Closed Bug 1911533 Opened 1 year ago Closed 7 months ago

Crash in [@ mozilla::ipc::FatalError | mozilla::ipc::IProtocol::HandleFatalError | IPC::ParamTraits<mozilla::SerializedStructuredCloneBuffer>::Write | IPC::ParamTraits<mozilla::dom::ClonedMessageData>::Write | mozilla::dom::PContentParent::SendRawMessage]

Categories

(Core :: IPC, defect)

Product:
Core
Component:
IPC
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: gsvelto, Unassigned, NeedInfo)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/98ef7e04-071c-4218-82bf-218550240805

MOZ_CRASH Reason: MOZ_CRASH(IPC FatalError in the parent process!)

Top 10 frames:

0  XUL  mozilla::ipc::FatalError(char const*, bool)  ipc/glue/ProtocolUtils.cpp:203
1  XUL  mozilla::ipc::IProtocol::HandleFatalError(char const*)  ipc/glue/ProtocolUtils.cpp:403
2  XUL  IPC::WriteParam<JSStructuredCloneData const&>(IPC::MessageWriter*, JSStructur...  ipc/chromium/src/chrome/common/ipc_message_utils.h:445
2  XUL  IPC::ParamTraits<mozilla::SerializedStructuredCloneBuffer>::Write(IPC::Messag...  ipc/glue/SerializedStructuredCloneBuffer.h:77
2  XUL  IPC::WriteParam<mozilla::SerializedStructuredCloneBuffer const&>(IPC::Message...  ipc/chromium/src/chrome/common/ipc_message_utils.h:445
2  XUL  IPC::ParamTraits<mozilla::dom::ClonedMessageData>::Write(IPC::MessageWriter*,...  ipc/ipdl/DOMTypes.cpp:128
3  XUL  IPC::WriteParam<mozilla::Maybe<mozilla::dom::ClonedMessageData> const&>(IPC::...  ipc/chromium/src/chrome/common/ipc_message_utils.h:445
3  XUL  mozilla::dom::PContentParent::SendRawMessage(mozilla::dom::JSActorMessageMeta...  ipc/ipdl/PContentParent.cpp:1328
4  XUL  mozilla::dom::JSProcessActorParent::SendRawMessage(mozilla::dom::JSActorMessa...  dom/ipc/jsactor/JSProcessActorParent.cpp:80
5  XUL  mozilla::dom::JSActor::SendAsyncMessage(JSContext*, nsTSubstring<char16_t> co...  dom/ipc/jsactor/JSActor.cpp:224

Given this is a macOS-specific crash around IPC I wonder if it's related to similar issues like bug 1892652. It seems that this crash first appeared in 128 but we have only one report there. All other reports are on nightly & beta.

The IPC fatal error message for all of these is "JSStructuredCloneData over 4Gb in size".

For the 20 crashes in the last 2 weeks, these are all from JSProcessActorParent::SendRawMessage. There aren't many JS process actors, relative to window actors, so I'd guess that it is one specific actor.

There's nothing we can do about this on the IPC side, this error is just because some IPC message is enormous.

My guess is that ConduitsParent is (which is used for extensions IIRC) is sending something enormous through structured clone. Not sure what we can/should do about that.

Severity: -- → S3

ni? :zombie as a FYI that extremely large IPC messages from extensions can cause crashes.

Flags: needinfo?(tomica)

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 7 months ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.