Closed Bug 1587107 Opened 5 years ago Closed 5 years ago

Stack overflow during lz4 compression in startup cache

Categories

(Toolkit :: Startup and Profile System, defect, P1)

Product:
Toolkit
Component:
Startup and Profile System
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla71
Tracking Flags:
Tracking Status
firefox71 --- fixed

People

(Reporter: padenot, Assigned: dthayer)

References

(Depends on 1 open bug, Regression)

Details

(Keywords: regression)

Attachments

(1 file)

Bug 1587107 - Increase StartupCache bg thread stack sizes r?njn
(deleted), text/x-phabricator-request
Details

On a bog standard Ubuntu 19.10, running dom/media/mediasource/test mochitest in ASAN crashes with this:

 2:33.41 GECKO(14613) AddressSanitizer:DEADLYSIGNAL
 2:33.41 GECKO(14613) =================================================================
 2:33.41 GECKO(14613) ==14613==ERROR: AddressSanitizer: stack-overflow on address 0x7f695b2e5000 (pc 0x7f69a62e24dd bp 0x7f695b2e2eb0 sp 0x7f695b2e2668 T83)
 2:33.55 GECKO(14613)     #0 0x7f69a62e24dc  /build/glibc-KRRWSm/glibc-2.29/string/../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S:150
 2:33.56 GECKO(14613)     #1 0x55c0d2f21bf6 in __asan_memset (/home/padenot/src/trees/mozilla-unified/objdir-ff-asan/dist/bin/firefox+0x1b3bf6)
 2:33.56 GECKO(14613)     #2 0x55c0d317ccdc in LZ4_streamHC_t_alignment /home/padenot/src/trees/mozilla-unified/mfbt/lz4/lz4hc.c:830:42
 2:33.56 GECKO(14613)     #3 0x55c0d317c7e3 in LZ4_initStreamHC /home/padenot/src/trees/mozilla-unified/mfbt/lz4/lz4hc.c:917:29
 2:33.56 GECKO(14613)     #4 0x55c0d317cbb3 in LZ4_createStreamHC /home/padenot/src/trees/mozilla-unified/mfbt/lz4/lz4hc.c:896:5
 2:33.56 GECKO(14613)     #5 0x55c0d316ed1b in LZ4F_compressBegin_usingCDict /home/padenot/src/trees/mozilla-unified/mfbt/lz4/lz4frame.c:621:38
 2:33.56 GECKO(14613)     #6 0x55c0d3172e9c in LZ4F_compressBegin /home/padenot/src/trees/mozilla-unified/mfbt/lz4/lz4frame.c:715:12
 2:33.56 GECKO(14613)     #7 0x55c0d31c394d in mozilla::Compression::LZ4FrameCompressionContext::BeginCompressing(mozilla::Span<char, 18446744073709551615ul>) /home/padenot/src/trees/mozilla-unified/mfbt/Compression.cpp:126:23
 2:34.88 GECKO(14613)     #8 0x7f6993c7f0f0 in mozilla::scache::StartupCache::WriteToDisk() /home/padenot/src/trees/mozilla-unified/startupcache/StartupCache.cpp:531:5
 2:34.88 GECKO(14613)     #9 0x7f6993c86791 in mozilla::scache::StartupCache::ThreadedWrite(void*) /home/padenot/src/trees/mozilla-unified/startupcache/StartupCache.cpp:654:34
 2:34.88 GECKO(14613)     #10 0x7f69a1fddf48 in _pt_root /home/padenot/src/trees/mozilla-unified/nsprpub/pr/src/pthreads/ptthread.c:201:5
 2:34.88 GECKO(14613)     #11 0x7f69a66aa181 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x9181)
 2:34.88 GECKO(14613)     #12 0x7f69a6276b1e in clone /build/glibc-KRRWSm/glibc-2.29/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
 2:34.88 GECKO(14613) SUMMARY: AddressSanitizer: stack-overflow /build/glibc-KRRWSm/glibc-2.29/string/../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S:150
 2:34.88 GECKO(14613) Thread T83 (StartupCache) created by T0 here:
 2:34.88 GECKO(14613)     #0 0x55c0d2f0cb6a in pthread_create (/home/padenot/src/trees/mozilla-unified/objdir-ff-asan/dist/bin/firefox+0x19eb6a)
 2:34.88 GECKO(14613)     #1 0x7f69a1fc3ba8 in _PR_CreateThread /home/padenot/src/trees/mozilla-unified/nsprpub/pr/src/pthreads/ptthread.c:458:14
 2:34.88 GECKO(14613)     #2 0x7f69a1fa4e75 in PR_CreateThread /home/padenot/src/trees/mozilla-unified/nsprpub/pr/src/pthreads/ptthread.c:533:12
 2:34.88 GECKO(14613)     #3 0x7f6993c86a70 in mozilla::scache::StartupCache::WriteTimeout(nsITimer*, void*) /home/padenot/src/trees/mozilla-unified/startupcache/StartupCache.cpp:695:35
 2:34.90 GECKO(14613)     #4 0x7f697e2a9960 in nsTimerImpl::Fire(int) /home/padenot/src/trees/mozilla-unified/xpcom/threads/nsTimerImpl.cpp:561:7
 2:34.90 GECKO(14613)     #5 0x7f697e2a8d16 in nsTimerEvent::Run() /home/padenot/src/trees/mozilla-unified/xpcom/threads/TimerThread.cpp:260:11
 2:34.90 GECKO(14613)     #6 0x7f697e2c0efc in nsThread::ProcessNextEvent(bool, bool*) /home/padenot/src/trees/mozilla-unified/xpcom/threads/nsThread.cpp:1225:14
 2:34.90 GECKO(14613)     #7 0x7f697e2ca1c6 in NS_ProcessNextEvent(nsIThread*, bool) /home/padenot/src/trees/mozilla-unified/xpcom/threads/nsThreadUtils.cpp:486:63
 2:34.91 GECKO(14613)     #8 0x7f69802acb4d in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) /home/padenot/src/trees/mozilla-unified/ipc/glue/MessagePump.cpp:110:5
 2:34.91 GECKO(14613)     #9 0x7f6980024977 in MessageLoop::RunInternal() /home/padenot/src/trees/mozilla-unified/ipc/chromium/src/base/message_loop.cc:315:10
 2:34.91 GECKO(14613)     #10 0x7f69800247e4 in MessageLoop::RunHandler() /home/padenot/src/trees/mozilla-unified/ipc/chromium/src/base/message_loop.cc:308:3
 2:34.91 GECKO(14613)     #11 0x7f698002474f in MessageLoop::Run() /home/padenot/src/trees/mozilla-unified/ipc/chromium/src/base/message_loop.cc:290:3
 2:34.92 GECKO(14613)     #12 0x7f698be08fa8 in nsBaseAppShell::Run() /home/padenot/src/trees/mozilla-unified/widget/nsBaseAppShell.cpp:137:27
 2:34.92 GECKO(14613)     #13 0x7f699376c1a8 in nsAppStartup::Run() /home/padenot/src/trees/mozilla-unified/toolkit/components/startup/nsAppStartup.cpp:276:30
 2:34.92 GECKO(14613)     #14 0x7f6993b235bd in XREMain::XRE_mainRun() /home/padenot/src/trees/mozilla-unified/toolkit/xre/nsAppRunner.cpp:4600:22
 2:34.92 GECKO(14613)     #15 0x7f6993b2569f in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) /home/padenot/src/trees/mozilla-unified/toolkit/xre/nsAppRunner.cpp:4735:8
 2:34.92 GECKO(14613)     #16 0x7f6993b267ba in XRE_main(int, char**, mozilla::BootstrapConfig const&) /home/padenot/src/trees/mozilla-unified/toolkit/xre/nsAppRunner.cpp:4816:21
 2:34.92 GECKO(14613)     #17 0x7f6993b52756 in mozilla::BootstrapImpl::XRE_main(int, char**, mozilla::BootstrapConfig const&) /home/padenot/src/trees/mozilla-unified/toolkit/xre/Bootstrap.cpp:45:12
 2:34.92 GECKO(14613)     #18 0x55c0d2f56259 in do_main(int, char**, char**) /home/padenot/src/trees/mozilla-unified/browser/app/nsBrowserApp.cpp:218:22
 2:34.92 GECKO(14613)     #19 0x55c0d2f550f6 in main /home/padenot/src/trees/mozilla-unified/browser/app/nsBrowserApp.cpp:300:16
 2:34.92 GECKO(14613)     #20 0x7f69a617fb6a in __libc_start_main /build/glibc-KRRWSm/glibc-2.29/csu/../csu/libc-start.c:308:16
 2:34.92 GECKO(14613) ==14613==ABORTING

We need bigger stacks here.

Doug, can you please have a look ?

Flags: needinfo?(dothayer)
Priority: -- → P1

In bug 1550108 we added a thread to prefetch the contents of the
startup cache file, and as part of that we reduced its stack size
and the stack size of the thread which writes the file. However
it seems we set it too low.

Regressed by: 1550108
Keywords: regression
Pushed by dothayer@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9c35bef4df21 Increase StartupCache bg thread stack sizes r=njn
Depends on: 1587891

https://hg.mozilla.org/mozilla-central/rev/9c35bef4df21

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox71: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla71
Assignee: nobody → dothayer
Blocks: 1587112
Flags: needinfo?(dothayer)
Has Regression Range: --- → yes
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: