Closed
Bug 439343
Opened 16 years ago
Closed 16 years ago
Crash [@ _moz_cairo_surface_set_device_offset ] with text-shadow, large text-indent, font-size and letter-spacing
Categories
(Core :: Graphics, defect)
Tracking
()
VERIFIED
FIXED
mozilla1.9.1a1
People
(Reporter: martijn.martijn, Assigned: ventnor.bugzilla)
References
Details
(Keywords: crash, regression, testcase)
Crash Data
Attachments
(2 files, 2 obsolete files)
|
2.05 KB,
text/html
|
Details | |
|
620 bytes,
patch
|
Details | Diff | Splinter Review |
See testcase, which crashes current trunk build for me. Without the use of text-shadow, it doesn't crash for me, so I guess this is a regression from bug 10713, somehow. http://crash-stats.mozilla.com/report/index/5d51bf54-3b0a-11dd-8795-001cc45a2c28?p=1 0 xul.dll _moz_cairo_surface_set_device_offset cairo-surface.c:823 1 xul.dll gfxASurface::SetDeviceOffset gfxASurface.cpp:220 2 xul.dll nsContextBoxBlur::Init nsCSSRendering.cpp:4813 3 xul.dll nsTextFrame::PaintOneShadow nsTextFrameThebes.cpp:3995 4 xul.dll nsTextFrame::PaintText nsTextFrameThebes.cpp:4279 5 xul.dll nsDisplayText::Paint nsTextFrameThebes.cpp:3537 6 xul.dll nsDisplayList::Paint nsDisplayList.cpp:296 7 xul.dll nsDisplayClip::Paint nsDisplayList.cpp:880 8 xul.dll nsDisplayList::Paint nsDisplayList.cpp:296 9 xul.dll nsDisplayClip::Paint nsDisplayList.cpp:880 10 xul.dll nsDisplayList::Paint nsDisplayList.cpp:296 11 xul.dll nsLayoutUtils::PaintFrame nsLayoutUtils.cpp:988 12 xul.dll PresShell::Paint nsPresShell.cpp:5413 13 xul.dll nsViewManager::RenderViews nsViewManager.cpp:614 14 xul.dll nsViewManager::Refresh nsViewManager.cpp:502 15 xul.dll xul.dll@0x30975d 16 xul.dll HandleEvent nsView.cpp:168 17 xul.dll nsWindow::DispatchEvent nsWindow.cpp:985 18 xul.dll nsWindow::DispatchWindowEvent nsWindow.cpp:1010 19 xul.dll xul.dll@0x2fb0ec 20 xul.dll nsWindow::ProcessMessage nsWindow.cpp:4288 21 xul.dll nsWindow::WindowProc nsWindow.cpp:1200 22 user32.dll InternalCallWinProc 23 user32.dll UserCallWinProcCheckWow 24 user32.dll DispatchClientMessage 25 user32.dll __fnDWORD 26 ntdll.dll KiUserCallbackDispatcher 27 xul.dll nsCxPusher::Push 28 user32.dll DispatchMessageW 29 xul.dll nsAppShell::ProcessNextNativeEvent nsAppShell.cpp:148
|
Assignee | |
Comment 1•16 years ago
|
||
Looks like a Cairo bug. I'll try to see if there are any sore spots; vlad, could you also try to have a look?
|
|
Assignee | |
Comment 2•16 years ago
|
||
Got it. We're getting an invalid surface due to the ridiculous values, and simple GFX API's don't do safety checking obviously for perf reasons. Cairo was dereferencing a null pointer. This fixes it by making it public whether the surface is valid or not.
Assignee: nobody → ventnor.bugzilla
Status: NEW → ASSIGNED
Attachment #325209 -
Flags: superreview?(roc)
Attachment #325209 -
Flags: review?(roc)
Comment on attachment 325209 [details] [diff] [review] Patch I'll let Vlad take this to make sure he's OK with the API.
Attachment #325209 -
Flags: superreview?(vladimir)
Attachment #325209 -
Flags: superreview?(roc)
Attachment #325209 -
Flags: review?(vladimir)
Attachment #325209 -
Flags: review?(roc)
Just use CairoStatus() that's already there -- see http://hg.mozilla.org/mozilla-central/index.cgi/file/5034371d2778/gfx/thebes/src/gfxASurface.cpp#l272 . Check mImageSurface->CairoStatus() != 0 to see if there's an error/invalid surface. Not ideal, but it's what's used in a few other places now.. we don't have anything good in place for dealing with errors there.
|
|
Assignee | |
Comment 5•16 years ago
|
||
Attachment #325209 -
Attachment is obsolete: true
Attachment #325225 -
Flags: superreview?(vladimir)
Attachment #325225 -
Flags: review?(vladimir)
Attachment #325209 -
Flags: superreview?(vladimir)
Attachment #325209 -
Flags: review?(vladimir)
|
||
Updated•16 years ago
|
Summary: Crash [@ _moz_cairo_surface_set_device_offset ] with text-shadow, large text-indent, font-size and letters-spacing → Crash [@ _moz_cairo_surface_set_device_offset ] with text-shadow, large text-indent, font-size and letter-spacing
|
|
Assignee | |
Comment 6•16 years ago
|
||
Comment on attachment 325225 [details] [diff] [review] Patch 2 Throwing to roc since no API change is needed anymore.
Attachment #325225 -
Flags: superreview?(vladimir)
Attachment #325225 -
Flags: superreview?(roc)
Attachment #325225 -
Flags: review?(vladimir)
Attachment #325225 -
Flags: review?(roc)
Comment on attachment 325225 [details] [diff] [review] Patch 2 + if (!mImageSurface || mImageSurface->CairoStatus() != 0) lose the "!= 0"
Attachment #325225 -
Flags: superreview?(roc)
Attachment #325225 -
Flags: superreview+
Attachment #325225 -
Flags: review?(roc)
Attachment #325225 -
Flags: review+
|
|
Assignee | |
Comment 8•16 years ago
|
||
Attachment #325225 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•16 years ago
|
Keywords: checkin-needed
|
||
Comment 9•16 years ago
|
||
Pushed as changeset 15714:1b378971708e.
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Flags: in-testsuite?
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.1a1
|
Reporter | |
Comment 10•16 years ago
|
||
Well, the testcase doesn't crash anymore, but it is now massively slow with current trunk build and using a lot of memory.
|
|
Reporter | |
Comment 11•16 years ago
|
||
Anyway, no crash anymore, so this is fixed. Verified fixed, using: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1a1pre) Gecko/2008071504 Minefield/3.1a1pre
Status: RESOLVED → VERIFIED
|
||
Updated•13 years ago
|
Crash Signature: [@ _moz_cairo_surface_set_device_offset ]
|
||
Comment 12•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/3cb00994014f
Flags: in-testsuite? → in-testsuite+
You need to log in
before you can comment on or make changes to this bug.
Description
•