Closed
Bug 1153558
Opened 9 years ago
Closed 9 years ago
crash in msvcr120.dll@0xf20c via mozilla::gfx::CopyToImageSurface
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1133119
People
(Reporter: andreasjunghw, Unassigned)
References
Details
(Keywords: crash, topcrash-win, Whiteboard: [gfx-noted])
Crash Data
Attachments
(2 files, 1 obsolete file)
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0 Build ID: 20150402191859 Steps to reproduce: Since I updated to Firefox 37.0.1 I get this crash often when opening a relatively large number of tabs. I'm not really an expert in using an debugger but msvcr120.dll@0xf20c is apparently MSVCR120!memcpy+0x2a bp-34d692fc-89dd-437c-81f5-acb802150409 bp-eb915125-783e-430f-a36b-693f12150408 bp-6961b9c8-1bbf-47e6-b4b5-c57bf2150406 bp-c8ec2537-ce9c-4a18-ba77-da6482150410
Reporter | ||
Updated•9 years ago
|
Crash Signature: [@ msvcr120.dll@0xf20c ]
Reporter | ||
Comment 1•9 years ago
|
||
I was able to catch the crash directly in windbg, see attachment.
Comment 2•9 years ago
|
||
Windows 8.1 My STR here on 38 beta (bug 1102612 landed on the April 7th, but the latest has been built on the 9th): 1. Start a new conversation in Loop. 2. Enable tab sharing. 3. In the notification bar about sharing, click on the dropdown next to the OK button. Actual result: At the latest on clicking the dropdown a second time, the application or the screen of the whole OS will freeze. If the menu opens, the other menu option will be only black surface or the style of the window will break (see attached screenshot). https://crash-stats.mozilla.com/report/index/78f714e8-a82b-424a-8b93-364122150412
Comment 3•9 years ago
|
||
A large canvas like this trivially triggers this crash for me.
Comment 4•9 years ago
|
||
Uploaded the wrong version.
Attachment #8591892 -
Attachment is obsolete: true
Comment 5•9 years ago
|
||
[Tracking Requested - why for this release]: 37.0.1 has a large number of crashes (more than 18000 in 28 days) Reproduced the crash on Firefox 38 beta 5, Win 8 32-bit while playing some YouTube videos with flash (YouTube™ Flash® Player 1.2) and opening about:addons tab. https://crash-stats.mozilla.com/report/index/bp-4c13aab8-faa0-4935-accf-3aab42150417
tracking-firefox38:
--- → ?
Comment 6•9 years ago
|
||
Important crash, tracking. Milan, do you know who could help on this? Thanks
Updated•9 years ago
|
Flags: needinfo?(milan)
I want to say this is the same issue as bug 1133119, but the experts should confirm.
(In reply to David Major [:dmajor] from comment #7) > I want to say this is the same issue as bug 1133119, but the experts should > confirm. Crashes that do come through gfx::CopyToImageSurface, yeah, I'd say that's probably bug 1133119, which was fixed in 39, and not uplifted. My feeble searching skills get me to all memcpy crashes, and those are many and differing, but can somebody with better skills check if we have gfx::CopyToImageSurface related crashes in (late) 39 and 40? If that's clear, we should probably ask for the bug 1133119 uplift to 38.
Flags: needinfo?(milan)
The numbers are too small for me to make a confident statement about nightlies 39 and 40. But from what I can tell, around 85% of the memcpy crashes on 38 beta are via gfx::CopyToImageSurface. Sounds like an uplift would help!
Comment 10•9 years ago
|
||
I asked for an uplift in bug 1153558.
(In reply to Sylvestre Ledru [:sylvestre] from comment #10) > I asked for an uplift in bug 1153558. Sylvestre meant bug 1133119.
Comment 12•9 years ago
|
||
sorry, doing too many things in parallel :)
Updated•9 years ago
|
Keywords: topcrash-win
Comment 13•9 years ago
|
||
Do we still have this issue then?
Comment 14•9 years ago
|
||
(In reply to Sylvestre Ledru [:sylvestre] from comment #13) > Do we still have this issue then? The signature has moved way down in 38.0b9 for sure, so my guess is that this specific issue has been fixed with bug 1133119 and what's left is other stacks that happen to end up in memcpy, which is this signature.
Comment 15•9 years ago
|
||
OK, Thanks. I am afraid it is too late for 38. Tracking it for 39.
tracking-firefox39:
--- → +
Comment 16•9 years ago
|
||
The title of this bug is "crash in msvcr120.dll@0xf20c via mozilla::gfx::CopyToImageSurface". Those are fixed. I think we should either resolve this, or re-title it to reflect the fact that they're from other callers. Personally I lean towards the former, because the volume is so low that we wouldn't file a fresh bug for this.
Comment 17•9 years ago
|
||
I agree but with the current signature can't actually verify that the assumption that all of those are fixed is actually true.
Reporter | ||
Updated•9 years ago
|
Crash Signature: [@ msvcr120.dll@0xf20c ] → [@ msvcr120.dll@0xf20c ]
[@ msvcr120.dll@0xf20c | mozilla::gfx::CopyToImageSurface(unsigned char*, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&, int, mozilla::gfx::SurfaceFormat) ]
With bug 1161067 fixed, what's next on this bug?
Flags: needinfo?(kairo)
Comment 19•9 years ago
|
||
(In reply to Milan Sreckovic [:milan] from comment #18) > With bug 1161067 fixed, what's next on this bug? Now we can actually verify that this instance is fixed. :) Or rather, that it's a dupe. Marking as such as there are no crashes with the new signature in later builds than 38.0b6. \o/
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(kairo)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•