Closed Bug 750625 Opened 14 years ago Closed 13 years ago

crash in nsUrlClassifierPrefixSet::GetPrefixes

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Version:
13 Branch
Platform:
All
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 17
Tracking Flags:
Tracking Status
firefox13 + fixed
firefox14 --- fixed

People

(Reporter: scoobidiver, Assigned: gcp)

References

Details

(Keywords: crash, regression)

Crash Data

It's #21 top browser crasher in 13.0b1 with many dupes and first appeared in 13.0a1/20120211. The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=fb81c9a433e4&tochange=d71dab82fff4 It has never shown up in crash stats after 14.0a1/20120418. Signature nsUrlClassifierPrefixSet::GetPrefixes(unsigned int*, unsigned int**) More Reports Search UUID 0a5b9e22-9f79-44a1-9f52-80cd02120501 Date Processed 2012-05-01 00:29:40 Uptime 80 Last Crash 1.4 minutes before submission Install Age 2.5 days since version was first installed. Install Time 2012-04-28 13:03:01 Product Firefox Version 13.0 Build ID 20120425123149 Release Channel beta OS Windows NT OS Version 5.1.2600 Service Pack 2 Build Architecture x86 Build Architecture Info GenuineIntel family 15 model 3 stepping 4 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x7d03000 App Notes AdapterVendorID: 0x8086, AdapterDeviceID: 0x2572, AdapterSubsysID: 12bc103c, AdapterDriverVersion: 6.14.10.4363 D3D10 Layers? D3D10 Layers- D3D9 Layers? D3D9 Layers- EMCheckCompatibility True Total Virtual Memory 2147352576 Available Virtual Memory 1928089600 System Memory Use Percentage 84 Available Page File 213168128 Available Physical Memory 40714240 Frame Module Signature Source 0 xul.dll nsUrlClassifierPrefixSet::GetPrefixes toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp:275 1 xul.dll mozilla::safebrowsing::LookupCache::GetPrefixes toolkit/components/url-classifier/LookupCache.cpp:778 2 xul.dll mozilla::safebrowsing::Classifier::ApplyTableUpdates toolkit/components/url-classifier/Classifier.cpp:530 3 xul.dll mozilla::safebrowsing::Classifier::ApplyUpdates toolkit/components/url-classifier/Classifier.cpp:366 4 xul.dll nsUrlClassifierDBServiceWorker::ApplyUpdate toolkit/components/url-classifier/nsUrlClassifierDBService.cpp:660 5 xul.dll nsUrlClassifierDBServiceWorker::FinishUpdate toolkit/components/url-classifier/nsUrlClassifierDBService.cpp:634 6 xul.dll nsRunnableMethodImpl<unsigned int obj-firefox/dist/include/nsThreadUtils.h:345 7 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:657 8 xul.dll nsThread::ThreadFunc xpcom/threads/nsThread.cpp:289 9 nspr4.dll _PR_NativeRunThread nsprpub/pr/src/threads/combined/pruthr.c:426 10 nspr4.dll pr_root nsprpub/pr/src/md/windows/w95thred.c:122 11 msvcr100.dll _callthreadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:314 12 msvcr100.dll _threadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:292 13 kernel32.dll BaseThreadStart More reports at: https://crash-stats.mozilla.com/report/list?signature=nsUrlClassifierPrefixSet%3A%3AGetPrefixes%28unsigned+int*%2C+unsigned+int**%29
QA can anyone reproduce this or get STR?
tracking-firefox13: ?+
Keywords: qawanted
(In reply to Lukas Blakk [:lsblakk] from comment #1) > QA can anyone reproduce this or get STR? I'm not even sure where to begin. There are no comments in the crash reports and I don't see any correlations.
Hey Gavin, we don't have any good leads for QA to pick up on, but we do know that this topcrash was fixed on or soon after 14.0a1/20120418. Any suspect (or rather beneficial) changes in that build?
Assignee: nobody → gavin.sharp
Keywords: qawanted
gcp backed out bug 673470 on April 20th. That backout also made it to beta (bug 673470 comment 100).
Assignee: gavin.sharp → gpascutto
Blocks: 673470
I backed the relevant code out of beta the 1st of May, so betas built after that date should be unaffected. http://hg.mozilla.org/releases/mozilla-beta/annotate/f16e48c88ac3/toolkit/components/url-classifier/nsUrlClassifierPrefixSet.cpp#l275 The sanity/corruption check on line 361 should be done before line 275 too.
There are no crashes in versions above 13.0b1.
Keywords: topcrash
The code that was causing this is landing again in bug 673470, but has a fix applied: https://hg.mozilla.org/integration/mozilla-inbound/rev/4c01bc89b521
https://hg.mozilla.org/mozilla-central/rev/4c01bc89b521
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 17
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.