Closed Bug 1633052 Opened 4 years ago Closed 4 years ago

Evaluate handling heap corruption exceptions

Categories

(Toolkit :: Crash Reporting, task)

Unspecified
Windows
task

Tracking

()

RESOLVED FIXED
mozilla80
Tracking Status
firefox80 --- fixed

People

(Reporter: gsvelto, Assigned: gsvelto)

References

(Depends on 1 open bug)

Details

Attachments

(1 file)

The Breakpad exception handler currently doesn't catch heap corruption exceptions (STATUS_HEAP_CORRUPTION) because we explicitly instruct Windows to terminate processes when those happens bypassing exception handling. That's done via a call to the HeapSetInformation() with the HeapEnableTerminationOnCorruption parameter.

Filing this bug to figure out if it would be possible to safely handle those exceptions and grab crash reports for them. They're rather common when dealing with injected DLLs and similar junk infiltrating Firefox.

A quick search shows that it might be possible to catch this w/o disabling the HeapEnableTerminationOnCorruption feature by using a vectored exception handler. See this blog post. It would be worth trying.

This patch adds a vectored exception handler to catch STATUS_HEAP_CORRUPTION
exceptions on Windows. Previously these crashes would terimnate the affected
process without generating a minidump. For child process crashes the user would
be notified of the crash but could not report them. Main process crashes on the
other hand would close Firefox abruptly without any sort of feedback to the
user.

Note that this type of exceptions are originated from Windows default memory
allocator which we replace with jemalloc. As such they're unlikely to be thrown
from our code, but are frequently encountered when dealing with injected DLLs
and other external components.

Assignee: nobody → gsvelto
Status: NEW → ASSIGNED
Attachment #9163968 - Attachment description: Bug 1633052 - Generate minidumps when encountering heap corruption exceptions on Windows → Bug 1633052 - Generate minidumps when encountering heap corruption exceptions on Windows r=dmajor
Pushed by gsvelto@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/20eae4221190
Generate minidumps when encountering heap corruption exceptions on Windows r=dmajor
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla80

The brand new crashes are streaming in

Blocks: 1655482
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: