Closed
Bug 1355253
Opened 8 years ago
Closed 8 years ago
stylo: Crash when accessing URI off main thread in nsStyleImageLayers::Layer::CalcDifference
Categories
(Core :: CSS Parsing and Computation, defect)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
DUPLICATE
of bug 1354772
Tracking | Status | |
---|---|---|
firefox55 | --- | affected |
People
(Reporter: erahm, Unassigned)
Details
This is pretty much an insta-crash for on on OSX. STR:
Update to central as of April 10, 2017:
> [ericrahm@erahm-25043 ~/dev/mozilla-central]$ hg tip
> changeset: 352134:b1364675bdf5
> tag: tip
> fxtree: central
> user: ffxbld
> date: Mon Apr 10 07:41:09 2017 -0700
> summary: No bug, Automated HPKP preload list update from host bld-linux64-spot-302 - a=hpkp-update
Build:
> ./mach build
Run:
> ./mach run https://en.wikipedia.org/wiki/Barack_Obama --disable-e10s
Failure and backtrace:
> 0:00.24 /Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/dist/Nightly.app/Contents/MacOS/firefox https://en.wikipedia.org/wiki/Barack_Obama -no-remote -foreground -profile /Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/tmp/scratch_user
> [ericrahm@erahm-25043 ~/dev/mozilla-central]$ ./mach run --debug https://en.wikipedia.org/wiki/Barack_Obama --disable-e10s
> 0:01.89 /Applications/Xcode.app/Contents/Developer/usr/bin/lldb -- /Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/dist/Nightly.app/Contents/MacOS/firefox https://en.wikipedia.org/wiki/Barack_Obama -no-remote -foreground -profile /Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/tmp/scratch_user
> There is a .lldbinit file in the current directory which is not being read.
> To silence this warning without sourcing in the local .lldbinit,
> add the following to the lldbinit file in your home directory:
> settings set target.load-cwd-lldbinit false
> To allow lldb to source .lldbinit files in the current working directory,
> set the value of this variable to true. Only do so if you understand and
> accept the security risk.
> (lldb) target create "/Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/dist/Nightly.app/Contents/MacOS/firefox"
> Current executable set to '/Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/dist/Nightly.app/Contents/MacOS/firefox' (x86_64).
> (lldb) settings set -- target.run-args "https://en.wikipedia.org/wiki/Barack_Obama" "-no-remote" "-foreground" "-profile" "/Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/tmp/scratch_user"
> (lldb) run
> Process 59352 launched: '/Users/ericrahm/dev/mozilla-central/obj-x86_64-apple-darwin16.4.0-release-stylo/dist/Nightly.app/Contents/MacOS/firefox' (x86_64)
> 2017-04-10 15:54:37.345224 firefox[59352:10134758] WARNING: The Gestalt selector gestaltSystemVersion is returning 10.9.3 instead of 10.12.3. This is not a bug in Gestalt -- it is a documented limitation. Use NSProcessInfo's operatingSystemVersion property to get correct system version number.
> Call location:
> 2017-04-10 15:54:37.349586 firefox[59352:10134758] 0 CarbonCore 0x00007fffbd3d81e1 ___Gestalt_SystemVersion_block_invoke + 121
> 2017-04-10 15:54:37.349618 firefox[59352:10134758] 1 libdispatch.dylib 0x00007fffd19f00b8 _dispatch_client_callout + 8
> 2017-04-10 15:54:37.349626 firefox[59352:10134758] 2 libdispatch.dylib 0x00007fffd19f0075 dispatch_once_f + 38
> 2017-04-10 15:54:37.349633 firefox[59352:10134758] 3 CarbonCore 0x00007fffbd366272 _Gestalt_SystemVersion + 976
> 2017-04-10 15:54:37.349639 firefox[59352:10134758] 4 CarbonCore 0x00007fffbd365a8d Gestalt + 139
> 2017-04-10 15:54:37.349646 firefox[59352:10134758] 5 XUL 0x00000001040eeed6 _cairo_quartz_surface_create_internal + 294
> 2017-04-10 15:54:37.349653 firefox[59352:10134758] 6 XUL 0x00000001040ef495 _moz_cairo_quartz_surface_create_for_data + 309
> XUL was compiled with optimization - stepping may behave oddly; variables may not be available.
> Process 59352 stopped
> * thread #32, stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
> frame #0: 0x0000000103b01894 XUL`mozilla::css::URLValueData::GetURI() const [inlined] nsMainThreadPtrHolder<nsIURI>::get(this=0x000000012cfbcc00) at nsProxyRelease.h:269 [opt]
> 266 // Nobody should be touching the raw pointer off-main-thread.
> 267 if (mStrict && MOZ_UNLIKELY(!NS_IsMainThread())) {
> 268 NS_ERROR("Can't dereference nsMainThreadPtrHolder off main thread");
> -> 269 MOZ_CRASH();
> 270 }
> 271 return mRawPtr;
> 272 }
> (lldb) bt
> error: need to add support for DW_TAG_base_type '()' encoded with DW_ATE = 0x7, bit_size = 0
> * thread #32, stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
> * frame #0: 0x0000000103b01894 XUL`mozilla::css::URLValueData::GetURI() const [inlined] nsMainThreadPtrHolder<nsIURI>::get(this=0x000000012cfbcc00) at nsProxyRelease.h:269 [opt]
> frame #1: 0x0000000103b01883 XUL`mozilla::css::URLValueData::GetURI() const [inlined] nsMainThreadPtrHandle<nsIURI>::get() at nsProxyRelease.h:336 [opt]
> frame #2: 0x0000000103b01883 XUL`mozilla::css::URLValueData::GetURI() const [inlined] nsMainThreadPtrHandle<nsIURI>::operator nsIURI*() at nsProxyRelease.h:348 [opt]
> frame #3: 0x0000000103b01883 XUL`mozilla::css::URLValueData::GetURI(this=<unavailable>) const at nsCSSValue.cpp:2865 [opt]
> frame #4: 0x0000000103b03f56 XUL`mozilla::css::URLValueData::HasRef(this=<unavailable>) const at nsCSSValue.cpp:2875 [opt]
> frame #5: 0x0000000103b97882 XUL`nsStyleImageLayers::Layer::CalcDifference(this=0x000000013f026c20, aNewLayer=0x0000000122af12b0) const at nsStyleStruct.cpp:3031 [opt]
> frame #6: 0x0000000103b93378 XUL`nsStyleImageLayers::CalcDifference(this=0x0000000122af1280, aNewLayers=0x000000013f026bf0, aType=Background) const at nsStyleStruct.cpp:2661 [opt]
> frame #7: 0x0000000103b852e3 XUL`nsChangeHint nsStyleContext::CalcStyleDifferenceInternal<FakeStyleContext>(FakeStyleContext*, unsigned int*, unsigned int*) [inlined] nsStyleBackground::CalcDifference(this=<unavailable>, aNewData=<unavailable>) const at nsStyleStruct.cpp:3112 [opt]
> frame #8: 0x0000000103b852cb XUL`nsChangeHint nsStyleContext::CalcStyleDifferenceInternal<FakeStyleContext>(this=0x000000012d35e880, aNewContext=<unavailable>, aEqualStructs=<unavailable>, aSamePointerStructs=<unavailable>) at nsStyleContext.cpp:1083 [opt]
> frame #9: 0x0000000103b845d5 XUL`nsStyleContext::CalcStyleDifference(this=<unavailable>, aNewComputedValues=<unavailable>, aEqualStructs=<unavailable>, aSamePointerStructs=<unavailable>) at nsStyleContext.cpp:1253 [opt]
> frame #10: 0x0000000103ab9065 XUL`::Gecko_CalcStyleDifference(aOldStyleContext=<unavailable>, aComputedValues=<unavailable>) at ServoBindings.cpp:316 [opt]
> frame #11: 0x00000001055f14bc XUL`style::matching::PrivateMatchMethods::accumulate_damage::h3bb91af3670ffa8f + 76
> frame #12: 0x00000001055f2c10 XUL`style::matching::PrivateMatchMethods::cascade_primary_or_pseudo::hc3ae251f2aaa5bf8 + 1664
> frame #13: 0x00000001055eb2b4 XUL`style::traversal::compute_style::h5a0eafa0e320f39b + 10388
> frame #14: 0x00000001055e8386 XUL`_$LT$style..gecko..traversal..RecalcStyleOnly$LT$$u27$recalc$GT$$u20$as$u20$style..traversal..DomTraversal$LT$style..gecko..wrapper..GeckoElement$LT$$u27$le$GT$$GT$$GT$::process_preorder::h229c631689890c88 + 534
> frame #15: 0x00000001053ded89 XUL`style::parallel::traverse_nodes::h5c3331a639529028 + 1225
> frame #16: 0x00000001053df049 XUL`style::parallel::traverse_nodes::h5c3331a639529028 + 1929
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•