Closed Bug 1513687 Opened 2 years ago Closed 2 years ago

Crash in mozalloc_abort | Abort | NS_DebugBreak | mozilla::Logger::~Logger

Categories

(Core :: IPC, defect)

64 Branch
Unspecified
Linux
defect
Not set
critical

Tracking

()

RESOLVED FIXED
mozilla67
Tracking Status
firefox-esr60 --- wontfix
firefox64 --- wontfix
firefox65 --- wontfix
firefox66 --- fixed
firefox67 --- fixed

People

(Reporter: lizzard, Assigned: Alex_Gaynor)

Details

(Keywords: crash)

Crash Data

Attachments

(1 file)

This bug was filed from the Socorro interface and is
report bp-f9388159-a1f4-408a-b231-ae7290181211.
=============================================================

There are a couple of crashes with this signature in nightly 66. 
Looking back a month or so there are also a few crashes in 65 and 64. 

Top 10 frames of crashing thread:

0 firefox-bin mozalloc_abort memory/mozalloc/mozalloc_abort.cpp:33
1 libxul.so Abort xpcom/base/nsDebugImpl.cpp:438
2 libxul.so NS_DebugBreak xpcom/string/nsSubstring.cpp
3 libxul.so mozilla::Logger::~Logger ipc/chromium/src/base/logging.cc:48
4 libxul.so base::RandUint64 ipc/chromium/src/base/logging.h:58
5 libxul.so base::RandInt ipc/chromium/src/base/rand_util.cc:22
6 libxul.so IPC::Channel::GenerateUniqueRandomChannelID ipc/chromium/src/chrome/common/ipc_channel.cc:37
7 libxul.so IPC::Channel::GenerateVerifiedChannelID ipc/chromium/src/chrome/common/ipc_channel_posix.cc:968
8 libxul.so mozilla::ipc::CreateTransport ipc/glue/Transport_posix.cpp:26
9 libxul.so nsresult mozilla::ipc::CreateEndpoints<mozilla::ipc::PBackgroundParent, mozilla::ipc::PBackgroundChild> ipc/glue/ProtocolUtils.h:868

=============================================================
This looks more like a problem with the RandUint64 implementation for various platforms. It aborts if there's a problem getting random data. I'll move this to IPC since those functions are defined under ipc/chromium, but there might be a better component for this problem.
Component: DOM: Workers → IPC
Assignee: nobody → agaynor

Note to self: solution here is to deleting the chromium random code and use our own random code.

This includes deleting several unused functions. Our own code does a better job
of using the preferred platform APIs for random numbers.

Keywords: checkin-needed

Pushed by ccoroiu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/99140ba06c13
remove chromium's random code from IPC in favor of our own; r=froydnj

Keywords: checkin-needed
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla67

Would you like to request beta uplift? If no crashes show up in the next couple of days in nightly that seems promising.

Flags: needinfo?(agaynor)

This should uplift cleanly and safely. If release management thinks this is uplift worthy I'm happy to! Will leave the ni? and put in the request on Monday unless I hear otherwise.

Comment on attachment 9040188 [details]
Bug 1513687 - remove chromium's random code from IPC in favor of our own; r?froydnj

Beta/Release Uplift Approval Request

Feature/Bug causing the regression

None

User impact if declined

Content crashes in certain (unclear) situations.

Is this code covered by automated tests?

Yes

Has the fix been verified in Nightly?

Yes

Needs manual test from QE?

No

If yes, steps to reproduce

List of other uplifts needed

None

Risk to taking this patch

Low

Why is the change risky/not risky? (and alternatives if risky)

Replaces some Chromium code with our own code. This is in a core routine so it is regularly exercised.

String changes made/needed

Flags: needinfo?(agaynor)
Attachment #9040188 - Flags: approval-mozilla-beta?

Comment on attachment 9040188 [details]
Bug 1513687 - remove chromium's random code from IPC in favor of our own; r?froydnj

Crash fix, low risk, verified in nightly.
Let's uplift for beta 5.

[Triage Comment]

Attachment #9040188 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Flags: qe-verify-
You need to log in before you can comment on or make changes to this bug.