OpenSC icon indicating copy to clipboard operation
OpenSC copied to clipboard

Published 20 hours ago verified publisher icon OpenSC

Firefox 93.0 crashes fails to resume from hibernate

Open onguarde opened this issue 2 years ago • 11 comments

Problem Description

Firefox crashes EVERYTIME when resuming from hibernate. version 93.0 (64-bit) Windows 10 20H2 (19042.1237)

Crash report clearly mentions OpenSC plugin as culprit.

Proposed Resolution

Steps to reproduce

Followed the steps here to setup on firefox, it works perfectly for corporate site logins. Except the crashes on resume from hibernate.

Installing OpenSC PKCS#11 Module in Firefox, Step by Step · OpenSC/OpenSC Wiki · GitHub https://github.com/OpenSC/OpenSC/wiki/Installing-OpenSC-PKCS%2311-Module-in-Firefox,-Step-by-Step

Logs

image image

image

onguarde avatar Oct 13 '21 10:10 onguarde

What is version of OpenSC?

dengert avatar Oct 13 '21 16:10 dengert

Testing with Windows 10 Pro 21H1 64Bit, FireFox 93.0 32 bit OpenSC 0.22.0 both 32 and 64 fit installed PIV demo card in SCM SCR35xx reader. Was able to login to card from FF settings -> Privacy&Security -> Certificates-> Security Devices which shows onepin-opensc-pkcs11.dll and SCM reader. Clicking on the reader activates the "Login" button.

Modifying the Windows Settings -> Power&Sleep which brings Control Panel\All Control Panel Items\Power Options" "Choice what power button does" then "Change setting that are currently unavailable" allows the " Hibernate" box to be checked.

Then while card is logged in, doing Windows start-> Power -> Hibernate causes computer to hibernate.

Upon awaking computer via mouse, entering PIN and ever thing comes up and FF allows me to login again to card from the "login" button.

This may not be the same setup as you have, but could you try https://github.com/OpenSC/OpenSC/releases/tag/0.22.0

There were some changes made in recent versions of OpenSC to handle FF issues with reader handling, which may be fixed in 0.22.0

dengert avatar Oct 13 '21 18:10 dengert

@onguarde , where can the original bug tracker be found, does it have more information than shown here?

Also, we're providing debug files which should show a more detailed picture of the problem https://github.com/OpenSC/OpenSC/releases/download/0.22.0/OpenSC-0.22.0_win64-Debug.zip

frankmorgner avatar Oct 25 '21 06:10 frankmorgner

I experienced a similar-sounding crash after resuming from hibernate this morning (OpenSC 0.22.0.0, Firefox 91.3.0esr 64-bit)

Finding the dump in the Firefox pending crash reports folder & analysing in windbg shows the following:

CONTEXT:  (.ecxr)
rax=000000000000fed8 rbx=0000000000000000 rcx=0000023734f94310
rdx=000000000000a012 rsi=0000023734e5b880 rdi=00000000000000a9
rip=00007ffa2620fab8 rsp=000000438384d910 rbp=000000438383db50
 r8=000000000000df20  r9=000000438384dad0 r10=000000438383d000
r11=0000004383843000 r12=00007ffa26239127 r13=00007ffa2625f470
r14=0000023734f94310 r15=00007ffa2625f5e0
iopl=0         nv up ei ng nz na po cy
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010287
onepin_opensc_pkcs11!C_GetTokenInfo+0x217498:
00007ffa`2620fab8 41c60300        mov     byte ptr [r11],0 ds:00000043`83843000=??
Resetting default scope

FAULTING_IP: 
onepin_opensc_pkcs11!C_GetTokenInfo+217498
00007ffa`2620fab8 41c60300        mov     byte ptr [r11],0

EXCEPTION_RECORD:  (.exr -1)
ExceptionAddress: 00007ffa2620fab8 (onepin_opensc_pkcs11!C_GetTokenInfo+0x0000000000217498)
   ExceptionCode: c00000fd (Stack overflow)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 0000004383843000

BUGCHECK_STR:  STACK_OVERFLOW

DEFAULT_BUCKET_ID:  STACK_OVERFLOW

PROCESS_NAME:  firefox.exe

ERROR_CODE: (NTSTATUS) 0xc00000fd - A new guard page for the stack cannot be created.

EXCEPTION_CODE: (NTSTATUS) 0xc00000fd - A new guard page for the stack cannot be created.

EXCEPTION_CODE_STR:  c00000fd

EXCEPTION_PARAMETER1:  0000000000000001

EXCEPTION_PARAMETER2:  0000004383843000

I'm happy to try a certain nightly or debug build if that would help get a better stack trace? (if it repros)

sparrowt avatar Nov 11 '21 10:11 sparrowt

debug symbols are in the zip file referenced above; they should be usable with WinDbg and may give more hints.

frankmorgner avatar Nov 11 '21 10:11 frankmorgner

how exactly can it be reproduced?

frankmorgner avatar Nov 11 '21 10:11 frankmorgner

Ah excellent - see details below after loading symbols (I didn't realise they would work without installing a debug build)

In terms of a repro, I have only hit this once so far (only recently got upgraded to Firefox 91 ESR, from FF 78 ESR, if that's relevant) and all I did was resume from hibernate, where Firefox was already open (with many tabs, some of which might have requested re-auth on resume, resulting in smart card access)

CONTEXT:  (.ecxr)
rax=000000000000fed8 rbx=0000000000000000 rcx=0000023734f94310
rdx=000000000000a012 rsi=0000023734e5b880 rdi=00000000000000a9
rip=00007ffa2620fab8 rsp=000000438384d910 rbp=000000438383db50
 r8=000000000000df20  r9=000000438384dad0 r10=000000438383d000
r11=0000004383843000 r12=00007ffa26239127 r13=00007ffa2625f470
r14=0000023734f94310 r15=00007ffa2625f5e0
iopl=0         nv up ei ng nz na po cy
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010287
onepin_opensc_pkcs11!__chkstk+0x38:
00007ffa`2620fab8 41c60300        mov     byte ptr [r11],0 ds:00000043`83843000=??
Resetting default scope

FAULTING_IP: 
onepin_opensc_pkcs11!__chkstk+38
00007ffa`2620fab8 41c60300        mov     byte ptr [r11],0

EXCEPTION_RECORD:  (.exr -1)
ExceptionAddress: 00007ffa2620fab8 (onepin_opensc_pkcs11!__chkstk+0x0000000000000038)
   ExceptionCode: c00000fd (Stack overflow)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 0000004383843000

0:019> k
  *** Stack trace for last set context - .thread/.cxr resets it
 # Child-SP          RetAddr           Call Site
00 00000043`8384d910 00007ffa`2608cb6b onepin_opensc_pkcs11!__chkstk+0x38
01 00000043`8384d928 00007ffa`2608fccf onepin_opensc_pkcs11!gids_get_DO+0x1f [c:\projects\opensc\src\libopensc\card-gids.c @ 227] 
02 00000043`8384d970 00007ffa`2608fb3a onepin_opensc_pkcs11!gids_read_gidsfile_without_cache+0xcf [c:\projects\opensc\src\libopensc\card-gids.c @ 335] 
03 00000043`8384d9f0 00007ffa`2608d6d6 onepin_opensc_pkcs11!gids_read_gidsfile+0x102 [c:\projects\opensc\src\libopensc\card-gids.c @ 412] 
04 00000043`8384da70 00007ffa`2608aef3 onepin_opensc_pkcs11!gids_get_serialnr+0x8e [c:\projects\opensc\src\libopensc\card-gids.c @ 629] 
05 00000043`8385db10 00007ffa`26000602 onepin_opensc_pkcs11!gids_card_ctl+0xdf [c:\projects\opensc\src\libopensc\card-gids.c @ 2090] 
06 00000043`8385db50 00007ffa`260d2a64 onepin_opensc_pkcs11!sc_card_ctl+0x86 [c:\projects\opensc\src\libopensc\card.c @ 1058] 
07 00000043`8385dbb0 00007ffa`260a9718 onepin_opensc_pkcs11!sc_pkcs15emu_gids_init+0xb8 [c:\projects\opensc\src\libopensc\pkcs15-gids.c @ 127] 
08 00000043`8385eaf0 00007ffa`260066c5 onepin_opensc_pkcs11!sc_pkcs15_bind_synthetic+0x1f4 [c:\projects\opensc\src\libopensc\pkcs15-syn.c @ 160] 
09 00000043`8385eb80 00007ffa`25ff6c3e onepin_opensc_pkcs11!sc_pkcs15_bind+0x369 [c:\projects\opensc\src\libopensc\pkcs15.c @ 1291] 
0a 00000043`8385ec00 00007ffa`25fef599 onepin_opensc_pkcs11!pkcs15_bind+0xbe [c:\projects\opensc\src\pkcs11\framework-pkcs15.c @ 331] 
0b 00000043`8385ec30 00007ffa`25fef867 onepin_opensc_pkcs11!card_detect+0x339 [c:\projects\opensc\src\pkcs11\slot.c @ 321] 
0c 00000043`8385eca0 00007ffa`25feb498 onepin_opensc_pkcs11!card_detect_all+0xf7 [c:\projects\opensc\src\pkcs11\slot.c @ 393] 
0d 00000043`8385ecd0 00007ffa`57e8c215 onepin_opensc_pkcs11!C_GetSlotInfo+0x6c [c:\projects\opensc\src\pkcs11\pkcs11-global.c @ 614] 
0e 00000043`8385ed30 00007ffa`57e8c59f nss3!NSS_Get_SEC_UTF8StringTemplate+0x28f5
0f 00000043`8385ee10 00007ffa`57e97446 nss3!NSS_Get_SEC_UTF8StringTemplate+0x2c7f
10 00000043`8385ee50 00007ffa`57e975a4 nss3!NSS_Get_SEC_UTF8StringTemplate+0xdb26
11 00000043`8385eef0 00007ffa`57e795b2 nss3!NSS_Get_SEC_UTF8StringTemplate+0xdc84
12 00000043`8385ef50 00007ffa`57ee52f4 nss3!CERT_NewTempCertificate+0xf2
13 00000043`8385eff0 00007ff9`f62ce56e nss3!CERT_DecodeCertFromPackage+0x64
14 00000043`8385f060 00007ff9`f52fcc70 xul!workerlz4_compress+0xd93f1e
15 00000043`8385f0e0 00007ff9`f7095ec9 xul!XRE_GetBootstrap+0x1faa20
16 00000043`8385f180 00007ff9`f52fcc70 xul!workerlz4_decompress+0xfa59
17 00000043`8385f2b0 00007ff9`f54d5bae xul!XRE_GetBootstrap+0x1faa20
18 00000043`8385f350 00007ff9`f5a72a5e xul!XRE_GetBootstrap+0x3d395e
19 00000043`8385f3c0 00007ff9`f5ad1099 xul!workerlz4_compress+0x53840e
1a 00000043`8385f440 00007ff9`f5acf81f xul!workerlz4_compress+0x596a49
1b 00000043`8385f5d0 00007ff9`f5a70d38 xul!workerlz4_compress+0x5951cf
1c 00000043`8385f970 00007ff9`f5a70834 xul!workerlz4_compress+0x5366e8
1d 00000043`8385f9e0 00007ff9`f5a6f61b xul!workerlz4_compress+0x5361e4
1e 00000043`8385fa80 00007ff9`f5a70023 xul!workerlz4_compress+0x534fcb
1f 00000043`8385fab0 00007ff9`f5a76398 xul!workerlz4_compress+0x5359d3
20 00000043`8385fb80 00007ff9`f5a86a52 xul!workerlz4_compress+0x53bd48
21 00000043`8385fbf0 00007ff9`f5a8ed38 xul!workerlz4_compress+0x54c402
22 00000043`8385fce0 00007ff9`f5a8850d xul!workerlz4_compress+0x5546e8
23 00000043`8385fd60 00007ff9`f72f7133 xul!workerlz4_compress+0x54debd
24 00000043`8385fe20 00007ffa`57e56d1d xul!soundtouch::SoundTouch::numChannels+0x720b3
25 00000043`8385fe50 00007ffa`57e6da91 nss3!PR_sscanf+0xfad
26 00000043`8385fec0 00007ffa`8b9e1bb2 nss3!PR_MD_INIT_LOCKS+0x41
27 00000043`8385fef0 00007ffa`8beb7034 ucrtbase!thread_start<unsigned int (__cdecl*)(void *),1>+0x42
28 00000043`8385ff20 00007ffa`8dac2651 kernel32!BaseThreadInitThunk+0x14
29 00000043`8385ff50 00000000`00000000 ntdll!RtlUserThreadStart+0x21

sparrowt avatar Nov 11 '21 10:11 sparrowt

I don't really see a problem in the low level function... Could you run a test with OpenSC's debug output enabled?

frankmorgner avatar Nov 12 '21 09:11 frankmorgner

Sure, I may need to check/sanitise the output before sending depending what gets logged, especially as this is occurring on a device which is not mine personally - I'm quite new to OpenSC so will need you to spell out what/how to run.

Interestingly the same issue didn't occur on resume from hibernate today.

sparrowt avatar Nov 12 '21 10:11 sparrowt

is it still an issue?

Jakuje avatar Jul 14 '22 12:07 Jakuje

Yes sadly I do periodically hit this on resume from hibernate - I have been dutifully allowing the crash report to go to Mozilla each time so perhaps that will show up somewhere for those who know the system?

sparrowt avatar Aug 30 '22 09:08 sparrowt

FWIW I removed OpenSC from Firefox (and uninstalled it from Windows) and:

  • this crash hasn't happened since
  • smart card auth is now working much better (with the native support from Firefox 102.6.0esr) e.g. no repeated PIN prompts like I had before

sparrowt avatar Feb 06 '23 16:02 sparrowt

you probably talk about fido/u2f authentication, not a smart card one. I am not aware of any native smart card support in Firefox.

Jakuje avatar Feb 07 '23 09:02 Jakuje

Firefox supports on Windows/macOS minidriver and CTK

metsma avatar Feb 07 '23 09:02 metsma

I see you are using a GIDS smart card. Firefox will add to Security Devices OS Client Cert Module" osclientcerts.dll` which is a PKCS11 module to access the Microsoft certificate Store. See: https://github.com/mozkeeler/osclientcerts Microsoft has built in support for 2 types of smartcards: GIDS and PIV. So you don't need OpenSC for either. Also other smart card vendors may add minidrivers via plug-and-play so they don't need OpenSC either.

Also look at Firefox: abount:config preference security.enterprise_roots.enabled is true

dengert avatar Feb 07 '23 19:02 dengert

it doesn't crash, because OpenSC's PKCS#11 module isn't used anymore but the builtin Windows Minidriver is used. However, the actual crash still worries me. Can this be reproduced with gidsapplet? If so, it should be possible to reproduce this on Linux as well.

frankmorgner avatar Feb 07 '23 23:02 frankmorgner

not relevant anymore with Firefox native os client module

frankmorgner avatar Jan 26 '24 11:01 frankmorgner