Closed Bug 886166 Opened 12 years ago Closed 7 years ago

Firefox crash in SSL stuff due to NULL pointer in asm code

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: olivier+mozilla, Unassigned)

Details

(Keywords: crash)

Crash Data

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 (Beta/Release) Build ID: 20130620112846 Steps to reproduce: Nothing special, surfing the web Actual results: Firefox froze, with this stacktrace : Program received signal SIGPIPE, Broken pipe. [Switching to Thread 0x7fffe3aff700 (LWP 20596)] 0x00007ffff73cc2cc in __libc_send (fd=<optimized out>, buf=<optimized out>, n=<optimized out>, flags=<optimized out>) at ../sysdeps/unix/sysv/linux/x86_64/send.c:33 33 ../sysdeps/unix/sysv/linux/x86_64/send.c: Aucun fichier ou dossier de ce type. (gdb) bt full #0 0x00007ffff73cc2cc in __libc_send (fd=<optimized out>, buf=<optimized out>, n=<optimized out>, flags=<optimized out>) at ../sysdeps/unix/sysv/linux/x86_64/send.c:33 resultvar = <optimized out> oldtype = 0 result = <optimized out> #1 0x00007ffff69e6b47 in pt_Send (fd=0x7fffc0e74640, buf=0x7fffc2437000, amount=27, flags=0, timeout=4294967295) at /build/buildd/firefox-22.0~b6+build1/./nsprpub/pr/src/pthreads/ptio.c:1914 syserrno = <optimized out> bytes = -1 fNeedContinue = 0 #2 0x00007ffff5a40bf1 in ssl_DefSend (ss=0x7fffc15cc000, buf=0x7fffc2437000 "\025\003\001", len=27, flags=0) at ssldef.c:95 rv = <optimized out> lower = 0x7fffc0e74640 sent = 0 #3 0x00007ffff5a35a6b in ssl3_SendRecord (ss=0x7fffc15cc000, epoch=0, type=content_alert, pIn=0x7fffe3afec40 "", nIn=0, flags=0) at ssl3con.c:2556 sent = <optimized out> contentLen = 2 spaceNeeded = <optimized out> numRecords = <optimized out> wrBuf = 0x7fffc15cc098 rv = <optimized out> totalSent = 0 capRecordVersion = 0 #4 0x00007ffff5a35e8e in SSL3_SendAlert (ss=0x7fffc15cc000, level=<optimized out>, desc=close_notify) at ssl3con.c:2847 sent = <optimized out> bytes = "\001" rv = SECSuccess #5 0x00007ffff5a44b9e in ssl_SecureClose (ss=0x7fffc15cc000) at sslsecur.c:1061 No locals. #6 0x00007ffff3721273 in nsNSSSocketInfo::CloseSocketAndDestroy (this=0x7fffa16f1e00) at /build/buildd/firefox-22.0~b6+build1/security/manager/ssl/src/nsNSSIOLayer.cpp:759 popped = 0x7fffc0e746d0 poppedPlaintext = 0x0 status = <optimized out> #7 0x00007ffff37212cb in nsSSLIOLayerClose (fd=0x7fffa5596640) at /build/buildd/firefox-22.0~b6+build1/security/manager/ssl/src/nsNSSIOLayer.cpp:737 locker = {<No data fields>} socketInfo = <optimized out> #8 0x00007ffff2ea6966 in ReleaseFD_Locked (this=0x7fffd44ed900, fd=<optimized out>) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransport2.cpp:1466 No locals. #9 nsSocketTransport::ReleaseFD_Locked (this=0x7fffd44ed900, fd=<optimized out>) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransport2.cpp:1459 No locals. #10 0x00007ffff2ea9368 in nsSocketTransport::OnSocketDetached (this=0x7fffd44ed900, fd=<optimized out>) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransport2.cpp:1713 lock = {mLock = 0x7fffd44eda08} secCtrl = {<nsCOMPtr_base> = {mRawPtr = 0x7fffa16f1ec0}, <No data fields>} ourCallbacks = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>} ourEventSink = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>} #11 0x00007ffff2ea9a11 in nsSocketTransportService::DetachSocket (this=0x7fffe3b12740, listHead=0x7fffab15c000, sock=0x7fffab15c4b0) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransportService2.cpp:181 ---Type <return> to continue, or q <return> to quit--- event = {<nsCOMPtr_base> = {mRawPtr = 0x7ffff2ea735a}, <No data fields>} #12 0x00007ffff2eaa596 in nsSocketTransportService::DoPollIteration (this=0x7fffe3b12740, wait=<optimized out>) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransportService2.cpp:814 i = 50 count = <optimized out> pollInterval = 0 n = 1 #13 0x00007ffff2eaa9d8 in nsSocketTransportService::Run (this=0x7fffe3b12740) at /build/buildd/firefox-22.0~b6+build1/netwerk/base/src/nsSocketTransportService2.cpp:642 pendingEvents = false goingOffline = <optimized out> thread = 0x7fffe85594c0 threadInt = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe85594c0}, <No data fields>} #14 0x00007ffff3b343a6 in nsThread::ProcessNextEvent (this=0x7fffe85594c0, mayWait=true, result=0x7fffe3afee4f) at /build/buildd/firefox-22.0~b6+build1/xpcom/threads/nsThread.cpp:627 event = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe3b12758}, <No data fields>} notifyMainThreadObserver = <optimized out> obs = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>} canary = {static sOutputFD = 0} rv = NS_OK #15 0x00007ffff3b08131 in NS_ProcessNextEvent (thread=<optimized out>, mayWait=true) at /build/buildd/firefox-22.0~b6+build1/obj-x86_64-linux-gnu/xpcom/build/nsThreadUtils.cpp:238 val = true #16 0x00007ffff3b345bd in nsThread::ThreadFunc (arg=0x7fffe85594c0) at /build/buildd/firefox-22.0~b6+build1/xpcom/threads/nsThread.cpp:265 self = 0x7fffe85594c0 event = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>} #17 0x00007ffff69ea1bc in _pt_root (arg=0x7ffff6c44f20) at /build/buildd/firefox-22.0~b6+build1/./nsprpub/pr/src/pthreads/ptthread.c:191 thred = 0x7ffff6c44f20 detached = 0 #18 0x00007ffff73c4e9a in start_thread (arg=0x7fffe3aff700) at pthread_create.c:308 __res = <optimized out> pd = 0x7fffe3aff700 now = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {1, 4382142515983688917, 140737488335552, 140737013348800, 0, 3, -4382081356227140395, -4382124354228968235}, mask_was_saved = 0}}, priv = { pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = 0 pagesize_m1 = <optimized out> sp = <optimized out> freesize = <optimized out> __PRETTY_FUNCTION__ = "start_thread" #19 0x00007ffff70f1ccd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 No locals. #20 0x0000000000000000 in ?? () No symbol table info available. Expected results: Nothing
Assignee: nobody → nobody
Severity: normal → critical
Crash Signature: [@ ssl_DefSend | ssl3_SendRecord | SSL3_SendAlert ]
Component: Untriaged → Libraries
Keywords: crash
Product: Firefox → NSS
Version: 22 Branch → trunk
Olivier, do you still crash?
Flags: needinfo?(olivier+mozilla)
4 years later, I don't remember the problem. Please close as OLD.
Flags: needinfo?(olivier+mozilla)
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.