Closed Bug 1213758 Opened 5 years ago Closed 5 years ago
.0a1 Crash [@ mozilla::layers::Compositor Parent::Update Plugin Window State(unsigned __int64) ]
Reporting on a top-crasher.
Crash Signature: [@ mozilla::layers::CompositorParent::UpdatePluginWindowState(unsigned __int64) ] → [@ mozilla::layers::CompositorParent::UpdatePluginWindowState(unsigned __int64) ] [@ mozilla::layers::CompositorParent::UpdatePluginWindowState ]
We access the layer tree state here on the compositor thread while in a composition call so lts data should be in good shape. However no lock is held on lts during this plugin update call and it looks like we can update this data from other threads.. hence the easily accessible lts lock. The crash isn't a null deref so it's not entirely clear what's going wrong, but acquiring the standard lts lock should hopefully fix it. https://treeherder.mozilla.org/#/jobs?repo=try&revision=eeaa0842d203
Attachment #8674269 - Flags: review?(matt.woodrow)
This lock is request during calls to CompositorParent::CompositeToTarget when the thread is down in a AutoResolveRefLayers, afaict this looks safe - http://mxr.mozilla.org/mozilla-central/source/gfx/layers/ipc/CompositorParent.cpp#1024
Attachment #8674269 - Flags: review?(matt.woodrow) → review+
Looks good, last report was for the 20151019 build. https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Alayers%3A%3ACompositorParent%3A%3AUpdatePluginWindowState#tab-reports
Moving from Core::Untriaged to Core::General https://bugzilla.mozilla.org/show_bug.cgi?id=1407598
Component: Untriaged → General
You need to log in before you can comment on or make changes to this bug.