Crash [@ cairo_d2d_present_backbuffer] when opening large select




8 years ago
7 years ago


(Reporter: Martijn Wargers (zombie), Assigned: bas)


({crash, testcase, topcrash})

Windows 7
crash, testcase, topcrash
Dependency tree / graph

Firefox Tracking Flags

(blocking2.0 final+)


(crash signature)


(3 attachments, 1 obsolete attachment)



8 years ago
Created attachment 429631 [details]

In about:config, you have to set:

To reproduce, open the testcase, then click on the large select.
0  	xul.dll  	cairo_d2d_present_backbuffer  	 gfx/cairo/cairo/src/cairo-d2d-surface.cpp:419
1 	xul.dll 	gfxD2DSurface::Present 	gfx/thebes/src/gfxD2DSurface.cpp:63
2 	xul.dll 	xul.dll@0x3fc61f 	
3 	xul.dll 	nsWindow::ProcessMessage 	widget/src/windows/nsWindow.cpp:4085
4 	xul.dll 	nsWindow::WindowProc 	widget/src/windows/nsWindow.cpp:3777
5 	user32.dll 	InternalCallWinProc 	
6 	user32.dll 	UserCallWinProcCheckWow 	
7 	user32.dll 	DispatchClientMessage 	
8 	user32.dll 	__fnDWORD 	
9 	ntdll.dll 	KiUserCallbackDispatcher 	
10 	ntdll.dll 	KiUserApcDispatcher 	
11 	user32.dll 	DispatchMessageW 	
12 	xul.dll 	nsBaseAppShell::OnProcessNextEvent 	widget/src/xpwidgets/nsBaseAppShell.cpp:311
13 	xul.dll 	nsThread::ProcessNextEvent 	xpcom/threads/nsThread.cpp:508
14 	xul.dll 	mozilla::ipc::MessagePump::Run 	ipc/glue/MessagePump.cpp:142
15 	xul.dll 	xul.dll@0x98c213 	
16 	xul.dll 	MessageLoop::RunInternal 	ipc/chromium/src/base/
17 	xul.dll 	MessageLoop::RunHandler 	ipc/chromium/src/base/
18 	xul.dll 	_IsNonwritableInCurrentImage 	
19 	xul.dll 	MessageLoop::Run 	ipc/chromium/src/base/
20 	xul.dll 	nsBaseAppShell::Run 	widget/src/xpwidgets/nsBaseAppShell.cpp:174
21 	xul.dll 	nsAppShell::Run 	widget/src/windows/nsAppShell.cpp:239

Comment 1

8 years ago
This is a tricky problem. It creates a native widget for the select box which will be 40 000 pixels wide. The graphics hardware cannot create a surface for this. One 'quick fix' would be to create a Win32 surface if we fail to create a D2D one.

Comment 2

8 years ago
Created attachment 429640 [details] [diff] [review]
Cap window width/height at 4096 pixels

Roc suggested just capping the window width/height. Well, that's what this patch does! 4096x4096 we can always support on D3D10 9_Level_3 and up.

Not sure yet if this is the right thing to do? But we'll need something like this if we want layers to work as well. Or fallback to software for larger windows.
Assignee: nobody → bas.schouten
Comment on attachment 429640 [details] [diff] [review]
Cap window width/height at 4096 pixels

+  mBounds.width  = NS_MIN<PRInt32>(4096, aWidth);
+  mBounds.height = NS_MIN<PRInt32>(4096, aHeight);

Do this earlier, before we call ResizeTranslucentWindow
Also, the testcase should be landed as a mochitest or crashtest.
It would be nice to have a symbolic constant and a coment explaining where 4096 comes from instead of hard coding it everywhere.
We should probably limit this to eWindowType_popup for now.

Comment 7

8 years ago
Created attachment 429653 [details] [diff] [review]
Cap popup width/height at 4096 pixels

Only cap popup windows, and fix other comments.
Attachment #429640 - Attachment is obsolete: true
How about we have a helper function in nsWindow, say nsWindow::ClampSize(nsIntSize* aSize)?

Comment 9

8 years ago
Sizes are given in different object types each time though.
They should all just use nsIntSize.

Comment 11

8 years ago
Created attachment 432783 [details]
testcase2, crashes on print preview

I guess the patch wouldn't fix this case, which crashes on print preview.


8 years ago
blocking2.0: --- → ?
blocking2.0: ? → final+
This is happening to me if I switch graphics cards on my laptop.
#4 topcrash on b5.
Keywords: topcrash


8 years ago
Blocks: 595990

Comment 14

8 years ago
This should not be confused with the top crasher on Beta 5. That has a similar signature but in most cases appears to occur because of device losses as far as I can see.

Comment 15

8 years ago
This bug was filed back in March but this is really something different with the same signature. So should we file another bug for the top crash?

Comment 16

8 years ago
This bug in theory still kind of exists, and the fix is still the same, but it's unrelated to the b5 top crash. That top crash will no longer exist in beta7 unless people use a rare combination of preferences or hardware.

Comment 17

8 years ago
I believe this should take practically no time, we should fix this by avoiding ever using this codepath before final.
Last Resolved: 8 years ago
Resolution: --- → WORKSFORME
Crash Signature: [@ cairo_d2d_present_backbuffer]
You need to log in before you can comment on or make changes to this bug.