Closed Bug 1514747 Opened 5 years ago Closed 4 years ago

Crash in sse2::memsetT<T>

Categories

(Core :: Graphics, defect, P3)

Product:
Core
Component:
Graphics
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: gsvelto, Unassigned)

Details

(Keywords: crash, regression, Whiteboard: [gfx-noted])

Crash Data

This bug was filed from the Socorro interface and is
report bp-2f56ed96-5c71-468f-9087-3524b0181216.
=============================================================

Top 10 frames of crashing thread:

0 libxul.so void sse2::memsetT<unsigned int> gfx/skia/skia/src/opts/SkNx_sse.h:380
1 libxul.so SkDraw::drawPaint const gfx/skia/skia/src/core/SkDraw.cpp:181
2 libxul.so SkBitmapDevice::drawPaint gfx/skia/skia/src/core/SkBitmapDevice.cpp:372
3 libxul.so SkCanvas::internalDrawPaint gfx/skia/skia/src/core/SkCanvas.cpp:1938
4 libxul.so SkCanvas::drawPaint gfx/skia/skia/src/core/SkCanvas.cpp:1624
5 libxul.so mozilla::gfx::DrawTargetSkia::ClearRect gfx/skia/skia/src/core/SkCanvas.cpp:2671
6 libxul.so mozilla::dom::CanvasRenderingContext2D::EnsureTarget dom/canvas/CanvasRenderingContext2D.cpp:1585
7 libxul.so mozilla::dom::CanvasRenderingContext2D::TransformWillUpdate dom/canvas/CanvasRenderingContext2D.cpp:3412
8 libxul.so mozilla::dom::CanvasRenderingContext2D::Translate dom/canvas/CanvasRenderingContext2D.cpp:2076
9 libxul.so mozilla::dom::CanvasRenderingContext2D_Binding::translate dom/bindings/CanvasRenderingContext2DBinding.cpp:6784

=============================================================

On Linux Skia is doing an aligned SSE2 vector store to an address that is not aligned to a 16-bytes boundary (all crashing addresses end with 8). On Windows the crashing address seems bogus but it's unclear if it's a different issue or it's the same problem and we're not retrieving the crashing address correctly.
This looks like a regression of unknown origin (possibly in the Canvas 2D code) that caused us to spike in Linux crashes since December 13 with the changeover to 66 nightly. Previously we weren't seeing Linux crashes for this. We would need to identify what change is most likely causative.
Keywords: regression
OS: Linux → Unspecified
Priority: -- → P3
Whiteboard: [gfx-noted]
It should be noted all these crashes appear to be coming from a single user in particular running under WebRender. So this may not necessarily represent a regression.

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.