Open Bug 1912550 Opened 5 months ago Updated 5 months ago

Crash in [@ mozilla::ipc::PortLink::SendMessage | IPC_Message_Name=PWebGPU::Msg_RenderPass]

Categories

(Core :: Graphics: WebGPU, defect, P5)

Product:
Core
Component:
Graphics: WebGPU
Platform:
ARM64
All
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox131 --- affected

People

(Reporter: release-mgmt-account-bot, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/88a62616-2509-4001-a78e-0f38b0240809

MOZ_CRASH Reason: MOZ_CRASH(IPC message size is too large)

Top 10 frames of crashing thread:

0  xul.dll  mozilla::ipc::PortLink::SendMessage  ipc/glue/MessageLink.cpp:108
0  xul.dll  mozilla::ipc::MessageChannel::SendMessageToLink  ipc/glue/MessageChannel.cpp:811
0  xul.dll  mozilla::ipc::MessageChannel::Send  ipc/glue/MessageChannel.cpp:780
1  xul.dll  mozilla::ipc::IProtocol::ChannelSend  ipc/glue/ProtocolUtils.cpp:535
2  xul.dll  mozilla::webgpu::PWebGPUChild::SendRenderPass  ipc/ipdl/PWebGPUChild.cpp:286
3  xul.dll  mozilla::webgpu::CommandEncoder::EndRenderPass  dom/webgpu/CommandEncoder.cpp:260
4  xul.dll  mozilla::webgpu::RenderPassEncoder::End  dom/webgpu/RenderPassEncoder.cpp:340
4  xul.dll  mozilla::dom::GPURenderPassEncoder_Binding::end  dom/bindings/WebGPUBinding.cpp:24689
5  xul.dll  mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>  dom/bindings/BindingUtils.cpp:3268
6  ?  @0x00000163aa746508

By querying Nightly crashes reported within the last 2 months, here are some insights about the signature:

  • First crash report: 2024-06-12
  • Process type: Content
  • Is startup crash: No
  • Has user comments: No
  • Is null crash: Yes - 2 out of 4 crashes happened on null or near null memory address
Component: General → Graphics: WebGPU

Starting as S2 but might actually be an S3, Jim?

Severity: -- → S2
Flags: needinfo?(jimb)

There doesn't seem to be a security component here, and WebGPU is otherwise not shipped to the general public. Setting to S3.

Severity: S2 → S3
Flags: needinfo?(jimb)

Well, we shouldn't be trying to send IPDL messages that are so vast.

The current collection of crashes isn't inconsistent with one user playing around with very large render passes. The limit we're exhausting that causes this assertion is 256MiB in fuzzing builds, or 1.75GiB in other builds, so that's pretty generous.

If the volume jumps up, then we can re-triage, but this doesn't seem urgent to invest time in right now.

Marking this P5, as a performance problem.

Priority: -- → P5

(In reply to Jim Blandy :jimb from comment #4)

The current collection of crashes isn't inconsistent with one user playing around with very large render passes. The limit we're exhausting that causes this assertion is 256MiB in fuzzing builds, or 1.75GiB in other builds, so that's pretty generous.

It is an ifndef, so the limit is 256MB in normal builds. (We tried limiting it to 128MB which I think is more in line with Chrome but that caused too many problems.)

You need to log in before you can comment on or make changes to this bug.