base::internal::ScopedFDCloseTraits::Free [seems net/SSL related] |
||
Issue description""" SummaryBugsFieldsThreadsSourceMissing symbolsModules Report IDccb89baf00000000 Total Threads61 Processed Threads61 Thread 56 CRASHED [EXC_BAD_INSTRUCTION / EXC_I386_INVOP @ 0x000000010dca6ed2 ] MAGIC SIGNATURE THREAD Stack Quality76%Show frame trust levels 0x000000010dca6ed2 (Google Chrome Framework -scoped_file.cc:40 ) base::internal::ScopedFDCloseTraits::Free(int) 0x000000010dc9f813 (Google Chrome Framework -scoped_generic.h:146 ) base::File::Close() 0x000000010dfaac60 (Google Chrome Framework -simple_synchronous_entry.cc:756 ) disk_cache::SimpleSynchronousEntry::Close(disk_cache::SimpleEntryStat const&, std::__1::unique_ptr<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> >, std::__1::default_delete<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> > > >, net::GrowableIOBuffer*) 0x000000010df9cffd (Google Chrome Framework -bind_internal.h:214 ) base::internal::Invoker<base::internal::BindState<void (disk_cache::SimpleSynchronousEntry::*)(disk_cache::SimpleEntryStat const&, std::__1::unique_ptr<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> >, std::__1::default_delete<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> > > >, net::GrowableIOBuffer*), base::internal::UnretainedWrapper<disk_cache::SimpleSynchronousEntry>, disk_cache::SimpleEntryStat, base::internal::PassedWrapper<std::__1::unique_ptr<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> >, std::__1::default_delete<std::__1::vector<disk_cache::SimpleSynchronousEntry::CRCRecord, std::__1::allocator<disk_cache::SimpleSynchronousEntry::CRCRecord> > > > >, base::internal::RetainedRefWrapper<net::GrowableIOBuffer> >, void ()>::Run(base::internal::BindStateBase*) 0x000000010dcfd6e7 (Google Chrome Framework -callback.h:64 ) base::(anonymous namespace)::PostTaskAndReplyRelay::RunTaskAndPostReply() 0x000000010dc957e0 (Google Chrome Framework -callback.h:47 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x000000010dcf39eb (Google Chrome Framework -task_tracker.cc:287 ) base::internal::TaskTracker::PerformRunTask(std::__1::unique_ptr<base::internal::Task, std::__1::default_delete<base::internal::Task> >) 0x000000010dcf3bda (Google Chrome Framework -task_tracker_posix.cc:26 ) base::internal::TaskTrackerPosix::PerformRunTask(std::__1::unique_ptr<base::internal::Task, std::__1::default_delete<base::internal::Task> >) 0x000000010dcf35cb (Google Chrome Framework -task_tracker.cc:261 ) base::internal::TaskTracker::RunTask(std::__1::unique_ptr<base::internal::Task, std::__1::default_delete<base::internal::Task> >, base::SequenceToken const&) 0x000000010dceeb7c (Google Chrome Framework -scheduler_worker.cc:84 ) base::internal::SchedulerWorker::Thread::ThreadMain() 0x000000010dcfd596 (Google Chrome Framework -platform_thread_posix.cc:71 ) base::(anonymous namespace)::ThreadFunc(void*) 0x00007fff8c5e1898 (libsystem_pthread.dylib + 0x00001898 ) _pthread_body 0x00007fff8c5e1729 (libsystem_pthread.dylib + 0x00001729 ) _pthread_start 0x00007fff8c5e5fc8 (libsystem_pthread.dylib + 0x00005fc8 ) thread_start 0x000000010dcfd53f (Google Chrome Framework + 0x018e953f ) ... Thread 0 Stack Quality69%Show frame trust levels 0x000000010f33a1d1 (Google Chrome Framework -host_content_settings_map.cc:966 ) HostContentSettingsMap::GetContentSettingValueAndPatterns(content_settings::ProviderInterface const*, GURL const&, GURL const&, ContentSettingsType, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, bool, ContentSettingsPattern*, ContentSettingsPattern*) 0x000000010f3392fa (Google Chrome Framework -host_content_settings_map.cc:920 ) HostContentSettingsMap::GetWebsiteSettingInternal(GURL const&, GURL const&, ContentSettingsType, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content_settings::SettingInfo*) const 0x000000010f3385d8 (Google Chrome Framework -host_content_settings_map.cc:884 ) HostContentSettingsMap::GetWebsiteSetting(GURL const&, GURL const&, ContentSettingsType, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content_settings::SettingInfo*) const 0x000000010d9dddcc (Google Chrome Framework -chrome_ssl_host_state_delegate.cc:445 ) ChromeSSLHostStateDelegate::HasAllowException(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) const 0x000000010d3f2fad (Google Chrome Framework -ssl_manager.cc:332 ) content::SSLManager::DidStartResourceResponse(GURL const&, bool, unsigned int) 0x000000010d420051 (Google Chrome Framework -web_contents_impl.cc:3010 ) content::WebContentsImpl::DidGetResourceResponseStart(content::ResourceRequestDetails const&) 0x000000010d288a2f (Google Chrome Framework -bind_internal.h:164 ) base::internal::Invoker<base::internal::BindState<void (*)(base::Callback<content::WebContents* (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&, std::__1::unique_ptr<content::ResourceRequestDetails, std::__1::default_delete<content::ResourceRequestDetails> >), base::Callback<content::WebContents* (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1>, base::internal::PassedWrapper<std::__1::unique_ptr<content::ResourceRequestDetails, std::__1::default_delete<content::ResourceRequestDetails> > > >, void ()>::Run(base::internal::BindStateBase*) 0x000000010dc957e0 (Google Chrome Framework -callback.h:47 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x000000010dcb92a5 (Google Chrome Framework -message_loop.cc:413 ) base::MessageLoop::RunTask(base::PendingTask*) 0x000000010dcb957b (Google Chrome Framework -message_loop.cc:422 ) base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) 0x000000010dcb98c2 (Google Chrome Framework -message_loop.cc:515 ) base::MessageLoop::DoWork() 0x000000010dcbbeec (Google Chrome Framework -message_pump_mac.mm:302 ) base::MessagePumpCFRunLoopBase::RunWork() 0x000000010dcae529 (Google Chrome Framework + 0x0189a529 ) base::mac::CallWithEHFrame(void () block_pointer) 0x000000010dcbb963 (Google Chrome Framework -message_pump_mac.mm:278 ) base::MessagePumpCFRunLoopBase::RunWorkSource(void*) 0x00007fff8b0075b0 (CoreFoundation + 0x0007f5b0 ) __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ 0x00007fff8aff8c61 (CoreFoundation + 0x00070c61 ) __CFRunLoopDoSources0 0x00007fff8aff83ee (CoreFoundation + 0x000703ee ) __CFRunLoopRun 0x00007fff8aff7e74 (CoreFoundation + 0x0006fe74 ) CFRunLoopRunSpecific ... Thread 30 Stack Quality77%Show frame trust levels 0x00007fff8c5d4a1a (libsystem_kernel.dylib + 0x00011a1a ) _mach_msg_trap 0x00007fff8723009d (Security + 0x0001809d ) ucsp_client_decodeDb 0x00007fff8722f1aa (Security + 0x000171aa ) Security::SecurityServer::ClientSession::decodeDb(Security::DLDbIdentifier const&, Security::AccessCredentials const*, Security::CssmData const&) 0x00007fff8722d183 (Security + 0x00015183 ) SSDatabaseImpl::open(Security::DLDbIdentifier const&) 0x00007fff8722ce7a (Security + 0x00014e7a ) SSDLSession::DbOpen(char const*, cssm_net_address const*, unsigned int, Security::AccessCredentials const*, void const*, long&) 0x00007fff8722cd33 (Security + 0x00014d33 ) cssm_DbOpen(long, char const*, cssm_net_address const*, unsigned int, cssm_access_credentials const*, void const*, long*) 0x00007fff8722ca56 (Security + 0x00014a56 ) CSSM_DL_DbOpen 0x00007fff8722bd5f (Security + 0x00013d5f ) Security::CssmClient::DbImpl::open() 0x00007fff87243dee (Security + 0x0002bdee ) Security::KeychainCore::Trust::evaluate(bool) 0x00007fff872434d7 (Security + 0x0002b4d7 ) SecTrustEvaluate 0x000000010df52682 (Google Chrome Framework -cert_verify_proc_mac.cc:592 ) net::(anonymous namespace)::VerifyWithGivenFlags(net::X509Certificate*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, net::CRLSet*, net::CertVerifyResult*, net::(anonymous namespace)::CRLSetResult*) 0x000000010df51854 (Google Chrome Framework -cert_verify_proc_mac.cc:1073 ) net::CertVerifyProcMac::VerifyInternal(net::X509Certificate*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, net::CRLSet*, std::__1::vector<scoped_refptr<net::X509Certificate>, std::__1::allocator<scoped_refptr<net::X509Certificate> > > const&, net::CertVerifyResult*) 0x000000010df506f4 (Google Chrome Framework -cert_verify_proc.cc:420 ) net::CertVerifyProc::Verify(net::X509Certificate*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, net::CRLSet*, std::__1::vector<scoped_refptr<net::X509Certificate>, std::__1::allocator<scoped_refptr<net::X509Certificate> > > const&, net::CertVerifyResult*) 0x000000010df5b141 (Google Chrome Framework -multi_threaded_cert_verifier.cc:193 ) net::DoVerifyOnWorkerThread(scoped_refptr<net::CertVerifyProc> const&, scoped_refptr<net::X509Certificate> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, scoped_refptr<net::CRLSet> const&, std::__1::vector<scoped_refptr<net::X509Certificate>, std::__1::allocator<scoped_refptr<net::X509Certificate> > > const&, int*, net::CertVerifyResult*) 0x000000010df5bcc7 (Google Chrome Framework -bind_internal.h:164 ) base::internal::Invoker<base::internal::BindState<void (*)(scoped_refptr<net::CertVerifyProc> const&, scoped_refptr<net::X509Certificate> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, scoped_refptr<net::CRLSet> const&, std::__1::vector<scoped_refptr<net::X509Certificate>, std::__1::allocator<scoped_refptr<net::X509Certificate> > > const&, int*, net::CertVerifyResult*), scoped_refptr<net::CertVerifyProc>, scoped_refptr<net::X509Certificate>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, int, scoped_refptr<net::CRLSet>, std::__1::vector<scoped_refptr<net::X509Certificate>, std::__1::allocator<scoped_refptr<net::X509Certificate> > >, int*, net::CertVerifyResult*>, void ()>::Run(base::internal::BindStateBase*) 0x000000010dcfd6e7 (Google Chrome Framework -callback.h:64 ) base::(anonymous namespace)::PostTaskAndReplyRelay::RunTaskAndPostReply() 0x000000010dd04480 (Google Chrome Framework -callback.h:47 ) base::(anonymous namespace)::WorkerThread::ThreadMain() 0x000000010dcfd596 (Google Chrome Framework -platform_thread_posix.cc:71 ) base::(anonymous namespace)::ThreadFunc(void*) """
,
Nov 20 2016
Marking WontFix - this was an OS bug that davidben@ reported upstream, and which was fixed.
,
Nov 21 2016
(Confirmed that OS X version, 10.9.5, is before the fix, as far as I know. The bug in question is CVE-2015-6983. Security.framework double-closes fds somewhere.) |
||
►
Sign in to add a comment |
||
Comment 1 by erikc...@chromium.org
, Nov 18 2016