Closed Bug 1120252 Opened 11 years ago Closed 11 years ago

startup crash in mozilla::layout::RenderFrameParent::GetApzcTreeManager()

Categories

(Core :: Panning and Zooming, defect)

Product:
Core
Component:
Panning and Zooming
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla37
Tracking Flags:
Tracking Status
firefox36 --- verified
firefox37 --- verified
firefox-esr31 --- fixed
b2g-v1.4 --- fixed
b2g-v2.0 --- fixed
b2g-v2.1 --- fixed
b2g-v2.1S --- fixed
b2g-v2.2 --- fixed

People

(Reporter: away, Assigned: kats)

References

Details

(Keywords: crash)

Crash Data

Attachments

(1 file)

Patch
1.58 KB, patch
mattwoodrow
: review+
Details | Diff | Splinter Review
This bug was filed from the Socorro interface and is report bp-205720aa-02a2-4baf-bbd1-6c7c52150109. ============================================================= This startup crash exploded with build 20150109030224 and is currently the top crash in 3-day data on nightly. The crash is Win7SP1 only. RenderFrameParent::GetApzcTreeManager received a poisoned value from CompositorParent::GetAPZCTreeManager, so it looks like the CompositorParent is dead. Regression range: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=70de2960aa87&tochange=b3f84cf78dc2 Bug 1109873 looks the most suspicious. Kats can you confirm? As a persistent startup crash this could cost us users and we should avoid letting it hit aurora even for a day. Please consider a backout if it can't be fixed before merge day.
Flags: needinfo?(bugmail.mozilla)
I don't think bug 1109873 is the likely culprit here, as it doesn't affect the codepaths that are being hit in the crash stack. I'll take a closer look later this evening, leaving ni on me for now.
This might be the same issue as bug 1107009. It's not clear to me why it spiked suddenly. I'm pretty sure that my patches in bug 1109873 would not have caused this. However since this crash is on Windows only, and APZC is disabled there anyway, we can add an extra check for the APZ pref and prevent going down this code path earlier. That should be a safe and quick fix that we can get in before the merge.
No longer blocks: 1109873
Flags: needinfo?(bugmail.mozilla)
Attached patch PatchSplinter Review
This should avoid the crash for now.
Attachment #8547254 - Flags: review?(dmajor)
(Note also that the expected return value of this function is null when APZ is disabled because of the code at http://mxr.mozilla.org/mozilla-central/source/gfx/layers/ipc/CompositorParent.cpp?rev=160acaa4fc44#389)
Assignee: nobody → bugmail.mozilla
Attachment #8547254 - Flags: review?(dmajor) → review+
https://hg.mozilla.org/mozilla-central/rev/26f5729d5ccc
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla37
No hits so far on the latest nightly. We'd definitely have seen them by now if the issue were still happening. So the fix looks good. Thanks Kats!
Based on the crash in bug 1120485 which started on the same nightly as this one and is also windows 7, I suspect the root cause here was bug 1107718.
Blocks: 1107718
See Also: → 1120485
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: