Closed
Bug 623501
Opened 14 years ago
Closed 13 years ago
[OGL] Fennec crash in mozilla::gl::GLContext::UploadSurfaceToTexture @ libGLESv2_adreno200.so
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 721489
| Tracking | Status | |
|---|---|---|
| fennec | + | --- |
People
(Reporter: scoobidiver, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [mobile-crash])
Crash Data
With combined crash signatures, it is #10 top crasher in Fennec 4.0b4pre for the last week.
Signature libc.so@0xf194
UUID 1fe36a6c-9bbe-4c82-9e35-a72532110105
Time 2011-01-05 03:05:32.648497
Uptime 21
Last Crash 38 seconds before submission
Install Age 2774 seconds (46.2 minutes) since version was first installed.
Product Fennec
Version 4.0b4pre
Build ID 20110104100204
Branch 2.0
OS Linux
OS Version 0.0.0 Linux 2.6.32.9-27240-gbca5320 #1 PREEMPT Tue Aug 10 16:42:38 PDT 2010 armv7l
CPU arm
Crash Reason SIGSEGV
Crash Address 0xff000000
App Notes HTC Nexus One
google/passion/passion/mahimahi:2.2.1/FRG83D/75603:user/release-keys
Frame Module Signature [Expand] Source
0 libc.so libc.so@0xf194
1 libGLESv2_adreno200.so libGLESv2_adreno200.so@0x80a64
2 libxul.so GeckoStart toolkit/xre/nsAndroidStartup.cpp:76
3 libmozalloc.so moz_free memory/mozalloc/mozalloc.cpp:93
4 @0x8
5 libGLESv2_adreno200.so libGLESv2_adreno200.so@0x6aa80
6 app_process app_process@0xb5d
7 libGLESv2_adreno200.so libGLESv2_adreno200.so@0x6ad26
8 app_process app_process@0x362
9 libGLESv2_adreno200.so libGLESv2_adreno200.so@0x5aa36
10 app_process app_process@0x362
11 libxul.so mozilla::gl::GLContext::UploadSurfaceToTexture gfx/thebes/GLContext.cpp:1384
12 libxul.so mozilla::gl::TextureImageEGL::DirectUpdate gfx/thebes/GLContextProviderEGL.cpp:1154
13 libxul.so mozilla::layers::ShadowBufferOGL::Upload gfx/layers/opengl/ThebesLayerOGL.cpp:653
14 libxul.so mozilla::layers::ShadowThebesLayerOGL::Swap nsAutoPtr.h:968
15 libxul.so mozilla::layers::ShadowLayersParent::RecvUpdate PLayers.h:532
16 libxul.so mozilla::layers::PLayersParent::OnMessageReceived PLayersParent.cpp:222
17 libxul.so mozilla::dom::PContentParent::OnMessageReceived PContentParent.cpp:1218
18 libxul.so mozilla::ipc::SyncChannel::OnDispatchMessage ipc/glue/SyncChannel.cpp:172
19 libxul.so mozilla::ipc::RPCChannel::OnMaybeDequeueOne ipc/glue/RPCChannel.cpp:436
20 libxul.so RunnableMethod<mozilla::ipc::RPCChannel, bool , Tuple0>::Run ipc/chromium/src/base/task.h:308
21 libxul.so mozilla::ipc::RPCChannel::DequeueTask::Run RPCChannel.h:475
22 libxul.so MessageLoop::RunTask ipc/chromium/src/base/message_loop.cc:344
23 libxul.so MessageLoop::DeferOrRunPendingTask ipc/chromium/src/base/message_loop.cc:354
24 libxul.so MessageLoop::DoWork ipc/chromium/src/base/message_loop.cc:451
25 libxul.so mozilla::ipc::DoWorkRunnable::Run ipc/glue/MessagePump.cpp:71
26 libxul.so nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:626
27 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:250
28 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:134
29 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:220
30 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:512
31 libxul.so nsBaseAppShell::Run widget/src/xpwidgets/nsBaseAppShell.cpp:198
32 libxul.so nsAppStartup::Run toolkit/components/startup/src/nsAppStartup.cpp:192
33 libxul.so XRE_main toolkit/xre/nsAppRunner.cpp:3697
34 libxul.so GeckoStart toolkit/xre/nsAndroidStartup.cpp:131
35 libc.so libc.so@0x10ed7
36 libc.so libc.so@0x109c3
More reports at:
http://crash-stats.mozilla.com/query/query?product=Fennec&range_value=4&range_unit=weeks&query_search=signature&query_type=startswith&query=libc.so@0xf&build_id=&process_type=any&hang_type=any&do_query=1
|
Reporter | |
Updated•14 years ago
|
tracking-fennec: --- → ?
|
||
Updated•14 years ago
|
blocking2.0: --- → ?
tracking-fennec: ? → 2.0+
|
|
||
Comment 1•14 years ago
|
||
That address really looks like we're trying to dereference a pixel.
blocking2.0: ? → ---
|
|
||
Comment 2•14 years ago
|
||
The DirectUpdate code may have caused this.
|
||
Updated•14 years ago
|
tracking-fennec: 2.0+ → 2.0b4+
Summary: Fennec crash [@ libc.so@0xf194 ][@ libc.so@0xf2f8 ][@ libc.so@0xf1bc ][@ libc.so@0xf2b0 ][@ libc.so@0xf170 ] → [OGL] Fennec crash [@ libc.so@0xf194 ][@ libc.so@0xf2f8 ][@ libc.so@0xf1bc ][@ libc.so@0xf2b0 ][@ libc.so@0xf170 ]
|
||
Updated•14 years ago
|
tracking-fennec: 2.0b4+ → 2.0next+
|
|
Reporter | |
Updated•14 years ago
|
Summary: [OGL] Fennec crash [@ libc.so@0xf194 ][@ libc.so@0xf2f8 ][@ libc.so@0xf1bc ][@ libc.so@0xf2b0 ][@ libc.so@0xf170 ] → [OGL] Fennec crash in mozilla::gl::GLContext::UploadSurfaceToTexture [@ libc.so@0xf194 ][@ libc.so@0xf2f8 ][@ libc.so@0xf1bc ][@ libc.so@0xf2b0 ][@ libc.so@0xf170 ]
|
|
||
Updated•14 years ago
|
tracking-fennec: 2.0next+ → 7+
|
Assignee | |
Updated•14 years ago
|
Crash Signature: [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8 ]
[@ libc.so@0xf1bc ]
[@ libc.so@0xf2b0 ]
[@ libc.so@0xf170 ]
|
|
||
Updated•14 years ago
|
tracking-fennec: 7+ → +
Crash Signature: [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8 ]
[@ libc.so@0xf1bc ]
[@ libc.so@0xf2b0 ]
[@ libc.so@0xf170 ] → [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8 ]
[@ libc.so@0xf1bc ]
[@ libc.so@0xf2b0 ]
[@ libc.so@0xf170 ]
|
||
Comment 3•14 years ago
|
||
I got this problem once again, and it looks like we do create CanvasLayerOGL, and do not call ::Initialize, and then UpdateSurface or RenderLayer will just crash here or there...
|
||
Updated•14 years ago
|
Blocks: opengl-mobile
|
|
||
Comment 4•13 years ago
|
||
(In reply to Oleg Romashin (:romaxa) from comment #3)
> I got this problem once again, and it looks like we do create
> CanvasLayerOGL, and do not call ::Initialize, and then UpdateSurface or
> RenderLayer will just crash here or there...
I spoke to romaxa in IRC:
romaxa: BenWa: I had problem with that bug in broken build (content was not recompiled), so I had missing Initialize call which should not happen in real life
|
|
||
Updated•13 years ago
|
|
|
Reporter | |
Comment 5•13 years ago
|
||
As libc.so has been added to the Socorro skiplist, I change the crash signature.
Crash Signature: [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8 ]
[@ libc.so@0xf1bc ]
[@ libc.so@0xf2b0 ]
[@ libc.so@0xf170 ] → [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8]
[@ libc.so@0xf1bc]
[@ libc.so@0xf2b0]
[@ libc.so@0xf170]
[@ libGLESv2_adreno200.so@0x80a64]
Summary: [OGL] Fennec crash in mozilla::gl::GLContext::UploadSurfaceToTexture [@ libc.so@0xf194 ][@ libc.so@0xf2f8 ][@ libc.so@0xf1bc ][@ libc.so@0xf2b0 ][@ libc.so@0xf170 ] → [OGL] Fennec crash in mozilla::gl::GLContext::UploadSurfaceToTexture @ libGLESv2_adreno200.so
Whiteboard: [mobile-crash]
|
|
||
Comment 6•13 years ago
|
||
The crash mentioned in comment 0 doesn't seem to exist in Socorro any more. If someone can query older databases for URLs to this crash (or, in fact *libGLESv2_adreno200.so*), that'd help. Both Fennec native and XUL.
Keywords: needURLs
|
|
||
Comment 7•13 years ago
|
||
George is going to see if he can reproduce this.
|
|
Reporter | |
Comment 8•13 years ago
|
||
Content crashes with libGLESv2_adreno200.so are now in mozilla::WebGLContext::Viewport, nsIDOMWebGLRenderingContext_DrawElements, mozilla::WebGLContext::BindFakeBlackTextures or mozilla::WebGLContext::GenerateMipmap.
Crash Signature: [@ libc.so@0xf194 ]
[@ libc.so@0xf2f8]
[@ libc.so@0xf1bc]
[@ libc.so@0xf2b0]
[@ libc.so@0xf170]
[@ libGLESv2_adreno200.so@0x80a64] → [@ libGLESv2_adreno200.so@0x80a64]
|
|
||
Comment 9•13 years ago
|
||
Crashes in upload is likely related to bug 721489. Please re-open if the same crashes are seen.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•