Add crashes_after_fix rule to flag fixed crash bugs still crashing on Nightly

[spohlMozilla]

The macOS and Windows Spotlight teams have repeatedly hit the same
workflow gap: a crash gets a speculative fix, the patch lands, the bug
is marked RESOLVED FIXED -- and the signature keeps firing on Nightly
after the build containing the fix has shipped. With nothing prompting
us to re-check crash-stats a few days post-landing, this verification
step gets skipped, and we have ended up discovering only much later
(in some cases weeks or months) that the speculative fix didn't
actually move the crash numbers.

This rule plugs that gap. Once a day it picks RESOLVED FIXED bugs where
cf_status_firefox_nightly is "fixed" and cf_last_resolved falls between
min_days_since_fix (default 4) and max_days_since_fix (default 10) ago,
runs a faceted Socorro SuperSearch over Nightly for the bug's
signature(s) starting the day after the fix landed, and -- if
min_crash_count (default 5) or more crashes have been recorded in that
window -- needinfos the assignee asking whether the fix was incomplete,
whether the signature is shared with a different underlying crash, or
whether a follow-up is needed.

The four-day floor gives the Nightly build containing the fix time to
roll out and accumulate user exposure before the bot will fire. The
rule skips bugs that already have any open needinfo, and also skips
bugs whose comment history contains the rule's marker phrase, so it
only pings the assignee once per fix.

[spohlMozilla]

@suhaibmujahid would you mind taking a look when you have a moment? I couldn't add you as a formal reviewer (external-contributor permissions). Thanks!

[marco-c]

Given we already have min_crash_count and we can look specifically at Nightly builds after the fix, we don't really need the 4 days delay.

[suhaibmujahid]

Did you do a dry-run? Is the results matching what you are expecting? Can you please share examples from dry-run?

[suhaibmujahid]

The query is clear, I would suggest dropping the comments.

[suhaibmujahid]

Older version of Firefox that is still crashing would be included here. So that does not mean the bug is not fixed. We need to only consider versions they were built after the fix was released.

[suhaibmujahid]

The new rule hasn't been added to any of the cron schedules yet; I'd add it to cron_run_weekdays.py.

[spohlMozilla]

Thanks for the review!

For point 2 (cron schedule): pushed 2879dfd adding python -m bugbot.rules.crashes_after_fix --production to scripts/cron_run_weekdays.sh (Suhaib's comment said .py but it's actually .sh). Slotted it next to crash_small_volume since they're conceptually adjacent.

For point 1 (dry-run): I'll set that up locally and post the output here next.

[spohlMozilla]

Addressed the inline review comments in 350500d:

1. get_bz_params: dropped the inline comments inside the params dict.
2. _query_socorro: switched from date >= to build_id >= so we only count crashes on Nightly builds that actually include the fix. Build IDs use YYYYMMDDHHMMSS format, so the cutoff is midnight of the day after the bug was resolved. Good catch — pre-fix builds still in the wild were a real false-positive source.

[spohlMozilla]

Dry-run on 2026-05-20:

• Bugzilla query returned 3 candidate bugs (resolved in last 10 days, non-empty crash signature, fixed on Nightly, no open needinfo, no prior marker comment).
• Socorro queried per bug for crashes on Nightly with build_id >= midnight(fix_date + 1). Sample signatures it queried:
  • NSC_OpenSession, sftk_SessionFromHandle
  • core::option::expect_failed | glean_core::core::with_glean
  • libsystem_notify.dylib, notify_register_check
• None crossed the default min_crash_count = 5 threshold, so no needinfo would have fired. The rule correctly stays quiet.

Behavior verified to match expectations: candidate set looks like recently-fixed crash bugs from the right components; per-bug queries fire and respect the build-id cutoff; threshold gating prevents noise.