Intermittent netwerk/test/crashtests/675518.html (finished) | application terminated with exit code 1 after UndefinedBehaviorSanitizer: undefined-behavior /builds/worker/workspace/build/src/dom/ipc/ContentParent.cpp:3356
Categories
(Core :: DOM: Content Processes, defect, P5)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox65 | --- | wontfix |
| firefox66 | --- | wontfix |
| firefox67 | --- | wontfix |
| firefox68 | --- | fixed |
People
(Reporter: intermittent-bug-filer, Assigned: gsvelto)
References
Details
(4 keywords, Whiteboard: [post-critsmash-triage][adv-main68+])
Attachments
(1 file)
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta-
|
Details | Review |
#[markdown(off)]
Filed by: ncsoregi [at] mozilla.com
https://treeherder.mozilla.org/logviewer.html#?job_id=232719538&repo=autoland
[task 2019-03-08T18:42:28.918Z] 18:42:28 INFO - REFTEST TEST-START | file:///builds/worker/workspace/build/tests/reftest/tests/netwerk/test/crashtests/675518.html
[task 2019-03-08T18:42:28.918Z] 18:42:28 INFO - REFTEST TEST-LOAD | file:///builds/worker/workspace/build/tests/reftest/tests/netwerk/test/crashtests/675518.html | 3582 / 3679 (97%)
[task 2019-03-08T18:42:29.062Z] 18:42:29 INFO - REFTEST TEST-PASS | file:///builds/worker/workspace/build/tests/reftest/tests/netwerk/test/crashtests/675518.html | (LOAD ONLY)
[task 2019-03-08T18:42:29.062Z] 18:42:29 INFO - REFTEST TEST-END | file:///builds/worker/workspace/build/tests/reftest/tests/netwerk/test/crashtests/675518.html
[task 2019-03-08T18:42:29.101Z] 18:42:29 INFO - /builds/worker/workspace/build/src/dom/ipc/ContentParent.cpp:3356:26: runtime error: load of value 228, which is not a valid value for type 'bool'
[task 2019-03-08T18:42:29.101Z] 18:42:29 INFO - SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /builds/worker/workspace/build/src/dom/ipc/ContentParent.cpp:3356:26 in
[task 2019-03-08T18:42:29.208Z] 18:42:29 INFO - Crash Annotation GraphicsCriticalError: |[C0][GFX1-]: Receive IPC close with reason=AbnormalShutdown (t=851.529) [GFX1-]: Receive IPC close with reason=AbnormalShutdown
[task 2019-03-08T18:42:29.209Z] 18:42:29 INFO - [Child 1153, Chrome_ChildThread] WARNING: pipe error (43): Connection reset by peer: file /builds/worker/workspace/build/src/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
[task 2019-03-08T18:42:29.211Z] 18:42:29 INFO - [Child 1153, Chrome_ChildThread] WARNING: pipe error (26): Connection reset by peer: file /builds/worker/workspace/build/src/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
[task 2019-03-08T18:42:29.218Z] 18:42:29 INFO - [Child 1153, Chrome_ChildThread] WARNING: pipe error (3): Connection reset by peer: file /builds/worker/workspace/build/src/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
[task 2019-03-08T18:42:29.220Z] 18:42:29 INFO - Exiting due to channel error.
[task 2019-03-08T18:42:29.221Z] 18:42:29 INFO - Exiting due to channel error.
[task 2019-03-08T18:42:29.223Z] 18:42:29 INFO - [Child 1174, Chrome_ChildThread] WARNING: pipe error (3): Connection reset by peer: file /builds/worker/workspace/build/src/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
[task 2019-03-08T18:42:29.229Z] 18:42:29 INFO - Exiting due to channel error.
[task 2019-03-08T18:42:29.393Z] 18:42:29 ERROR - TEST-UNEXPECTED-FAIL | file:///builds/worker/workspace/build/tests/reftest/tests/netwerk/test/crashtests/675518.html (finished) | application terminated with exit code 1
[task 2019-03-08T18:42:29.409Z] 18:42:29 INFO - REFTEST INFO | Process mode: e10s
[task 2019-03-08T18:42:29.411Z] 18:42:29 WARNING - leakcheck | refcount logging is off, so leaks can't be detected!
[task 2019-03-08T18:42:29.434Z] 18:42:29 ERROR - Return code: 1
[task 2019-03-08T18:42:29.445Z] 18:42:29 ERROR - No suite end message was emitted by this harness.
[task 2019-03-08T18:42:29.445Z] 18:42:29 INFO - TinderboxPrint: reftest-crashtest<br/>7161/0/0
[task 2019-03-08T18:42:29.446Z] 18:42:29 ERROR - # TBPL FAILURE #
[task 2019-03-08T18:42:29.446Z] 18:42:29 WARNING - setting return code to 2
[task 2019-03-08T18:42:29.447Z] 18:42:29 ERROR - The reftest suite: crashtest ran with return status: FAILURE
| Comment hidden (Intermittent Failures Robot) |
|
||
Updated•5 years ago
|
|
||
Comment 2•5 years ago
|
||
So the issue here is that mShuttingDown here https://hg.mozilla.org/integration/autoland/file/14778fd00dc5fd23d368e910a7f0d5428cdff623/dom/ipc/ContentParent.cpp#l3356
has never been initialized. Looking at searchfox this makes sense: https://searchfox.org/mozilla-central/search?q=symbol:F_%3CT_mozilla%3A%3Adom%3A%3AContentParent%3E_mShuttingDown&redirect=false
it's set to true in one place, but never actually initialized to false in the constructor.
This is probably sec-low at worst, since all you can do with this is control whether or not a minidump is created.
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
Assignee | |
Comment 3•5 years ago
|
||
What a silly mistake, every time I run into stuff like this I wish we'd only be doing Rust :( Patch coming.
|
|
Assignee | |
Updated•5 years ago
|
|
|
Assignee | |
Comment 4•5 years ago
|
||
|
|
||
Comment 5•5 years ago
|
||
https://hg.mozilla.org/integration/autoland/rev/9a628e1147208212479e318fa093474f1e4f10a7
https://hg.mozilla.org/mozilla-central/rev/9a628e114720
|
|
||
Comment 6•5 years ago
|
||
Please nominate this for Beta approval when you get a chance.
|
|
Assignee | |
Comment 7•5 years ago
|
||
Comment on attachment 9051416 [details]
Bug 1533842 - When creating the ContentParent object explicitly flag it as not shutting down
Beta/Release Uplift Approval Request
- Feature/Bug causing the regression: Bug 1463048
- User impact if declined: No impact on users but causes tests on automation to fail
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): One-line change that initializes a field to the appropriate default value.
- String changes made/needed: None
|
||
Comment 8•5 years ago
|
||
Comment on attachment 9051416 [details]
Bug 1533842 - When creating the ContentParent object explicitly flag it as not shutting down
Fix for an intermittent already landed on mozilla-central, uplift approved for the next beta, thanks.
|
|
||
Comment 9•5 years ago
|
||
| uplift | ||
|
|
Assignee | |
Comment 10•5 years ago
|
||
This seemingly innocuous change is causing shutdown hangs again, I can fix it on nightly on Monday but it the meanwhile it might be worth backing out this change from beta. More details in bug 1536850 comment 2.
|
|
||
Comment 11•5 years ago
|
||
Yeah, shouldn't be a problem to get it backed out before Monday's b5 gtb.
|
|
||
Comment 12•5 years ago
|
||
Backed out from beta: https://hg.mozilla.org/releases/mozilla-beta/rev/aff09871d5b9
|
|
Assignee | |
Comment 13•5 years ago
|
||
FYI the proper fix is undergoing review in bug 1536850.
|
|
||
Comment 14•5 years ago
|
||
Is this worth revisiting for Beta or should we wontfix to play it safe?
|
|
Assignee | |
Comment 15•5 years ago
|
||
Bug 1536850 is a pretty straightforward fix, it does the right thing and doesn't seem to have had a negative impact elsewhere so it might be worth taking. Leaving the code as-is in beta means we're still reading an uninitialized variable and while it doesn't crash most of the time it's not doing the right thing either.
|
|
||
Comment 16•5 years ago
|
||
This patch isn't needed on Beta anymore per bug 1536850 comment 12.
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Updated•4 years ago
|
Description
•