Bug 1447685 Move nsIRandomGenerator creation out of a lock to avoid a deadlock r=keeler
authorTom Ritter <tom@mozilla.com>
Thu, 22 Mar 2018 13:09:23 -0500
changeset 409590 e63bed3691637c8d0cb05dcbefdde067bdaf07fe
parent 409589 307521ba5e6a097f1f968fa1b4213725a6a4f41a
child 409591 f424cb5c00bc809c2bfe94c1aaad65d2f839ac5f
push id101247
push usernerli@mozilla.com
push dateThu, 22 Mar 2018 23:00:51 +0000
treeherdermozilla-inbound@02e384bdf97d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1447685
milestone61.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1447685 Move nsIRandomGenerator creation out of a lock to avoid a deadlock r=keeler do_GetService("@mozilla.org/security/random-generator;1" may initialize NSS. NSS Initialization occurs on Main Thread only. If we lock on a subthread, then try to initialize NSS, it _might_ be the case that the main thread is blocked on the same lock (same location or a different one.) NSS can't initialize on Main Thread - deadlock. Move do_GetService out of the lock. Now if NSS tries to initialize on a subthread, the main thead can't be blocked (because the subthread hasn't locked anything.) Now, the only statements that occur in locks are pointer asignment, new, memcpy, and randomGenerator->GenerateRandomBytes. MozReview-Commit-ID: 9C1Ok910A11
toolkit/components/resistfingerprinting/nsRFPService.cpp
old mode 100755
new mode 100644
--- a/toolkit/components/resistfingerprinting/nsRFPService.cpp
+++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@@ -371,22 +371,22 @@ nsRFPService::RandomMidpoint(long long a
         delete[] sSecretMidpointSeed;
       }
       sSecretMidpointSeed = new uint8_t[kSeedSize];
       memcpy(sSecretMidpointSeed, aSecretSeed, kSeedSize);
     }
 
     // If we don't have a seed, we need to get one.
     if(MOZ_UNLIKELY(!sSecretMidpointSeed)) {
+      nsCOMPtr<nsIRandomGenerator> randomGenerator =
+        do_GetService("@mozilla.org/security/random-generator;1", &rv);
+      if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
+
       StaticMutexAutoLock lock(sLock);
       if(MOZ_LIKELY(!sSecretMidpointSeed)) {
-        nsCOMPtr<nsIRandomGenerator> randomGenerator =
-            do_GetService("@mozilla.org/security/random-generator;1", &rv);
-        if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
-
         rv = randomGenerator->GenerateRandomBytes(kSeedSize, &sSecretMidpointSeed);
         if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
       }
     }
 
     /*
      * Use a cryptographicly secure hash function, but do _not_ use an HMAC.
      * Obviously we're not using this data for authentication purposes, but