Open
Bug 1637777
Opened 5 years ago
Updated 5 years ago
Crash ForkServer on debug build / emulator-10-x86_64
Categories
(Core :: IPC, defect, P5)
Tracking
()
NEW
People
(Reporter: gerard-majax, Unassigned)
References
(Blocks 1 open bug)
Details
Reproduced with gecko-dev at https://github.com/lissyx/gecko-dev/commit/b8db759c7006eead4f17408fcc90a16041ba389f
STR:
- Build emulator-10-x86_64 with
export B2G_DEBUG=1in your.userconfig - Run under gdb
Expected:
No crash
Actual:
Thread 4 "IPC Launch" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1996.2204]
MOZ_Crash (aFilename=<optimized out>, aLine=57, aReason=0x7fff696830ff "Fail to receive HELLO message") at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/Assertions.h:332
332 MOZ_REALLY_CRASH(aLine);
(gdb) bt
#0 MOZ_Crash (aFilename=<optimized out>, aLine=57, aReason=0x7fff696830ff "Fail to receive HELLO message") at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/Assertions.h:332
#1 mozilla::ipc::MiniTransceiver::RecvInfallible (this=<optimized out>, aMsg=..., aCrashMessage=0x7fff696830ff "Fail to receive HELLO message") at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/ipc/MiniTransceiver.h:57
#2 0x00007fff6c9ba649 in mozilla::ipc::ForkServiceChild::SendForkNewSubprocess (this=0x7fff64fe3380, aArgv=..., aEnvMap=..., aFdsRemap=..., aPid=0x7ffff573570c) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/glue/ForkServiceChild.cpp:64
#3 0x00007fff6c98a81d in base::LaunchAppWithForkServer (argv=..., options=..., process_handle=0x7ffff573570c) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/UniquePtr.h:287
#4 base::LaunchApp (argv=..., options=..., process_handle=<optimized out>) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/chromium/src/base/process_util_linux.cc:296
#5 0x00007fff6c9bd1d7 in mozilla::ipc::PosixProcessLauncher::DoLaunch (this=<optimized out>) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/glue/GeckoChildProcessHost.cpp:1207
#6 0x00007fff6c9bc6d9 in mozilla::ipc::BaseProcessLauncher::PerformAsyncLaunch (this=0x7fff62e7df20) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/glue/GeckoChildProcessHost.cpp:965
#7 0x00007fff6c9cd9c6 in mozilla::detail::RunnableMethodArguments<>::applyImpl<mozilla::ipc::BaseProcessLauncher, RefPtr<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false> > (mozilla::ipc::BaseProcessLauncher::*)()>(mozilla::ipc::BaseProcessLauncher*, RefPtr<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false> > (mozilla::ipc::BaseProcessLauncher::*)(), mozilla::Tuple<>&, std::__1::integer_sequence<unsigned long>) (m=<optimized out>, args=..., o=<optimized out>) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/nsThreadUtils.h:1168
#8 mozilla::detail::RunnableMethodArguments<>::apply<mozilla::ipc::BaseProcessLauncher, RefPtr<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false> > (mozilla::ipc::BaseProcessLauncher::*)()> (this=<optimized out>, m=<optimized out>, o=<optimized out>)
at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/nsThreadUtils.h:1174
#9 mozilla::detail::MethodCall<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false>, RefPtr<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false> > (mozilla::ipc::BaseProcessLauncher::*)(), mozilla::ipc::BaseProcessLauncher>::Invoke (this=<optimized out>)
at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/MozPromise.h:1333
#10 0x00007fff6c9cd866 in mozilla::detail::ProxyRunnable<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false>, RefPtr<mozilla::MozPromise<mozilla::ipc::LaunchResults, mozilla::ipc::LaunchError, false> > (mozilla::ipc::BaseProcessLauncher::*)(), mozilla::ipc::BaseProcessLauncher>::Run (this=0x7fff62e90d00)
at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/objdir-gecko/dist/include/mozilla/MozPromise.h:1353
#11 0x00007fff6c43fecd in mozilla::TaskQueue::Runner::Run (this=0x7fff62eae1e0) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/xpcom/threads/TaskQueue.cpp:208
#12 0x00007fff6fbb0336 in mozilla::tasktracer::TracedRunnable::Run (this=0x7fff62e8d8d0) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/tools/profiler/tasktracer/TracedTaskCommon.cpp:101
#13 0x00007fff6c453c25 in nsThread::ProcessNextEvent (this=0x7fff64f7aef0, aMayWait=<optimized out>, aResult=0x7ffff5735a0f) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/xpcom/threads/nsThread.cpp:1200
#14 0x00007fff6c45763e in NS_ProcessNextEvent (aThread=0x7fff64f7aef0, aMayWait=true) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/xpcom/threads/nsThreadUtils.cpp:481
#15 0x00007fff6c9dd1e7 in mozilla::ipc::MessagePumpForNonMainThreads::Run (this=0x7fff6323df80, aDelegate=0x7ffff5735b28) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/glue/MessagePump.cpp:332
#16 0x00007fff6c98f536 in MessageLoop::RunInternal (this=0x7ffff5735b28) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/chromium/src/base/message_loop.cc:315
#17 0x00007fff6c98f49f in MessageLoop::RunHandler (this=0x7ffff5735b28) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/chromium/src/base/message_loop.cc:308
#18 MessageLoop::Run (this=0x7ffff5735b28) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/ipc/chromium/src/base/message_loop.cc:290
#19 0x00007fff6c4518a8 in nsThread::ThreadFunc (aArg=<optimized out>) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/xpcom/threads/nsThread.cpp:444
#20 0x00007fff6805a1a0 in _pt_root (arg=0x7fff7327f230) at /home/alexandre/Documents/codaz/Mozilla/MiscWork/B2G.KaiOS/gecko/nsprpub/pr/src/pthreads/ptthread.c:201
#21 0x00007ffff3683fcf in __pthread_start (arg=0x7ffff5735d50) at bionic/libc/bionic/pthread_create.cpp:338
#22 0x00007ffff361bfe8 in __start_thread (fn=0x7ffff3683fb0 <__pthread_start(void*)>, arg=0x7ffff5735d50) at bionic/libc/bionic/clone.cpp:53
This looked intermittent, I've hit it only once in a few tries.
Flags: needinfo?(thinker.li)
|
||
Updated•5 years ago
|
Severity: -- → S3
Priority: -- → P5
|
||
Comment 1•5 years ago
|
||
This would happen if the parent process dies, or is killed, before having a chance to send a HELLO message from the parent.
The question is why the parent process dies so early, either exiting normally or crashing.
Flags: needinfo?(thinker.li)
|
|
||
Comment 2•5 years ago
|
||
Another possible cause is the pipe have been closed at the parent end for unknown reason.
If the parent process is still there, it will be helpfull by checking and comparing /proc/<pid>/fd/ of the parent and the fork server process.
|
Reporter | |
Comment 3•5 years ago
|
||
While debugging something else, I came accross the fact that:
- emulator-10 x86_64 uses
/system/lib64 ForkServer.cppon closedlopen()from/system/lib/
While this might not be the cause for the present crash, I'd need to re-investigate to ensure.
You need to log in
before you can comment on or make changes to this bug.
Description
•