Closed
Bug 1347836
Opened 7 years ago
Closed 7 years ago
Crash in nsLayoutUtils::SurfaceFromElement
Categories
(Core :: Audio/Video: Playback, defect)
Tracking
()
RESOLVED
FIXED
mozilla55
| Tracking | Status | |
|---|---|---|
| firefox52 | --- | unaffected |
| firefox-esr52 | --- | unaffected |
| firefox53 | --- | unaffected |
| firefox54 | --- | unaffected |
| firefox55 | --- | fixed |
People
(Reporter: calixte, Assigned: kaku)
References
(Blocks 1 open bug)
Details
(Keywords: crash, regression, Whiteboard: [clouseau])
Crash Data
Attachments
(2 files)
This bug was filed from the Socorro interface and is report bp-53b199e7-30f5-4c3d-8c8a-e39c82170315. ============================================================= There is 1 crash in nightly 55 with buildid 20170315030215. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1345403. [1] https://hg.mozilla.org/mozilla-central/rev?node=99e3488b1ea4ed83a5b2233f2eb08defb6025cd4
Flags: needinfo?(kaku)
|
||
Updated•7 years ago
|
Assignee: nobody → kaku
|
Assignee | |
Comment 1•7 years ago
|
||
http://searchfox.org/mozilla-central/rev/571c1fd0ba0617f83175ccc06ed6f3eb0a1a8b92/dom/html/HTMLMediaElement.cpp#1546-1547 Here, in HTMLMediaElement::GetCurrentImage(), we lock images in the ImageContainer by a AutoLockImage and then return the first locked image as a raw pointer. While leaving HTMLMediaElement::GetCurrentImage(), the AutoLockImage is destroyed and so the images are un-locked which means the the returned raw pointer might be dangling. We should instead return an already_AddRefed object.
Flags: needinfo?(kaku)
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
|
|
Assignee | |
Comment 4•7 years ago
|
||
Try: https://treeherder.mozilla.org/#/jobs?repo=try&revision=dc80e404423db1ee21e89dec2f0532ed2adb359b https://treeherder.mozilla.org/#/jobs?repo=try&revision=a8ba41a4f3c439ab54b2b34d2b556f38ee82e98e
|
|
||
Comment 5•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8848004 [details] Bug 1347836 part 1 - fix comment; https://reviewboard.mozilla.org/r/120962/#review122920
Attachment #8848004 -
Flags: review?(jwwang) → review+
|
|
||
Comment 6•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8848005 [details] Bug 1347836 part 2 - make HTMLMediaElement::GetCurrentImage() return an already_AddRefed<layers::Image>; https://reviewboard.mozilla.org/r/120964/#review122922
Attachment #8848005 -
Flags: review?(jwwang) → review+
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/6c475d5fd958 part 1 - fix comment; r=jwwang https://hg.mozilla.org/integration/autoland/rev/0b4a997d9fbb part 2 - make HTMLMediaElement::GetCurrentImage() return an already_AddRefed<layers::Image>; r=jwwang
Keywords: checkin-needed
|
||
Comment 9•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/6c475d5fd958 https://hg.mozilla.org/mozilla-central/rev/0b4a997d9fbb
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
|
||
Updated•7 years ago
|
status-firefox52:
--- → unaffected
status-firefox53:
--- → unaffected
status-firefox54:
--- → unaffected
status-firefox-esr52:
--- → unaffected
You need to log in
before you can comment on or make changes to this bug.
Description
•