Closed Bug 848075 Opened 7 years ago Closed 7 years ago
hang in malloc lock during exception handling on OS X
I was trying to reproduce bug 706751 by running test_content_annotation.js in a loop on my MBP. The test hung, so I sampled the plugin-container process (see attached). Breakpad calls exc_server, which calls dlsym to find _catch_exception_raise (in libxul), which mallocs. Some other thread has the malloc lock so we're hung. I *think* this is just a failure in our OOP exception-handling code. In the in-process case, we simply call exit() after writing out the minidump and exec()ing the crashreporter. In the OOP case, we don't actually exit after requesting that the parent process write a dump, so it's possible for us to fall down into this exc_server call and hit this condition.
Specifically WriteMinidumpWithException either writes a dump and calls the callback (in-process), or calls CrashGenerationClient's RequestDump method: http://mxr.mozilla.org/mozilla-central/source/toolkit/crashreporter/google-breakpad/src/client/mac/handler/exception_handler.cc#523 In the in-process case we exit during our callback. In the OOP case we don't exit. I think this is actually just a bug in the Breakpad OOP code. We should be honoring _exit_after_write in the IsOutOfProcess block here: http://mxr.mozilla.org/mozilla-central/source/toolkit/crashreporter/google-breakpad/src/client/mac/handler/exception_handler.cc#341
Landed a patch upstream that should fix this: http://code.google.com/p/google-breakpad/source/detail?r=1127 Will update our Breakpad snapshot shortly.
Assignee: nobody → ted
Just pushed an updated Breakpad snapshot that includes this fix.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla22
You need to log in before you can comment on or make changes to this bug.