Closed Bug 817233 Opened 12 years ago Closed 12 years ago

Crash at startup in NSS 3.14.1 on Android (and probably B2G)

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Version:
3.14.1
Platform:
ARM
Android
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.14.1

People

(Reporter: briansmith, Assigned: briansmith)

References

Details

(Keywords: crash, regression)

Attachments

(1 file)

Build log from backed-out mozilla-inbound landing showing crash (gzipped plain text)
27.17 KB, application/x-gzip
Details 
      No description provided.
Crash ID?
Flags: needinfo?(bsmith)
Crash reason:  SIGSEGV
Crash address: 0x0

Thread 4 (crashed)
 0  libmozglue.so!arena_dalloc [jemalloc.c : 4652 + 0x0]
     r4 = 0x00305dc8    r5 = 0x00005dc8    r6 = 0x00001a40    r7 = 0x00000000
     r8 = 0x00300000    r9 = 0x4e6f8549   r10 = 0x00305dc8    fp = 0x00000004
     sp = 0x4e103c18    lr = 0x4e6e9174    pc = 0x80c0a6f4
    Found by: given as instruction pointer in context
 1  libsoftokn3.so (deleted) + 0x1e172
     r4 = 0x00305dc8    r5 = 0x4e6fd65c    r6 = 0x00001a40    r7 = 0x000006c3
     r8 = 0x00000001    r9 = 0x4e6f8549   r10 = 0x4e6f85f6    fp = 0x00000004
     sp = 0x4e103c40    pc = 0x4e6e9174
    Found by: call frame info
 2  libsoftokn3.so (deleted) + 0x1da3e
     sp = 0x4e103c70    pc = 0x4e6e8a40
    Found by: stack scanning
 3  libsoftokn3.so (deleted) + 0x2d52a
     sp = 0x4e103c84    pc = 0x4e6f852c
    Found by: stack scanning
 4  libsoftokn3.so (deleted) + 0x1e75a
     sp = 0x4e103ca8    pc = 0x4e6e975c
    Found by: stack scanning
 5  libsoftokn3.so (deleted) + 0x22816
     sp = 0x4e103ce8    pc = 0x4e6ed818
    Found by: stack scanning
 6  libsoftokn3.so (deleted) + 0xdf0e
     sp = 0x4e103d58    pc = 0x4e6d8f10
    Found by: stack scanning
 7  libsoftokn3.so (deleted) + 0xe166
     sp = 0x4e103dc0    pc = 0x4e6d9168
    Found by: stack scanning
 8  libsoftokn3.so (deleted) + 0xe56a
     sp = 0x4e103df8    pc = 0x4e6d956c
    Found by: stack scanning
 9  libsoftokn3.so (deleted) + 0xe646
     sp = 0x4e103e50    pc = 0x4e6d9648
    Found by: stack scanning
10  libnss3.so!secmodUnlockMutext [pk11load.c : 49 + 0x6]
     sp = 0x4e103e58    pc = 0x5116edf4
    Found by: stack scanning
11  0x52c3560e
     r4 = 0x00000003    sp = 0x4e103e60    pc = 0x52c35610
    Found by: call frame info
12  libnss3.so!secmod_ModuleInit [pk11load.c : 221 + 0xe]
     sp = 0x4e103e68    pc = 0x5116eb04
    Found by: stack scanning
13  libnss3.so!secmod_LoadPKCS11Module [pk11load.c : 457 + 0xe]
     r4 = 0x52c35610    r5 = 0x00000000    r6 = 0x00000001    r7 = 0x4e103f54
     r8 = 0x00000000    r9 = 0x4e3363a8   r10 = 0x500fdd34    fp = 0x5009acd0
     sp = 0x4e103ed8    pc = 0x5116f588
    Found by: call frame info
14  libnss3.so!SECMOD_LoadModule [pk11pars.c : 1010 + 0xa]
     r4 = 0x52c35610    r5 = 0x52c35410    r6 = 0x500f0000    r7 = 0x00000001
     r8 = 0x00000000    r9 = 0x4e3363a8   r10 = 0x500fdd34    fp = 0x5009acd0
     sp = 0x4e103f48    pc = 0x51180a00
    Found by: call frame info
15  libnss3.so!SECMOD_LoadModule [pk11pars.c : 1045 + 0x2]
     r4 = 0x52c35410    r5 = 0x500fdd30    r6 = 0x500ef400    r7 = 0x500f0000
     r8 = 0x00000000    r9 = 0x4e3363a8   r10 = 0x500fdd34    fp = 0x5009acd0
     sp = 0x4e103f88    pc = 0x51180aa0
    Found by: call frame info
16  libnss3.so!nss_Init [nssinit.c : 438 + 0xe]
     r4 = 0x5008dfb0    r5 = 0x00000000    r6 = 0x500ed920    r7 = 0x4e36d880
     r8 = 0x4e3363a4    r9 = 0x4e3363a8   r10 = 0x500ef400    fp = 0x5009acd0
     sp = 0x4e103fc8    pc = 0x51157488
    Found by: call frame info
17  libnss3.so!NSS_Initialize [nssinit.c : 816 + 0x96]
     r4 = 0x00000000    r5 = 0x00000000    r6 = 0x00000000    r7 = 0x00000000
     r8 = 0x00000001    r9 = 0x00000000   r10 = 0x00000001    fp = 0x00000000
     sp = 0x4e104048    pc = 0x51157c4c
    Found by: call frame info
18  libxul.so!nsNSSComponent::InitializeNSS(bool) [nsNSSComponent.cpp : 1687 + 0x1a]
     r4 = 0x52c01f00    r5 = 0x54a8e620    r6 = 0x54886b68    r7 = 0x54871dae
     r8 = 0x4e392030    r9 = 0x00000001   r10 = 0x548712c0    fp = 0x54ac14ec
     sp = 0x4e1040b8    pc = 0x53c24efc
    Found by: call frame info
19  libxul.so!nsNSSComponent::Init() [nsNSSComponent.cpp : 1922 + 0xa]
     r4 = 0x52c01f00    r5 = 0x4e10415c    r6 = 0x00000000    r7 = 0x548712c0
     r8 = 0x4e392030    r9 = 0x00000000   r10 = 0x548712c0    fp = 0x54ac14ec
     sp = 0x4e104150    pc = 0x53c25ec0
    Found by: call frame info
Flags: needinfo?(bsmith)
Here's the (backed-out) landing of NSS_3_14_1_BETA1 on mozilla-inbound showing the crashes:
https://tbpl.mozilla.org/?tree=Mozilla-Inbound&rev=329da1081148

And here's the try run showing that reverting the patch for bug 578561 causes the crashes to go away:
https://tbpl.mozilla.org/?tree=Try&rev=acc4056f832e

I have backed out the patch for bug 578561 from NSS CVS:
Checking in lib/softoken/sdb.c;
/cvsroot/mozilla/security/nss/lib/softoken/sdb.c,v  <--  sdb.c
new revision: 1.27; previous revision: 1.26
done
Blocks: 578561
Since this bug is blocking the landing of NSS 3.14.1 into mozilla-central, and the backout resolves the issue, I am going to close this bug and reopen bug 578561.
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
FYI:

tempnam is the culprit. This code crashes on Android:

char *tn = tempnam(0,0);
if (tn) free(tn);

However, it crashes, only, when built as part of Mozilla's infrastructure to build Firefox for Android.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: