623451 - "Assertion failed at gfx/cairo/cairo/src/cairo-surface.c:588: CAIRO_REFERENCE_COUNT_HAS_REFERENCE (&surface->ref_count)" for shadow canvas and video OGL layers with

Status: RESOLVED FIXED

(Core :: Graphics, defect)

Description

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

The problem is that we swap front/back on updates, but with GL we only use one surface and end up double-releasing.  Pretty simple fix.

Comment 1

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

Use-after-free bug.

Comment 2

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

Attachment: Don't double-release surfaces

Not sure what the proper COM discipline is for this situation, but this patch doesn't make me vomit in my mouth /too/ much.

Comment 3

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

Oops, obviously ignore that hunk in cairo/src.

Comment 4

[Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)]

Comment on attachment 501574 [details] [diff] [review]
Don't double-release surfaces

you want jeff here.. and you also want someone to do the cairo patch dance (as well as getting rid of the extra whitespace :-)

Comment 5

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

That cairo hunk was just for my debugging purposes, I didn't mean to include it.  Let me post a version with it removed.

Comment 6

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

Attachment: Don't double-release surfaces, v2

Nix the debugging code.

Comment 7

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

Attachment: Don't double-release surfaces, v2

Sigh.

Comment 8

[Chris Jones [:cjones] inactive; ni?/f?/r? if you need me]

http://hg.mozilla.org/mozilla-central/rev/7cad0cd7b62e