In today's Windows nightly builds, a new crash seems to have appeared at mozilla::layers::RenderLayers that's a null dereference (the crash address is always 0x4 or 0x8). There were a few previous crashes with that signature in nightly 40.0a1, but with different crash addresses: https://crash-stats.mozilla.com/signature/?product=Firefox&platform=Windows&version=40.0a1&signature=mozilla%3A%3Alayers%3A%3ARenderLayers%3Cmozilla%3A%3Alayers%3A%3AContainerLayerComposite%3E%28mozilla%3A%3Alayers%3A%3AContainerLayerComposite*%2C+mozilla%3A%3Alayers%3A%3ALayerManagerComposite*%2C+mozilla%3A%3Agfx%3A%3AIntRectTyped%3Cmozilla%3A%3ARenderTargetPixel%3E+const%26%29&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&page=1 Based on the few hours of data so far, it seems like this will be the top crash in nightly builds (although probably not by a massive margin), although there's a chance it could be a small number of users, or a change in a prominent website.
(And I'm getting the data from http://dbaron.org/mozilla/crashes-by-build .)
(I did check that it's not all the same user.)
Oh, and the regression range would be: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=41cda3ce8c98&tochange=946ac85af8f4
I'm going to guess related to APZ on by default, since container layers are mentioned.
Flags: needinfo?(milan) → needinfo?(dvander)
Mostly guessing here but it looks like the code at  can cause us to skip recursing on container layers, leaving mPrepared as null. Then during RenderLayers when we hit that layer, we could crash in this way.  http://mxr.mozilla.org/mozilla-central/source/gfx/layers/composite/ContainerLayerComposite.cpp?rev=7f2cb4c27f48#276
Created attachment 8596153 [details] [diff] [review] Speculative fix
Attachment #8596153 - Flags: review?(nical.bugzilla)
Attachment #8596153 - Flags: review?(nical.bugzilla) → review+
Try push to be safe: https://treeherder.mozilla.org/#/jobs?repo=try&revision=3694bad3db40
Can you please add a comment to the check you're adding?
(In reply to Markus Stange [:mstange] from comment #8) > Can you please add a comment to the check you're adding? Sorry, didn't see this. Landed a follow-up with a comment.
Assignee: nobody → bugmail.mozilla
Status: NEW → RESOLVED
Last Resolved: 3 years ago
status-firefox40: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla40
You need to log in before you can comment on or make changes to this bug.