If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

"ABORT: Failed to create pixman images?"

RESOLVED WORKSFORME

Status

()

Core
Graphics
RESOLVED WORKSFORME
6 years ago
2 years ago

People

(Reporter: Jesse Ruderman, Assigned: mattwoodrow)

Tracking

(Blocks: 1 bug, {assertion, testcase})

Trunk
x86_64
Linux
assertion, testcase
Points:
---
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(3 attachments)

(Reporter)

Description

6 years ago
Created attachment 571766 [details]
testcase

###!!! ABORT: Failed to create pixman images?: 'src && dest', file gfx/layers/basic/BasicLayers.cpp, line 1701
(Reporter)

Comment 1

6 years ago
Created attachment 571767 [details]
stack trace
(Assignee)

Comment 2

6 years ago
This is caused by a crazy transform giving us an infinite sized transformed rect.

Our call to surfaceRect.Intersect(transformedRect) isn't handling the infinite values correctly, so instead of being clamped to the surface rect we end up attempting to allocate an infinite sized destination surface.

roc: Do you have any suggestions on how you'd prefer to handle this?

My two ideas so far were to make BaseRect::Intersect correctly handle infinite float/double values or add a BaseRect::IsValid method which looks for inf/nan and we can skip the intersection.
Assignee: nobody → matt.woodrow
That latter sounds better. The former is unnecessary overhead in most cases.
(Reporter)

Comment 4

5 years ago
Created attachment 643224 [details]
testcase 2 (requires fuzzing extension or blank profile)

This one crashes during a drawWindow call.  If you use a blank profile, Firefox's thumbnail service is likely to call drawWindow.
No longer asserts on trunk. The second testcase will require some help to land (to remove the fuzzer dependency), however.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Flags: in-testsuite+
Resolution: --- → WORKSFORME

Comment 6

2 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/c29bb1dc4d4b

Comment 7

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/c29bb1dc4d4b

Comment 8

2 years ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-b2g44_v2_5/rev/c29bb1dc4d4b
status-b2g-v2.5: --- → fixed
removing the b2g 2.5 flag since this commit has been reverted due to an incorrect merge, sorry for the confusion
status-b2g-v2.5: fixed → ---
You need to log in before you can comment on or make changes to this bug.