Crash in [@ IPC::ParamTraits<mozilla::layers::Animation>::Write]
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr115 | --- | unaffected |
firefox121 | --- | unaffected |
firefox122 | --- | unaffected |
firefox123 | blocking | fixed |
People
(Reporter: diannaS, Assigned: emilio)
References
Details
(Keywords: crash, regression, topcrash)
Crash Data
31 crashes on Windows from 14 installations of Firefox 123.0a1 20231220041048 - the first affected build.
Crash report: https://crash-stats.mozilla.org/report/index/8adddb9a-577c-4c03-a7df-ec1280231220
MOZ_CRASH Reason: MOZ_RELEASE_ASSERT(EnumValidator::IsLegalValue( static_cast<std::underlying_type_t<paramType>>(aValue)))
Top 10 frames of crashing thread:
0 xul.dll IPC::EnumSerializer<nsCSSPropertyID, IPC::ContiguousEnumValidator<nsCSSPropertyID, -1, 480> >::Write ipc/glue/EnumSerializer.h:60
1 xul.dll IPC::WriteParam ipc/chromium/src/chrome/common/ipc_message_utils.h:441
1 xul.dll IPC::ParamTraits<mozilla::layers::Animation>::Write ipc/ipdl/LayersMessages.cpp:2133
2 xul.dll IPC::WriteParam ipc/chromium/src/chrome/common/ipc_message_utils.h:441
2 xul.dll IPC::WriteSequenceParam<const mozilla::layers::Animation&> ipc/chromium/src/chrome/common/ipc_message_utils.h:593
3 xul.dll IPC::ParamTraits<nsTArray<mozilla::layers::Animation> >::Write ipc/glue/IPCMessageUtilsSpecializations.h:164
3 xul.dll IPC::WriteParam ipc/chromium/src/chrome/common/ipc_message_utils.h:441
3 xul.dll IPC::ParamTraits<mozilla::layers::CompositorAnimations>::Write ipc/ipdl/LayersMessages.cpp:2412
4 xul.dll IPC::WriteParam ipc/chromium/src/chrome/common/ipc_message_utils.h:441
4 xul.dll IPC::ParamTraits<mozilla::layers::OpAddCompositorAnimations>::Write ipc/ipdl/WebRenderMessages.cpp:227
Comment 1•5 months ago
|
||
Looks like an error serializing nsCSSPropertyID. New in the 20231220041048 build, which added these patches. Emilio, could this be a regression from bug 1870676? That changed nsCSSPropertyID.h.in, though there are a lot of other changes in that set.
Comment 2•5 months ago
|
||
Some lightly edited excerpts from comments on this crash:
"for some reason when I'm going through youtube music in 'responsive mode' there's no crashes..."
"every single time I press shuffle in youtube music it also crashes"
"it's the fifth time I have to reload this youtube music page! There is some error the 'music player' disappears when you make it 'full screen' Then the picture/video, the lyrics and what's playing (on the right) disappears too."
Comment 4•5 months ago
|
||
FWIW, I'm not having any trouble on YouTube Music on the latest Nightly, but I'm also on MacOS and the crashes are all on Windows if that matters.
Assignee | ||
Comment 5•5 months ago
|
||
It's plausible that it was a regression from those patches. However I also can't reproduce on the latest nightly and some related changes have landed in the meantime (bug 1870870 and bug 1870832 in particular), so I suspect it might have been fixed by some of those.
Have fuzzers seen this by any chance Tyson? Thank you.
Comment 6•5 months ago
|
||
I only see 5 crashes of any signature for the 20231220022945 build so far so I think it is too early to declare victory, but yeah maybe it is okay.
Assignee | ||
Comment 9•5 months ago
|
||
That is not quite the same issue, that one is failing to serialize a different thing.
Comment 10•5 months ago
|
||
The bug is marked as tracked for firefox123 (nightly). However, the bug still isn't assigned.
:fgriffith, could you please find an assignee for this tracked bug? If you disagree with the tracking decision, please talk with the release managers.
For more information, please visit BugBot documentation.
Comment 11•5 months ago
|
||
(In reply to Emilio Cobos Álvarez (:emilio) from comment #5)
It's plausible that it was a regression from those patches. However I also can't reproduce on the latest nightly and some related changes have landed in the meantime (bug 1870870 and bug 1870832 in particular), so I suspect it might have been fixed by some of those.
These crashes have continued in the 20231221052522 build, which has both bug 1870832 and bug 1870870.
Lots of crash URLs for this translation site, and one person also had it has the comment on their crash report: https://www.deepl.com/translator
Comment 12•5 months ago
|
||
Setting to blocker due to the volume of affected users on nightly.
Comment 13•5 months ago
|
||
The bug is linked to a topcrash signature, which matches the following criterion:
- Top 10 desktop browser crashes on nightly
For more information, please visit BugBot documentation.
Reporter | ||
Comment 14•5 months ago
|
||
:emilio anything to backout if there is no immediate solution given the increasing volume?
Assignee | ||
Comment 15•5 months ago
|
||
I suspect bug 1871194 is the right fix. It landed almost a day ago...
Updated•5 months ago
|
Reporter | ||
Comment 16•5 months ago
|
||
Closing this as there are no crashes since 2023-12-22 (coincides with the landing of bug 1871194)
Reporter | ||
Updated•5 months ago
|
Updated•5 months ago
|
Description
•