Closed Bug 1383212 Opened 2 years ago Closed 2 years ago
Crash in std::vector<T>::push
59 bytes, text/x-review-board-request
This bug was filed from the Socorro interface and is report bp-9de07d04-d020-47e3-8883-60d520170721. ============================================================= Seen while looking at crash stats - crashes started using 20170716030208: http://bit.ly/2uiBRLC. 11 Crashes/10 installations. Possible regression range based on Build ID: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=b4e656e5a996dd385e9af43a4d9e207553377c51&tochange=aff336ac161daa3ea350e59a288963edbd58ed39 Comments: The last time this crashed (with webrender enabled) everything was smooth after clicking "restore this tab" : https://crash-stats.mozilla.com/report/index/f8dc8353-4dcc-4270-b812-a84630170718
Probably regression from bug 1376855 which added this code. WebRenderUserData is keeping a raw pointer to WebRenderLayerManager which is probably not the best idea. It's likely that in this case WebRenderLayerManager is getting destroyed first, and then when the frame data table is cleaned up it tries to dereference a garbage pointer. Morris, can you look into this?
Yes, I can handle this.
Assignee: nobody → mtseng
Comment on attachment 8889813 [details] Bug 1383212 - Store WebRenderLayerManager by RefPtr instead of raw pointer. https://reviewboard.mozilla.org/r/160904/#review166230
Attachment #8889813 - Flags: review?(bugmail) → review+
Pushed by email@example.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/496767d4e25d Store WebRenderLayerManager by RefPtr instead of raw pointer. r=kats
Duplicate of this bug: 1386270
You need to log in before you can comment on or make changes to this bug.