firefox 2.0.0.17 distributed with gutsy security crashes on most sites

Bug #274065 reported by Sergio Callegari on 2008-09-24
2
Affects Status Importance Assigned to Milestone
Mozilla Firefox
Fix Released
Critical
firefox-3.0 (Ubuntu)
Undecided
Unassigned
Nominated for Gutsy by Sergio Callegari

Bug Description

Binary package hint: firefox

Firefox 2.0.0.17 just distributed as a security upgrade to ubuntu gutsy i386 is not usable as it crashes on most sites. E.g. try www.fineco.it

When you crash do you submit any Talkback Crash data?

Does the crash happen if you make a new profile for a test?
- http://support.mozilla.com/en-US/kb/Managing+profiles

Firefox did not crash when I create a new profile. It also does NOT crash if I open https-sites in the new profile.

I did not sent Talkback Crash data - I've enabled it now. Starting Firefox with my default profile makes it crashing again on entering https-sites. It seems to be a problem with one of the extensions.
I have sent a crash report with the following description:
Crash related to:
https://bugzilla.mozilla.org/show_bug.cgi?id=456705

I hope that helps

The Feedback Agent just told me that it was unable to send the report since it is unable to connect to the server. I think there is some firewall on my side that is blocking it.

First of all: I'm not a developer.

As you know that it's a plugin that causes the crash it would now be helpful to know, which plugin of those three crashes. Thus you might have to disable one add-on a time and restart firefox.
First go to Tools > Add-ons. Right click an entry under 'Add-Ons' and click 'disable' in the context menu entry. Restart Firefox.

Then try again to access a https web site.

When you know the add-on that crashes, go to the appropriate web site of this add-on and report the issue there.

Adblock Plus: http://adblockplus.org/forum
FoxyProxy: http://foxyproxy.mozdev.org/drupal (Section 'Bugs').

For future reference, plugins are specifically things like flash, java, etc, whilst extensions are specifically the firefox addons.

(In reply to comment #5)
> For future reference, plugins are specifically things like flash, java, etc,
> whilst extensions are specifically the firefox addons.

You're right and of course I know the difference. Just muddled these two up this time.

It is a problem with Adblock Plus: Element Hiding Helper 1.0.5 and FoxyProxy 2.8.5. If one of these two extensions is enabled in any combination, Firefox will crash (on https).

Adblock Plus 0.7.5.5 alone will work fine. FoxyProxy (even if enabled alone) will crash Firefox. Adblock Plus: Element Hiding Helper will run only with Adblock Plus. Running the two Adblock Plus extensions together will crash Firefox.

I will go to the extension forums with this problem.

Additional info: This is a 100% reproducible problem. Using XP Pro SP3, Fx 2.0.0.17 of course and FoxyProxy 2.8.5. I have 42 installed extensions. Of those one is Adblock Plus 0.7.5.5 which as a previous poster stated causes no problems.

When running Fx in Safe Mode, no problems. Running with all add-ons disabled, no problems. Running with all add-ons enabled except FoxyProxy, no problems. Problems occur only if FoxyProxy is enabled. This is as standalone only add-on installed or with other extensions installed (enabled or disabled).

I have also reported this problem to the author at:
http://foxyproxy.mozdev.org/drupal/content/foxyproxy-crashes-firefox-20017-shutdown

Is this a regression? Did things work in 2.0.0.16

Sergio Callegari (callegar) wrote :

Binary package hint: firefox

Firefox 2.0.0.17 just distributed as a security upgrade to ubuntu gutsy i386 is not usable as it crashes on most sites. E.g. try www.fineco.it

An addon should not be able to crash the browser unless the addon is using binary contents (not only written in JS/xul)

(In reply to comment #9)
> Is this a regression? Did things work in 2.0.0.16

In my case things worked in 2.0.0.16, failed after upgrading to 2.0.0.17

Same here, things where fine in Firefox 2.0.0.16.

(In reply to comment #11)
> An addon should not be able to crash the browser unless the addon is using
> binary contents (not only written in JS/xul)

True, and yet just as a web page "should not" be able to crash the browser it does sometimes happen.

I confirmed the bug. It Foxyproxy 2.8.5 crashes Firefox 2.0.0.17 on first run after installation. On subsequent runs, I'm not seeing it crash.

Firefox 2.0.0.16 does not crash on shutdown with FoxyProxy 2.8.5, but 2.0.0.17 does. Talkback Id for this crash: TB49885565Z

I see lots of crashes like TB49885565 at [0x00000000 8560629a] with no stack (i.e. useless), at least one of which mentions FoxyProxy and a couple mention it's constant since upgrading. Also lots of crashes at PL_DHashTableOperate doing SSL, like TB49869527. Might be related or maybe two different problems.

*** Bug 457031 has been marked as a duplicate of this bug. ***

*** Bug 456982 has been marked as a duplicate of this bug. ***

Created attachment 340417
Stacktrace for this crash generated with Windbg, from bug 456982

Created attachment 340425
stack Mac 10.5.5.

stack using foxyproxy and 2.0.0.17 Debug Build on Mac (Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.18pre Gecko/2008092519 Firefox/2.0.0.18pre).

As author of FoxyProxy, I can tell you that I have no idea how to fix this. Could really use some help. FoxyProxy has no binary components.

As mentioned in bug 456705, this is affecting roughly 35,000 users. I've confirmed that FoxyProxy with Firefox 2.0.0.17 crashes whenever visiting a SSL site.

Crash does not occur with versions 2.x versions of Firefox before 2.0.0.17, and it doesn't occur with Firefox 3.x.

Created attachment 340463
backtrace on ubuntu

Attached is the backtrace for ubuntu

This seems a consistent enough crash that we can narrow down the regression window -- that'd be a good start.

i will work on a regression range for this bug.

well, here are some problems (based on attachment 340417):

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp&rev=1.97.2.20&mark=1527#1487
nsSSLIOLayerHelpers::Init() can fail.

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsNSSComponent.cpp&rev=1.126.2.9&mark=292#274
nsNSSComponent::nsNSSComponent() assumes it doesn't (and can't really do much if it does...) - nsNSSComponent::InitializeNSS should probably be used instead....

this code is broken:
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp&rev=1.97.2.20&mark=1356,542#531

it should null out mutex because it's not a class variable, it's a static.

attachment 340425 deals w/ a different mutex which seems less likely to be dead in the same way, afaict it should be alive here:
1022 nsAutoLock threadLock(ssl_thread_singleton->mMutex);
and unhappy here:
1046 nsAutoLock threadLock(ssl_thread_singleton->mMutex);

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsSSLThread.cpp&rev=1.2.2.8&mark=1022,1046,61#1020

note that conceivably if the lifespan of the thread is wrong, bad things could happen, however i'm not able to find an obvious path for this (and finding a pretty source browser for foxyproxy was hard, so i gave up [yes, i downloaded the addon itself, but i have to pack for vacation or something...]).

attachment 340463 is different. table is null. it could stem from failing to check the Init method:
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp&rev=1.97.2.20&mark=1537#1533

but again this is unlikely (although it is a bug).

eric, this comment's for you (comment 28 was for kaie):

proxy.js has:
    fileProtocolHandler = CC["@mozilla.org/network/protocol;1?name=file"].createInstance(CI["nsIFileProtocolHandler"]);
which is wrong. protocolhandlers are singletons. the proper way to get one can be found here:
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/toolkit/components/downloads/src/nsDownloadManager.cpp&rev=1.53.2.13&mark=1663-1666#1660

mook points out that nsIProtocolHandlers aren't usefully threadsafe, you must get a proxy for them, and in fact, you really want them to give you proxied objects, otherwise what you get is fairly useless.

you should look at some patches i've done involving nsIURIs and crashing (i think i may have even written some of them at your place)

Kai: comment 28 was for you

Sergio Callegari (callegar) wrote :

Actually a (serious) regression of 2.0.0.17 also affecting Windows versions.
Many bugs reports indicate this as triggered by pages including https stuff and by the usage of the foxyproxy extension.
But an extension /not containing/ binary code should not crash the browser unless there is some issue issue in the browser itself.
See https://bugzilla.mozilla.org/show_bug.cgi?id=456705

@timeless: pretty source browser for foxyproxy is here: http://trac.leahscape.com/trac/foxyproxy/browser. Many thanks for the help.

I've replaced all references of CC["@mozilla.org/network/protocol;1?name=file"].createInstance(CI["nsIFileProtocolHandler"]) with CC["@mozilla.org/network/protocol;1?name=file"].getService(CI["nsIFileProtocolHandler"]) and, at least in my initial testing, the crashes are fixed.

Instead of explicitly creating proxy objects for the service (can that be done in JS?), I've tried to ensure that use of the nsIFileProtocolHandler service is single-threaded by creating a reference to the service each and every time it's used--instead of storing references in variables.

IOW, this kind of code:

var fph = CC["@mozilla.org/network/protocol;1?name=file"].getService(CI["nsIFileProtocolHandler"]);
function doStuff() {
 // use fph here. fcn may be called whenever and by whomever
}

has been converted to this kind of code:

function doStuff() {
  var fph = CC["@mozilla.org/network/protocol;1?name=file"].getService(CI["nsIFileProtocolHandler"]);
 // use fph here. fcn may be called whenever and by whomever
}

Is that sufficient to guarantee single-threaded use of the service within JS?

Found the regression window:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17pre)
Gecko/2008082603 BonEcho/2.0.0.17pre - works on SSL Sites with Proxyproxy
installed -> no crash
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.17pre)
Gecko/2008082703 BonEcho/2.0.0.17pre - fails on SSL Sites with Proxyproxy
installed -> crash

Bonsai Query for this Timeframe -> http://tinyurl.com/3hb75u

(In reply to comment #32)
> Bonsai Query for this Timeframe -> http://tinyurl.com/3hb75u

This crash goes away if I back out the fix for bug 445890 ("XMLHttpRequest.responseXml not accessible from signed remote XUL code").

FoxyProxy uses XMLHttpRequest to load a PAC file, load strings from a chrome: URI, and load an .xml settings file out of the prefs. I don't know what XMLHttpRequest and multiple instances of the file protocol handler have to do with crashing on SSL connections.

> and load an .xml settings file out of the prefs

I meant "profile [directory]".

(In reply to comment #33)
> This crash goes away if I back out the fix for bug 445890
> ("XMLHttpRequest.responseXml not accessible from signed remote XUL code").
>
> FoxyProxy uses XMLHttpRequest to load a PAC file, load strings from a chrome:
> URI, and load an .xml settings file out of the prefs. I don't know what
> XMLHttpRequest and multiple instances of the file protocol handler have to do
> with crashing on SSL connections.

I don't know if this helps, but FoxyProxy does define a custom protocol handler (see components/relativeprotocolhandler.js). It is used to handle PAC files specified with the FoxyProxy-specific scheme "relative://" Although this crash occurs when accessing SSL connections, I thought I'd mention the custom protocol handler since it's not obvious to those unfamiliar with FoxyProxy and *is* related to protocol handlers.

From the FoxyProxy help:

For PAC files on an ftp server, use the ftp:// scheme. For example, ftp://leahscape.com/path/proxy.pac. You can also use http://, https://, file:// and any other supported scheme. Finally, if you need to refer to a PAC file on the local file system using a relative path, you can use the special FoxyProxy relative:// scheme. This is useful if your PAC file resides on a thumb drive. Supported relative paths are documented here (http://foxyproxy.mozdev.org/relativescheme.html). Special strings in the relative:// URL you specify are replaced with their corresponding values. For example, relative://ProfD/pacs/proxy3.pac points to the file proxy3.pac in the subdirectory of the Firefox profile directory named pacs/. With Portable Firefox on Windows, the Firefox profile directory is always a relative path because the drive letter can change across computers. Please note that special strings (ProfD, Home, TempD, etc.) are case-sensitive."

With FoxyProxy enabled I get lots of these even before I try to visit an SSL sites:

###!!! ASSERTION: nsNSSComponent is a singleton, but instantiated multiple times!: '(0 == mInstanceCount)', file /Users/daniel/dev/ff2/mozilla/security/manager/ssl/src/nsNSSComponent.cpp, line 297
###!!! ASSERTION: nsSSLThread is a singleton, caller attempts to create another instance!: '!ssl_thread_singleton', file /Users/daniel/dev/ff2/mozilla/security/manager/ssl/src/nsSSLThread.cpp, line 54
Break: at file /Users/daniel/dev/ff2/mozilla/security/manager/ssl/src/nsSSLThread.cpp, line 54
###!!! ASSERTION: nsCertVerificationThread is a singleton, caller attempts to create another instance!: '!verification_thread_singleton', file /Users/daniel/dev/ff2/mozilla/security/manager/ssl/src/nsCertVerificationThread.cpp, line 100
Break: at file /Users/daniel/dev/ff2/mozilla/security/manager/ssl/src/nsCertVerificationThread.cpp, line 100

...mostly for nsNSSComponent. With the FoxyProxy addon removed i don't see those.

Now I can tie the NSS assertion, FoxyProxy, and the XMLHttpRequest change together. In 2.0.0.17 w/FoxyProxy the first call to the nsNSSComponent constructor is due to FoxyProxy doing a XMLHttpRequest to load "chrome://foxyproxy/content/strings.xml" during its AppStartup notification. Along the way this calls nsJARChannel::GetOwner(), and that has to check to see if the jar is signed which fires up nsNSSComponent. Apparently it's too early to initialize NSS? nsNSSComponent::Init() fails because it can't get NS_APP_USER_PROFILE_50_DIR. This results in nsNSSComponent service not getting added to the component manager's service hashtable, which means it'll try again later even though nsNSSComponent has now been created and partially initialized.

The change in bug 445890 tried to set an owner on the channel, but mPrincipal was null. If there had been an owner that would have avoided the jar signature check. In other uses (loading our own resources) the jar channels usually have an explicit system principal owner -- maybe XMLHttpRequest should be using that when called from chrome?

Not always though: when we load chrome://global/skin/globalBindings.xml#tabbtowser-tabs we don't have an owner on the jar channel there either, so that becomes the second instantiation of NSSComponent to verify the jar. This one also returns an error so doesn't get added to the service table. If FoxyProxy is removed we still get this chrome load being the one that starts up NSS, but the service initialization is successful in that case.

If foxyproxy were "flat" instead of jarred this wouldn't come up, but that's ducking the issue.

Using XMLHttpRequest on a chrome: resource seems like an abuse of the feature, but I suppose it's an attractive nuisance to have a feature that does so much for you. Stringbundle is the feature made for loading localized strings, but that's a little more code. Is it a common pattern for addons to avoid stringbundles by using XML entities and XHR instead?

(In reply to comment #37)

> Stringbundle is the feature made for loading localized strings, but
> that's a little more code. Is it a common pattern for addons to avoid
> stringbundles by using XML entities and XHR instead?

The use of localized XML entities here is a way to avoid redundant translation strings. To elaborate:

I do indeed use a stringbundle (search for chrome://foxyproxy/locale/foxyproxy.properties in foxyproxy.js). However, it's my understanding that stringbundles can only load property files. They cannot load DTD files. Often a string is used in both a XUL file and in a JS file not associated with a XUL dialog. Rather than duplicate the string (once in a DTD file and once in a property file), requiring translators double work, this technique is used to access DTD-based strings from JS.

I would speculate this pattern isn't done frequently, but I do know at least one other major extension which does it--FoxClocks. Andy McDonald, FoxClocks author, was the one who coined this idea AFAIK.

I am open to alternative uses of stringbundles/DTD files/etc to avoid double translation issues... please let me know if Andy and I have missed the obvious!

> If foxyproxy were "flat" instead of jarred this wouldn't come up, but that's
> ducking the issue.

I realize you're trying to fix the underlying cause. At the moment, I'm trying to patch FoxyProxy so Firefox 2.x users can use it. With that in mind, do you know if this would come up if I avoid XHR for reading strings.xml and instead use a file input stream?

Changed in firefox:
status: Unknown → Confirmed
Changed in firefox:
status: Confirmed → In Progress
40 comments hidden view all 120 comments

Created attachment 361403
v2 for 1.8

There is no need to worry about races, we are protected by monitor of nsComponentManagerImpl that lets other threads wait until the first thread finishes do_GetService completely, i.e. including the Init execution.

What you suggest in comment 76 will work (first tests show it still works). Only in case we first create nss component service independently and then we create a component that ensure the nss service we call do_GetService for it a second time. It's probably a very little overhead.

Tested again on 1.8.1 branch with FoxyProxy 2.8.5 and reversed patch for bug 462806.

Created attachment 361404
v2 for 1.9.1 and trunk

Honza, I have a problem with your patch, but I don't know yet where the problem is. I'm currently working on a patch for bug 390036, it introduces additional SSL worker threads.

Whenever I merge your patch here with the patch from there, I get assertions that multiple instances of nsNSSComponent get created (with session restore of a https page).

My patch alone: works fine
Your patch alone: works fine

The new combination, or your changed order of init calls, or the changed logic of the XPCOM-constructor macro, or a side effect in my patch. So far I was unable to find the cause.

Created attachment 361986
merge test (a)

This is your trunk patch with my new feature patch from bug 390036 merged.

Created attachment 361994
fix for the merge test (a)

>diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp
>--- a/security/manager/ssl/src/nsNSSComponent.cpp
>+++ b/security/manager/ssl/src/nsNSSComponent.cpp
>@@ -1747,9 +1762,25 @@ nsNSSComponent::Init()
> rv = InitializeNSS(PR_TRUE); // ok to show a warning box on failure
> if (NS_FAILED(rv)) {
> PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to Initialize NSS.\n"));
>+
>+ DeregisterObservers();
>+ mPIPNSSBundle = nsnull;
> return rv;
> }
>
>+ nsSSLIOLayerHelpers::Init();
>+ nsSSLThreadControl::Init();
>+ nsSSLThreadControl::Start();
>+ mCertVerificationThread = new nsCertVerificationThread();
>+ if (mCertVerificationThread)
>+ mCertVerificationThread->startThread();
>+
>+ if (!mSSLThread || !mCertVerificationThread)
>+ {
>+ PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS init, could not create threads\n"));
>+ return NS_ERROR_OUT_OF_MEMORY;
>+ }

You left here !mSSLThread in the condition. Should be nsSSLThreadControl::mThreads ? Also mSSLThread should be (AFAIU) removed at all, right?

Also, it's obviously my fault that I do not deregister observers on this failure, that is why you got two instances, I have to add it to my patch for bug 456705.

Thanks Honza! That helps me.

Will you attach a new patch to this bug, where you fix the observers?

(In reply to comment #83)
> Will you attach a new patch to this bug, where you fix the observers?

Yes, probably today.

Sergio Callegari (callegar) wrote :

I believe that this bug report can be closed. The issue appeared to be caused by a bad interaction between foxyproxy and firefox.

Created attachment 362318
v2.1 for 1.9.1 and trunk

Fixing pre-return code in nsNSSComponent::Init().

Created attachment 362319
v2.1 for 1.8

Comment on attachment 362318
v2.1 for 1.9.1 and trunk

r=kaie

Comment on attachment 362319
v2.1 for 1.8

r=kaie

Comment on attachment 362318
v2.1 for 1.9.1 and trunk

I'll land this soon on trunk.

Cause getService re-entrance, I had to catch this, reverting to the first version of the patch that prevents this.

Ok, for now I backed out, it is not that simple to return to the first version of the patch, I have to retest all the stuff again, it's for hours...

Created attachment 363903
v3, trunk, 1.9.1

I added one more flag, that's set TRUE during nss component is in process of initiation. This prevents reenter of do_GetService for it (that leads to assertion false) and cleans the whole code up.

I change the flags only and only when called from nss component constructor now that prevents any race conditions - we are protected by XPCOM component manager monitor.

Created attachment 363906
v3, for 1.8.1

Tested again with patch -R bz's fix and FoxyProxy 2.8.5.

Created attachment 363916
v3.1, trunk, 1.9.1

Found a little mistake in the constructor, I was calling EnsureNSSInitialized(nssInitFailed) when NS_NEWXPCOM allocation for any component failed, need to be called only when invoked for nss component.

Created attachment 363917
v3.1, 1.8.1

...

Comment on attachment 363916
v3.1, trunk, 1.9.1

Honza, thanks a lot.

r=kaie

Comment on attachment 363917
v3.1, 1.8.1

r=kaie

Backed out, we get assertion failure on leak test boxes, see bottom of
http://tinderbox.mozilla.org/showlog.cgi?log=Firefox/1235744234.1235747596.5195.gz

Changed in firefox:
status: In Progress → Confirmed

Created attachment 364570
v3.2 [Checkin mozilla-central comment 102][Checkin mozilla-1.9.1 comment 106]

Ok, no assertions anymore, re-entrance protection was to protective.

Changed in firefox:
status: Confirmed → Fix Released

Created attachment 364968
v3.2 for 1.8.1 [Checkin comment 109]

3.2 successfully landed on mozilla-central, we can try to land on 1.8.1. Locally deeply tested as STR for this bug is for FF 2.0.

Comment on attachment 364570
v3.2 [Checkin mozilla-central comment 102][Checkin mozilla-1.9.1 comment 106]

Successfully landed on mozilla-central.

Created attachment 365009
v3.2 for 1.9.0 [Checkin comment 111]

Comment on attachment 364570
v3.2 [Checkin mozilla-central comment 102][Checkin mozilla-1.9.1 comment 106]

(As it's blocking 1.9.1 doesn't need approval)

http://hg.mozilla.org/releases/mozilla-1.9.1/rev/e1111e6b81f3

John Vivirito (gnomefreak) wrote :

2.0 is no loager supported adn for future crash reports please use apport to file it.

Changed in firefox-3.0 (Ubuntu):
status: New → Invalid

Comment on attachment 364968
v3.2 for 1.8.1 [Checkin comment 109]

Approved for 1.8.1.22, a=dveditz for release-drivers

If this fixes topcrash bug 427715 then it'd be worth taking for sure.

Comment on attachment 364968
v3.2 for 1.8.1 [Checkin comment 109]

Checking in nsNSSComponent.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSComponent.cpp,v <-- nsNSSComponent.cpp
new revision: 1.126.2.10; previous revision: 1.126.2.9
done
Checking in nsNSSComponent.h;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSComponent.h,v <-- nsNSSComponent.h
new revision: 1.38.4.4; previous revision: 1.38.4.3
done
Checking in nsNSSIOLayer.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp,v <-- nsNSSIOLayer.cpp
new revision: 1.97.2.21; previous revision: 1.97.2.20
done
Checking in nsNSSIOLayer.h;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.h,v <-- nsNSSIOLayer.h
new revision: 1.27.28.6; previous revision: 1.27.28.5
done
Checking in nsNSSModule.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSModule.cpp,v <-- nsNSSModule.cpp
new revision: 1.38.4.2; previous revision: 1.38.4.1
done

Comment on attachment 365009
v3.2 for 1.9.0 [Checkin comment 111]

Approved for 1.9.0.10, a=dveditz for release-drivers

Comment on attachment 365009
v3.2 for 1.9.0 [Checkin comment 111]

Landed on 1.9.0.

Checking in nsNSSComponent.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSComponent.cpp,v <-- nsNSSComponent.cpp
new revision: 1.168; previous revision: 1.167
done
Checking in nsNSSComponent.h;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSComponent.h,v <-- nsNSSComponent.h
new revision: 1.54; previous revision: 1.53
done
Checking in nsNSSIOLayer.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp,v <-- nsNSSIOLayer.cpp
new revision: 1.165; previous revision: 1.164
done
Checking in nsNSSIOLayer.h;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSIOLayer.h,v <-- nsNSSIOLayer.h
new revision: 1.47; previous revision: 1.46
done
Checking in nsNSSModule.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsNSSModule.cpp,v <-- nsNSSModule.cpp
new revision: 1.52; previous revision: 1.51
done

This sent fxdbug-linux-tbox all leaky on 1.9.0.

(In reply to comment #112)
> This sent fxdbug-linux-tbox all leaky on 1.9.0.

Since it's never more than 92.0B, you're likely seeing bug 454837.

I believe that leak is not caused by my land. As I was watching the tree, it failed before already the same way. Just after my check-in it happened more often, but not in 100% cases, there were also greens. I'll check the leaks, my patch may be somehow related.

Verified for 1.9.0.11 with Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11pre) Gecko/2009051305 GranParadiso/3.0.11pre (.NET CLR 3.5.30729).

Changed in firefox:
importance: Unknown → Critical
Displaying first 40 and last 40 comments. View all 120 comments or add a comment.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.