Closed
Bug 1413269
Opened 7 years ago
Closed 7 years ago
Crash in mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface
Categories
(Core :: Graphics: CanvasWebGL, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla59
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox56 | --- | unaffected |
| firefox57 | + | fixed |
| firefox58 | + | fixed |
| firefox59 | --- | fixed |
People
(Reporter: philipp, Assigned: jgilbert)
References
Details
(4 keywords, Whiteboard: [gfx-noted])
Crash Data
Attachments
(3 files)
|
3.08 KB,
text/plain
|
Details | |
|
2.42 KB,
text/plain
|
Details | |
|
59 bytes,
text/x-review-board-request
|
jgilbert
:
review+
gchang
:
approval-mozilla-beta+
Sylvestre
:
approval-mozilla-release+
|
Details |
This bug was filed from the Socorro interface and is
report bp-bab35a31-2c57-4998-a37c-af58b0171029.
=============================================================
Crashing Thread (0)
Frame Module Signature Source
Ø 0 libsystem_kernel.dylib libsystem_kernel.dylib@0x10f72
1 XUL google_breakpad::ReceivePort::WaitForMessage(google_breakpad::MachReceiveMessage*, unsigned int) toolkit/crashreporter/google-breakpad/src/common/mac/MachIPC.mm:249
2 XUL google_breakpad::CrashGenerationClient::RequestDumpForException(int, int, int, unsigned int) toolkit/crashreporter/breakpad-client/mac/crash_generation/crash_generation_client.cc:67
3 XUL google_breakpad::ExceptionHandler::WriteMinidumpWithException(int, int, int, __darwin_ucontext*, unsigned int, bool, bool) toolkit/crashreporter/breakpad-client/mac/handler/exception_handler.cc:375
4 XUL google_breakpad::ExceptionHandler::SignalHandler(int, __siginfo*, void*) toolkit/crashreporter/breakpad-client/mac/handler/exception_handler.cc:616
5 libsystem_platform.dylib _sigtramp
6 @0x7fff5c4c95cf
7 @0x11efaf471
8 libsystem_c.dylib abort
Ø 9 AppleIntelHD3000GraphicsGLDriver AppleIntelHD3000GraphicsGLDriver@0x27747
Ø 10 AppleIntelHD3000GraphicsGLDriver AppleIntelHD3000GraphicsGLDriver@0x362055
Ø 11 GLEngine GLEngine@0xb3c13
Ø 12 GLEngine GLEngine@0xb3409
Ø 13 GLEngine GLEngine@0x10ba31
14 libdispatch.dylib _dispatch_client_callout
15 libdispatch.dylib _dispatch_barrier_sync_f_invoke
Ø 16 GLEngine GLEngine@0x81075
17 XUL mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface(RefPtr<MacIOSurface> const&, mozilla::gl::GLContext*, mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> const&, bool) gfx/gl/GLContext.h:2158
18 XUL mozilla::gl::SurfaceFactory_IOSurface::CreateShared(mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> const&) gfx/gl/SharedSurfaceIO.cpp:159
19 XUL mozilla::gl::SurfaceFactory::NewTexClient(mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> const&, mozilla::layers::LayersIPCChannel const*) gfx/gl/SharedSurface.cpp:340
20 XUL mozilla::gl::GLScreenBuffer::Swap(mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> const&) gfx/gl/GLScreenBuffer.cpp:559
21 XUL mozilla::WebGLContext::PresentScreenBuffer() dom/canvas/WebGLContext.cpp:1622
22 XUL mozilla::WebGLContextUserData::PreTransactionCallback(void*) dom/canvas/WebGLContext.cpp:1642
23 XUL mozilla::layers::ShareableCanvasRenderer::UpdateCompositableClient() gfx/layers/CanvasRenderer.h:150
24 XUL mozilla::layers::ClientCanvasLayer::RenderLayer() gfx/layers/client/ClientCanvasLayer.cpp:28
25 XUL mozilla::layers::ClientContainerLayer::RenderLayer() gfx/layers/client/ClientContainerLayer.h:57
26 XUL mozilla::layers::ClientLayerManager::EndTransactionInternal(void (*)(mozilla::layers::PaintedLayer*, gfxContext*, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, mozilla::layers::DrawRegionClip, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, void*), void*, mozilla::layers::LayerManager::EndTransactionFlags) gfx/layers/client/ClientLayerManager.cpp:380
27 XUL mozilla::layers::ClientLayerManager::EndTransaction(void (*)(mozilla::layers::PaintedLayer*, gfxContext*, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, mozilla::layers::DrawRegionClip, mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&, void*), void*, mozilla::layers::LayerManager::EndTransactionFlags) gfx/layers/client/ClientLayerManager.cpp:438
28 XUL nsDisplayList::PaintRoot(nsDisplayListBuilder*, gfxContext*, unsigned int) layout/painting/nsDisplayList.cpp:2347
29 XUL nsLayoutUtils::PaintFrame(gfxContext*, nsIFrame*, nsRegion const&, unsigned int, nsDisplayListBuilderMode, nsLayoutUtils::PaintFrameFlags) layout/base/nsLayoutUtils.cpp:3737
30 XUL mozilla::PresShell::Paint(nsView*, nsRegion const&, unsigned int) layout/base/PresShell.cpp:6454
31 XUL nsViewManager::ProcessPendingUpdatesPaint(nsIWidget*) view/nsViewManager.cpp:480
32 XUL nsViewManager::ProcessPendingUpdatesForView(nsView*, bool) view/nsViewManager.cpp:412
33 XUL nsViewManager::ProcessPendingUpdates() view/nsViewManager.cpp:1102
34 XUL nsRefreshDriver::Tick(long long, mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp:2082
35 XUL mozilla::RefreshDriverTimer::TickRefreshDrivers(long long, mozilla::TimeStamp, nsTArray<RefPtr<nsRefreshDriver> >&) layout/base/nsRefreshDriver.cpp:337
36 XUL mozilla::RefreshDriverTimer::Tick(long long, mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp:329
37 XUL mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp:770
38 XUL mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::NotifyVsync(mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp:584
39 XUL mozilla::layout::VsyncChild::RecvNotify(mozilla::TimeStamp const&) layout/ipc/VsyncChild.cpp:67
40 XUL mozilla::layout::PVsyncChild::OnMessageReceived(IPC::Message const&) ipc/ipdl/PVsyncChild.cpp:155
41 XUL mozilla::ipc::MessageChannel::DispatchAsyncMessage(IPC::Message const&) ipc/glue/MessageChannel.cpp:2119
42 XUL mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) ipc/glue/MessageChannel.cpp:2049
43 XUL mozilla::ipc::MessageChannel::MessageTask::Run() ipc/glue/MessageChannel.cpp:1928
44 XUL nsThread::ProcessNextEvent(bool, bool*) xpcom/threads/nsThread.cpp:1039
45 XUL NS_ProcessPendingEvents(nsIThread*, unsigned int) xpcom/threads/nsThreadUtils.cpp:463
46 XUL nsBaseAppShell::NativeEventCallback() widget/nsBaseAppShell.cpp:99
47 XUL nsAppShell::ProcessGeckoEvents(void*) widget/cocoa/nsAppShell.mm:436
Ø 48 CoreFoundation CoreFoundation@0xaa7e0
Ø 49 CoreFoundation CoreFoundation@0x89f0b
Ø 50 CoreFoundation CoreFoundation@0x8942e
Ø 51 CoreFoundation CoreFoundation@0x88e27
52 HIToolbox RunCurrentEventLoopInMode
53 HIToolbox ReceiveNextEventCommon
54 HIToolbox _BlockUntilNextEventMatchingListInModeWithFilter
55 AppKit _DPSNextEvent
56 AppKit -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:]
57 XUL -[GeckoNSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] widget/cocoa/nsAppShell.mm:158
58 AppKit -[NSApplication run]
59 XUL nsAppShell::Run() widget/cocoa/nsAppShell.mm:715
60 XUL XRE_RunAppShell() toolkit/xre/nsEmbedFunctions.cpp:880
61 XUL MessageLoop::Run() ipc/chromium/src/base/message_loop.cc:326
62 XUL XRE_InitChildProcess(int, char**, XREChildData const*) toolkit/xre/nsEmbedFunctions.cpp:705
63 plugin-container main ipc/contentproc/plugin-container.cpp:63
64 plugin-container start
these webgl content crashes on osx 10.13 seem to be regressing in firefox 57. they are spread among multiple different signatures all containing mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface in their proto signature.
search query: https://crash-stats.mozilla.com/search/?proto_signature=~mozilla%3A%3Agl%3A%3ASharedSurface_IOSurface%3A%3ASharedSurface_IOSurface&date=>%3D2017-06-01T02%3A00%3A00.000Z&date=<2017-10-31T19%3A34%3A48.000Z&_sort=-date&_facets=signature&_facets=version&_facets=user_comments&_facets=uptime&_facets=adapter_vendor_id&_facets=build_id&_facets=install_time&_facets=platform_pretty_version&_facets=useragent_locale&_facets=release_channel&_facets=cpu_arch&_facets=process_type&_facets=moz_crash_reason&_facets=adapter_device_id&_columns=date&_columns=signature&_columns=product&_columns=version&_columns=build_id&_columns=platform#facet-signature
before bug 1405151 had landed on 57.0b9 this issue has probably shown up with an empty signature...
the issue is mostly confined to two intel gpus and user comments generally reference maps.google.com as the source of their crash
Adapter device id facet
1 0x0126 358 67.80 %
2 0x0116 158 29.92 %
bp-bab35a31-2c57-4998-a37c-af58b0171029 maps.google.com, click on the hamburger in the top left corner, wait
bp-384176cc-52f4-47bb-9655-19c3b0171026 it crash when i start type in map search box :(
bp-208a12cf-9bb3-48d3-8636-533410171025 MAPS doesn't WORK!
bp-2997f3af-daf4-4941-ac04-a63660171024 googlemaps again
bp-8285a0b4-593a-4e3d-85c3-a1d220171018 I had *just* opened maps.google.com
bp-b2d046a4-9345-40ad-a795-7a23f0171018 google maps dont work!!
bp-737a7215-3821-4f3d-b4a6-1ecb00171017 57.0b9 and Google Maps ))
Flags: needinfo?(milan)
Wasn't there a Google Maps issue that recently got resolved? I may be thinking about something else.
Component: Graphics → Canvas: WebGL
Flags: needinfo?(milan) → needinfo?(jgilbert)
Priority: -- → P2
Whiteboard: [gfx-noted]
|
||
Comment 2•7 years ago
|
||
If it helps, I am still seeing this on the current aurora & beta, macos, on an older mac air. Restart & clearing the cache (at kbrosnan's request) did not help either.
|
Reporter | |
Comment 3•7 years ago
|
||
hi allison, can you confirm if this is a new problem in firefox 57. if yes, would it be possible to come up with regression range with the help of http://mozilla.github.io/mozregression/? thank you
Flags: needinfo?(a.m.naaktgeboren)
|
|
Reporter | |
Comment 4•7 years ago
|
||
MacBook Pro & Air models from 2011 seem to be affected by these crashes
|
||
Comment 5•7 years ago
|
||
Not sure if [@ _sigtramp] belongs here or not, but almost all the comments mention crashing using Google Maps. There are crashes present on 57 as well. It doesn't appear in the query that phillip has in Comment 0 so perhaps it is another similar bug.
|
|
Reporter | |
Comment 6•7 years ago
|
||
looks very likely to be related - the report bp-b81c3a1f-5135-475e-82b8-b866a0171027 where the comment says it's crashing everytime when visiting google maps is also from a 2011 macbook air.
|
|
||
Updated•7 years ago
|
Crash Signature: mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72] → mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ _sigtramp]
|
|
Reporter | |
Comment 7•7 years ago
|
||
[Tracking Requested - why for this release]:
this is responsible for a fifth of all macos content crashes after the first day of the 57 rollout. user comments uniformly point to google maps as source of those crashes.
tracking-firefox57:
--- → ?
|
|
||
Comment 8•7 years ago
|
||
Adding another Mac signature which mentions Google maps.
Crash Signature: mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ _sigtramp] → mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ mozilla::gl::SharedSurface_IOSurface::ProducerReleaseImpl]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dyli…
|
|
||
Comment 9•7 years ago
|
||
I dug up my older MacBook pro and updated to 57 final. The first time I loaded Google Maps I got the [@ _sigtramp] signature. The second time I crashed in [@ abort | glDrawArraysInstanced_STD_GL3Exec].
Keywords: reproducible
|
|
||
Comment 10•7 years ago
|
||
Error: WebGL warning: texSubImage2D: Texture has not been initialized prior to a partial upload, forcing the browser to clear it. This may be slow. maps:4106:290
|
|
||
Comment 11•7 years ago
|
||
The first few times I load the tab I get a crash. After that it becomes more difficult to crash. Here are my machine specs:
Application Basics
------------------
Name: Firefox
Version: 59.0a1
Build ID: 20171115100050
Update Channel: nightly
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:59.0) Gecko/20100101 Firefox/59.0
OS: Darwin 16.7.0
Multiprocess Windows: 1/1 (Enabled by default)
Web Content Processes: 2/4
Stylo: content = true (enabled by default), chrome = false (disabled by default)
Google Key: Found
Mozilla Location Service Key: Found
Safe Mode: false
Crash Reports for the Last 3 Days
---------------------------------
Report ID: bp-8168e685-9354-44d6-8e4d-c3cc50171115
Submitted: 10 minutes ago
Report ID: bp-f5250622-1a6d-47b8-a37b-637280171115
Submitted: 11 minutes ago
Report ID: bp-83086af6-e3fc-45f5-8c3b-de05e0171115
Submitted: 20 minutes ago
Report ID: bp-9f95561b-f1fa-487b-846f-1a8bf0171115
Submitted: 20 minutes ago
Report ID: bp-2bbe9539-25ff-43b7-9b9e-d32010171115
Submitted: 30 minutes ago
Report ID: bp-b611818b-dfb7-4c7f-812d-38d6c0171115
Submitted: 32 minutes ago
All Crash Reports
Nightly Features
----------------
Name: Activity Stream
Version: 2017.11.03.1438-bf427ddd
ID: activity-stream@mozilla.org
Name: Application Update Service Helper
Version: 2.0
ID: aushelper@mozilla.org
Name: Firefox Screenshots
Version: 23.0.0
ID: screenshots@mozilla.org
Name: FlyWeb
Version: 1.0.0
ID: flyweb@mozilla.org
Name: Follow-on Search Telemetry
Version: 0.9.6
ID: followonsearch@mozilla.com
Name: Form Autofill
Version: 1.0
ID: formautofill@mozilla.org
Name: Photon onboarding
Version: 1.0
ID: onboarding@mozilla.org
Name: Pocket
Version: 1.0.5
ID: firefox@getpocket.com
Name: Presentation
Version: 1.0.0
ID: presentation@mozilla.org
Name: Shield Recipe Client
Version: 76.1
ID: shield-recipe-client@mozilla.org
Name: Web Compat
Version: 1.1
ID: webcompat@mozilla.org
Name: WebCompat Reporter
Version: 1.0.0
ID: webcompat-reporter@mozilla.org
Extensions
----------
Graphics
--------
Features
Compositing: OpenGL
Asynchronous Pan/Zoom: wheel input enabled; scrollbar drag enabled; keyboard enabled; autoscroll enabled
WebGL 1 Driver WSI Info: CGL
WebGL 1 Driver Renderer: Intel Inc. -- Intel HD Graphics 3000 OpenGL Engine
WebGL 1 Driver Version: 3.3 INTEL-10.2.37
WebGL 1 Driver Extensions: GL_ARB_blend_func_extended GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shading_language_include GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_vertex_type_2_10_10_10_rev GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
WebGL 1 Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_frag_depth EXT_sRGB EXT_shader_texture_lod EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context
WebGL 2 Driver WSI Info: -
WebGL 2 Driver Renderer: WebGL creation failed: * WebGL 2 requires support for the following features: transform_feedback2 * Exhausted GL driver options.
WebGL 2 Driver Version: -
WebGL 2 Driver Extensions: -
WebGL 2 Extensions: -
GPU #1
Active: Yes
Vendor ID: 0x8086
Device ID: 0x0126
Diagnostics
AzureCanvasAccelerated: 1
AzureCanvasBackend: skia
AzureContentBackend: skia
AzureFallbackCanvasBackend: none
TileHeight: 512
TileWidth: 512
Decision Log
WEBRENDER:
opt-in by default: WebRender is an opt-in feature
OMTP:
disabled by default: Disabled by default
blocked by runtime: OMTP does not yet support tiling
Media
-----
Audio Backend: audiounit
Max Channels: 2
Preferred Channel Layout: stereo
Preferred Sample Rate: 44100
Output Devices
Name: Group
Internal Speakers: AppleHDAEngineOutput:1B,0,1,1:0
Input Devices
Name: Group
Internal Microphone: AppleHDAEngineInput:1B,0,1,0:1
Important Modified Preferences
------------------------------
browser.cache.disk.capacity: 358400
browser.cache.disk.filesystem_reported: 1
browser.cache.disk.smart_size.first_run: false
browser.cache.frecency_experiment: 3
browser.places.smartBookmarksVersion: 8
browser.sessionstore.upgradeBackup.latestBuildID: 20171115100050
browser.startup.homepage_override.buildID: 20171115100050
browser.startup.homepage_override.mstone: 59.0a1
browser.tabs.crashReporting.includeURL: true
browser.urlbar.lastSuggestionsPromptDate: 20170828
browser.urlbar.timesBeforeHidingSuggestionsHint: 0
browser.urlbar.usepreloadedtopurls.enabled: false
dom.forms.autocomplete.formautofill: true
extensions.lastAppVersion: 59.0a1
font.internaluseonly.changed: false
media.benchmark.vp9.fps: 88
media.benchmark.vp9.versioncheck: 2
media.gmp-gmpopenh264.abi: x86_64-gcc3
media.gmp-gmpopenh264.lastUpdate: 1510675925
media.gmp-gmpopenh264.version: 1.7.1
media.gmp-manager.buildID: 20171115100050
media.gmp-manager.lastCheck: 1510782866
media.gmp-widevinecdm.abi: x86_64-gcc3
media.gmp-widevinecdm.lastUpdate: 1505687661
media.gmp-widevinecdm.version: 1.4.8.1008
media.gmp.storage.version.observed: 1
network.cookie.prefsMigrated: true
network.predictor.cleaned-up: true
places.database.lastMaintenance: 1510676238
places.history.expiration.transient_current_max_pages: 104858
plugin.disable_full_page_plugin_for_types: application/pdf
security.sandbox.content.tempDirSuffix: {6f2f6530-c788-a043-a96c-fcb61477114b}
services.sync.declinedEngines:
services.sync.engine.addresses.available: true
services.sync.engine.creditcards.available: true
storage.vacuum.last.index: 0
storage.vacuum.last.places.sqlite: 1510676238
Important Locked Preferences
----------------------------
Places Database
---------------
JavaScript
----------
Incremental GC: true
Accessibility
-------------
Activated: false
Prevent Accessibility: 0
Library Versions
----------------
NSPR
Expected minimum version: 4.17
Version in use: 4.17
NSS
Expected minimum version: 3.34 Beta
Version in use: 3.34 Beta
NSSSMIME
Expected minimum version: 3.34 Beta
Version in use: 3.34 Beta
NSSSSL
Expected minimum version: 3.34 Beta
Version in use: 3.34 Beta
NSSUTIL
Expected minimum version: 3.34 Beta
Version in use: 3.34 Beta
Experimental Features
---------------------
Sandbox
-------
Content Process Sandbox Level: 3
Effective Content Process Sandbox Level: 3
Internationalization & Localization
-----------------------------------
Application Settings
Requested Locales: ["en-US"]
Available Locales: ["en-US"]
App Locales: ["en-US"]
Regional Preferences: ["en-US"]
Default Locale: "en-US"
Operating System
System Locales: ["en-US"]
Regional Preferences: ["en-US"]
status-firefox59:
--- → affected
|
||
Updated•7 years ago
|
Flags: needinfo?(mstange)
Flags: needinfo?(jmuizelaar)
|
|
||
Updated•7 years ago
|
Crash Signature: mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ mozilla::gl::SharedSurface_IOSurface::ProducerReleaseImpl]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dyli… → mozilla::gl::SharedSurface_IOSurface::SharedSurface_IOSurface]
[@ mozilla::gl::SharedSurface_IOSurface::ProducerReleaseImpl]
[@ libsystem_c.dylib@0x5d9a2]
[@ libsystem_c.dylib@0x5e6de]
[@ libsystem_kernel.dylib@0x11a1a]
[@ libsystem_kernel.dylib@0x1…
|
||
Comment 12•7 years ago
|
||
Do we have a breakdown of the affected macOS versions?
Flags: needinfo?(mstange)
|
|
Reporter | |
Comment 13•7 years ago
|
||
it's affecting everything from macos 10.9 to 10.13 on MacBook Pro & Air 2011 models
|
|
||
Comment 14•7 years ago
|
||
* _sigtramp - 10.10/10.11/10.12
* libsystem_kernel.dylib@0x10f72 - 10.11
* libsystem_kernel.dylib@0x114de - 10.10
* libsystem_kernel.dylib@0x11a1a - 10.9
* libsystem_c.dylib@0x5e6de - 10.11
* libsystem_c.dylib@0x5d9a2 - 10.10
* mozilla::gl::SharedSurface_IOSurface::ProducerReleaseImpl - 10.13
* abort | glDrawArraysInstanced_STD_GL3Exec - 10.10/10.11/10.12/10.13
* abort | GLEngine@0xb3c13 - 10.11
|
|
||
Comment 15•7 years ago
|
||
Allison, can you check whether there's something in your system console log when this crash happens? If you launch Console.app and go to system.log, that's where I'd expect a message to appear.
I'm looking at this crash report now: https://crash-stats.mozilla.com/report/index/aa0cddd9-d9b7-414e-b811-d760d0171116
It's on 10.12.6 16G29, which is the same as what I have on my machine, so I can compare crash addresses with the libraries on my machine.
9 libsystem_c.dylib abort
Ø 10 AppleIntelHD3000GraphicsGLDriver AppleIntelHD3000GraphicsGLDriver@0x1fc55
Ø 11 AppleIntelHD3000GraphicsGLDriver AppleIntelHD3000GraphicsGLDriver@0x2c2fee
12 GLEngine glDrawArraysInstanced_STD_GL3Exec
Frame 11 is _glrRenderVertexArray
Frame 10 is _glrAppleSyncState
_glrAppleSyncState can abort for many different reasons:
loc_1fb93:
syslog(0x3, "%s: Aborting: error with call to GHAL SP BindPipeline after %d attempts with forceSendState as %d \n", "void glrAppleSyncState(GLDContext, bool)", rcx, var_5C & 0x1 & 0xff);
if (r14 != 0x0) {
syslog(0x4, "Abort cause: we run out of command buffer space\n");
}
if (r15 != 0x0) {
syslog(0x4, "Abort cause: we run out of system memory\n");
}
if (rbx != 0x0) {
syslog(0x4, "Abort cause: we run out of video memory\n");
}
if ((r12 & 0x10000) != 0x0) {
syslog(0x4, "Abort cause: we run out of heap memory\n");
}
if ((r12 & 0x20000) != 0x0) {
syslog(0x4, "Abort cause: we run out of cache memory \n");
}
if ((r12 & 0x40000) != 0x0) {
syslog(0x4, "Abort cause: we run out of stream memory \n");
}
rax = abort();
return rax;
}
|
|
||
Comment 16•7 years ago
|
||
(In reply to Markus Stange [:mstange] from comment #15)
Markus, do you want me to do this or Allison? My machine information is Vendor ID: 0x8086
Device ID: 0x0126 (Macbook Pro) which seems to match the crash report you listed in the previous comment.
|
|
||
Updated•7 years ago
|
Flags: needinfo?(mstange)
|
|
||
Comment 17•7 years ago
|
||
Oh, right, you can reproduce it too! I didn't read the bug very closely, apparently...
I expect the failure reason to be the same across these machines, so if we can get the system log messages from just one of the affected machines, that should probably enough.
(Not enough to fix the problem, but at least enough to know some more about what's going on.)
Flags: needinfo?(mstange) → needinfo?(mozillamarcia.knous)
|
|
||
Comment 18•7 years ago
|
||
So I wanted to update this bug with a few observations. First, I have noticed that I usually crash twice on the site, but rarely a third time using the same profile. When I launch a profile that has already been used, I haven't been able to reproduce the crash on my machine. But if I create a new profile, I can follow the pattern of crashing at least twice.
As far as my System Log, the last few times I ran it I did not see what you had in Comment 15. I can attach the log if it is useful.
Flags: needinfo?(mozillamarcia.knous)
Flags: needinfo?(a.m.naaktgeboren)
|
|
||
Comment 19•7 years ago
|
||
Hmm, then maybe messages from the syslog function go to a different place. I couldn't find a good answer when I was looking for information about it yesterday.
|
|
||
Comment 20•7 years ago
|
||
There are some pretty negative comments in the comments field, and I assume for a lot of folks this is not a great experience using 57 for the first time. Also if you add up all the signatures, this will likely fall into the top crash category.
|
|
||
Updated•7 years ago
|
Crash Signature: libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ _sigtramp] → libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ _sigtramp]
[@ GLEngine@0x1392c2]
|
|
||
Comment 21•7 years ago
|
||
Adding top crash keyword since some quick math puts us well over 2800 crashes in these signatures, which easily puts it in the top 10 overall 57 crashes. I also think we should reconsider fix-optional for 58.
Keywords: topcrash
[Tracking Requested - why for this release]: top crash.
What's the next step here? Anything we can do without the system log?
|
|
||
Comment 23•7 years ago
|
||
I don't know - this is a WebGL issue, so I'd like to hear some ideas from Jeff Gilbert. Jeff, do any of the potential crash reasons listed at the end of comment 15 ring a bell? Could we detect those issues on the Gecko side and do mitigations? Should we blacklist this GPU model and make it use software GL? (Do we even have software GL on Mac?)
Flags: needinfo?(mstange)
|
|
||
Comment 24•7 years ago
|
||
Bug 1379920 landed in 57, and touched some code I see in the stack (not sure if it means anything or not...):
https://hg.mozilla.org/releases/mozilla-beta/annotate/f3271256298d/gfx/layers/CanvasRenderer.h#l150
https://hg.mozilla.org/releases/mozilla-beta/annotate/f3271256298d/gfx/layers/client/ClientCanvasLayer.cpp#l28
Also to confirm this doesn't happen on 56, I just tried on the machine I can reproduce it on 57 with.
|
|
||
Comment 25•7 years ago
|
||
Oh, this is a regression in 57! Then we should really get a precise regression range. Can you do that, Marcia?
|
Assignee | |
Comment 26•7 years ago
|
||
I have high hopes for mozregression.
We don't have a lever to disable this extension from the blocklist; we can only disable webgl entirely. We can also easily cauterize it for affected devices in an update. I'll make a patch to do so tomorrow.
This might also be an accidental change from some of the WebVR changes that I thought was benign, where we wait on a previous surface to be ready now, where we didn't before. I remember looking through 57 for changes that might have caused this and that's one thing that came up. Since the abort sounds like it might be due to a stuck command pipeline, this might actually be relevant.
(In reply to Markus Stange [:mstange] from comment #15)
> Allison, can you check whether there's something in your system console log
> when this crash happens? If you launch Console.app and go to system.log,
> that's where I'd expect a message to appear.
>
> I'm looking at this crash report now:
> https://crash-stats.mozilla.com/report/index/aa0cddd9-d9b7-414e-b811-
> d760d0171116
> It's on 10.12.6 16G29, which is the same as what I have on my machine, so I
> can compare crash addresses with the libraries on my machine.
>
> 9 libsystem_c.dylib abort
> Ø 10 AppleIntelHD3000GraphicsGLDriver
> AppleIntelHD3000GraphicsGLDriver@0x1fc55
> Ø 11 AppleIntelHD3000GraphicsGLDriver
> AppleIntelHD3000GraphicsGLDriver@0x2c2fee
> 12 GLEngine glDrawArraysInstanced_STD_GL3Exec
>
> Frame 11 is _glrRenderVertexArray
> Frame 10 is _glrAppleSyncState
>
> _glrAppleSyncState can abort for many different reasons:
>
> loc_1fb93:
> syslog(0x3, "%s: Aborting: error with call to GHAL SP BindPipeline after
> %d attempts with forceSendState as %d \n", "void
> glrAppleSyncState(GLDContext, bool)", rcx, var_5C & 0x1 & 0xff);
> if (r14 != 0x0) {
> syslog(0x4, "Abort cause: we run out of command buffer space\n");
> }
> if (r15 != 0x0) {
> syslog(0x4, "Abort cause: we run out of system memory\n");
> }
> if (rbx != 0x0) {
> syslog(0x4, "Abort cause: we run out of video memory\n");
> }
> if ((r12 & 0x10000) != 0x0) {
> syslog(0x4, "Abort cause: we run out of heap memory\n");
> }
> if ((r12 & 0x20000) != 0x0) {
> syslog(0x4, "Abort cause: we run out of cache memory \n");
> }
> if ((r12 & 0x40000) != 0x0) {
> syslog(0x4, "Abort cause: we run out of stream memory \n");
> }
> rax = abort();
> return rax;
> }
On how to get at syslog output:
https://stackoverflow.com/questions/380172/reading-syslog-output-on-a-mac
I'll ask around tomorrow for a device to repro on, but while I'm doing that, can you try to pull out any syslog output, Marcia?
Flags: needinfo?(jgilbert) → needinfo?(mozillamarcia.knous)
|
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → jgilbert
Priority: P2 → P1
|
|
||
Comment 27•7 years ago
|
||
Adding the most recent log that I generated this morning (lots of the same messages being repeated). I don't see messages like Marcus did, perhaps there is another file that is logging that info. The info in this attachment is directly from the system.log file.
Flags: needinfo?(mozillamarcia.knous)
|
||
Updated•7 years ago
|
|
|
Assignee | |
Comment 28•7 years ago
|
||
(In reply to Marcia Knous [:marcia - use ni] from comment #27)
> Created attachment 8930481 [details]
> googlemaps.txt
>
> Adding the most recent log that I generated this morning (lots of the same
> messages being repeated). I don't see messages like Marcus did, perhaps
> there is another file that is logging that info. The info in this attachment
> is directly from the system.log file.
Can you run this without e10s? Sandboxing or other fun things might be getting in the way.
If it doesn't repro with e10s off, try turning off sandboxing, in case that's preventing us from writing to the system log file.
:milan: Do we have any 2011 macbook/macbook pros on hand?
Flags: needinfo?(mozillamarcia.knous)
Flags: needinfo?(milan)
|
|
||
Comment 29•7 years ago
|
||
(In reply to Jeff Gilbert [:jgilbert] from comment #28)
> (In reply to Marcia Knous [:marcia - use ni] from comment #27)
> > Created attachment 8930481 [details]
> > googlemaps.txt
> >
> > Adding the most recent log that I generated this morning (lots of the same
> > messages being repeated). I don't see messages like Marcus did, perhaps
> > there is another file that is logging that info. The info in this attachment
> > is directly from the system.log file.
>
> Can you run this without e10s? Sandboxing or other fun things might be
> getting in the way.
>
> If it doesn't repro with e10s off, try turning off sandboxing, in case
> that's preventing us from writing to the system log file.
>
> :milan: Do we have any 2011 macbook/macbook pros on hand?
I turned off e10s on the machine and got a crash - https://crash-stats.mozilla.com/report/index/643019e9-e0a7-4f86-ad8a-0f6db0171122.
As far as turning off Sandboxing, after reading the wiki - https://wiki.mozilla.org/Security/Sandbox#OSX - I am not sure how to completely disable the pref. I guess I can also try turning on sandbox logging to see if anything useful comes up there.
Flags: needinfo?(mozillamarcia.knous)
|
||
Comment 30•7 years ago
|
||
I just get an old MBP 2011 with HD Graphics 3000 from my home, and it can reproduce this bug when visiting Google map. I will dig into this bug tomorrow and give some investigation.
Can Google maps sniff this configuration and fallback on these machines?
Flags: needinfo?(milan)
|
||
Comment 32•7 years ago
|
||
Pretty high, I would be happy to have a fix for the next week dot release.
|
|
Assignee | |
Comment 33•7 years ago
|
||
(In reply to Milan Sreckovic [:milan] from comment #31)
> Can Google maps sniff this configuration and fallback on these machines?
They can sniff the device, yeah. Let's get in touch with them.
|
|
Assignee | |
Comment 34•7 years ago
|
||
(In reply to Marcia Knous [:marcia - use ni] from comment #29)
> (In reply to Jeff Gilbert [:jgilbert] from comment #28)
> > (In reply to Marcia Knous [:marcia - use ni] from comment #27)
> > > Created attachment 8930481 [details]
> > > googlemaps.txt
> > >
> > > Adding the most recent log that I generated this morning (lots of the same
> > > messages being repeated). I don't see messages like Marcus did, perhaps
> > > there is another file that is logging that info. The info in this attachment
> > > is directly from the system.log file.
> >
> > Can you run this without e10s? Sandboxing or other fun things might be
> > getting in the way.
> >
> > If it doesn't repro with e10s off, try turning off sandboxing, in case
> > that's preventing us from writing to the system log file.
> >
> > :milan: Do we have any 2011 macbook/macbook pros on hand?
>
> I turned off e10s on the machine and got a crash -
> https://crash-stats.mozilla.com/report/index/643019e9-e0a7-4f86-ad8a-
> 0f6db0171122.
>
> As far as turning off Sandboxing, after reading the wiki -
> https://wiki.mozilla.org/Security/Sandbox#OSX - I am not sure how to
> completely disable the pref. I guess I can also try turning on sandbox
> logging to see if anything useful comes up there.
Ok, thanks!
Can you try turning webgl.1.allow-core-profiles to false? (changed in bug 1388565 in 57)
Flags: needinfo?(mozillamarcia.knous)
|
|
Assignee | |
Comment 35•7 years ago
|
||
Marcia: Can you also give me a non-e10s crash report with the pref gl.multithreaded:false?
I'm pretty confident the issue is in the instanced draw call, but this would cement that understanding.
|
|
||
Comment 36•7 years ago
|
||
It can resolve the crash after turning `webgl.1.allow-core-profiles` to false, no matter e10s is enable or disable.
|
|
Assignee | |
Comment 37•7 years ago
|
||
:milan:
We should blocklist webgl.1.allow-core-profiles to false for:
Vendor ID: 0x8086
Device ID: 0x0116 and 0x0126
:daoshengmu is looking into the root cause so we can work around the issue.
Flags: needinfo?(mozillamarcia.knous)
Flags: needinfo?(milan)
Flags: needinfo?(jmuizelaar)
|
|
Assignee | |
Comment 38•7 years ago
|
||
Thanks again for your help, Marcia.
|
|
||
Comment 39•7 years ago
|
||
Call stack for now. Sorry for reply late, this old device is very hard to debug. The parameters for fDrawArrays() look like quite normal.
Process 513 stopped
* thread #1: tid = 0x2b3a, 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason = signal SIGABRT
frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
libsystem_kernel.dylib`__pthread_kill:
-> 0x7fff9dc37f06 <+10>: jae 0x7fff9dc37f10 ; <+20>
0x7fff9dc37f08 <+12>: movq %rax, %rdi
0x7fff9dc37f0b <+15>: jmp 0x7fff9dc327cd ; cerror_nocancel
0x7fff9dc37f10 <+20>: retq
(lldb) bt 10
error: 'cbt' is not a valid command.
error: Unrecognized command 'cbt'.
(lldb) bt 10
* thread #1: tid = 0x2b3a, 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason = signal SIGABRT
* frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff95fe44ec libsystem_pthread.dylib`pthread_kill + 90
frame #2: 0x00007fff9cacd6df libsystem_c.dylib`abort + 129
frame #3: 0x000000017e327748 AppleIntelHD3000GraphicsGLDriver`glrAppleSyncState + 741
frame #4: 0x000000017e662056 AppleIntelHD3000GraphicsGLDriver`glrRenderVertexArray + 1004
frame #5: 0x00007fff9073cc14 GLEngine`glDrawArraysInstanced_STD_GL3Exec + 406
frame #6: 0x00007fff9073c40a GLEngine`glDrawArrays_UnpackThread + 36
frame #7: 0x00007fff90794a32 GLEngine`gleCmdProcessor + 77
frame #8: 0x00007fff9a21e40b libdispatch.dylib`_dispatch_client_callout + 8
frame #9: 0x00007fff9a21f9f2 libdispatch.dylib`_dispatch_barrier_sync_f_invoke + 74
(lldb) bt 20
* thread #1: tid = 0x2b3a, 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason = signal SIGABRT
* frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff95fe44ec libsystem_pthread.dylib`pthread_kill + 90
frame #2: 0x00007fff9cacd6df libsystem_c.dylib`abort + 129
frame #3: 0x000000017e327748 AppleIntelHD3000GraphicsGLDriver`glrAppleSyncState + 741
frame #4: 0x000000017e662056 AppleIntelHD3000GraphicsGLDriver`glrRenderVertexArray + 1004
frame #5: 0x00007fff9073cc14 GLEngine`glDrawArraysInstanced_STD_GL3Exec + 406
frame #6: 0x00007fff9073c40a GLEngine`glDrawArrays_UnpackThread + 36
frame #7: 0x00007fff90794a32 GLEngine`gleCmdProcessor + 77
frame #8: 0x00007fff9a21e40b libdispatch.dylib`_dispatch_client_callout + 8
frame #9: 0x00007fff9a21f9f2 libdispatch.dylib`_dispatch_barrier_sync_f_invoke + 74
frame #10: 0x00007fff906dd707 GLEngine`glFinish_ExecThread + 15
frame #11: 0x000000010a7fdf2f XUL`mozilla::gl::GLContext::AfterGLCall(this=0x000000017bba9000, funcName="void mozilla::gl::GLContext::raw_fDrawArrays(GLenum, GLint, GLsizei)") + 47 at GLContext.h:695
frame #12: 0x000000010a836543 XUL`mozilla::gl::GLContext::raw_fDrawArrays(this=0x000000017bba9000, mode=4, first=0, count=6) + 83 at GLContext.h:1095
frame #13: 0x000000010a80bf64 XUL`mozilla::gl::GLContext::fDrawArrays(this=0x000000017bba9000, mode=4, first=0, count=6) + 52 at GLContext.h:1107
frame #14: 0x000000010c5db4ce XUL`mozilla::WebGLContext::DrawArrays(this=0x000000017bfc9000, mode=4, first=0, vertCount=6) + 526 at WebGLContextDraw.cpp:544
frame #15: 0x000000010bf4fc00 XUL`mozilla::dom::WebGLRenderingContextBinding::drawArrays(cx=0x0000000129d27000, obj=Handle<JSObject *> @ 0x00007fff576ca000, self=0x000000017bfc9000, args=0x00007fff576ca068) + 352 at WebGLRenderingContextBinding.cpp:16208
|
|
||
Comment 40•7 years ago
|
||
More info about my hardware, I am curious if it is due to the old AppleIntelHD3000GraphicsGLDriver, my OS X version 10.11. Not sure if upgrading it to OS X 10.13, it would solve this crash.
User Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:57.0) Gecko/20100101 Firefox/57.0
Graphics
Features
Compositing OpenGL
Asynchronous Pan/Zoom wheel input enabled; scrollbar drag enabled; keyboard enabled; autoscroll enabled
WebGL 1 Driver WSI Info CGL
WebGL 1 Driver Renderer Intel Inc. -- Intel HD Graphics 3000 OpenGL Engine
WebGL 1 Driver Version 3.3 INTEL-10.0.51
WebGL 1 Driver Extensions GL_ARB_blend_func_extended GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shading_language_include GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_vertex_type_2_10_10_10_rev GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
WebGL 1 Extensions ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_frag_depth EXT_sRGB EXT_shader_texture_lod EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context MOZ_WEBGL_lose_context MOZ_WEBGL_depth_texture
WebGL 2 Driver WSI Info -
WebGL 2 Driver Renderer WebGL creation failed:
* WebGL 2 requires support for the following features:
transform_feedback2
* Exhausted GL driver options.
WebGL 2 Driver Version -
WebGL 2 Driver Extensions -
WebGL 2 Extensions -
|
|
Assignee | |
Comment 41•7 years ago
|
||
(In reply to Daosheng Mu[:daoshengmu] from comment #39)
> Call stack for now. Sorry for reply late, this old device is very hard to
> debug. The parameters for fDrawArrays() look like quite normal.
>
>
> Process 513 stopped
> * thread #1: tid = 0x2b3a, 0x00007fff9dc37f06
> libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason
> = signal SIGABRT
> frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
> libsystem_kernel.dylib`__pthread_kill:
> -> 0x7fff9dc37f06 <+10>: jae 0x7fff9dc37f10 ; <+20>
> 0x7fff9dc37f08 <+12>: movq %rax, %rdi
> 0x7fff9dc37f0b <+15>: jmp 0x7fff9dc327cd ; cerror_nocancel
> 0x7fff9dc37f10 <+20>: retq
> (lldb) bt 10
> error: 'cbt' is not a valid command.
> error: Unrecognized command 'cbt'.
> (lldb) bt 10
> * thread #1: tid = 0x2b3a, 0x00007fff9dc37f06
> libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason
> = signal SIGABRT
> * frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
> frame #1: 0x00007fff95fe44ec libsystem_pthread.dylib`pthread_kill + 90
> frame #2: 0x00007fff9cacd6df libsystem_c.dylib`abort + 129
> frame #3: 0x000000017e327748
> AppleIntelHD3000GraphicsGLDriver`glrAppleSyncState + 741
> frame #4: 0x000000017e662056
> AppleIntelHD3000GraphicsGLDriver`glrRenderVertexArray + 1004
> frame #5: 0x00007fff9073cc14 GLEngine`glDrawArraysInstanced_STD_GL3Exec
> + 406
> frame #6: 0x00007fff9073c40a GLEngine`glDrawArrays_UnpackThread + 36
> frame #7: 0x00007fff90794a32 GLEngine`gleCmdProcessor + 77
> frame #8: 0x00007fff9a21e40b libdispatch.dylib`_dispatch_client_callout
> + 8
> frame #9: 0x00007fff9a21f9f2
> libdispatch.dylib`_dispatch_barrier_sync_f_invoke + 74
> (lldb) bt 20
> * thread #1: tid = 0x2b3a, 0x00007fff9dc37f06
> libsystem_kernel.dylib`__pthread_kill + 10, queue = 'OpenGLMT', stop reason
> = signal SIGABRT
> * frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
> frame #1: 0x00007fff95fe44ec libsystem_pthread.dylib`pthread_kill + 90
> frame #2: 0x00007fff9cacd6df libsystem_c.dylib`abort + 129
> frame #3: 0x000000017e327748
> AppleIntelHD3000GraphicsGLDriver`glrAppleSyncState + 741
> frame #4: 0x000000017e662056
> AppleIntelHD3000GraphicsGLDriver`glrRenderVertexArray + 1004
> frame #5: 0x00007fff9073cc14 GLEngine`glDrawArraysInstanced_STD_GL3Exec
> + 406
> frame #6: 0x00007fff9073c40a GLEngine`glDrawArrays_UnpackThread + 36
> frame #7: 0x00007fff90794a32 GLEngine`gleCmdProcessor + 77
> frame #8: 0x00007fff9a21e40b libdispatch.dylib`_dispatch_client_callout
> + 8
> frame #9: 0x00007fff9a21f9f2
> libdispatch.dylib`_dispatch_barrier_sync_f_invoke + 74
> frame #10: 0x00007fff906dd707 GLEngine`glFinish_ExecThread + 15
> frame #11: 0x000000010a7fdf2f
> XUL`mozilla::gl::GLContext::AfterGLCall(this=0x000000017bba9000,
> funcName="void mozilla::gl::GLContext::raw_fDrawArrays(GLenum, GLint,
> GLsizei)") + 47 at GLContext.h:695
> frame #12: 0x000000010a836543
> XUL`mozilla::gl::GLContext::raw_fDrawArrays(this=0x000000017bba9000, mode=4,
> first=0, count=6) + 83 at GLContext.h:1095
> frame #13: 0x000000010a80bf64
> XUL`mozilla::gl::GLContext::fDrawArrays(this=0x000000017bba9000, mode=4,
> first=0, count=6) + 52 at GLContext.h:1107
> frame #14: 0x000000010c5db4ce
> XUL`mozilla::WebGLContext::DrawArrays(this=0x000000017bfc9000, mode=4,
> first=0, vertCount=6) + 526 at WebGLContextDraw.cpp:544
> frame #15: 0x000000010bf4fc00
> XUL`mozilla::dom::WebGLRenderingContextBinding::
> drawArrays(cx=0x0000000129d27000, obj=Handle<JSObject *> @
> 0x00007fff576ca000, self=0x000000017bfc9000, args=0x00007fff576ca068) + 352
> at WebGLRenderingContextBinding.cpp:16208
Get a callstack with the pref gl.multithreaded set to false. With gl.multithreaded:true, the parameters of fDrawArrays are not necessarily the parameters that the GL driver is crashing on. It's actually executing deferred commands. gl.multithreaded:false stops this from being asynchronous.
| Comment hidden (mozreview-request) |
|
|
||
Comment 43•7 years ago
|
||
Getting a very similar callstack after setting `gl.multithreaded` to false.
* thread #1: tid = 0x5f557, 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10, queue = 'com.apple.main-thread', stop reason = signal SIGABRT
* frame #0: 0x00007fff9dc37f06 libsystem_kernel.dylib`__pthread_kill + 10
frame #1: 0x00007fff95fe44ec libsystem_pthread.dylib`pthread_kill + 90
frame #2: 0x00007fff9cacd6df libsystem_c.dylib`abort + 129
frame #3: 0x0000000180227748 AppleIntelHD3000GraphicsGLDriver`glrAppleSyncState + 741
frame #4: 0x0000000180562056 AppleIntelHD3000GraphicsGLDriver`glrRenderVertexArray + 1004
frame #5: 0x00007fff9074d1a7 GLEngine`glDrawArrays_ACC_GL3Exec + 285
frame #6: 0x000000010a289183 XUL`mozilla::gl::GLContext::raw_fDrawArrays(this=0x000000017dbf6000, mode=4, first=0, count=6) + 67 at GLContext.h:1094
frame #7: 0x000000010a25ebb4 XUL`mozilla::gl::GLContext::fDrawArrays(this=0x000000017dbf6000, mode=4, first=0, count=6) + 52 at GLContext.h:1107
frame #8: 0x000000010c02e3de XUL`mozilla::WebGLContext::DrawArrays(this=0x000000017db97800, mode=4, first=0, vertCount=6) + 526 at WebGLContextDraw.cpp:544
frame #9: 0x000000010b9a2850 XUL`mozilla::dom::WebGLRenderingContextBinding::drawArrays(cx=0x0000000129727000, obj=Handle<JSObject *> @ 0x00007fff57c79db0, self=0x000000017db97800, args=0x00007fff57c79e18) + 352 at WebGLRenderingContextBinding.cpp:16208
I think there should be other things like vertex buffer, textures can be investigated.
|
|
||
Updated•7 years ago
|
Crash Signature: libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ _sigtramp]
[@ GLEngine@0x1392c2] → libsystem_kernel.dylib@0x114de]
[@ libsystem_kernel.dylib@0x10f72]
[@ libsystem_c.dylib@0x5e6e6]
[@ libsystem_c.dylib@0x5d9aa]
[@ libsystem_c.dylib@0x5db52]
[@ _sigtramp]
[@ GLEngine@0x1392c2]
|
|
Assignee | |
Comment 44•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
https://reviewboard.mozilla.org/r/202760/#review208278
::: dom/canvas/WebGLContext.cpp:716
(Diff revision 1)
> } else if (!gfxPrefs::WebGL1AllowCoreProfile()) {
> flags |= gl::CreateContextFlags::REQUIRE_COMPAT_PROFILE;
> }
>
> +#ifdef XP_MACOSX
> + const nsCOMPtr<nsIGfxInfo> gfxInfo = services::GetGfxInfo();
Fix the indentation.
::: dom/canvas/WebGLContext.cpp:724
(Diff revision 1)
> + // Avoid crash for Intel HD Graphics 3000 on OSX. (Bug 1413269)
> + gfxInfo->GetAdapterVendorID(vendorID);
> + gfxInfo->GetAdapterDeviceID(deviceID);
> + if (vendorID.EqualsLiteral("0x8086") &&
> + (deviceID.EqualsLiteral("0x0116") || deviceID.EqualsLiteral("0x0126"))) {
> + flags |= gl::CreateContextFlags::REQUIRE_COMPAT_PROFILE;
This should be written:
if (vendorID.EqualsLiteral("0x8086") &&
(deviceID.EqualsLiteral("0x0116") || deviceID.EqualsLiteral("0x0126")))
{
flags |= gl::CreateContextFlags::REQUIRE_COMPAT_PROFILE;
}
Attachment #8931610 -
Flags: review?(jgilbert) → review+
|
|
Assignee | |
Comment 45•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
https://reviewboard.mozilla.org/r/202760/#review208280
::: commit-message-3f5d4:1
(Diff revision 1)
> +Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX; r?jgilbert
s/; /. - /
| Comment hidden (mozreview-request) |
|
||
Comment 47•7 years ago
|
||
Pushed by dmu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2cf59fd28433
Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. - r=jgilbert
|
||
Comment 48•7 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
|
|
||
Comment 49•7 years ago
|
||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
Approval Request Comment
[Feature/Bug causing the regression]: Bug 1388565 causing Google map crash for OSX with Intel Graphics 3000.
[User impact if declined]: Google map crash continue to crash on OSX with Intel HD Graphics 3000.
[Is this code covered by automated tests?]: this only happens crashes on the specific hardware, we don't have this kind of devices for auto-tests.
[Has the fix been verified in Nightly?]: Yes. I verified it with my own machine (OSX with HD graphics 3000)
[Needs manual test from QE? If yes, steps to reproduce]: nope.
[List of other uplifts needed for the feature/fix]: nope.
[Is the change risky?]: no risky.
[Why is the change risky/not risky?]: This is a medicine for this top crash.
[String changes made/needed]: nope.
It has affected FF 57(release) version, we should uplift it to the release channel as well because this is a top crash.
Attachment #8931610 -
Flags: approval-mozilla-beta?
|
||
Comment 50•7 years ago
|
||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
Fix a Google map crash for OSX with Intel Graphics 3000 platform which is very bad. Beta58+.
Attachment #8931610 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
||
Comment 51•7 years ago
|
||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
Approval Request Comment
[Feature/Bug causing the regression]: Bug 1388565 causing Google map crash for OSX with Intel Graphics 3000.
[User impact if declined]: Google map continue to crash on OSX with Intel HD Graphics 3000.
[Is this code covered by automated tests?]: This only happens crashes on the specific hardware, we don't have this kind of devices for auto-tests.
[Has the fix been verified in Nightly?]: Yes. I verified it with my own machine (OSX with HD graphics 3000)
[Needs manual test from QE? If yes, steps to reproduce]: nope.
[List of other uplifts needed for the feature/fix]: nope.
[Is the change risky?]: no risky.
[Why is the change risky/not risky?]: This is the medicine for this top crash.
[String changes made/needed]: nope.
Attachment #8931610 -
Flags: approval-mozilla-release?
|
|
||
Comment 52•7 years ago
|
||
Comment on attachment 8931610 [details]
Bug 1413269 - Apply REQUIRE_COMPAT_PROFILE flag for WebGL 1 on Intel HD Grahpics 3000 on OSX. -
Pretty high volume on release, taking it.
Attachment #8931610 -
Flags: approval-mozilla-release? → approval-mozilla-release+
|
|
||
Comment 53•7 years ago
|
||
| uplift | ||
|
||
Comment 54•7 years ago
|
||
The signature '_sigtramp' is reappearing (30 crashes) in nightly 59 starting with buildid 20171127220446 (see [1]).
:jgilbert, should I file a new bug ?
[1] http://bit.ly/2j094W2
Flags: needinfo?(jgilbert)
|
|
||
Comment 55•7 years ago
|
||
Wow. the crash of `_sigtramp` is not only happened on Intel graphics card, but also happened on Nvidia. We need an another patch to fix it.
|
|
||
Comment 56•7 years ago
|
||
Those might well be unrelated, the few ones I looked at don't seem GL related, with "CSignatureTool: No proper signature could be created because no good data for the crashing thread was found" complaints from breakpad.
|
|
Assignee | |
Comment 57•7 years ago
|
||
(In reply to Calixte Denizet (:calixte) from comment #54)
> The signature '_sigtramp' is reappearing (30 crashes) in nightly 59 starting
> with buildid 20171127220446 (see [1]).
> :jgilbert, should I file a new bug ?
>
> [1] http://bit.ly/2j094W2
File a new bug that depends on this bug.
Flags: needinfo?(jgilbert)
|
|
Assignee | |
Updated•7 years ago
|
Flags: needinfo?(milan)
You need to log in
before you can comment on or make changes to this bug.
Description
•