Comment 1 Jesse Ruderman 2012-04-18 17:22:56 PDT

Created attachment 616370 [details]
stack trace

Comment 2 Jesse Ruderman 2012-04-18 17:23:08 PDT

Opt: bp-bdbe2955-d9ce-487c-a72e-d0a0a2120419

Comment 3 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-04-18 18:33:41 PDT

Needs moar EnsureCurrentSurface.

phone

Comment 4 Scoobidiver (away) 2012-04-19 03:40:09 PDT

On Windows 7: bp-72e70eb8-0995-401d-b377-406672120419

Comment 5 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-04-19 15:27:40 PDT

Created attachment 616774 [details] [diff] [review]
Check for context allocation failure before returning inverse transform

Thanks Jesse!

Comment 6 Joe Drew (not getting mail) 2012-04-20 08:40:07 PDT

Comment on attachment 616774 [details] [diff] [review]
Check for context allocation failure before returning inverse transform

Review of attachment 616774 [details] [diff] [review]:
-----------------------------------------------------------------

This needs to be fixed in nsCanvasRenderingContext2DAzure as well - otherwise we'll a) have this bug on some systems but not others and b) make crashtest go orange.

Comment 7 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-04-20 10:32:17 PDT

Well, OK, but in the port to azure canvas many/most of the EnsureCurrentSurface()-style checks were lost.  This is putting ones finger in dike.  Is there a bug on file for restoring them?  Are we fuzzing azure canvas?

Comment 8 Jesse Ruderman 2012-04-20 13:26:36 PDT

We are fuzzing azure canvas, but only on the (OS version, hardware) combinations in the build pool.  The fuzzer randomizes gfx.canvas.azure.enabled so both azure and non-azure canvas are tested on as many platforms as possible.

Comment 9 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-04-20 14:21:04 PDT

OK.  There are many azure-canvas interfaces that don't check for a valid surface whereas the same cairo-canvas interface does.  (I assumed the checks weren't needed for azure-canvas.)  Apparently we have a dearth of tests for those cases, and perhaps our fuzzer is getting unlucky?

Comment 10 Bob Clary [:bc:] 2012-04-22 07:26:31 PDT

fwiw, crash automation reproduced this on all three branches: Beta/12, Aurora/13, Nightly/14 and all 3 platforms.

Comment 11 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-06-08 23:12:22 PDT

Created attachment 631615 [details] [diff] [review]
Check for context allocation failure before returning inverse transform, v2

Was cleaning mq house and came back across this.

This version puts a few more fingers in the azure context dike.

Comment 12 Joe Drew (not getting mail) 2012-06-11 10:58:35 PDT

Comment on attachment 631615 [details] [diff] [review]
Check for context allocation failure before returning inverse transform, v2

Review of attachment 631615 [details] [diff] [review]:
-----------------------------------------------------------------

Well, not azure content so much as azure canvas, but hooray. And thanks for fixing both implementations!

Comment 13 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-06-12 10:32:03 PDT

https://hg.mozilla.org/integration/mozilla-inbound/rev/a07fd72eb33d

Comment 14 Matt Brubeck (:mbrubeck) 2012-06-12 18:32:22 PDT

https://hg.mozilla.org/mozilla-central/rev/a07fd72eb33d