The default bug view has changed. See this FAQ.

crash in nsDisplayBackground::TryOptimizeToImageLayer

RESOLVED FIXED in mozilla16

Status

()

Core
Layout
--
critical
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: Scoobidiver (away), Assigned: dzbarsky)

Tracking

({crash, regression})

15 Branch
mozilla16
x86
Windows 7
crash, regression
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [startupcrash], crash signature)

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
It first appeared in 15.0a1/20120523164348. The regression range is:
http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=36e938e51481&tochange=d499dc65cdab

Signature 	nsDisplayBackground::TryOptimizeToImageLayer(nsDisplayListBuilder*) More Reports Search
UUID	7193cc64-7571-43bc-81ce-a4d0c2120524
Date Processed	2012-05-24 19:21:56
Uptime	6
Last Crash	17 seconds before submission
Install Age	3.4 minutes since version was first installed.
Install Time	2012-05-24 19:18:30
Product	Firefox
Version	15.0a1
Build ID	20120523164348
Release Channel	nightly
OS	Windows NT
OS Version	6.1.7601 Service Pack 1
Build Architecture	x86
Build Architecture Info	GenuineIntel family 6 model 42 stepping 7
Crash Reason	EXCEPTION_ACCESS_VIOLATION_EXEC
Crash Address	0x4
App Notes 	
AdapterVendorID: 0x8086, AdapterDeviceID: 0x0126, AdapterSubsysID: 00000000, AdapterDriverVersion: 8.862.4.4000
D3D10 Layers? D3D10 Layers- D3D9 Layers? D3D9 Layers+ 
EMCheckCompatibility	True	
Total Virtual Memory	4294836224
Available Virtual Memory	3751473152
System Memory Use Percentage	29
Available Page File	13269147648
Available Physical Memory	6011637760

Frame 	Module 	Signature 	Source
0 		@0x4 	
1 	xul.dll 	nsDisplayBackground::TryOptimizeToImageLayer 	layout/base/nsDisplayList.cpp:1137
2 	xul.dll 	mozilla::`anonymous namespace'::ContainerState::ProcessDisplayItems 	layout/base/FrameLayerBuilder.cpp:1620
3 	xul.dll 	mozilla::FrameLayerBuilder::BuildContainerLayerFor 	layout/base/FrameLayerBuilder.cpp:2141
4 	xul.dll 	nsWindow::GetLayerManager 	widget/windows/nsWindow.cpp:3204
5 	nspr4.dll 	PR_GetThreadPrivate 	nsprpub/pr/src/threads/prtpd.c:200
6 	xul.dll 	nsDisplayList::ComputeVisibilityForRoot 	layout/base/nsDisplayList.cpp:434
7 	xul.dll 	nsDisplayBackground::HitTest 	layout/base/nsDisplayList.cpp:1241

More reports at:
https://crash-stats.mozilla.com/report/list?signature=nsDisplayBackground%3A%3ATryOptimizeToImageLayer%28nsDisplayListBuilder*%29
https://crash-stats.mozilla.com/report/list?signature=nsImageRenderer%3A%3AGetContainer%28%29
The GetContainer call was added in bug 756813 and merged to m-c the 22nd.
http://hg.mozilla.org/mozilla-central/annotate/d499dc65cdab/layout/base/nsDisplayList.cpp#l1137

Does GetContainer() need a "if (mType != eStyleImageType_Image) return false;"
like IsRasterImage() above it?
http://hg.mozilla.org/mozilla-central/annotate/d499dc65cdab/layout/base/nsCSSRendering.cpp#l4081
Andreas, it looks like you added GetContainer() in bug 750172.
Do you know the answer to the question in comment 1?
dzbarsky, maybe you can take a look?
(Assignee)

Comment 4

5 years ago
Ok, I'll try reproducing on Windows

Comment 5

5 years ago
Yeah, we should check with IsRasterImage or as Mats suggests directly in GetContainer.
(Assignee)

Comment 6

5 years ago
Yep, that seems like it would fix it but I want to check before and after to make sure this will fix the crash.
(Assignee)

Comment 7

5 years ago
Created attachment 631767 [details] [diff] [review]
Patch

I couldn't reproduce the bug, but this should hopefully fix it.
Assignee: nobody → dzbarsky
Status: NEW → ASSIGNED
Attachment #631767 - Flags: review?(gal)

Comment 8

5 years ago
Comment on attachment 631767 [details] [diff] [review]
Patch

Review of attachment 631767 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks dz.
Attachment #631767 - Flags: review?(gal) → review+
(Assignee)

Comment 9

5 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/b7fd38dad196
(Assignee)

Updated

5 years ago
Target Milestone: --- → mozilla16
https://hg.mozilla.org/mozilla-central/rev/b7fd38dad196
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.