), but triggering the crash. This could happen if one thread processed the mentioned event, and the other the destructor. Therefore I propose we protect the cleanup code with a lock. Luckily we already have an appropriate lock and just need to protect some additional actions. I will attach a patch shortly, that can not cause any harm, but possibly fix the crash. We should land it and give it a try.
Assignee | ||
Comment 41•19 years ago
|
||
Assignee | ||
Updated•19 years ago
|
Attachment #196606 -
Flags: review?(darin)
Comment 42•19 years ago
|
||
Comment on attachment 196606 [details] [diff] [review] Patch v1 >+ nsHashtable *ht_to_cleanup = nsnull; ... >+ ht_to_cleanup = crlsScheduledForDownload; nit: Move declaration of ht_to_cleanup down to here, where it is assigned a value. >+ nsHashtable *ht_to_cleanup = nsnull; ... >+ ht_to_cleanup = crlsScheduledForDownload; Same here. r=darin
Attachment #196606 -
Flags: review?(darin) → review+
Comment 43•19 years ago
|
||
can we drive this forward? I'm happy to sr it if that helps.
Comment 44•19 years ago
|
||
*** Bug 258847 has been marked as a duplicate of this bug. ***
Assignee | ||
Comment 45•19 years ago
|
||
Updated patch as requested, has r=darin
Attachment #197821 -
Flags: review+
Assignee | ||
Updated•19 years ago
|
Attachment #196606 -
Attachment is obsolete: true
Assignee | ||
Updated•19 years ago
|
Attachment #197821 -
Flags: superreview?(dveditz)
Assignee | ||
Updated•19 years ago
|
Attachment #197821 -
Flags: superreview?(dveditz) → superreview?(bienvenu)
Comment 46•19 years ago
|
||
Comment on attachment 197821 [details] [diff] [review] Patch v2 this looks like it would help - but I'm worried about the lock itself. By the same logic, couldn't the destructor destroy mCrlTimerLock before StopCRLUpdateTimer tries to use it? Moving up the clearing of mUpdateTimerInitialized in the destrcutor to right after we release the lock and before we destroy it also might help here.
Attachment #197821 -
Flags: superreview?(bienvenu) → superreview+
Assignee | ||
Comment 47•19 years ago
|
||
You are right, we should improve it more. I agree updating the mUpdateTimerInitialized variable should be protected by the lock, too. And actually, since the crash is happening so often for some users, it seems to be likely, that we indeed have a race between the destructor and the cleanup code, triggered by profile manager events. I noticed that mCrlTimerLock has a confusing lifetime, I am changing it to live as long as nsNSSComponent. In addition, crlDownloadTimerOn signals, whether the timer is currently running. If that is detected in the destructor, we cancel the timer. However, at that time, the timer event might have already come in, and the receiving function might wait on our timer lock. When the destroctur frees the lock, the timer processing function might continue, even though destruction is already finished. Because of that, I'm changing the time processing function (Notify) to re-test a variable after having obtained the lock. If it discovers that the timer is no longer initialized, it will stop. To make sure the nsNSSComponent lives as long as the timer processing function is finished, we will acquire the timer lock again, just before returning from the destructor. Yet another change, the Init code can run multiple times, in a profile changing application. However, the Init code does not yet use the lock, I am changing that, too. And the code to cleanup the timer is now the same as in StopCRLUpdateTimer, so let's just make of the the function by calling it.
Assignee | ||
Comment 48•19 years ago
|
||
David, what do you think?
Attachment #197821 -
Attachment is obsolete: true
Attachment #198812 -
Flags: superreview?(bienvenu)
Comment 49•19 years ago
|
||
I've applied the patch and am looking at the code as a whole... one thing that would help readability is to fix the naming convention for some of the member vars, e.g., crlDownloadTimerOn should be mCrlDownloadTimerOn, crlsScheduledForDownload, etc...
Comment 50•19 years ago
|
||
Comment on attachment 198812 [details] [diff] [review] Patch v3 looks ok, thx. We should get some baking on the trunk for this...
Attachment #198812 -
Flags: superreview?(bienvenu) → superreview+
Assignee | ||
Comment 51•19 years ago
|
||
Comment on attachment 198812 [details] [diff] [review] Patch v3 Hi Darin, as the patch has changed a lot, could you please have another look? Thanks.
Attachment #198812 -
Flags: review?(darin)
Comment 52•19 years ago
|
||
Comment on attachment 198812 [details] [diff] [review] Patch v3 >Index: security/manager/ssl/src/nsNSSComponent.cpp >+ // Should other code currently be processing a timer event, >+ // make sure this lives long enough. >+ >+ PR_Lock(mCrlTimerLock); >+ PR_Unlock(mCrlTimerLock); >+ >+ if (mCrlTimerLock) { >+ PR_DestroyLock(mCrlTimerLock); >+ mCrlTimerLock = nsnull; >+ } This looks problematic to me. How do you know that the thread "processing a timer event" is not about to acquire mCrlTimerLock when this code runs? I think this code may still crash. The usual solution to this sort of problem is to use a reference counter to determine when to destroy the mutex. For example, you could write a function like this: void ReleaseCrlTimerLock() { if (PR_AtomicDecrement(&mCrlTimerLockRefCnt) == 0) { PR_DestroyLock(mCrlTimerLock); mCrlTimerLock = nsnull; } } Then, have each thread call ReleaseCrlTimerLock when they are done with mCrlTimerLock. You'd of course have to make each thread take an "owning reference" to mCrlTimerLock by atomically incrementing mCrlTimerLockRefCnt at the right time. It might be nice to write a small class that represents a reference counted mutex.
Attachment #198812 -
Flags: review?(darin) → review-
Assignee | ||
Comment 53•19 years ago
|
||
Darin, you are right, however:
> You'd of course have to make each thread take
> an "owning reference" to mCrlTimerLock by atomically incrementing
> mCrlTimerLockRefCnt at the right time.
This is tricky. I don't know the right time. I suggest another approach.
To reiterate:
- nsNSSComponent is a singleton.
- it needs a timer, and timer processing code.
- the nsNSSComponent might get destroyed while the timer is still running.
My new suggestion:
- create a new helper class, nsCRLTimerProcessor
- have nsNSSComponent create an instance of nsCRLTimerProcessor
- nsCRLTimerProcessor contains a backpointer to nsNSSComponent, to trigger actual processing
- nsCRLTimerProcessor owns a mutex to protect itself
- nsCRLTimerProcessor is reference counted
- when nsNSSComponent gets destroyed, it notifies nsCRLTimerProcessor, which sets its backpointer to nsnull, so no further processing will happen, and dereferences nsCRLTimerProcessor
- whenever the timer is started, nsCRLTimerProcessor is increased, and when the timer fires, nsCRLTimerProcessor is decreased
- when nsCRLTimerProcessor realizes its no longer referenced, it destroys itself
Assignee | ||
Comment 54•19 years ago
|
||
While trying to reproduce the bug, with the CRL I was using, I noticed our code would schedule the CRL download in the future, or not at all. To allow for better testing, this patch changes our code to run the crl download timer every second.
Attachment #198812 -
Attachment is obsolete: true
Assignee | ||
Comment 55•19 years ago
|
||
Motivated by Darin's comment I worked on this patch. The idea behind the patch is outlined in my comment 53. However. During testing this patch, I realized the real cause for our bug might be a simple double free...! For now I will mark this patch as obsolete, because it might not be required. Maybe the cleanup is a good idea, but we might want to delay landing this code for a while. The CRL download timer is rarely used actually. Because of that, I have the feeling it's unlikely a race is causing the crash that is experienced so frequently. So my suggestion is: Let's postpone this patch for a while. If we want to land it, let's do it in a second, future step. I will attach another patch.
Assignee | ||
Updated•19 years ago
|
Attachment #201730 -
Attachment description: Patch to enhance thread safety - postponed → Patch to enhance thread safety - POSTPONED
Attachment #201730 -
Attachment is obsolete: true
Assignee | ||
Comment 56•19 years ago
|
||
When used in combination with the TESTING patch, after downloading a CRL and activating automatic update, this patch fixes the crash for me. The crash I see is in the PLD-Hashtable-Cleanup code. Our code inserts "new nsStringKey" items into nsHashtable. Before deleting the hashtable, we enumerate the items and clean the keys. But nsHashtable seems to have code to delete the keys, too. So I'm removing our cleanup, IMHO it's not required. Is my understanding correct? I noticed two other problems, which might not be related, but I think is a good idea to fix. nsNSSComponent implements nsITimerCallback, but does not specify that in the NS_IMPL_ISUPPORTS macro. And the constructor to nsHashtable ovbiously wanted to request threadsafety by setting the boolean parameter to PR_TRUE, but this does not match the constructor, which takes two arguments and has the threadsafety boolean as its second argument.
Attachment #201731 -
Flags: review?(darin)
Comment 57•19 years ago
|
||
> Our code inserts "new nsStringKey" items into nsHashtable.
> Before deleting the hashtable, we enumerate the items and clean the keys.
> But nsHashtable seems to have code to delete the keys, too.
> So I'm removing our cleanup, IMHO it's not required.
>
> Is my understanding correct?
Have you verified that the nsStringKey objects are deleted? Can you point me at the nsHashtable code that deletes the keys? Are you saying that PLDHashTableOps::clearEntry will be called when the PLDHashTable instance is finalized?
Assignee | ||
Comment 58•19 years ago
|
||
Darin, during my first testing, I had added some printf statements and saw that PLDHashTableOps::clearEntry got called during the call to Reset out hashtable, without using our clear function. But your words made me feel unsure, and I analyzed more. (Meanwhile I the hashtable code much better, so it was absolutely worth it.) I'm attaching this debugging version of the patch, which does not use nsStringKey, but uses a derived class, that dumps debugging statements to the console. When I run this code, and count the number of construction and destruction calls, they are balanced. While studying the code I learned that during nsHashTable::Put, a clone of the key will be made. Because of that, I'm deleting our key after inserting it. Actually, there is no need to create the key on the heap, on the stack will do, too.
Assignee | ||
Comment 59•19 years ago
|
||
This updated version of patch v4 does no longer leak the key.
Attachment #201731 -
Attachment is obsolete: true
Attachment #201731 -
Flags: review?(darin)
Assignee | ||
Comment 60•19 years ago
|
||
> Can you point me at the nsHashtable code that deletes the keys?
I added asm("int $3") to the testing code, here is the stack trace that cleans up our single hash table entry on calling nsHashtable::Reset
#0 0xb74f3069 in ~my_string_key (this=0x9a36c10) at /home/kaie/moz/170/mozilla/security/manager/ssl/src/nsNSSComponent.cpp:136
#1 0xb7826e83 in clearHashEntry (table=0x9cbb1a8, entry=0x9cda93c) at /home/kaie/moz/170/mozilla/xpcom/ds/nsHashtable.cpp:80
#2 0xb781fd4f in PL_DHashTableRawRemove (table=0x9cbb1a8, entry=0x9cda93c) at /home/kaie/moz/170/mozilla/xpcom/ds/pldhash.c:590
#3 0xb781fe26 in PL_DHashTableEnumerate (table=0x9cbb1a8, etor=0xb7827806 <hashEnumerateRemove>, arg=0x0)
at /home/kaie/moz/170/mozilla/xpcom/ds/pldhash.c:622
#4 0xb78278e8 in nsHashtable::Reset (this=0x9cbb1a0, destroyFunc=0, aClosure=0x0)
at /home/kaie/moz/170/mozilla/xpcom/ds/nsHashtable.cpp:336
#5 0xb7827888 in nsHashtable::Reset (this=0x9cbb1a0) at /home/kaie/moz/170/mozilla/xpcom/ds/nsHashtable.cpp:321
#6 0xb74f6430 in nsNSSComponent::StopCRLUpdateTimer (this=0x9cba940)
at /home/kaie/moz/170/mozilla/security/manager/ssl/src/nsNSSComponent.cpp:915
#7 0xb74f81bf in nsNSSComponent::Observe (this=0x9cba940, aSubject=0x9725f80, aTopic=0xb5cd780f "profile-before-change",
someData=0xb5cd78f8) at /home/kaie/moz/170/mozilla/security/manager/ssl/src/nsNSSComponent.cpp:1648
#8 0xb782c453 in nsObserverService::NotifyObservers (this=0x96cf080, aSubject=0x9725f80,
aTopic=0xb5cd780f "profile-before-change", someData=0xb5cd78f8)
at /home/kaie/moz/170/mozilla/xpcom/ds/nsObserverService.cpp:208
#9 0xb5cbe7d4 in nsProfile::ShutDownCurrentProfile (this=0x9725f80, shutDownType=1)
at /home/kaie/moz/170/mozilla/profile/src/nsProfile.cpp:1358
#10 0x08061b49 in DoOnShutdown () at /home/kaie/moz/170/mozilla/xpfe/bootstrap/nsAppRunner.cpp:806
#11 0x080649d5 in main (argc=3, argv=0xbfae2634) at /home/kaie/moz/170/mozilla/xpfe/bootstrap/nsAppRunner.cpp:1785
Assignee | ||
Updated•19 years ago
|
Attachment #201852 -
Flags: review?(darin)
Updated•19 years ago
|
Attachment #201852 -
Flags: review?(darin) → review+
Assignee | ||
Updated•19 years ago
|
Attachment #201852 -
Flags: superreview?(bienvenu)
Updated•19 years ago
|
Attachment #201852 -
Flags: superreview?(bienvenu) → superreview+
Assignee | ||
Comment 61•19 years ago
|
||
Checked in to trunk, hopefully the bug is fixed. Please test the next nightly build (starting tomorrow). If you still see the crash, please reopen the bug. (We shall then work on landing the thread safety enhancement)
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Comment 62•19 years ago
|
||
I had been experiencing the same symptoms for a while. But deleting my sole CRL seems to fix it. At this time of writing, enabling CRL will still crash-on-exit on at least 1.0.7, 1.5rc2 and rc3 and 1.5 Final, on WinXP-SP1. The following Talkbacks have been submitted by me while trying to troubleshoot the crash. There is a strong possibility that these are all related to this current bug: TB12618533Z, TB12618377G, TB12617941Q, TB12617822X, TB12617577X, TB12617469X, TB12617330G, TB12617201M, TB12617064W, TB12617063Y, TB12603519Q, TB12603451G, TB12581424M, TB12572158Z, TB12538263E, TB12514656K, TB12424831G, TB12410073W Fingers crossed.
Comment 63•19 years ago
|
||
ffbugs@optus.mm.st: does it crash on firefox-trunk nightlies?
Comment 64•19 years ago
|
||
To timeless: never tried nightlies. Though FF has not crashed since removing the CRL, after extensive testing. I'm now 95% sure that my crashes were related to this bug.
Comment 65•19 years ago
|
||
ffbugs@optus.mm.st: the fix for this bug is not in any of the Firefox releases you listed in comment 62. The bug fix is only in the Firefox trunk. Please help us verify the bug fix by testing a recent Firefox trunk nightly build (specifically, 2005-11-09 or later).
Comment 66•19 years ago
|
||
To comment #63 and #65: I have just downloaded and installed the latest nightly as of 5th December 2005, and reinstlaled the "offending" CRL from http://www1.hongkongpost.gov.hk/CA1_crl_archive/crl_2005_12/200512010115.crl and enabled auto-update of the CRL. The bug does seem to be fixed. I have not been able to reproduce the crash on this version. I will keep testing it for a few days - no news is good news.
Assignee | ||
Updated•19 years ago
|
Attachment #201852 -
Flags: branch-1.8.1+
Assignee | ||
Updated•19 years ago
|
Keywords: fixed1.8.1
Comment 67•18 years ago
|
||
*** Bug 357993 has been marked as a duplicate of this bug. ***
Comment 68•18 years ago
|
||
Removing myself from CC.
Comment 69•18 years ago
|
||
remove myself from CC
Assignee | ||
Comment 72•17 years ago
|
||
Comment on attachment 201852 [details] [diff] [review] Patch v5 Nominating this patch for the old 1.8.0 branch, see bug 374492.
Attachment #201852 -
Flags: approval1.8.0.13?
Attachment #201852 -
Flags: approval1.8.0.12?
Comment 73•17 years ago
|
||
Comment on attachment 201852 [details] [diff] [review] Patch v5 Too late for 1.8.0.12
Attachment #201852 -
Flags: approval1.8.0.12?
Updated•17 years ago
|
Attachment #201852 -
Flags: approval1.8.0.13? → approval1.8.0.14?
Updated•16 years ago
|
Attachment #201852 -
Flags: approval1.8.0.14?
Updated•13 years ago
|
Crash Signature: [@ nsHashtable::Reset ]
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•