Closed
Bug 1447428
Opened 6 years ago
Closed 6 years ago
Crash in mozilla::gfx::DrawTargetD2D1::DrawFilter
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
FIXED
mozilla61
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox59 | --- | wontfix |
| firefox60 | --- | fixed |
| firefox61 | --- | fixed |
People
(Reporter: philipp, Assigned: rhunt)
Details
(Keywords: crash, regression, Whiteboard: [gfx-noted])
Crash Data
Attachments
(1 file)
|
999 bytes,
patch
|
bas.schouten
:
review+
RyanVM
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-48b5b0ea-a187-4d21-a76b-d56840180317. ============================================================= Top 10 frames of crashing thread: 0 xul.dll mozilla::gfx::DrawTargetD2D1::DrawFilter gfx/2d/DrawTargetD2D1.cpp:239 1 xul.dll mozilla::gfx::DrawFilterCommand::ExecuteOnDT gfx/2d/DrawCommands.h:212 2 xul.dll mozilla::gfx::DrawTargetCaptureImpl::ReplayToDrawTarget gfx/2d/DrawTargetCapture.cpp:347 3 xul.dll mozilla::gfx::DrawTarget::DrawCapturedDT gfx/2d/DrawTarget.cpp:187 4 xul.dll mozilla::layers::PaintThread::AsyncPaintContents gfx/layers/PaintThread.cpp:333 5 xul.dll mozilla::detail::RunnableFunction<<lambda_a689607eeabb0cdd3694b3306746dc18> >::Run xpcom/threads/nsThreadUtils.h:529 6 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1040 7 xul.dll NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:517 8 xul.dll mozilla::ipc::MessagePumpForNonMainThreads::Run ipc/glue/MessagePump.cpp:364 9 xul.dll MessageLoop::RunHandler ipc/chromium/src/base/message_loop.cc:319 ============================================================= the volume of this windows content crash is increasing during firefox 59 - could this be in relation to bug 1422475? Correlations for Firefox Release (95.10% in signature vs 00.07% overall) GFX_ERROR "Failed to create effect for FilterType: " = true (25.49% in signature vs 01.05% overall) GFX_ERROR "(gfxWindowsPlatform) scheduled device update." = true (100.0% in signature vs 26.06% overall) "D2D1.1+" in app_notes = true [100.0% vs 59.41% if process_type = content] (24.51% in signature vs 00.91% overall) GFX_ERROR "[D2D1.1] 4CreateBitmap failure " = true (24.51% in signature vs 01.08% overall) GFX_ERROR "(gfxWindowsPlatform) Detected device reset: " = true (21.57% in signature vs 00.98% overall) Module "d3d10_1core.dll" = true (18.63% in signature vs 00.36% overall) useragent_locale = ro
That "failed to create effect for FilterType" is a clue, when CreateEffect fails in FilterNodeD2D1::Create with error code D2DERR_RECREATE_TARGET. Or is this just a different signature for what used to happen on main thread before? We don't accidentally cast to FilterNodeD2D1 where it was some other type?
Assignee: nobody → rhunt
Flags: needinfo?(milan) → needinfo?(bas)
|
Assignee | |
Comment 3•6 years ago
|
||
This looks like we're missing a null check in DrawFilterCommand for when the FilterNodeCapture is unable to create a FilterNodeD2D1 for some reason. Normally this would be caught on the content side before the draw commands are created.
Flags: needinfo?(bas)
|
|
Assignee | |
Comment 4•6 years ago
|
||
Attachment #8962438 -
Flags: review?(bas)
|
|
Assignee | |
Updated•6 years ago
|
Whiteboard: [gfx-noted]
|
||
Comment 5•6 years ago
|
||
Comment on attachment 8962438 [details] [diff] [review] filter-validate.patch Review of attachment 8962438 [details] [diff] [review]: ----------------------------------------------------------------- I wonder what causes this.
Attachment #8962438 -
Flags: review?(bas) → review+
Pushed by rhunt@eqrion.net: https://hg.mozilla.org/integration/mozilla-inbound/rev/e35a96b1fab7 Check if FilterNodeCapture was able to successfully validate (bug 1447428, r=bas)
|
||
Comment 7•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/e35a96b1fab7
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
|
Reporter | |
Comment 8•6 years ago
|
||
thanks for the patch, could you request an uplift to beta if you deem fit to do so?
Flags: needinfo?(rhunt)
|
|
Assignee | |
Comment 9•6 years ago
|
||
Comment on attachment 8962438 [details] [diff] [review] filter-validate.patch Approval Request Comment [Feature/Bug causing the regression]: Missing null check [User impact if declined]: A device reset or filter creation failure at the right time can cause a crash [Is this code covered by automated tests?]: No [Has the fix been verified in Nightly?]: Yes [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: None [Is the change risky?]: No [Why is the change risky/not risky?]: It just adds a null check [String changes made/needed]: None
Flags: needinfo?(rhunt)
Attachment #8962438 -
Flags: approval-mozilla-beta?
|
||
Comment 10•6 years ago
|
||
Comment on attachment 8962438 [details] [diff] [review] filter-validate.patch Added null check to fix a crash. Approved for 60.0b9.
Attachment #8962438 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
||
Comment 11•6 years ago
|
||
| bugherder uplift | ||
https://hg.mozilla.org/releases/mozilla-beta/rev/d12219f7d74b
You need to log in
before you can comment on or make changes to this bug.
Description
•