Closed
Bug 559070
Opened 14 years ago
Closed 6 years ago
don't use mD2DWindowSurface if Init fails [@ cairo_d2d_scroll]
Categories
(Core :: Widget: Win32, defect)
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: timeless, Assigned: bas.schouten)
References
Details
(Keywords: crash)
Crash Data
437 #ifdef CAIRO_HAS_D2D_SURFACE 438 if (!targetSurface && 439 IsRenderMode(gfxWindowsPlatform::RENDER_DIRECT2D)) 440 { 441 if (!mD2DWindowSurface) { 442 mD2DWindowSurface = new gfxD2DSurface(mWnd); 443 } please don't do this if the surface is unhappy: 444 targetSurface = mD2DWindowSurface; 445 } 446 #endif and please don't return this if surface is unhappy: 2942 gfxASurface *nsWindow::GetThebesSurface() 2952 #ifdef CAIRO_HAS_D2D_SURFACE 2955 return (new gfxD2DSurface(mWnd)); 40 gfxD2DSurface::gfxD2DSurface(HWND aWnd) 42 Init(cairo_d2d_surface_create_for_hwnd(aWnd)); 45 gfxD2DSurface::gfxD2DSurface(cairo_surface_t *csurf) 47 Init(csurf, PR_TRUE); 50 gfxD2DSurface::gfxD2DSurface(const gfxIntSize& size, 51 gfxImageFormat imageFormat) 53 Init(cairo_d2d_surface_create((cairo_format_t)imageFormat, size.width, size.height)); 212 gfxASurface::Init(cairo_surface_t* surface, PRBool existingSurface) 213 { 214 if (cairo_surface_status(surface)) { 215 // the surface has an error on it 216 mSurfaceValid = PR_FALSE; 217 cairo_surface_destroy(surface); 218 return; please let this succeed instead: 2958 return (new gfxWindowsSurface(mWnd)); 2373 nsWindow::Scroll(const nsIntPoint& aDelta, 2477 #ifdef CAIRO_HAS_D2D_SURFACE 2478 if (mD2DWindowSurface) { 2479 mD2DWindowSurface->Scroll(aDelta, affectedRect); 67 gfxD2DSurface::Scroll(const nsIntPoint &aDelta, const nsIntRect &aClip) 74 cairo_d2d_scroll(CairoSurface(), aDelta.x, aDelta.y, &rect); this returns null: 104 cairo_surface_t *CairoSurface() { 105 NS_ASSERTION(mSurface != nsnull, "gfxASurface::CairoSurface called with mSurface == nsnull!"); 106 return mSurface; this crashes: 2295 void cairo_d2d_scroll(cairo_surface_t *surface, int x, int y, cairo_rectangle_t *clip) 2297 if (surface->type != CAIRO_SURFACE_TYPE_D2D) { Signature cairo_d2d_scroll UUID 4df78131-4c86-4f27-beb2-5a0f62100412 Time 2010-04-12 12:17:25.857379 Uptime 72953 Last Crash 206926 seconds before submission Product Firefox Version 3.7a5pre Build ID 20100411035843 Branch 1.9.3 OS Windows NT OS Version 6.1.7600 CPU x86 CPU Info GenuineIntel family 6 model 23 stepping 6 Crash Reason EXCEPTION_ACCESS_VIOLATION Crash Address 0x4 User Comments Processor Notes Crashing Thread Frame Module Signature [Expand] Source 0 xul.dll cairo_d2d_scroll gfx/cairo/cairo/src/cairo-d2d-surface.cpp:2280 1 xul.dll gfxD2DSurface::Scroll gfx/thebes/src/gfxD2DSurface.cpp:74 2 xul.dll nsWindow::Scroll widget/src/windows/nsWindow.cpp:2479 3 xul.dll nsGfxScrollFrameInner::ScrollVisual layout/generic/nsGfxScrollFrame.cpp:1718 4 xul.dll nsGfxScrollFrameInner::ScrollToImpl 5 xul.dll nsGfxScrollFrameInner::AsyncScrollCallback layout/generic/nsGfxScrollFrame.cpp:1362 6 xul.dll nsTimerImpl::Fire xpcom/threads/nsTimerImpl.cpp:427 7 nspr4.dll _PR_MD_UNLOCK nsprpub/pr/src/md/windows/w95cv.c:344 8 xul.dll nsTimerEvent::Run xpcom/threads/nsTimerImpl.cpp:519 9 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:527 10 xul.dll mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:142 11 xul.dll xul.dll@0x96ef1b 12 xul.dll MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:216 13 xul.dll MessageLoop::RunHandler ipc/chromium/src/base/message_loop.cc:199 14 xul.dll xul.dll@0x2def73 15 xul.dll MessageLoop::Run ipc/chromium/src/base/message_loop.cc:173 16 xul.dll nsBaseAppShell::Run widget/src/xpwidgets/nsBaseAppShell.cpp:174 17 xul.dll nsAppShell::Run widget/src/windows/nsAppShell.cpp:239 18 @0x770effff 19 ieproxy.dll ieproxy.dll@0x746d 20 ieproxy.dll ieproxy.dll@0x2e6b 21 imm32.dll imm32.dll@0x5ffff 22 kernel32.dll kernel32.dll@0xfffff 23 kernel32.dll kernel32.dll@0xfffff 24 nvwgf2um.dll nvwgf2um.dll@0x354552 25 nvwgf2um.dll nvwgf2um.dll@0x353364 26 xul.dll nsAnnotationService::GetPageAnnotationInfo toolkit/components/places/src/nsAnnotationService.cpp:1183 27 nvwgf2um.dll nvwgf2um.dll@0x357471 28 ieproxy.dll ieproxy.dll@0x2e72 29 ieproxy.dll ieproxy.dll@0x2e33 https://crash-stats.mozilla.com/report/list?range_value=2&range_unit=weeks&signature=cairo_d2d_scroll&version=Firefox%3A3.7a5pre
Assignee | ||
Comment 1•14 years ago
|
||
The real fix here is understanding why the surface creation is failing. We check for D2D compatibility before setting the render mode. When we set D2D rendermode we should be able to rely on it being succesful. Having said that it would be a good idea to be able to dynamically switch between D2D and GDI on a per-widget basis.
Assignee | ||
Comment 2•14 years ago
|
||
Do we have any steps to reproduce?
Comment 3•14 years ago
|
||
Bas: there are some comments from one user in crash-stats who seems to hit the bug, but he is not able to give exact STR or generate a test case. I could try emailing him and ask if he can add himself to this bug.
Assignee | ||
Comment 4•14 years ago
|
||
(In reply to comment #3) > Bas: there are some comments from one user in crash-stats who seems to hit the > bug, but he is not able to give exact STR or generate a test case. I could try > emailing him and ask if he can add himself to this bug. Hrm, it would be interesting to know what it could be about this user that makes his D2D surfaces fail!
Any updates? BTW, is the d3d10_1core.dll@0x2bb04 crash related? https://crash-stats.mozilla.com/report/list?range_value=2&range_unit=weeks&signature=d3d10_1core.dll@0x2bb04&version=Firefox%3A3.7a5pre
Assignee | ||
Comment 7•14 years ago
|
||
(In reply to comment #6) > Any updates? > > BTW, is the d3d10_1core.dll@0x2bb04 crash related? > https://crash-stats.mozilla.com/report/list?range_value=2&range_unit=weeks&signature=d3d10_1core.dll@0x2bb04&version=Firefox%3A3.7a5pre It's hard to say, I wonder why we don't get symbols for that from the MS symbol servers. In any case we still need some rough steps to reproduce to figure out what causes this.
Updated•13 years ago
|
Crash Signature: [@ cairo_d2d_scroll]
Comment 8•13 years ago
|
||
Bas, I can't find this signature anymore. Not sure if it was ever something found in the wild. Is is still a problem? Should we leave the bug open? I am going to remove the top crash keyword.
Keywords: topcrash
Comment 9•6 years ago
|
||
Closing because no crash reported since 12 weeks.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•