Closed Bug 1495762 Opened 6 years ago Closed 6 years ago

Crash in mozilla::ipc::FatalError | mbrtoc32

Categories

(Core :: IPC, defect, P3)

63 Branch
Unspecified
Android
defect

Tracking

()

RESOLVED INVALID
Tracking Status
firefox62 --- unaffected
firefox63 --- wontfix
firefox64 --- unaffected

People

(Reporter: marcia, Unassigned)

References

Details

(Keywords: crash, regression)

Crash Data

This bug was filed from the Socorro interface and is report bp-468859bd-8d77-4d92-8a7b-3f6320181002. ============================================================= This crash was first seen in 63b5 and is slowly increasing: https://bit.ly/2y7MXUd. The Moz crash reason for all crashes is MOZ_CRASH(IPC FatalError in the parent process!) and (96.77% in signature vs 00.86% overall) ipc_fatal_error_msg = Error deserializing 'Shmem' No useful comments are present. Top 10 frames of crashing thread: 0 libxul.so mozilla::ipc::FatalError ipc/glue/ProtocolUtils.cpp:296 1 libxul.so mbrtoc32 2 boot-framework.oat boot-framework.oat@0x162151e 3 dalvik-main space (deleted) dalvik-main space @0xd7a726d 4 boot-framework.oat boot-framework.oat@0x161f520 5 boot-framework.oat boot-framework.oat@0x1552363 6 dalvik-main space 1 (deleted) dalvik-main space 1 @0x8dac9fe 7 libxul.so mozilla::ipc::IProtocol::HandleFatalError const ipc/glue/ProtocolUtils.cpp:532 8 dalvik-main space 1 (deleted) dalvik-main space 1 @0x215b9c7 9 libxul.so mozilla::ipc::MessageChannel::DispatchAsyncMessage ipc/glue/MessageChannel.cpp:2248 =============================================================
Also seen on 63.0b3; e.g., bp-5420a1b5-c0b2-45d8-9f1f-189e00180906 And here's a similar crash on 63.0a1, but with a less messed-up stack: bp-3a3fdadd-8fba-4dd3-8da5-b255c0180901 If this was introduced shortly before build 20180831100133, looking at what changed recently in IPC… maybe it's related to bug 1485762?
See Also: → 1485762
Note: the mbrtoc32 stack frame appears to be a red herring - the frames above are all ipc, and the bottom frame is ipc. Nullptr crash
(In reply to Randell Jesup [:jesup] from comment #2) > Nullptr crash To clarify, it's a MOZ_CRASH, not an accidental nullptr. This also looks similar to bug 1491340, but the error message is slightly different. (As for bug 1485762, I remember going through the code and convincing myself it wouldn't break things in the error cases, but I didn't actually write down my rationale in the review — and judging by these crashes it does seem that I missed something, possibly to do with OOM cases.)
See Also: → 1491340
Unfortunately although this crash happened, I cannot find any crashes with that signature even searching Socorro 8 days back. I am not sure what happened to the reports :(.
(In reply to Marcia Knous [:marcia - needinfo? me] from comment #4) > Unfortunately although this crash happened, I cannot find any crashes with > that signature even searching Socorro 8 days back. I am not sure what > happened to the reports :(. It turns out mbrtoc32 was added to the skip list, and the all the crashes were reprocessed - see Bug 1497899#c1.
not actionable
Status: NEW → RESOLVED
Closed: 6 years ago
Priority: -- → P3
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.