Closed
Bug 837181
Opened 11 years ago
Closed 10 years ago
crash in HASH_Update when trying to restart the phone while doing a packaged app update
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1046221
Tracking | Status | |
---|---|---|
b2g18 | + | --- |
People
(Reporter: jsmith, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [b2g-crash])
Crash Data
This bug was filed from the Socorro interface and is report bp-4db327d5-eb0d-427d-a6af-c34292130201 . ============================================================= I've seen this crash happen sometimes when trying to restart the phone while doing a large packaged app update. Frame Module Signature Source 0 libnss3.so HASH_Update sechash.c:390 1 libxul.so nsCryptoHash::Update nsNSSComponent.cpp:2762 2 libxul.so NS_InvokeByIndex_P xptcinvoke_arm.cpp:160 3 libxul.so XPCWrappedNative::CallMethod XPCWrappedNative.cpp:3083 4 libxul.so XPC_WN_CallMethod XPCWrappedNativeJSOps.cpp:1469 5 libxul.so js::InvokeKernel jscntxtinlines.h:364 6 libxul.so js::Interpret jsinterp.cpp:2475 7 libxul.so js::RunScript jsinterp.cpp:324 8 libxul.so js::Invoke jsinterp.cpp:378 9 libxul.so JS_CallFunctionValue jsapi.cpp:5889 10 libxul.so mozilla::dom::workers::EventListenerManager::DispatchEvent EventListenerManager.cpp:420 11 libxul.so mozilla::dom::EventTargetBinding_workers::dispatchEvent EventTarget.h:52 12 libxul.so mozilla::dom::EventTargetBinding_workers::genericMethod EventTargetBinding.cpp:596 13 libxul.so js::Invoke jscntxtinlines.h:364 14 libxul.so JS_CallFunctionName jsapi.cpp:5875 15 libxul.so mozilla::dom::workers::events::DispatchEventToTarget Events.cpp:1080 16 libxul.so MessageEventRunnable::WorkerRun WorkerPrivate.cpp:821 17 libxul.so mozilla::dom::workers::WorkerRunnable::Run WorkerPrivate.cpp:1801 18 libxul.so nsThread::ProcessNextEvent nsThread.cpp:620 19 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:237 20 libxul.so nsThread::Shutdown nsThread.cpp:467 21 libxul.so mozilla::LazyIdleThread::ShutdownThread LazyIdleThread.cpp:273 22 libxul.so mozilla::LazyIdleThread::Shutdown LazyIdleThread.cpp:417 23 libxul.so mozilla::dom::indexedDB::IndexedDatabaseManager::Observe IndexedDatabaseManager.cpp:1634 24 libxul.so nsObserverList::NotifyObservers nsObserverList.cpp:99 25 libxul.so nsObserverService::NotifyObservers nsObserverService.cpp:149 26 libxul.so mozilla::dom::power::PowerManagerService::SyncProfile PowerManagerService.cpp:110 27 libxul.so mozilla::dom::power::PowerManagerService::Reboot PowerManagerService.cpp:119 28 libxul.so mozilla::dom::power::PowerManager::Reboot PowerManager.cpp:68 29 libxul.so NS_InvokeByIndex_P xptcinvoke_arm.cpp:160 30 libxul.so XPCWrappedNative::CallMethod XPCWrappedNative.cpp:3083 31 libxul.so XPC_WN_CallMethod XPCWrappedNativeJSOps.cpp:1469 32 libxul.so js::InvokeKernel jscntxtinlines.h:364 33 libxul.so js::Interpret jsinterp.cpp:2475 34 libxul.so js::RunScript jsinterp.cpp:324 35 libxul.so js::Invoke jsinterp.cpp:378 36 libxul.so JS_CallFunctionValue jsapi.cpp:5889 37 libxul.so nsJSContext::CallEventHandler nsJSEnvironment.cpp:1939 38 libxul.so nsGlobalWindow::RunTimeoutHandler nsGlobalWindow.cpp:9702 39 libxul.so nsGlobalWindow::RunTimeout nsGlobalWindow.cpp:9951 40 libxul.so nsGlobalWindow::TimerCallback nsGlobalWindow.cpp:10218 41 libxul.so nsTimerImpl::Fire nsTimerImpl.cpp:473 42 libxul.so nsTimerEvent::Run nsTimerImpl.cpp:556 43 libxul.so nsThread::ProcessNextEvent nsThread.cpp:620 44 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:237 45 libxul.so mozilla::ipc::MessagePump::Run MessagePump.cpp:82 46 libxul.so MessageLoop::RunInternal message_loop.cc:215 47 libxul.so MessageLoop::Run message_loop.cc:208 48 libxul.so nsBaseAppShell::Run nsBaseAppShell.cpp:163 49 libxul.so nsAppStartup::Run nsAppStartup.cpp:290 50 libxul.so XREMain::XRE_mainRun nsAppRunner.cpp:3794 51 libxul.so XREMain::XRE_main nsAppRunner.cpp:3860 52 libxul.so XRE_main nsAppRunner.cpp:3935 53 b2g main nsBrowserApp.cpp:164 54 libc.so __libc_init libc_init_dynamic.c:114 55 libc.so __cxa_atexit atexit.c:99 56 @0xbe8fcd45
Reporter | ||
Updated•11 years ago
|
Blocks: b2g-app-updates
Reporter | ||
Comment 1•11 years ago
|
||
So this crash isn't entirely easy to reproduce - looks like it has to be timed just right to hit it. I've managed to hit this once so far.
Reporter | ||
Updated•11 years ago
|
Component: DOM: Apps → Security: PSM
Updated•11 years ago
|
blocking-b2g: --- → tef?
Whiteboard: [b2g-crash]
Reporter | ||
Comment 2•11 years ago
|
||
I wouldn't even bother tracking this or blocking on it. It's too infrequent and the crash only happens after starting up the phone again rarely.
blocking-b2g: tef? → ---
Comment 3•11 years ago
|
||
This crash is almost definitely caused by the use of nsICryptoHash after PSM/NSS has been shut down. It is easy to fix PSM so that the crash doesn't occur: just check for isAlreadyShutDown() in every method after acquiring the nsNSSShutdownPreventionLock. But, this will cause whoever is calling this method from JS to have to deal with an exception. How can I tell which JS caller is calling nsICryptoHash here? David, Camilo: either of you interested in taking this?
Comment 4•11 years ago
|
||
Brian, We just nsICryptoHash in two places: - To hash packages: https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm#1159 - To hash manifests: https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm#1206 If we just want to prevent a shutdown crash, catching an exception on the js side looks easy enough.
Reporter | ||
Comment 5•11 years ago
|
||
Sounds like we actually know what to do here. Covering up a potential crash hole sounds like something we might want to track.
tracking-b2g18:
--- → ?
Updated•11 years ago
|
Reporter | ||
Updated•11 years ago
|
Reporter | ||
Updated•11 years ago
|
No longer blocks: b2g-apps-v1-next
Unless we're still seeing this, this was almost certainly fixed by bug 1046221.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•