CreatePipe from Chromium IPC requires Logon Session, fails otherwise

RESOLVED FIXED in mozilla19



5 years ago
5 years ago


(Reporter: rmkn85, Assigned: rmkn85)


14 Branch
Windows 7
Bug Flags:
in-testsuite -

Firefox Tracking Flags

(Not tracked)



(1 attachment)



5 years ago
When running XulRunner based application (using GeckoFX from a Windows Service, on Windows Server 2008 R2 Datacenter (meaning it's without a Local Logon Session), it crashes.

The last error from Mozilla is:
WARNING: file e:/builds/moz2_slave/rel-m-rel-xr-w32-bld/build/ipc/chromium/src/chrome/common/, line 153

According to Mozilla IPC code imported from Chromium (2006-2008), it requires a Security Descriptor, and gets that through GetLogonSessionOnlyDACL(), which fails when there's no Logon Session:

The latest Chromium IPC code (2012) is different and doesn't require a Security Descriptor to create a pipe:

Can latest Chromium IPC code be back-ported to Mozilla repository?

Comment 1

5 years ago
My suspicion is that if this isn't biting us in released versions of Firefox, you're going to need to do the work required here. The Chromium code is updated one absolutely-required bugfix at a time, these days.

Comment 2

5 years ago
Possibly related to these Mozilla Crash Reports**)

@Josh why isn't the Chromium code updated more regularly, including backporting fixes done in their repository?

Comment 3

5 years ago
Effort vs. reward. At this point we are multiple years behind, and what we have seems to be working well. It was never intended to be a permanent dependency, but at some point we gave up pretending that it was anything else.

Comment 4

5 years ago
The main difference relevant to this bug is the last parameter of CreateNamedPipeW().
In the code in Mozilla, it's &security_attributes, which uses GetLogonSessionOnlyDACL, which may fail (when there's no Logon Session).
In the code in Chromium, they are just passing NULL to that parameter.

According to Microsoft Documentation, passing NULL gets default security descriptor.

Is there any reason not to do this modification?

Comment 5

5 years ago
We've approved similar patches before. Would you mind creating one?

Comment 6

5 years ago
I haven't submitted any patches to Mozilla before, does it mean I need to download the entire source code, build it and run all the tests, to submit this patch for approval?

Comment 7

5 years ago
As long as the patch applies and builds, nobody will question how it was created. That being said, a patch against mozilla-central is certainly the easiest way forward. With regards to testing, we can throw it at a server to run them for us.

Comment 8

5 years ago
I'm porting part of the following commit from Chromium, will prepare a patch in a moment:

Comment 9

5 years ago
Created attachment 674663 [details] [diff] [review]
Remove GetLogonSessionOnlyDACL from ipc_channel_win

Porting commit from Chromium
Pushed to our try server for testing:


5 years ago
Attachment #674663 - Flags: review?(jones.chris.g)

Comment 11

5 years ago
Did you run it against latest trunk source code, and there will be a build to download when it finishes?
Can you also make it build a patched XulRunner 14, so I can confirm it fixes the issue in my environment?
Attachment #674663 - Flags: review?(jones.chris.g) → review+
Sorry for the radio silence here. I've committed your patch in Getting tryserver to produce a xulrunner build (even forgetting about the requirement for 14) is an uncertain process that I don't really have time to dig into at the moment, unfortunately.
However, the try link above does have Firefox builds available, if that is of any use to you.


5 years ago
Assignee: nobody → rmkn85
Last Resolved: 5 years ago
Flags: in-testsuite-
Resolution: --- → FIXED
Target Milestone: --- → mozilla19
You need to log in before you can comment on or make changes to this bug.