Closed Bug 1871139 Opened 5 months ago Closed 5 months ago

Crash in [@ IPC::ParamTraits<mozilla::layers::Animation>::Write]

Categories

(Core :: CSS Parsing and Computation, defect)

Product:
Core
Component:
CSS Parsing and Computation
Platform:
Unspecified
Windows 11
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
123 Branch
Tracking Flags:
Tracking Status
firefox-esr115 --- unaffected
firefox121 --- unaffected
firefox122 --- unaffected
firefox123 blocking fixed

People

(Reporter: diannaS, Assigned: emilio)

References

Details

(Keywords: crash, regression, topcrash)

Crash Data

31 crashes on Windows from 14 installations of Firefox 123.0a1 20231220041048 - the first affected build.
Crash report: https://crash-stats.mozilla.org/report/index/8adddb9a-577c-4c03-a7df-ec1280231220

MOZ_CRASH Reason: MOZ_RELEASE_ASSERT(EnumValidator::IsLegalValue( static_cast<std::underlying_type_t<paramType>>(aValue)))

Top 10 frames of crashing thread:

0  xul.dll  IPC::EnumSerializer<nsCSSPropertyID, IPC::ContiguousEnumValidator<nsCSSPropertyID, -1, 480> >::Write  ipc/glue/EnumSerializer.h:60
1  xul.dll  IPC::WriteParam  ipc/chromium/src/chrome/common/ipc_message_utils.h:441
1  xul.dll  IPC::ParamTraits<mozilla::layers::Animation>::Write  ipc/ipdl/LayersMessages.cpp:2133
2  xul.dll  IPC::WriteParam  ipc/chromium/src/chrome/common/ipc_message_utils.h:441
2  xul.dll  IPC::WriteSequenceParam<const mozilla::layers::Animation&>  ipc/chromium/src/chrome/common/ipc_message_utils.h:593
3  xul.dll  IPC::ParamTraits<nsTArray<mozilla::layers::Animation> >::Write  ipc/glue/IPCMessageUtilsSpecializations.h:164
3  xul.dll  IPC::WriteParam  ipc/chromium/src/chrome/common/ipc_message_utils.h:441
3  xul.dll  IPC::ParamTraits<mozilla::layers::CompositorAnimations>::Write  ipc/ipdl/LayersMessages.cpp:2412
4  xul.dll  IPC::WriteParam  ipc/chromium/src/chrome/common/ipc_message_utils.h:441
4  xul.dll  IPC::ParamTraits<mozilla::layers::OpAddCompositorAnimations>::Write  ipc/ipdl/WebRenderMessages.cpp:227

Looks like an error serializing nsCSSPropertyID. New in the 20231220041048 build, which added these patches. Emilio, could this be a regression from bug 1870676? That changed nsCSSPropertyID.h.in, though there are a lot of other changes in that set.

Component: IPC → CSS Parsing and Computation
Flags: needinfo?(emilio)
Keywords: regression

Some lightly edited excerpts from comments on this crash:

"for some reason when I'm going through youtube music in 'responsive mode' there's no crashes..."

"every single time I press shuffle in youtube music it also crashes"

"it's the fifth time I have to reload this youtube music page! There is some error the 'music player' disappears when you make it 'full screen' Then the picture/video, the lyrics and what's playing (on the right) disappears too."

Duplicate of this bug: 1871141

FWIW, I'm not having any trouble on YouTube Music on the latest Nightly, but I'm also on MacOS and the crashes are all on Windows if that matters.

See Also: → 1871149

It's plausible that it was a regression from those patches. However I also can't reproduce on the latest nightly and some related changes have landed in the meantime (bug 1870870 and bug 1870832 in particular), so I suspect it might have been fixed by some of those.

Have fuzzers seen this by any chance Tyson? Thank you.

Flags: needinfo?(emilio) → needinfo?(twsmith)

I only see 5 crashes of any signature for the 20231220022945 build so far so I think it is too early to declare victory, but yeah maybe it is okay.

Possibly related Bug 1871145.

See Also: → 1871145

How about bug 1861999?

Flags: needinfo?(twsmith)

That is not quite the same issue, that one is failing to serialize a different thing.

Blocks: 1871145

The bug is marked as tracked for firefox123 (nightly). However, the bug still isn't assigned.

:fgriffith, could you please find an assignee for this tracked bug? If you disagree with the tracking decision, please talk with the release managers.

For more information, please visit BugBot documentation.

Flags: needinfo?(fgriffith)

(In reply to Emilio Cobos Álvarez (:emilio) from comment #5)

It's plausible that it was a regression from those patches. However I also can't reproduce on the latest nightly and some related changes have landed in the meantime (bug 1870870 and bug 1870832 in particular), so I suspect it might have been fixed by some of those.

These crashes have continued in the 20231221052522 build, which has both bug 1870832 and bug 1870870.

Lots of crash URLs for this translation site, and one person also had it has the comment on their crash report: https://www.deepl.com/translator

Setting to blocker due to the volume of affected users on nightly.

tracking-firefox123: +blocking

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 10 desktop browser crashes on nightly

For more information, please visit BugBot documentation.

Keywords: topcrash

:emilio anything to backout if there is no immediate solution given the increasing volume?

Flags: needinfo?(emilio)

I suspect bug 1871194 is the right fix. It landed almost a day ago...

Flags: needinfo?(emilio)
Depends on: 1871194
Assignee: nobody → emilio
Flags: needinfo?(fgriffith)

Closing this as there are no crashes since 2023-12-22 (coincides with the landing of bug 1871194)

Status: NEW → RESOLVED
Closed: 5 months ago
status-firefox123: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 123 Branch
You need to log in before you can comment on or make changes to this bug.