Closed Bug 76915 Opened 23 years ago Closed 23 years ago

PSM2 segfault in CERT_LockDB() - N610, M092 & Trunk crash [@ CERT_LockDB]

Categories

(Core Graveyard :: Security: UI, defect, P1)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.1

People

(Reporter: percy, Assigned: inactive-mailbox)

References

Details

(4 keywords)

Crash Data

Attachments

(17 files)

Suggested (interim) fix
3.03 KB, patch
Details | Diff | Splinter Review
New Implementation, excluding new files (separately attached)
14.31 KB, patch
Details | Diff | Splinter Review
mozilla/security/manager/ssl/src/MANIFEST_NSSIFAIL
12 bytes, text/plain
Details
mozilla/security/manager/ssl/src/nssifail.txt
617 bytes, text/plain
Details
mozilla/xpfe/appshell/public/nsIOSAlert.idl
1.38 KB, text/plain
Details
mozilla/xpfe/appshell/src/nsOSAlert.h
1.07 KB, text/plain
Details
mozilla/xpfe/appshell/src/nsOSAlert.cpp
2.95 KB, text/plain
Details
additional patch needed (Makefile)
817 bytes, patch
Details | Diff | Splinter Review
Redesigned patch
13.00 KB, patch
Details | Diff | Splinter Review
Updated patch as described, not yet including wording changes
12.72 KB, patch
Details | Diff | Splinter Review
Updated patch, including Mac files and grammar changes
12.70 KB, patch
Details | Diff | Splinter Review
Sean's text
318 bytes, text/plain
Details
Patch revision 7
11.80 KB, patch
Details | Diff | Splinter Review
Patch revision 8
12.53 KB, patch
Details | Diff | Splinter Review
Revision 9 of patch, only one line changed.
12.70 KB, patch
Details | Diff | Splinter Review
Fix the wrong string. Identical to contents of mozilla/security/manager/ssl/src/nssifail.txt
1.53 KB, patch
Details | Diff | Splinter Review
Cleaned up indentation
1.59 KB, patch
Details | Diff | Splinter Review 
When starting mozilla (Solaris 2.6) from CVS (approx 20010420) --with-crypto, it
core dumps with the following backtrace:
#0  0xedd0d9dc in CERT_LockDB ()
#1  0xedd158c0 in SEC_DeleteTempNickname ()
#2  0xedd15ab4 in __CERT_NewTempCertificate ()
#3  0xedd15ad8 in CERT_NewTempCertificate ()
#4  0xedcdeb34 in pk11_fastCert ()
#5  0xedcdedc8 in PK11_MakeCertFromHandle ()
#6  0xedcdf29c in pk11_DoCerts ()
#7  0xedcdf3c0 in PK11_TraverseSlot ()
#8  0xedcdf61c in PK11_FreeSlotCerts ()
#9  0xedcdf6b4 in PK11_ReadSlotCerts ()
#10 0xedce43f8 in PK11_InitToken ()
#11 0xedce4628 in PK11_InitSlot ()
#12 0xedce1de8 in SECMOD_LoadModule ()
#13 0xedcf0db8 in SECMOD_AddModule ()
#14 0xedcf0ff4 in SECMOD_AddNewModule ()
#15 0xedcaa984 in nsNSSComponent::InstallLoadableRoots ()
#16 0xedcab394 in nsNSSComponent::Init ()
#17 0xedcaf51c in nsSSLIOLayerAddToSocket ()
#18 0xef683b7c in nsGenericFactory::CreateInstance ()
#19 0xef68147c in nsComponentManagerImpl::CreateInstance ()
#20 0xef6892b4 in nsComponentManager::CreateInstance ()
#21 0xef689fd4 in nsServiceManagerImpl::GetService ()
#22 0xef68a3d0 in nsServiceManagerImpl::GetService ()
#23 0xef68a6c8 in nsServiceManager::GetService ()
#24 0xef689744 in nsGetServiceByContractID::operator() ()
#25 0xef695f2c in nsCOMPtr_base::assign_from_helper ()
#26 0xee741f38 in GlobalWindowImpl::GlobalWindowImpl ()
#27 0xee74e4c8 in NS_NewScriptGlobalObject ()
#28 0xeddfbfac in nsDocShell::EnsureScriptEnvironment ()
#29 0xeddfd1ac in nsWebShell::GetInterface ()
#30 0xef695870 in nsGetInterface::operator() ()
#31 0xef695f2c in nsCOMPtr_base::assign_from_helper ()
#32 0xee6cbd58 in nsAppShellService::GetHiddenWindowAndJSContext ()
#33 0xee6ca8bc in nsAppShellService::SetXPConnectSafeContext ()
#34 0xee6cacc0 in nsAppShellService::CreateHiddenWindow ()
#35 0x15dfc in NS_CreateNativeAppSupport ()
#36 0x168d4 in main ()
Keywords: crash
Status: UNCONFIRMED → NEW
Ever confirmed: true
I vaguely recall that this is caused by an out of date NSS.  Please make sure 
mozilla/security/nss is up to date (pulled from NSS_CLIENT_TAG):

make -f client.mak pull_all BUILD_MODULES=psm2
Target Milestone: --- → 2.0
I remember that I have pulled the whole fresh tree from CVS using "cvs -z3 co
mozilla/client.mk && (cd mozilla; make -f client.mk checkout)". So I assume I
were building with a reasonably up-to-date NSS. Correct me if I am wrong.
Nothing changed with yesterdays cvs. It still crashes at the same place on startup
Since no one seems looking at it for a long time. I now post a detailed
backtrace with line numbers against the current CVS - hope that someone can
resolve it before 0.9.1. (It's absolutely irritating that I still have to use
PSM1 in order to do SSL when PSM2 is already out for few months already!)

#0  0xed2c5a8c in CERT_LockDB () at nsKeygenHandler.cpp:521
#1  0xed2cd970 in NewTempCertificate () at nsKeygenHandler.cpp:521
#2  0xed2cdb64 in __CERT_NewTempCertificate () at nsKeygenHandler.cpp:521
#3  0xed2cdb88 in CERT_NewTempCertificate () at nsKeygenHandler.cpp:521
#4  0xed296be4 in pk11_fastCert () at nsKeygenHandler.cpp:521
#5  0xed296e78 in PK11_MakeCertFromHandle () at nsKeygenHandler.cpp:521
#6  0xed29734c in pk11_DoCerts () at nsKeygenHandler.cpp:521
#7  0xed297470 in PK11_TraverseSlot () at nsKeygenHandler.cpp:521
#8  0xed2976cc in pk11_ExtractCertsFromSlot () at nsKeygenHandler.cpp:521
#9  0xed297764 in PK11_ReadSlotCerts () at nsKeygenHandler.cpp:521
#10 0xed29c4a8 in PK11_InitToken () at nsKeygenHandler.cpp:521
#11 0xed29c6d8 in PK11_InitSlot () at nsKeygenHandler.cpp:521
#12 0xed299e98 in SECMOD_LoadModule () at nsKeygenHandler.cpp:521
#13 0xed2a8e68 in SECMOD_AddModule () at nsKeygenHandler.cpp:521
#14 0xed2a90a4 in SECMOD_AddNewModule () at nsKeygenHandler.cpp:521
#15 0xed247820 in nsNSSComponent::InstallLoadableRoots (this=0x157450)
    at nsNSSComponent.cpp:227
#16 0xed2489a4 in nsNSSComponent::Init (this=0x157450)
    at nsNSSComponent.cpp:435
#17 0xed250084 in nsNSSComponentConstructor (aOuter=0x0, aIID=@0xee4fe820,
    aResult=0xefffee40) at nsNSSModule.cpp:43
#18 0xef5603b4 in nsGenericFactory::CreateInstance (this=0x1558c8, aOuter=0x0,
    aIID=@0xee4fe820, aResult=0xefffee40) at nsGenericFactory.cpp:55
#19 0xef55bd84 in nsComponentManagerImpl::CreateInstance (this=0x4eb58,
    aClass=@0xefffeef0, aDelegate=0x0, aIID=@0xee4fe820, aResult=0xefffee40)
    at nsComponentManager.cpp:1205
#20 0xef56b228 in nsComponentManager::CreateInstance (aClass=@0xefffeef0,
    aDelegate=0x0, aIID=@0xee4fe820, aResult=0xefffee40) at nsRepository.cpp:81
#21 0xef56cd24 in nsServiceManagerImpl::GetService (this=0x4b2b0,
    aClass=@0xefffeef0, aIID=@0xee4fe820, result=0xeffff064,
    shutdownListener=0x0) at nsServiceManager.cpp:344
#22 0xef56d490 in nsServiceManagerImpl::GetService (this=0x4b2b0,
    aContractID=0xee4fe8a8 "@mozilla.org/security/entropy;1",
    aIID=@0xee4fe820, result=0xeffff064, shutdownListener=0x0)
    at nsServiceManager.cpp:491
#23 0xef56dad0 in nsServiceManager::GetService (
    aContractID=0xee4fe8a8 "@mozilla.org/security/entropy;1",
    aIID=@0xee4fe820, result=0xeffff064, shutdownListener=0x0)
    at nsServiceManager.cpp:604
#24 0xef56bcc8 in nsGetServiceByContractID::operator() (this=0xeffff148,
    aIID=@0xee4fe820, aInstancePtr=0xeffff064) at nsServiceManager.cpp:64
#25 0xee4d6938 in nsCOMPtr<nsIEntropyCollector>::assign_from_helper (
    this=0xeffff158, helper=@0xeffff148, aIID=@0xee4fe820)
    at ../../../dist/include/nsCOMPtr.h:971
#26 0xee4db764 in nsCOMPtr<nsIEntropyCollector>::nsCOMPtr (this=0xeffff158,
    helper=@0xeffff148) at ../../../dist/include/nsCOMPtr.h:552
#27 0xee38fb08 in GlobalWindowImpl::GlobalWindowImpl (this=0x157270)
    at nsGlobalWindow.cpp:145
#28 0xee3a7adc in NS_NewScriptGlobalObject (aResult=0x1f44c8)
    at nsGlobalWindow.cpp:3974
#29 0xed3d6860 in nsDocShell::EnsureScriptEnvironment (this=0x1f4420)
    at nsDocShell.cpp:4827
#30 0xed3d8e2c in nsWebShell::GetInterface (this=0x1f4420, aIID=@0xee4f79c4,
    aInstancePtr=0xeffff3cc) at nsWebShell.cpp:328
#31 0xef58912c in nsGetInterface::operator() (this=0xeffff4c8,
    aIID=@0xee4f79c4, aInstancePtr=0xeffff3cc) at nsIInterfaceRequestor.cpp:37
#32 0xee4b1c78 in nsCOMPtr<nsIDOMWindowInternal>::assign_from_helper (
    this=0xeffff4d8, helper=@0xeffff4c8, aIID=@0xee4f79c4)
    at ../../../dist/include/nsCOMPtr.h:971
#33 0xee4dde10 in nsCOMPtr<nsIDOMWindowInternal>::nsCOMPtr (this=0xeffff4d8,
    helper=@0xeffff4c8) at ../../../dist/include/nsCOMPtr.h:552
#34 0xee047bd0 in nsAppShellService::GetHiddenWindowAndJSContext (
    this=0x17de60, aWindow=0xeffff570, aJSContext=0xeffff56c)
    at nsAppShellService.cpp:713
#35 0xee0454b0 in nsAppShellService::SetXPConnectSafeContext (this=0x17de60)
    at nsAppShellService.cpp:177
#36 0xee045abc in nsAppShellService::CreateHiddenWindow (this=0x17de60)
    at nsAppShellService.cpp:244
#37 0x22fb0 in main1 (argc=1, argv=0xeffff904, nativeApp=0x0)
    at nsAppRunner.cpp:983
#38 0x245e0 in main (argc=1, argv=0xeffff904) at nsAppRunner.cpp:1311
Keywords: mozilla0.9.1
Summary: PSM2 failed in CERT_LockDB() → PSM2 in Solaris 2.6 failed in CERT_LockDB()
Please ignore my last backtrace - I haven't rebuild the nss library with debug
info last time. This time for real. We seem to have pk11_fastCert() calling
CERT_NewTempCertificate() with a NULL handle. Any idea?

#0  0xed2a27a0 in CERT_LockDB (handle=0x0) at certdb.c:2289
#1  0xed2b3140 in NewTempCertificate (handle=0x0, derCert=0xefffe318,
    nickname=0x232790 "Builtin Object Token:Verisign/RSA Secure Server CA",
    isperm=0, copyDER=1, lockdb=1) at pcertdb.c:5046
#2  0xed2b3450 in __CERT_NewTempCertificate (handle=0x0, derCert=0xefffe318,
    nickname=0x232790 "Builtin Object Token:Verisign/RSA Secure Server CA",
    isperm=0, copyDER=1) at pcertdb.c:5165
#3  0xed2b3498 in CERT_NewTempCertificate (handle=0x0, derCert=0xefffe318,
    nickname=0x232790 "Builtin Object Token:Verisign/RSA Secure Server CA",
    isperm=0, copyDER=1) at pcertdb.c:5173
#4  0xed24aa88 in pk11_fastCert (slot=0x2308b0, certID=40, privateLabel=0x0,
    nickptr=0xefffe3ec) at pk11cert.c:391
#5  0xed24ae84 in PK11_MakeCertFromHandle (slot=0x2308b0, certID=40,
    privateLabel=0x0) at pk11cert.c:536
#6  0xed24b6a4 in pk11_DoCerts (slot=0x2308b0, certID=40, arg=0xefffe608)
    at pk11cert.c:782
#7  0xed24b8ec in PK11_TraverseSlot (slot=0x2308b0, arg=0xefffe5f8)
    at pk11cert.c:870
#8  0xed24bdc4 in pk11_ExtractCertsFromSlot (slot=0x2308b0, arg=0xefffe5f8)
    at pk11cert.c:1006
#9  0xed24be80 in PK11_ReadSlotCerts (slot=0x2308b0) at pk11cert.c:1040
#10 0xed254954 in PK11_InitToken (slot=0x2308b0, loadCerts=1)
    at pk11slot.c:1723
#11 0xed254d70 in PK11_InitSlot (mod=0x22fbb0, slotID=1, slot=0x2308b0)
    at pk11slot.c:1840
#12 0xed2507d8 in SECMOD_LoadModule (mod=0x22fbb0) at pk11load.c:231
#13 0xed26c090 in SECMOD_AddModule (newModule=0x22fbb0) at pk11util.c:403
#14 0xed26c468 in SECMOD_AddNewModule (
    moduleName=0x237628 "Builtin Roots Module",
    dllPath=0x22fae0
"/mnt/space/src/mozilla/build/mozilla/dist/mozilla/libnssckbi.so",
defaultMechanismFlags=0, cipherEnableFlags=0) at pk11util.c:505
#15 0xed1ca254 in nsNSSComponent::InstallLoadableRoots (this=0x15bf10)
    at nsNSSComponent.cpp:221
#16 0xed1cb3d8 in nsNSSComponent::Init (this=0x15bf10)
    at nsNSSComponent.cpp:429
#17 0xed1d2ab8 in nsNSSComponentConstructor (aOuter=0x0, aIID=@0xee4fe820,
    aResult=0xefffee50) at nsNSSModule.cpp:43
#18 0xef5603b4 in nsGenericFactory::CreateInstance (this=0x1558c8, aOuter=0x0,
    aIID=@0xee4fe820, aResult=0xefffee50) at nsGenericFactory.cpp:55
#19 0xef55bd84 in nsComponentManagerImpl::CreateInstance (this=0x4eb78,
    aClass=@0xefffef00, aDelegate=0x0, aIID=@0xee4fe820, aResult=0xefffee50)
    at nsComponentManager.cpp:1205
#20 0xef56b228 in nsComponentManager::CreateInstance (aClass=@0xefffef00,
    aDelegate=0x0, aIID=@0xee4fe820, aResult=0xefffee50) at nsRepository.cpp:81
#21 0xef56cd24 in nsServiceManagerImpl::GetService (this=0x4b2b0,
    aClass=@0xefffef00, aIID=@0xee4fe820, result=0xeffff074,
    shutdownListener=0x0) at nsServiceManager.cpp:344
#22 0xef56d490 in nsServiceManagerImpl::GetService (this=0x4b2b0,
    aContractID=0xee4fe8a8 "@mozilla.org/security/entropy;1",
    aIID=@0xee4fe820, result=0xeffff074, shutdownListener=0x0)
    at nsServiceManager.cpp:491
#23 0xef56dad0 in nsServiceManager::GetService (
    aContractID=0xee4fe8a8 "@mozilla.org/security/entropy;1",
    aIID=@0xee4fe820, result=0xeffff074, shutdownListener=0x0)
    at nsServiceManager.cpp:604
#24 0xef56bcc8 in nsGetServiceByContractID::operator() (this=0xeffff158,
    aIID=@0xee4fe820, aInstancePtr=0xeffff074) at nsServiceManager.cpp:64
#25 0xee4d6938 in nsCOMPtr<nsIEntropyCollector>::assign_from_helper (
    this=0xeffff168, helper=@0xeffff158, aIID=@0xee4fe820)
    at ../../../dist/include/nsCOMPtr.h:971
#26 0xee4db764 in nsCOMPtr<nsIEntropyCollector>::nsCOMPtr (this=0xeffff168,
    helper=@0xeffff158) at ../../../dist/include/nsCOMPtr.h:552
#27 0xee38fb08 in GlobalWindowImpl::GlobalWindowImpl (this=0x1feba8)
    at nsGlobalWindow.cpp:145
#28 0xee3a7adc in NS_NewScriptGlobalObject (aResult=0x202dc0)
    at nsGlobalWindow.cpp:3974
#29 0xed3d6860 in nsDocShell::EnsureScriptEnvironment (this=0x202d18)
    at nsDocShell.cpp:4827
#30 0xed3d8e2c in nsWebShell::GetInterface (this=0x202d18, aIID=@0xee4f79c4,
    aInstancePtr=0xeffff3dc) at nsWebShell.cpp:328
#31 0xef58912c in nsGetInterface::operator() (this=0xeffff4d8,
    aIID=@0xee4f79c4, aInstancePtr=0xeffff3dc) at nsIInterfaceRequestor.cpp:37
#32 0xee4b1c78 in nsCOMPtr<nsIDOMWindowInternal>::assign_from_helper (
    this=0xeffff4e8, helper=@0xeffff4d8, aIID=@0xee4f79c4)
    at ../../../dist/include/nsCOMPtr.h:971
#33 0xee4dde10 in nsCOMPtr<nsIDOMWindowInternal>::nsCOMPtr (this=0xeffff4e8,
    helper=@0xeffff4d8) at ../../../dist/include/nsCOMPtr.h:552
#34 0xee047bd0 in nsAppShellService::GetHiddenWindowAndJSContext (
    this=0x1900d8, aWindow=0xeffff580, aJSContext=0xeffff57c)
    at nsAppShellService.cpp:713
#35 0xee0454b0 in nsAppShellService::SetXPConnectSafeContext (this=0x1900d8)
    at nsAppShellService.cpp:177
#36 0xee045abc in nsAppShellService::CreateHiddenWindow (this=0x1900d8)
    at nsAppShellService.cpp:244
#37 0x22fb0 in main1 (argc=1, argv=0xeffff914, nativeApp=0x0)
    at nsAppRunner.cpp:983
#38 0x245e0 in main (argc=1, argv=0xeffff914) at nsAppRunner.cpp:1311
Summary: PSM2 in Solaris 2.6 failed in CERT_LockDB() → PSM2 in Solaris 2.6 segfault in CERT_LockDB()
Finally got some clues after some tracing

1. Currently, the NSS code doesn't seem to produce useful error message when it
cannot load the freebl shared library.

2. No where in the NSS code checks for the failed nss_init() and continue to
pass a NULL db handle

3. libfreebl_hybrid_3.so doesn't seem to be built automatically without manually
entering the directory security/nss/lib/freebl and type make (at least in Sparc
Solaris 2.6)

4. Type make produces the following messages
...skipped...
make FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 libs
make[1]: Entering directory
`/mnt/space/src/mozilla/build/mozilla/security/nss/lib/freebl'
make[1]: *** No rule to make target `%.s', needed by `mpv_sparcv8.o'.  Stop.
make[1]: Leaving directory
`/mnt/space/src/mozilla/build/mozilla/security/nss/lib/freebl'
make: *** [libs] Error 2

5. Editing Makefile removing the %.s dependency for target mpv_sparcv8.o
montmulfv8.o got
...skipped...
/usr/ccs/bin/as -o mpv_sparcv8.o -xarch=v8plusa -K PIC mpv_sparcv8.s
/usr/ccs/bin/as: error: cannot open input file "mpv_sparcv8.s"
make[1]: *** [mpv_sparcv8.o] Error 1make[1]: Leaving directory
`/mnt/space/src/mozilla/build/mozilla/security/nss/lib/freebl'
make: *** [libs] Error 2

6. Change the rule of the target mpv_sparcv8.o montmulfv8.o to
$(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) mpi/$*.s
got
...skipped...
cd SunOSpure32 && make FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 libs
make[1]: Entering directory
`/mnt/space/src/mozilla/build/mozilla/security/nss/lib/freebl/SunOSpure32'
Makefile:44: ../../coreconf/autoconf.mk: No such file or directory
Makefile:56: /config.mk: No such file or directory
Makefile:205: /rules.mk: No such file or directory
make[1]: *** No rule to make target `/rules.mk'.  Stop.
make[1]: Leaving directory
`/mnt/space/src/mozilla/build/mozilla/security/nss/lib/freebl/SunOSpure32'
make: *** [libs] Error 2

Though I got libfreebl_hybrid_3.so after step 6, I think there's still multiple
bugs here - maybe dup of bug 77135 and others.
adding topcrash and Trunk & M09 crash [@ CERT_LockDB] to summary.  this is a 
topcrash for both the latest builds on the Trunk and Mozilla 0.9.  Here is some 
data from the talkback topcrash report (which contains data for both the Trunk 
builds and the Mozilla 0.9 release):

CERT_LockDB   71 
     First BBID :30128694
     Last BBID  :30391943
     Min Runtime :0
     Max Runtime :522
     First Appearance Date : 2001-05-07
     Last Appearance Date : 2001-05-13
     First BuildID : 2001050518
     Last BuildID : 2001050522

Stack Trace: 

         CERT_LockDB()
         __CERT_NewTempCertificate()
         __CERT_NewTempCertificate()
         CERT_NewTempCertificate()
         pk11_fastCert()
         PK11_MakeCertFromHandle()
         pk11_DoCerts()
         PK11_ReadSlotCerts()
         PK11_InitToken()
         SECMOD_LoadModule()
         SECMOD_AddModule()
         SECMOD_AddNewModule()
         nsNSSComponent::Init   
[d:\builds\seamonkey\mozilla\security\manager\ssl\src\nsNSSComponent.cpp  line 
432]
         nsGenericFactory::CreateInstance       
[d:\builds\seamonkey\mozilla\xpcom\components\nsGenericFactory.cpp  line 56]
         nsComponentManagerImpl::CreateInstance 
[d:\builds\seamonkey\mozilla\xpcom\components\nsComponentManager.cpp  line 1204]
         0x00894140
         0x49484352     


     (30386460)      Comments: starting up
     (30386436) Comments: converting NS4 profile
     (30356028) Comments: I was using mozilla 0.9 for the first time
     (30356028) Comments:  Security
     (30352911) Comments: trying to open Mozilla 0.9Spash screen appeared before 
it crashed
     (30341341) Comments: Startup
     (30332855) Comments: opening up the mozilla program
     (30320303) Comments: In Preferences->Privacy/security I click "Manage 
Certificates" button. That's all
     (30309538) Comments: I had just installed
     (30308797) Comments: i just started it...
     (30291917) Comments: First start
     (30285055) Comments: Simply put... typical for what I'd expect from a 
"netscape" in windows. I'm trying VERY hard to be fully sopportive of the 
mozilla project... I use it in linux exclusively and I HATE IE
     (30284729) Comments: just starting up!
     (30278545) Comments: installing
     (30275382) Comments: Trying to access personal certificates. Never done 
this before
     (30260984) Comments: Clicked on Mozilla.exe
     (30254315) Comments: Just started
     (30254315) Comments:  EBP=00000000ECX=00000000 DS=0187 ESI=016b8030 
FS=1f17EDX=016b8030 ES=0187 EDI=00000000 GS=0000Bytes bei CS:EIP:8b 48 10 51 ff 
15 ac d1 8a 60 59 c3 8b 44 24 04 Stapelwerte:60871f47 00000000 016b9010 016b8030 
00000000 016b86c0 00000000 00000001
     (30254315) Comments:  00000034 780012c0 00000034 00000000 60df759b 00000034 
608a1645 60871f10 
     (30254237) Comments: I started it and it crashed.No input
     (30254237) Comments: EBX=016b8750 SS=0187 ESP=0068f63c 
EBP=00000000ECX=00000000 DS=0187 ESI=016b8030 FS=5c3fEDX=016b8030 ES=0187 
EDI=00000000 GS=0000Bytes bei CS:EIP:8b 48 10 51 ff 15 ac d1 8a 60 59 c3 8b 44 
24 04 Stapelwerte:60871f47 00000000 016b9010 016b8030
     (30254237) Comments:  00000000 016b8750 00000000 00000001 00000034 780012c0 
00000034 00000000 60df759b 00000034 608a1645 60871f10 
     (30251887) Comments: After I removed the previous $HOME/.mozilla directory
     (30251443) Comments: Just installed Mozilla 0.9 (full installations) and 
the Feedback Agent appearedimmediately
     (30250749) Comments: Second attempt to install -- this time browser only.  
restarted and removed first attempt between tries.  Keep getting error in 
PIPNS.DLL.
     (30250513) Comments: initial installation on Micron Athlon 1.3 GHz with DDR 
and WinME.  had removed NETSCAPE 6.01 and restarted before attempting to 
install.
     (30229534) Comments: tried to open Mozilla 0.9
     (30228342) Comments: trying to  open mozilla 0.9
     (30228303) Comments: trying to open mozilla 0.9
     (30228267) Comments: opening mozilla.
     (30206248) Comments: just starting the browser.  never finished loading.
     (30199493) Comments: I launched Mozilla for the first time after installing 
(from the talkback zip)
     (30187087) Comments: That's it.
     (30185732) Comments: Starting browser.  Mozilla 0.9 displayed splash screen 
and then "performed illegal operation"
     (30178286) Comments: opened it first time
     (30167518) Comments: Starting the browser
     (30166769) Comments: startup
     (30163433) Comments: It executed a violation when I was starting It. I 
cannot start Mozilla 0.9 because it crashes everytime.I can't provide other 
informations
     (30160070) Comments: Just trying to start the browser after initial 
install. It creates my profilefrom NS4 and craps out:cd 
/usr/local/mozilla./run-mozilla.sh        # or ./mozilla -- same outcomeIt's a 
fairly new intall of RH7.1. Can you tell me why it's broken?
     (30128694) Comments: starting up

Here's another stack trace:

         CERT_LockDB()
         SEC_TraversePermCerts()
         PK11_ListCerts()
         nsNSSCertificateDB::GetCertNicknames   
[d:\builds\seamonkey\mozilla\security\manager\ssl\src\nsNSSCertificate.cpp  line 
1056]
         XPTC_InvokeByIndex     
[d:\builds\seamonkey\mozilla\xpcom\reflect\xptcall\src\md\win32\xptcinvoke.cpp  
line 139]
         nsXPCWrappedNativeClass::CallWrappedMethod     
[d:\builds\seamonkey\mozilla\js\src\xpconnect\src\xpcwrappednativeclass.cpp  
line 937]
         WrappedNative_CallMethod       
[d:\builds\seamonkey\mozilla\js\src\xpconnect\src\xpcwrappednativejsops.cpp  
line 245]
         js_Invoke      [d:\builds\seamonkey\mozilla\js\src\jsinterp.c  line 
815]
         js_Interpret   [d:\builds\seamonkey\mozilla\js\src\jsinterp.c  line 
2707]
         js_Invoke      [d:\builds\seamonkey\mozilla\js\src\jsinterp.c  line 
831]
         js_InternalInvoke      [d:\builds\seamonkey\mozilla\js\src\jsinterp.c  
line 903]
         JS_CallFunctionValue   [d:\builds\seamonkey\mozilla\js\src\jsapi.c  
line 3336]
         nsJSContext::CallEventHandler  
[d:\builds\seamonkey\mozilla\dom\src\base\nsJSEnvironment.cpp  line 943]
         nsJSEventListener::HandleEvent 
[d:\builds\seamonkey\mozilla\dom\src\events\nsJSEventListener.cpp  line 155]
         nsEventListenerManager::HandleEventSubType     
[d:\builds\seamonkey\mozilla\content\events\src\nsEventListenerManager.cpp  line 
1036]
         nsEventListenerManager::HandleEvent    
[d:\builds\seamonkey\mozilla\content\events\src\nsEventListenerManager.cpp  line 
1661]
         GlobalWindowImpl::HandleDOMEvent       
[d:\builds\seamonkey\mozilla\dom\src\base\nsGlobalWindow.cpp  line 573]
         DocumentViewerImpl::LoadComplete       
[d:\builds\seamonkey\mozilla\content\base\src\nsDocumentViewer.cpp  line 1071]
         nsDocShell::EndPageLoad        
[d:\builds\seamonkey\mozilla\docshell\base\nsDocShell.cpp  line 2782]
         nsWebShell::EndPageLoad        
[d:\builds\seamonkey\mozilla\docshell\base\nsWebShell.cpp  line 987]
         nsDocShell::OnStateChange      
[d:\builds\seamonkey\mozilla\docshell\base\nsDocShell.cpp  line 2700]
         nsWebShell::OnStateChange      
[d:\builds\seamonkey\mozilla\docshell\base\nsWebShell.cpp  line 949]
         nsDocLoaderImpl::FireOnStateChange     
[d:\builds\seamonkey\mozilla\uriloader\base\nsDocLoader.cpp  line 1330]
         nsDocLoaderImpl::doStopDocumentLoad    
[d:\builds\seamonkey\mozilla\uriloader\base\nsDocLoader.cpp  line 760]
         nsDocLoaderImpl::DocLoaderIsEmpty      
[d:\builds\seamonkey\mozilla\uriloader\base\nsDocLoader.cpp  line 656]
         nsDocLoaderImpl::OnStopRequest 
[d:\builds\seamonkey\mozilla\uriloader\base\nsDocLoader.cpp  line 588]
         nsLoadGroup::RemoveRequest     
[d:\builds\seamonkey\mozilla\netwerk\base\src\nsLoadGroup.cpp  line 496]
         imgRequestProxy::OnStopRequest 
[d:\builds\seamonkey\mozilla\modules\libpr0n\src\imgRequestProxy.cpp  line 375]
         imgRequest::OnStopRequest      
[d:\builds\seamonkey\mozilla\modules\libpr0n\src\imgRequest.cpp  line 660]
         ProxyListener::OnStopRequest   
[d:\builds\seamonkey\mozilla\modules\libpr0n\src\imgLoader.cpp  line 363]
         nsJARChannel::OnStopRequest    
[d:\builds\seamonkey\mozilla\netwerk\protocol\jar\src\nsJARChannel.cpp  line 
587]
         nsOnStopRequestEvent::HandleEvent      
[d:\builds\seamonkey\mozilla\netwerk\base\src\nsRequestObserverProxy.cpp  line 
159]
         PL_HandleEvent [d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c  
line 589]
         PL_ProcessPendingEvents        
[d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c  line 522]
         _md_EventReceiverProc  
[d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c  line 1070]
         KERNEL32.DLL + 0x242e7 (0xbff942e7)
         0x00688266


Changing platform to PC and OS to All, the talkback data shows this crashing on 
Win32 platforms as well as Linux.  This is a startup crash.
Keywords: topcrash
OS: Solaris → All
Hardware: Sun → PC
Summary: PSM2 in Solaris 2.6 segfault in CERT_LockDB() → PSM2 in Solaris 2.6 segfault in CERT_LockDB(), Trunk & M09 crash [@ CERT_LockDB]
Removing Trunk from summary, from the buildids in the talkback data, this 
appears to be a crash with just the official M09 builds.  If someone is able to 
reproduce this crash with recent Trunk builds, please let us know.
Summary: PSM2 in Solaris 2.6 segfault in CERT_LockDB(), Trunk & M09 crash [@ CERT_LockDB] → PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M09 crash [@ CERT_LockDB]
I cannot reproduce with latest builds.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Keywords: verifyme
Verified.
Status: RESOLVED → VERIFIED
It still crashes with yesterdays cvs. I've downloaded mozilla-latest-cvs.tar.gz
from May 18 and was updating my tree up to yesterday. I do: 
gmake -f client.mk checkout 
gmake -f client.mk checkout BUILD_MODULES=psm2
gmake -f client.mk build

and I've in my .mozconfig:
ac_add_options --disable-tests
ac_add_options --enable-optimize=-O2
ac_add_options --disable-debug
ac_add_options --enable-strip-libsac_add_options --with-extensions
export MOZ_NSS_AUTOCONF=1
ac_add_options --enable-crypto
mk_add_options MOZ_NSS_AUTOCONF=1
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@

I'm building on Solaris 2.7 with gcc 2.95.3



M091 topcrash on Win and Linux platforms
reopening

Here are comments from recent crashes:

   (31567127)      Comments: I've downloaded for the second time
and it doesn't even start.
     (31561121) Comments: just installed mozilla 9.1 on my win ME computer. 
Crashed on
start up casued by error in PIPNSS.dll. Will try again on computer restart. Here 
is some
computer informationOS Name     Microsoft WindowsVersion        4.90.3000   
Build 3000OS
Manufacturer
     (31561121) Comments:       Microsoft CorporationSystem Name
POWERSAPTIVASystem Manufacturer IBMSystem Model 2140L61System Type      
X86-based
PCProcessor     Pentium(r) II Processor GenuineIntel ~266 MhzBIOS Version       
Not
AvailableWindows Directory      C:\WINDOWSLocale        United
     (31561121) Comments:  StatesTime Zone      Pacific Daylight TimeTotal 
Physical
Memory  95.51 MBAvailable Physical Memory       180.00 KBTotal Virtual Memory   
2.00
GBAvailable Virtual Memory      1.82 GBPage File Space  1.91 GB
     (31559742) Comments: I only just STARTED the browser!
     (31558407) Comments: Preferences  Privacy and Security    Certificates     
 Manage
CertificatesMOZILLA caused an invalid page fault inmodule PIPNSS.DLL at 
0167:608af004.
     (31558380) Comments: Preferences  Privacy and Security    ValidationMOZILLA 
caused
an invalid page fault inmodule PIPNSS.DLL at 0167:608af004.
     (31538260) Comments: launched mozilla (second fail: I tried to change 
directory due
to previous fail under desktop path)
     (31537649) Comments: launched winembed.exe
     (31537621) Comments: first launch of mozilla.exe
     (31537607) Comments: first launch of mozilla.exe
     (31526598) Comments: Ran Mozilla for the first time.
     (31525006) Comments: Ran mozilla
     (31524933) Comments: Ran mozilla-win32-0.9.1-installer.exe
     (31514484) Comments: I double-clicked on "mozilla.exe" and it gave me a 
terminal
error.
     (31505087) Comments: start
     (31499359) Comments: It crashed even before it really started.Windows 
reports it as
the "page violation" error of PIPNSS.DLL
     (31494679) Comments: Mozilla 0.9.1 has failed to launch when I install via 
the
tarball
     (31494679) Comments:  /usr/lib/mozilla crashes too.I am inside the 
initialize Hey :
You are in QFA Startup (QFA)Talkback loaded Ok.[jeff@jeff lib]$ 
     (31490376) Comments: started it.
     (31490354) Comments: converting netscape 4.7 profile to mozilla
     (31483023) Comments: opening Mozilla 0.9
     (31467526) Comments: openning browser for the first time
     (31467508) Comments: installing
     (31466780) Comments: Startup
     (31466762) Comments: Startup. Splash screen didn't even close.
     (31466747) Comments: Converting profiles? Or soon after that dialog went 
away
anyway.


Stack trace from 2001060713

Incident ID 31567127 
CERT_LockDB() 
__CERT_NewTempCertificate() 
__CERT_NewTempCertificate() 
CERT_NewTempCertificate() 
pk11_fastCert() 
PK11_MakeCertFromHandle() 
pk11_DoCerts() 
PK11_ReadSlotCerts() 
PK11_InitToken() 
SECMOD_LoadModule() 
SECMOD_AddModule() 
SECMOD_AddNewModule() 
nsNSSComponent::Init
[d:\builds\seamonkey\mozilla\security\manager\ssl\src\nsNSSComponent.cpp, line 
506] 
nsGenericFactory::CreateInstance
[d:\builds\seamonkey\mozilla\xpcom\components\nsGenericFactory.cpp, line 56] 
nsComponentManagerImpl::CreateInstance
[d:\builds\seamonkey\mozilla\xpcom\components\nsComponentManager.cpp, line 1206]

0x0074f9a0 
0x160000ff 
0x14458926
Status: VERIFIED → REOPENED
Resolution: WORKSFORME → ---
Summary: PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M09 crash [@ CERT_LockDB] → PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M09 & M091 crash [@ CERT_LockDB]
Keywords: nsenterprise
Mass reassigning target to 2.1
Target Milestone: 2.0 → 2.1
No longer blocks: 86445
p2
Is this still an issue.
Priority: -- → P2
This is still an issue with M092 (Mozilla 0.9.2).  Adding M092 to summary.  Here 
is the latest info for the crashes with M092:

CERT_LockDB   26
                         76915   REOP            ddrinan@netscape.com    2.1 
     First BBID :32437536
     Last BBID  :32780042
     Min Runtime :0
     Max Runtime :3652
     First Appearance Date : 2001-07-02
     Last Appearance Date : 2001-07-11
     First BuildID : 2001062817
     Last BuildID : 2001062823

Stack Trace: 

         CERT_LockDB()
         NewTempCertificate()
         __CERT_NewTempCertificate
         CERT_NewTempCertificate()
         pk11_fastCert()
         PK11_MakeCertFromHandle()
         pk11_DoCerts()
         PK11_TraverseSlot()
         pk11_ExtractCertsFromSlot()
         PK11_ReadSlotCerts()
         PK11_InitToken()
         PK11_InitSlot()
         SECMOD_LoadModule()
         SECMOD_AddModule()
         SECMOD_AddNewModule()
         nsNSSComponent::InstallLoadableRoots()
         nsNSSComponent::Init()
         nsNSSComponentConstructor()
         nsGenericFactory::CreateInstance()
         nsComponentManagerImpl::CreateInstance()
         nsComponentManager::CreateInstance()
         nsServiceManagerImpl::GetService()
         nsServiceManagerImpl::GetService()
         nsServiceManager::GetService()
         operator []()
         nsCOMPtr_base::assign_from_helper()
         GlobalWindowImpl::GlobalWindowImpl()
         NS_NewScriptGlobalObject()
         nsDOMSOFactory::NewScriptGlobalObject()
         nsDocShell::EnsureScriptEnvironment()
         nsWebShell::GetInterface()
         operator []()
         nsCOMPtr_base::assign_from_helper()
         nsAppShellService::GetHiddenWindowAndJSContext()
         nsAppShellService::SetXPConnectSafeContext()
         nsAppShellService::CreateHiddenWindow()
         main1()
         main()
         libc.so.6 + 0x18a8e (0x40486a8e)     (32780042)        Comments: messed 
even some more with the profile (.mozilla) directory
     (32779484) Comments: While mozilla was running
     (32681872) Comments: Mozilla crashed while starting up.  This is the second 
time I tried to run the program.  The first time it crashed as well
     (32681872) Comments:  in a state that prevents starting the program in the 
future.  This time there is free disk space.
     (32569088) Comments: double clicked on mozilla.exe
     (32568819) Comments: All cofiguration lost (e-mail settings
     (32565404) Comments: tried to start it as a user
     (32454987) URL: http://www.debian.org
     (32454987) Comments: blaaaaaaaa
     (32454799) URL: http://www.debian.org
     (32454799) Comments: sei la eu

There are also a few crashes on the MozillaTrunk from builds 2001062906, 
2001070311 and 2001070609 on Windows 98.  Here is the latest crash on the 
MozillaTrunk:

Stack Signature
              CERT_LockDB() fc3fc111 
 Bug ID
 Trigger Time 
              2001-07-07 11:09:03 
 User Comments 
              Filed to start after fresh install - running unver VMware 2.0 with 
win98SE MOZILLA caused an invalid page fault in module PIPNSS.DLL
              at 0167:60916c04. Registers: EAX=00000000 CS=0167 EIP=60916c04 
EFLGS=00010202 EBX=0089fb80 SS=016f
              ESP=0068f61c 
 Build ID
              2001070609 
 Product ID
              MozillaTrunk 
 Platform ID
              Win32 
 Stack Trace

CERT_LockDB() 
__CERT_NewTempCertificate() 
__CERT_NewTempCertificate() 
CERT_NewTempCertificate() 
pk11_fastCert() 
PK11_MakeCertFromHandle() 
pk11_DoCerts() 
PK11_ReadSlotCerts() 
PK11_InitToken() 
SECMOD_LoadModule() 
SECMOD_AddModule() 
SECMOD_AddNewModule() 
nsNSSComponent::Init 
[d:\builds\seamonkey\mozilla\security\manager\ssl\src\nsNSSComponent.cpp, line 
510] 
nsGenericFactory::CreateInstance 
[d:\builds\seamonkey\mozilla\xpcom\components\nsGenericFactory.cpp, line 56] 
nsComponentManagerImpl::CreateInstance 
[d:\builds\seamonkey\mozilla\xpcom\components\nsComponentManager.cpp, line 1232] 
0x206e6974
Summary: PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M09 & M091 crash [@ CERT_LockDB] → PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M092 & Trunk crash [@ CERT_LockDB]
update platform and os to SUN/Solaris
OS: All → Solaris
Hardware: PC → Sun
Solaris 2.7 custom compile 0.9.2 same problem
adding myself to CC

reverting to all/all for platform/os, since there are reports that it happens on
other platforms.
OS: Solaris → All
Hardware: Sun → All
removing solaris mention in summary, since platform is all
Summary: PSM2 in Solaris 2.6 segfault in CERT_LockDB(), M092 & Trunk crash [@ CERT_LockDB] → PSM2 segfault in CERT_LockDB(), M092 & Trunk crash [@ CERT_LockDB]
crash
P1
Priority: P2 → P1
I was able to reproduce this bug.

It happens only when two things are true at the same time:
- You don't have the *.db files in your profile directory yet (because, for
example, you are using PSM for the first time)
- Your user profile directory is write protected.

If I start the browser with that environment, I get a crash with exactly the
reported stack trace.
If the certificate database files don't exist, the startup routines of PSM try
to create them and fill them with default content. If write access is not
possible, PSM crashes.
Not sure for which kind of fix we should go.

If the user profile directory is write protected, but files do already exists,
the browser comes up and is usable, which is good in my opinion.
Therefore we might simply disable creation of certificate database files if
write access is not possible. However, this leaves the question open, what
should happen if the user works with security, like importing new certificates etc.
?

Another thing: One user reported, the disk was full the first time, then space
was freed by the user, and on the next check Mozilla still crashed. As there are
three *.db files created, maybe a permament problem is created if only half of
them could be created.

In addition, this is a serious bug as the user reported the complete Mozilla
configuration was lost.

My opinion: Having a place to write the default cert db is a must. Just pop up a 
dialog saying that they have to correct the problem, continue when they have, 
or cancel if they don't want to fix it and exit.  There may be all kinds of 
other opportunity to crash if we let them run the browser that way. I'd also be 
inclined to complain if the cert db already exists, but either it or the 
directory is not writable.  We can demand a modicum of resources and permission.



dveditz/selmer,  are you still doing some thinking on the side about how to
handle cases where we can't write to install/profile directories on launch?

here is another case to add to that list of issues to tackle.
I'm suggesting the following patch as an interim solution. Currently, the
security components of Mozilla need a sane environment to run. If this
requirement ist not given and NSS can not initialize, the browser will crash at
a bunch of different locations when security features are accessed.

Don Bragg, do you think it's ok to use the ShowOSAlert function from a
component? And can you please review / approve the small change in this
function? (adding line wrap for longer alert messages)
We must a minimalistic alert function, because the initialization of security
components happen in a very early stage of program startup, and other components
(like XUL dialogs) might not yet be available.

David, can you please review this patch?
Keywords: patch, review
I anticipate Don's answer and fear the call to showOSAlert in my patch will not
work on all platforms, due to linkage. The function is contained in a different
component.

We should create something like nsIOSAlert and instantiate the service early
during Mozilla startup.

CC'ing cotter for comments on the alert text.
What we did with the startup alert was put the message text in a simple external
file (so it could be translated) that should be in the OS charset, and then we
hardcoded the english in case we failed reading that file.

I personally think we need a raw OS Alert in many places where a xUL dialog is
not appropriate, but since others obviously disagree it seemed safer to keep the
service local to the Mozilla app rather than make it broadly available in
something like xpcom.

Now that we have another good case of needing this maybe you could argue for the
move. We kept the actual alert code in a separate file so you could also just
link a duplicate copy into your own library.

btw, the "OS" in ShowOSAlert() does not stand for "Operating System", rather it
stands for "Oh S--t!"
remove 0.9.1 keyword. Does not apply anymore.
Keywords: mozilla0.9.1
-> Kai
Assignee: ddrinan → kai.engert
Status: REOPENED → NEW
Status: NEW → ASSIGNED
The idea with the external text file is good.

I'm attaching a new patch and a couple of new files. This is an implementation
of an nsIOSAlert which uses the already existing code.

To avoid code duplication, I changed the code in nsAppRunner to use the new
interface.
What do you think? Whom should I talk to, to convince that this feature is a
good thing to have and get review/approval?

typo, in nsOSAlert.cpp, messageToShow needs to be declared as char*


FYI you can include entirely new files with regular diffs by passing the "-N"
option to cvs diff (assuming you've used cvs add locally).

I object to the interface approach. Bloat, bloat, bloat, and totally overkill
for what this is. This is an "Oh Shit" feature that should be almost never used,
or used only in dire emergencies when chrome is not available. In those cases
XPCOM components may not be entirely reliable either, or if they are then maybe
someone could have the existing alert() interface call this when chrome fails.
If this is to be a shared function it should be moved to xpcom (probably) where
people can link to it, and be a simple extern "C" function. Maybe in xpcom/base
where nsDebug is.
dveditz, ok, no problem if we don't take this patch.

But this needs to be fixed. And as I already spent a considerable amount of time
creating this one, I would like to be sure my work won't be useless when I work
on the next patch version.

If I implement your suggestion and put it into xpcom, will you be the one who
can give approval for all required changes?

If yes, I'll write the new patch. Please let me know if you have additional
requirements.

If you can't give approval alone, to whom should we talk to in advance, to clear
things on how it should be done, to make sure we get approval?


I can't really give approval, we need to ask the super-reviewers (see the first
two links at http://mozilla.org/hacking/nutshell.html) or maybe in the
porkjockeys group (news://news.mozilla.org/netscape.public.mozilla.porkjockeys).
Who knows, maybe I'm off-base in my dislike of the interface and that's what
everyone else will want.
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer
Dan, I'd like to add some more arguments:

1) Only very few shared libraries of Mozilla link with GUI libraries. XPCom
currently doesn't get linked to it. If we wanted to move the OSAlert to XPCom,
we would have to. And I suppose this dependency is not wanted.

2) Appshell, where my suggested implementation puts the OSAlert into, does
already link to the GUI libraries.

3) At the places we currently want to display the OSAlert, we already have begun
analyzing the environment. Without XPCom being available, both your code and PSM
code wouldn't have come to the point where the decision is possible that
someting goes wrong. For example, you rely on the availability of
DirectoryService, before you can decide to display the alert.

Are these arguments convincing?

OK, I'll buy all that... but you still should be talking to porkjockies/drivers
and probably the embedding people too. If the embedding app (apprunner in this
case) is what has to provide this interface, then Jud et al are going to care.

Use of this interface looks like it would multiply the number of little
emergency text files lying around. We should move them into a subdir off
defaults rather that leave them in the main bin dir. The filename should also be
optional -- that's probably better to do with a second entry point rather than
keying off a null filename arg.
let's move forward w/ the OS native dialog model. before this goes in we need:

- danm@netscape.com and ccarlen@netscape.com to review nsIOSAlert.idl (it will
be frozen and public after this rev). it also needs comments. (let's remove the
"OS" part from the method name; my 2 cents).
- XP implementations of the dialog, reviewed by at least ccarlen.
- i18n and the localization team to sign off on the non-stringbundle text model.
nsINativeAlert.idl ?

This is the #1 topcrasher for Netscape 6.10 RTM.  It seems to be occurring
mostly on Windows 98 and 95...I only saw a couple of crashed with Win2k and a
few with WinME.  Here is some info from N610 Talkback data:

CERT_LockDB   152
			 76915 	 ASSI 	  	 kai.engert@gmx.de 2.1 
     First BBID :33858131
     Last BBID  :33909155
     Min Runtime :0
     Max Runtime :1399
     First Appearance Date : 2001-08-08
     Last Appearance Date : 2001-08-09
     First BuildID : 2001072700
     Last BuildID : 2001072700

Stack Trace: 

	 CERT_LockDB()
	 __CERT_NewTempCertificate()
	 __CERT_NewTempCertificate()
	 CERT_NewTempCertificate()
	 pk11_fastCert()
	 PK11_MakeCertFromHandle()
	 pk11_DoCerts()
	 PK11_ReadSlotCerts()
	 PK11_InitToken()
	 SECMOD_LoadModule()
	 SECMOD_AddModule()
	 SECMOD_AddNewModule()
	 nsNSSComponent::Init
[d:\builds\seamonkey\mozilla\security\manager\ssl\src\nsNSSComponent.cpp  line 510]
	 nsGenericFactory::CreateInstance
[d:\builds\seamonkey\mozilla\xpcom\components\nsGenericFactory.cpp  line 56]
	 nsComponentManagerImpl::CreateInstance
[d:\builds\seamonkey\mozilla\xpcom\components\nsComponentManager.cpp  line 1232]
	 0x65697267

And a few comments that might help reproduce this with recent MozillaTrunk builds:

(33903382)
Comments: I downloaded the 6.1 version and after clicking on the icon to
startsame following error message appeared:I uninstalled the 6.1 version and
downloaded same againbut with same resultfyg i have separatedly version 4.75
installed   which works
(33902218)
Comments: I downloaded Netscape 6.1 to upgrade 6.01 (worked fine). Now when I
try to bring up 6.1  I get an error. I try to restart the computer  still have
the error
(33902199)
Comments: I restarted the computer and this came up again and would not open the
netscape 6.1ThanksJohn Toth
(33902041)
Comments: I was downloading the new 6.1 and it happened.thanksJohn Toth
(33894669)
Comments: Excuse me that DLL file is  PIPNSS.DLL. i reinstalled Netscape 6.10
but the PIPNSS.DLL dynamic link library pipnss is still popping up. What now?
What can i do?
(33894316)
Comments: Is there a patch or this have an updated  PINSS.DLL Netscape 6.10
won't boot up; it still says: Netscape 6.10 caused error in PINSS.DLL.  What
should i do? Help Please?
(33894116)
Comments: i have restarted PC and it still says; Netscape caused error
in:PINSS.DLL  .  What do i do now? Help?
(33881306)
Comments: All I did was d/l the new 6.1 and it wont start.  It crashes at
startup.  If you guys dont fix it real soon Im going to be forced to use IE  [:(] 
(33879246)
Comments: starting up
(33878800)
Comments: it wont let me open up the browser.  it says netscape6 has caused an
error in pipnss.dll.  netscape will now close.  i have tried to restart my
computer and reinstall the browser but it doesnt work.

From the comments, its seems like a lot of people are having trouble getting the
app to even startup at all...if they're is a workaround for this, we should let
people know about it.
Summary: PSM2 segfault in CERT_LockDB(), M092 & Trunk crash [@ CERT_LockDB] → PSM2 segfault in CERT_LockDB() - N610, M092 & Trunk crash [@ CERT_LockDB]
Attaching new patch, which is a complete redesign, with the intention to
simplify things and to avoid the new interface, 

The changes in design are:
- The component does not throw up the alert. Let the application do it, which
has the alerter code statically available.
- As we have this special constraint, that the whole application will not run
when the security components can not initialize, we trigger initialiation in
main1. When the component can't do what it needs to do, it returns
NS_ERROR_ABORT. In that case main1 exits.
With this patch, two files from the above list are still required:
- MANIFEST_NSSIFAIL
- nssifail.txt

CC'ing ccarlen, danm, valeski
Looks like a much better way to do it.

gtk_init() is called twice in the VerifyInstallation case -- once there and once
in the new alert routine. remove it from VerifyInstallation().

Your PR_Read should be sizeof(message)-1, otherwise if your message is larger
than the buffer your message[numread] = 0; will land outside.
(VerifyInstallation has this bug too; I've got a patch for it).

The installation message file is not currently in the res subdirectory, although
it arguably should be. But since you don't change the xpinstall makefiles to put
that file in the res subdir also this patch will cause the installation message
to fail. You can test the installation message by putting the file
"xpicleanup.dat" in the bin directory.

Why do we have to abort? Mozilla runs just fine if the security components
aren't there at all, why not warn the user and then operate as if the security
components were not present? I suppose that's where this crash comes in...

Your panic message is too wordy. Here's a first cut at summarizing, but you
should consider running this by the docs folks. Do it before check-in, because
the chances are we'll never come back and revisit this text.
    Could not initialize the Personal Security Manager

    The most likely cause is an inability to read or create the 
    certificate files in your profile directory. Please check that
    this directory is writable and that there is sufficient free
    space. The browser will now abort.

could be "Netscape Security Service" if you prefer, and you can leave off the
browser aborting business if you can find a safe way to operate as if NSS isn't
there. Lack of security is important enough that we should warn folks even if
the error was recoverable and allowed basic browsing.
The message file should be in res. The res dir is easy to find XP with:
directoryService->Get(NS_APP_RES_DIR, ...)

Then, just append the name of the message file to that and you're done.

It would be a lot more compact than the current (huge) amount of non-XP code
being used to find the message file.
If PSM doesn't initialize at startup, I fear crashes if the user wanders into
the security prefs panel. :-/
1.) I'm removing gtk_init as suggested.

2.) Good catch with PR_Read, will change.

3.) I'm changing the filename code as suggested, including hopping through
interfaces and the special Mac code. I assume that the call with work on Mac, too.

4.) You say the installation message file is not in the res directory? It is on
my system!
When I create the file xpicleanup.dat, your error message is shown.
Is this different on your system?
I intially saw that your file was in the res directory on my system, therefore I
did the same with my new file.

5.) As Javi says, we currently have to abort. I experienced it myself, if we
allow the application to run, it crashes sooner or later when security features
are accessed. I fear the impressions that users will have. If we wanted to
completely disable security components at runtime, we would have to put a lot of
work into this.

6.) I like your wording change. I'm not a native English speaker, therefore I
always welcome wording suggestions.

However, I'm not sure about the heading. People might not know what "Personal
Security Manager" is. They only know they started the browser. And as this
component is used both in Netscape browser and Mozilla browser, we might want to
avoid the product name in the heading.

What about the new text:

    Could not initialize the Browser's security subroutines.

    The most likely cause is an inability to read or create the 
    certificate files in your profile directory. Please check that
    this directory is writable and that there is sufficient free
    space. The browser will now abort.

Sean, what do you think of this wording?

How about this:

--------
Could not initialize the browser's security component.

The most likely cause is an inability to read or create the certificate files in
your Netscape 6.1 profile directory. Please check that this directory has no
read/write restrictions and that your hard disk is not full or close to full. 

The browser will now exit.
--------
  I'd say Sean's text is the best of the lot. Vurry nice.
  I've tried the latest patch on the Mac. Works well, even displays the OS alert 
from the file, if present and necessary. Thumb's up, except for a couple of 
things. I assume there are also security:manager:ssl:src:MANIFEST_NSSIFAIL and 
nssifail.txt files, missing from the patch. Also the patch to MozillaBuildList.pm 
was missing one thing, it wants to go like this

Index: mozilla/build/mac/build_scripts/MozillaBuildList.pm
===================================================================
RCS file: /cvsroot/mozilla/build/mac/build_scripts/MozillaBuildList.pm,v
retrieving revision 1.107
diff -u -2 -r1.107 MozillaBuildList.pm
--- MozillaBuildList.pm	2001/08/09 20:21:19	1.107
+++ MozillaBuildList.pm	2001/08/15 02:40:25
@@ -304,4 +304,5 @@
     my($dist_dir) = GetBinDirectory();
     my($chrome_dir) = "$dist_dir"."Chrome";
+    my($resource_dir) = "$dist_dir" . "res:";
 
     # a hash of jars passed as context to the following calls
@@ -389,4 +390,5 @@
     	CreateJarFromManifest(":mozilla:security:manager:ssl:resources:jar.mn", 
$chrome_dir, \%jars);
     	CreateJarFromManifest(":mozilla:security:manager:pki:resources:jar.mn", 
$chrome_dir, \%jars);
+        InstallFromManifest( 
":mozilla:security:manager:ssl:src:MANIFEST_NSSIFAIL", "$resource_dir");
     }
     # bad jar.mn files

and, last but not least, please don't check in the grammatical error

+    // In case the security component can not do it's internal initialization, 
+    // we must warn the user and exit.

gkkkkkkkkk. I know, I know. Shut up Dan, you annoying grammar nazi. Oh, but I 
hate that one.

Thanks for trying and helping. I'll integrate your changes.

But hey, please tell me, which part of the last sentence has the grammatical
error? Is it "it's" ?

Great! I like Sean's wording best, too. 

I was wrong about the location of the Install failure message file -- I guess I
was remembering an early version of that change before someone knocked some
sense into it.

My one reservation is whether NS_ERROR_ABORT should be changed to something more
security-specific so that if the embedding guys just pass the error on up it'll
make sense (potentially) to the embedding app. But it's fine as-is, too.

r=dveditz if you use Sean's wording for the message.

(Dan, the "missing" files are earlier attachments to this bug)
*** Bug 95418 has been marked as a duplicate of this bug. ***
Attached file Sean's text 

    
    

    
  
Adding Dan's changes.

In Sean's wording, I would like to make one change: I changed the string "your
Netscape 6.1" to "your browser's", to make the text appropriate for both
Netscape and Mozilla versions.

Assuming r= dveditz does still apply.

Created new bug 95532 as a tracker for embedding.

Anything else we need to do before check in? Whom should we ask for sr= ?

    
  
Keywords: topembed

    
    

    
  
Is there any reason why we aren't using the existing alert system?  That maps to
native widgets in the embedding code and XUL dialogs in the browser.  That's
what we want, right?

    
    

    
  
The standard alert system is not yet available, as this happens during a very
early stage of program initialization.


    
    

    
  
Isn't it possible to make this a real component instead of just slapping it into
apprunner?  This code potentially has to be replicated into embedding, right? We
want to avoid that.

    
    

    
  
- It might seem there are lots of changes to AppRunner, but there aren't. Part
of the patch is reorganizing code in AppRunner, moving a functionality to a
separate function, that can be shared. This is the functionality to look up the
error text from a file (which was used already before this change).

- The only thing we really add to apprunner is the check, whether the PSM init
is either fine, or PSM is not available at all.

- An interface would be nice. However, this still would require changes to
AppRunner, as we must be sure that we have a defined place where init is
triggered, to be able to exit in case of failure.

- As this is a top crasher, we need to check in a fix within the next 4 days to
make it sure it is contained in the next release.

- As we saw, designing an interface takes to much time before everyone agrees.

- Even if we design an interface, we are not sure if XPCom will be always
available. We need a low level alert, that doesn't require anything else of the
application to work yet. And it must be GUI, because users won't see what we
dump to the console.

- This patch hard codes the fact, that PSM currently only works in a sane
environment. And having to live with this fact means, it's something that needs
to be done in the init phase of the application.

- The GUI alert must be shown from within the application, not from a component,
because we shouldn't be required to link every component with the operationg
system GUI libraries, just because we might need to display an emergency alert
during startup.


    
    

    
  
The idea was to have a mechanism for reporting errors when components may not be
available. If you had to report that XPCOM could not be initialized, say because
the component mgr could not be initialized, or report something before XPCOM was
initialized, you couldn't use a component to display the error. The method used
here with the name of an error file, passing argc & argv, would not need to be
duplicated in most embedding environments assuming they all have native means
for displaying alerts.

I'm thinking of putting this error check in profile mgr since the check can't be
done until a profile is available anyway. Then, the profile mgr would just
return an error like NS_ERROR_CANT_INIT_PSM from SetCurrentProfile(). That would
hide a liitle gore from embedding apps and Seamonkey as well.

    
    

    
  
Sounds like a good idea to put it into ProfileManager. However, if you agree,
I'd prefer to put it into ns AppRunner now, and move it ProfileManager later, as
I'm sure this will rise other issues to work on. I'm willing to help moving it
to ProfileManager, though.

    
    

    
  
Keep in where it is in Apprunner for now since this is a topcrasher and needs to
go in. The part which would be put into profile mgr is the relatively tiny
portion of this patch which inits PSM and checks the error code. Most of the
rest of this patch deals with displaying the error and that would be unchanged
that it, unless we come up with a different mechanism for low-level error
reporting. That bit does need to be cleaned up. It looks like we're now keeping
each error msg in a distinct file and using its whole contents for the message.
I would like to have one file (easier for localization, packaging, and less disk
clutter) and the one routine which uses it would parse the right message from it
given an identifier - much like a properties file. Also, the caller would never
have to worry about locating an error file - it would be a hidden detail of the
low-level error reporting facility.


    
    

    
  
Can we do it without the goto?

+  directoryService = do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
+  if (NS_FAILED(rv))
+    goto display;

gotos are scarey in C++ code that has stack-based classes (e.g. nsCOMPtrs)


    
    

    
  
sfraser: If gotos are your only concern, I'm more than happy to remove it from
the patch.

    
    

    
  
There is a problem with ShowOSAlert on Mac. There are a number of code paths in 
which the 'aMessage' paramter to ShowOSAlert can be a const char* that points to 
a literal string. However, the Mac code does a c2pstr(aMessage), which does in-
place convertion from a C to a Pascal string (as well as truncating at 255 
chars). This will crash on Mac OS X, and probably on Mac OS 9 as well. This needs 
to be fixed. It should also be made explicit that the max length of aMessage is 
255 chars. The Mac native alert will not display anything longer than this 
(unless it's broken into 2 strings).


    
    

    
  
To truncate the wording to at most 255 chars, here is the new text (250 chars),
and therefore the new contents of nssifail.txt:

Could not initialize the browser's security component. The most likely cause is
problems with files in your browser's profile directory. Please check that this
directory has no read/write restrictions and your hard disk is not full or close
to full.



    
    

    
  
Changes in latest patch:

- new wording, confirmed by Sean
- removed my change from char* to const char*, as we are doing inplace
conversion on Mac
- added comment to warn for max length of 255 chars
- added sanity check, shortening text to 255 chars. This will make it still work
if longer text is contained in the error file or passed to the function.
- replaced gotos with nested "if" constructed


    
    

    
  
+static void ShowOSAlertFromFile(int argc, char **argv, const char *
alert_filename, char* fallback_alert_text)
+{
+  char message[256] = { 0 };
+  PRInt32 numRead;
+  char *messageToShow = fallback_alert_text;
+  nsresult rv;
+  nsCOMPtr<nsILocalFile> fileName;
+  nsCOMPtr<nsIProperties> directoryService;
+
+  directoryService = do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
+  if (NS_SUCCEEDED(rv)) {
+    rv = directoryService->Get(NS_APP_RES_DIR, 
+                               NS_GET_IID(nsIFile), 
+                               getter_AddRefs(fileName));
+    if (NS_SUCCEEDED(rv) && fileName) {
+      fileName->Append(alert_filename);
+      PRFileDesc* fd;
+      fileName->OpenNSPRFileDesc(PR_RDONLY, 0664, &fd);
+      if (fd) {
+        numRead = PR_Read(fd, message, sizeof(message)-1);
+        if (numRead > 0) {
+          message[numRead] = 0;
+          messageToShow = message;
+        }
+      }
+    }
+  }
+
+  #ifdef MOZ_WIDGET_GTK
+  gtk_init(&argc, &argv);
+  #endif
+
+  ShowOSAlert( message );
+}
This looks wrong. Don't you want
  ShowOSAlert( messageToShow );
?
This still suffers the problem that a caller can pass in a literal string in 
'fallback_alert_text' (as indeed you do in char* lastResortMessage), which will 
crash Mac OS X if the message file is not opened. Changing the types from const 
char* to char* will not help; you're still pointing to a literal string (and 
probably generating a warning since the literal is really const).

What you should do is strncpy(message, fallback_alert_text, ...) in 
ShowOSAlertFromFile().


    
    

    
  
>This looks wrong. Don't you want
>  ShowOSAlert( messageToShow );
>?

Indeed!

>This still suffers the problem that a caller can pass in a literal string in 
>'fallback_alert_text' (as indeed you do in char* lastResortMessage), which will 
>crash Mac OS X if the message file is not opened. Changing the types from const 
>char* to char* will not help; you're still pointing to a literal string (and 
>probably generating a warning since the literal is really const).
>What you should do is strncpy(message, fallback_alert_text, ...) in 
>ShowOSAlertFromFile().

What about moving this logic as close as possible to showOSAlert? I added it
there, and only modify/shorten the local copy.
The new code is:
// The maximum allowed length of aMessage is 255 characters!
void ShowOSAlert(char* aMessage)
{
#ifdef DEBUG_dbragg
printf("\n****Inside ShowOSAlert ***\n");	
#endif 

    const PRInt32 max_len = 255;
    char message_copy[max_len+1] = { 0 };
    PRInt32 input_len = strlen(aMessage);
    PRInt32 copy_len = min(input_len, max_len)
    strncpy(message_copy, aMessage, copy_len);
    message_copy[copy_len] = 0;

#if defined (XP_WIN)
    MessageBox(NULL, message_copy, NULL, MB_OK | MB_ICONERROR | MB_SETFOREGROUND );
#elif (XP_MAC)
    short buttonClicked;
    StandardAlert(kAlertStopAlert, c2pstr(message_copy), nil, nil, &buttonClicked);
#elif defined (MOZ_WIDGET_GTK)
    NS_gtk_alert(message_copy, NULL, "OK");
#elif defined (XP_OS2)
    HAB hab = WinInitialize(0);
    HMQ hmq = WinCreateMsgQueue(hmq,0);
    WinMessageBox( HWND_DESKTOP, HWND_DESKTOP, message_copy, "", 0, MB_OK);
    WinDestroyMsgQueue(hmq);
    WinTerminate(hab);
#endif
    // It can't hurt to display the message on the console in any case,
    // even if we have already tried to display it in a GUI window.
    fprintf(stdout, "%s\n", aMessage);
}



    
    

    
  
Looks good. You should test this on all platforms, because I'm not sure that 
you'll find |min()| in C library headers everywhere.

sr=sfraser


    
    

    
  
By request of sfraser, to avoid the risk of not having min somewhere, I replaced
the call to min with the appropriate logic: (input_len > max_len) ? max_len :
input_len;

Assuming, r= and sr= is still valid.

The general compatibility with Mac has already been tested by danm, the newer
versions of the patch will not change that.
I tested on Windows and Linux.


    
    

    
  
a=asa on behalf of drivers.

    
    

    
  
Patch checked in.

Status: ASSIGNED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → FIXED

    
    

    
  
FYI, prtypes.h defines PR_MIN and PR_MAX.  Use 'em where-ever you use NSPR's
fundamental types (any file in Mozilla, just about).

/be

    
    

    
  
*** Bug 96629 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 95958 has been marked as a duplicate of this bug. ***

    
    

    
  
In the patch I checked in, I accidentially used the longer version of the
message hard coded into the sources. This isn't really supposed to cause any
trouble, as the display routines will shorten the text to the allowed maximum,
it will just result in an incomplete message shown to the user in some rare
environments. In normal conditions, the error text file will be available which
has the correct contents. But I'd like to fix this. No need to reopen the bug in
my opinion.


    
    

    
  
Tsk!

r=jag, reopening the bug for tracking.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---

    
    

    
  
I like this even better, r=jag.

Now where's that rubber stamp hyatt keeps in his cube ...

    
    

    
  
sr=hyatt


    
    

    
  
a=blizzard on behalf of drivers for 0.9.4

    
    

    
  
String fix checked in.

Status: REOPENED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → FIXED

    
    

    
  
Verified on
build: 2001-09-13-0.9.4
platform: Win NT

The browser opens fine.
Status: RESOLVED → VERIFIED

    
  
Product: PSM → Core

    
  
Version: psm2.0 → 1.0 Branch
Crash Signature: [@ CERT_LockDB]
Product: Core → Core Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: