Closed Bug 1676678 Opened 4 years ago Closed 1 year ago

Crash in [@ smallvec::SmallVec<T>::reserve]

Categories

(Core :: Graphics: WebRender, defect, P3)

Product:
Core
Component:
Graphics: WebRender
Platform:
Unspecified
macOS
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: sg, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/fd20b386-eef1-4cf9-a55f-880440201022

MOZ_CRASH Reason: capacity overflow

Top 10 frames of crashing thread:

0 XUL RustMozCrash mozglue/static/rust/wrappers.cpp:17
1 XUL mozglue_static::panic_hook mozglue/static/rust/lib.rs:89
2 XUL core::ops::function::Fn::call src/libcore/ops/function.rs:72
3 XUL std::panicking::rust_panic_with_hook src/libstd/panicking.rs:474
4 XUL rust_begin_unwind src/libstd/panicking.rs:378
5 XUL core::panicking::panic_fmt src/libcore/panicking.rs:85
6 XUL core::panicking::panic src/libcore/panicking.rs:52
7 XUL smallvec::SmallVec<A>::reserve third_party/rust/smallvec/src/lib.rs:833
8 XUL webrender::picture::PicturePrimitive::take_context gfx/wr/webrender/src/picture.rs:5417
9 XUL webrender::prepare::prepare_primitives gfx/wr/webrender/src/prepare.rs:105

Only a few reports on Nightly. Not sure if this is seen on MacOS only because the signature would be different on other platforms.

Volume seems to be increasing since build id 20201013214351. Maybe a regression from Bug 1659418 ?

Flags: needinfo?(dmalyshau)
Severity: -- → S3
Priority: -- → P3

The code does frame_state.render_tasks.add_dependency(), which means the SmallVec::reserve is always called with the argument of (1) for this crash. It's hard to see how that could cause CollectionAllocErr::CapacityOverflow in smallvec, other than if the internal state is busted entirely:

        let new_cap = len
            .checked_add(additional)
            .and_then(usize::checked_next_power_of_two)
            .ok_or(CollectionAllocErr::CapacityOverflow)?;

It doesn't appear to be related to my changes (directly, at least).

Flags: needinfo?(dmalyshau)

Sounds similar to bug 1670575

which is thought to be caused by bug 1665411

Blocks: wr-mac

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.