I'd like to have some advice on this regression.
- Chrome is not supported, however we have now made it to crash. Ben obviously like that but maybe others do not have the same opinion.
2) Is this severe enough for me to revert the nss 3.26 upload?
If yes, how do I do that in the best way? I can not easily replace the .orig file, but I can make a version without an orig file maybe. And replace the source with the old one. Not sure how I should name the versions in that case.
3) If we think it is worth investigating do anyone have a good idea on how to do that. This is a multi-threaded program and gdb did not really help. When I run strace chrome fails as I'm running it with strace... So I end up in another problem. The only remaining thing seem to be to add quite a few printf statements. I'll do that tomorrow unless someone have told me to do otherwise.
4) Have anyone seen a problem on anything else than chrome?
I'm a little worried that this is a bigger problem than chrome.
I have now got two other reports about this problem. One from Okajima and one from Jiri (cc to this mail). Both had the same problem.
As I understand it is not possible to upgrade chrome browser only. You have to upgrade more than that. I may be wrong though.
I have put in some effort to understand why it fails, but I do not yet do that. I'm a little worried that there may be other applications having the same problem.
The error number is: SEC_ERROR_PKCS11_DEVICE_ERROR = (SEC_ERROR_BASE + 169) = -0x2000 + 169 = -8192 + 169 = -8023
Yesterday I found this article:
So I tried to reverse that fix but it did not help.
The chromium nss_util.cc code looks like this:
// Force a crash with error info on NSS_NoDB_Init failure. void CrashOnNSSInitFailure() {
int nss_error = PR_GetError();
int os_error = PR_GetOSError();
base::debug::Alias(&nss_error);
base::debug::Alias(&os_error);
LOG(ERROR) << "Error initializing NSS without a persistent database: "
<< GetNSSErrorMessage();
LOG(FATAL) << "nss_error=" << nss_error << ", os_error=" << os_error;
}
And then this function is called by
if (nodb_init) {
status = NSS_NoDB_Init(NULL);
if (status != SECSuccess) {
CrashOnNSSInitFailure();
return;
}
and
status = NSS_InitReadWrite(nss_config_dir.c_str());
if (status != SECSuccess) {
LOG(ERROR) << "Error initializing NSS with a persistent "
"database (" << nss_config_dir
<< "): " << GetNSSErrorMessage();
}
}
if (status != SECSuccess) {
VLOG(1) << "Initializing NSS without a persistent database.";
status = NSS_NoDB_Init(NULL);
if (status != SECSuccess) {
CrashOnNSSInitFailure();
return;
}
}
I tried to compare the NSS_NoDB_Init functions and the nss_init function but they are very similar. So it have to be some other deeper function.
I'll investigate more tomorrow to see what I can find out. It is a little too late now.
// Ola