The default bug view has changed. See this FAQ.

Startup crash in AndroidGLController::ProvideEGLSurface during LayerManagerOGL::CreateContext

RESOLVED FIXED in Firefox 14

Status

()

Firefox for Android
General
--
critical
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: Scoobidiver (away), Assigned: ajuma)

Tracking

({crash, topcrash})

Trunk
Firefox 15
ARM
Android
crash, topcrash
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite -

Firefox Tracking Flags

(firefox14 fixed, firefox15 fixed, blocking-fennec1.0 +)

Details

(Whiteboard: [native-crash][gfx], crash signature)

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
This bug tracks residual crashes after the fix of bug 741166, 3 crashes so far.

There are two kinds of stack, the one in bug 741166 on startup and the following one:
Frame 	Module 	Signature 	Source
0 	libdvm.so 	libdvm.so@0x431ae 	
1 	libxul.so 	AndroidGLController::ProvideEGLSurface 	jni.h:706
2 	libxul.so 	mozilla::AndroidBridge::ProvideEGLSurface 	widget/android/AndroidBridge.cpp:1135
3 	libxul.so 	mozilla::gl::GLContextEGL::RenewSurface 	gfx/gl/GLContextProviderEGL.cpp:1522
4 	libxul.so 	mozilla::layers::CompositorParent::ResumeComposition 	gfx/layers/ipc/CompositorParent.cpp:146
5 	libxul.so 	RunnableMethod<mozilla::layers::CompositorParent, void , Tuple0>::Run 	ipc/chromium/src/base/tuple.h:383
6 	libxul.so 	MessageLoop::RunTask 	ipc/chromium/src/base/message_loop.cc:318
7 	libxul.so 	MessageLoop::DeferOrRunPendingTask 	ipc/chromium/src/base/message_loop.cc:326
8 	libxul.so 	MessageLoop::DoWork 	ipc/chromium/src/base/message_loop.cc:426
9 	libxul.so 	base::MessagePumpDefault::Run 	ipc/chromium/src/base/message_pump_default.cc:23
10 	libxul.so 	MessageLoop::RunInternal 	ipc/chromium/src/base/message_loop.cc:208
11 	libxul.so 	MessageLoop::Run 	ipc/chromium/src/base/message_loop.cc:201
12 	libxul.so 	base::Thread::ThreadMain 	ipc/chromium/src/base/thread.cc:156
13 	libxul.so 	ThreadFunc 	ipc/chromium/src/base/platform_thread_posix.cc:26
14 	libc.so 	libc.so@0x11e32 	
15 	libc.so 	libc.so@0x11a06 	

More reports at:
https://crash-stats.mozilla.com/report/list?signature=AndroidGLController%3A%3AProvideEGLSurface
(Reporter)

Updated

5 years ago
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs]
top crash in 14a1 in 3 day period. (4/16/2012)
Keywords: topcrash
(Reporter)

Comment 2

5 years ago
There are 3 crashes with the AndroidGLController::ProvideEGLSurface signature and 5 crashes with the JNI_GetCreatedJavaVMs signature.
received this crash on the nexus s when going to dartlang.org and then typing something in the editable content using 4/18/2012
(Reporter)

Updated

5 years ago
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ dalvik-LinearAlloc (deleted)@0x2da90e]
(Reporter)

Updated

5 years ago
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ dalvik-LinearAlloc (deleted)@0x2da90e] → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ dalvik-LinearAlloc (deleted)@0x2da90e]
Just got this crash on an HTC phone; signing into Google Reader [http://www.google.com/reader/i] navigate to BBC article and play back flash content. Not able to repro but will keep trying.
(Reporter)

Updated

5 years ago
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ dalvik-LinearAlloc (deleted)@0x2da90e] → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2378fe] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ da&hellip;
Possible regression or similar from bug 741166?  Removing topcrash as it's no longer in the topcrash listings.
Keywords: topcrash
(Reporter)

Comment 6

5 years ago
(In reply to Naoki Hirata :nhirata from comment #5)
> Removing topcrash as it's no longer in the topcrash listings.
I have to disagree. With combined signatures, there are 60 crashes in 14.0a2 over the last week making it #13 top crasher in 14.0a2.
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2378fe] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x2396b6] [@ da&hellip; → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2378fe] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x239a3e] [@ da&hellip;
Keywords: topcrash
(Reporter)

Comment 7

5 years ago
In Aurora, with combined signatures, it's #4 top crasher over the last day, #10 over the last 3 days, #16 over the last week.
blocking-fennec1.0: --- → ?
(Reporter)

Updated

5 years ago
Depends on: 741222
(Reporter)

Updated

5 years ago
Depends on: 741315
Assignee: nobody → ajuma
blocking-fennec1.0: ? → +
(Assignee)

Comment 8

5 years ago
Created attachment 625106 [details] [diff] [review]
Wait for surfaceChanged before calling GLController.provideEGLSurface.

There are really two groups of crashes here: those occurring at startup (during LayerManagerOGL::CreateContext) and those occurring later (during CompositorParent::ResumeComposition).

It's conceivable that the startup crashes are caused by us calling GLController.provideEGLSurface before receiving surfaceChanged. Right now, we only wait for surfaceCreated, and hence the surface might still be zero-sized at this point. This patch makes us wait for surfaceChanged instead.
Attachment #625106 - Flags: review?(bugmail.mozilla)
(Assignee)

Updated

5 years ago
Component: Widget: Android → General
Product: Core → Fennec Native
QA Contact: android → general
Version: 14 Branch → Trunk
Attachment #625106 - Flags: review?(bugmail.mozilla) → review+
(Assignee)

Comment 9

5 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/47c8f2d06763

The bug should be kept open when this merges to m-c, since it likely will not fix the non-startup crashes.
Whiteboard: [native-crash] → [native-crash] [keep open]
https://hg.mozilla.org/mozilla-central/rev/47c8f2d06763
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Flags: in-testsuite-
Resolution: --- → FIXED
Target Milestone: --- → Firefox 15
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Status: REOPENED → ASSIGNED
(Assignee)

Comment 11

5 years ago
Comment on attachment 625106 [details] [diff] [review]
Wait for surfaceChanged before calling GLController.provideEGLSurface.

[Approval Request Comment]
User impact if declined: Possible startup crashes.
Testing completed (on m-c, etc.): On m-c since May 18.
Risk to taking this patch (and alternatives if risky): Low risk.
String or UUID changes made by this patch: None.
Attachment #625106 - Flags: approval-mozilla-aurora?
(Assignee)

Comment 12

5 years ago
(In reply to Ali Juma [:ajuma] from comment #11)
> Comment on attachment 625106 [details] [diff] [review]
> Risk to taking this patch (and alternatives if risky): Low risk.

Forgot to add that this code is mobile-only.
Attachment #625106 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
(Assignee)

Comment 13

5 years ago
https://hg.mozilla.org/releases/mozilla-aurora/rev/6a1f7e039216
(Reporter)

Updated

5 years ago
status-firefox14: --- → fixed

Updated

5 years ago
Whiteboard: [native-crash] [keep open] → [native-crash] [keep open][gfx]
(Assignee)

Comment 14

5 years ago
(In reply to Ali Juma [:ajuma] from comment #9)
> https://hg.mozilla.org/integration/mozilla-inbound/rev/47c8f2d06763
> 
> The bug should be kept open when this merges to m-c, since it likely will
> not fix the non-startup crashes.

Indeed, looking at crash reports on 14.0b3, the startup crashes (during LayerManagerOGL::CreateContext) are virtually all gone (there is only one such crash so far), but the non-startup crashes remain.
status-firefox14: fixed → affected
Ali, for easier tracking, can you open a new bug for the second half of this bug, and mark this one as fixed?
(Assignee)

Comment 16

5 years ago
(In reply to Joe Drew (:JOEDREW!) from comment #15)
> Ali, for easier tracking, can you open a new bug for the second half of this
> bug, and mark this one as fixed?

Filed bug 759162 for the remaining crashes.
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago5 years ago
status-firefox14: affected → fixed
Resolution: --- → FIXED
Whiteboard: [native-crash] [keep open][gfx] → [native-crash][gfx]
(Reporter)

Updated

5 years ago
Summary: crash in AndroidGLController::ProvideEGLSurface → Startup crash in AndroidGLController::ProvideEGLSurface during LayerManagerOGL::CreateContext
This cut the crash rate on Beta in half for this signature. With there being a follow up bug for the other crashers I'm willing to call this verified.
Status: RESOLVED → VERIFIED
status-firefox14: fixed → verified
status-firefox15: --- → verified
(Reporter)

Updated

5 years ago
Crash Signature: [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ dalvik-LinearAlloc (deleted)@0x2378fe] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (deleted)@0x2389d6] [@ dalvik-LinearAlloc (deleted)@0x239a3e] [@ da&hellip; → [@ AndroidGLController::ProvideEGLSurface] [@ JNI_GetCreatedJavaVMs] [@ JNI_GetCreatedJavaVMs | AndroidGLController::ProvideEGLSurface] [@ dalvik-LinearAlloc (deleted)@0x2378fe] [@ dalvik-LinearAlloc (deleted)@0x2385c6] [@ dalvik-LinearAlloc (&hellip;
(Reporter)

Comment 18

5 years ago
There are still crashes in 14.0b6: bp-21c93fef-dbb0-4666-ba7e-508de2120608, bp-ad52d022-4820-4ab9-91b0-0dfba2120608, bp-71b70694-3b5d-4a01-8daf-56d542120608.
Status: VERIFIED → REOPENED
status-firefox14: verified → affected
status-firefox15: verified → affected
Resolution: FIXED → ---
(Assignee)

Comment 19

5 years ago
Re-nomming since the crash volume is low.

There was only a single crash with this signature during LayerManagerOGL::CreateContext in 14.0b5. The fact that we already have 3 crashes in 14.0b6 is a bit concerning (it's too early to say whether this is a real increase or just noise), but the volume is still low.
blocking-fennec1.0: + → ?
(Reporter)

Comment 20

5 years ago
(In reply to Ali Juma [:ajuma] from comment #19)
> There was only a single crash with this signature during
> LayerManagerOGL::CreateContext in 14.0b5.
There are more than that (without counting dalvik-LinearAlloc (deleted) signatures).
* 12 crashes https://crash-stats.mozilla.com/report/list?product=FennecAndroid&version=FennecAndroid%3A14.0b5&signature=AndroidGLController%3A%3AProvideEGLSurface
* one crash: https://crash-stats.mozilla.com/report/list?product=FennecAndroid&version=FennecAndroid%3A14.0b5&signature=JNI_GetCreatedJavaVMs%20|%20AndroidGLController%3A%3AProvideEGLSurface
* 3 crashes: https://crash-stats.mozilla.com/report/list?product=FennecAndroid&version=FennecAndroid%3A14.0b5&signature=JNI_GetCreatedJavaVMs
(Assignee)

Comment 21

5 years ago
(In reply to Scoobidiver from comment #20)
> (In reply to Ali Juma [:ajuma] from comment #19)
> > There was only a single crash with this signature during
> > LayerManagerOGL::CreateContext in 14.0b5.
> There are more than that (without counting dalvik-LinearAlloc (deleted)
> signatures).

Ah, indeed, I missed those. Nevertheless, the crash volume still seems too low for this to be a release blocker.
We should probably open a new bug if startup crashes remain, since bug 759162 tracks the other crashes. I'm going to leave this bug closed for now; makes tracking easier.
Status: REOPENED → RESOLVED
blocking-fennec1.0: ? → +
Last Resolved: 5 years ago5 years ago
Resolution: --- → FIXED
(Reporter)

Updated

5 years ago
status-firefox14: affected → fixed
status-firefox15: affected → fixed
You need to log in before you can comment on or make changes to this bug.