Closed
Bug 782971
Opened 12 years ago
Closed 12 years ago
Problems culminating in "ABORT: unknown union type: file PLayersParent.cpp" when running B2G UI tests app OOP
Categories
(Firefox OS Graveyard :: General, defect)
Tracking
(blocking-basecamp:+)
RESOLVED
FIXED
| blocking-basecamp | + |
People
(Reporter: justin.lebar+bug, Unassigned)
References
Details
Attachments
(1 file)
Gaia rev e4d5b421eb8d.
Gecko built yesterday.
STR:
* Modify apps/system/js/window_manager.js so the 'UI tests' app is not OOP-blacklisted.
* Run B2G, open the UI tests app
* The app loads. After a few seconds, the "UI Tests" header shows up, but there's no visible content below. The div where the content /should/ be is scrollable, as though content is there, just invisible.
* Press HOME to exit the app.
* Re-open the app. Now the whole screen is white.
* Click where one of the buttons in the app /should/ be (your cursor will turn into a hand when you hover over it).
* Content-process crash, with the following stacktrace
> [Parent 309] ###!!! ABORT: unknown union type: file PLayersParent.cpp, line 1919
> mozilla::layers::PLayersParent::Write(mozilla::layers::OptionalThebesBuffer const&, IPC::Message*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PLayersParent.cpp:1920)
> mozilla::layers::PLayersParent::Write(mozilla::layers::OpThebesBufferSwap const&, IPC::Message*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PLayersParent.cpp:2450)
> mozilla::layers::PLayersParent::Write(mozilla::layers::EditReply const&, IPC::Message*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PLayersParent.cpp:1426)
> mozilla::layers::PLayersParent::Write(InfallibleTArray<mozilla::layers::EditReply> const&, IPC::Message*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PLayersParent.cpp:3125)
> mozilla::layers::PLayersParent::OnMessageReceived(IPC::Message const&, IPC::Message*&) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PLayersParent.cpp:479)
> mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&, IPC::Message*&) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/ipdl/PContentParent.cpp:2242)
> mozilla::ipc::SyncChannel::OnDispatchMessage(IPC::Message const&) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../../src/ipc/glue/SyncChannel.cpp:143)
> mozilla::ipc::RPCChannel::OnMaybeDequeueOne() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../../src/ipc/glue/RPCChannel.cpp:400)
> void DispatchToMethod<mozilla::ipc::RPCChannel, bool (mozilla::ipc::RPCChannel::*)()>(mozilla::ipc::RPCChannel*, bool (mozilla::ipc::RPCChannel::*)(), Tuple0 const&) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../../src/ipc/chromium/src/base/tuple.h:384)
> RunnableMethod<mozilla::ipc::RPCChannel, bool (mozilla::ipc::RPCChannel::*)(), Tuple0>::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../../src/ipc/chromium/src/base/task.h:308)
> mozilla::ipc::RPCChannel::RefCountedTask::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../dist/include/mozilla/ipc/RPCChannel.h:425)
> mozilla::ipc::RPCChannel::DequeueTask::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../dist/include/mozilla/ipc/RPCChannel.h:448)
> MessageLoop::RunTask(Task*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:327)
> MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const&) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:337)
> MessageLoop::DoWork() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:434)
> mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/glue/../../../src/ipc/glue/MessagePump.cpp:86)
> MessageLoop::RunInternal() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:209)
> MessageLoop::RunHandler() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:202)
> MessageLoop::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/ipc/chromium/../../../src/ipc/chromium/src/base/message_loop.cc:175)
> nsBaseAppShell::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/widget/xpwidgets/../../../src/widget/xpwidgets/nsBaseAppShell.cpp:165)
> nsAppStartup::Run() (/home/jlebar/code/moz/ff-git/debug-b2g/toolkit/components/startup/../../../../src/toolkit/components/startup/nsAppStartup.cpp:271)
> XREMain::XRE_mainRun() (/home/jlebar/code/moz/ff-git/debug-b2g/toolkit/xre/../../../src/toolkit/xre/nsAppRunner.cpp:3802)
> XREMain::XRE_main(int, char**, nsXREAppData const*) (/home/jlebar/code/moz/ff-git/debug-b2g/toolkit/xre/../../../src/toolkit/xre/nsAppRunner.cpp:3879)
> XRE_main (/home/jlebar/code/moz/ff-git/debug-b2g/toolkit/xre/../../../src/toolkit/xre/nsAppRunner.cpp:3955)
> do_main (/home/jlebar/code/moz/ff-git/debug-b2g/b2g/app/../../../src/b2g/app/nsBrowserApp.cpp:153)
> main (/home/jlebar/code/moz/ff-git/debug-b2g/b2g/app/../../../src/b2g/app/nsBrowserApp.cpp:229)
> __libc_start_main (/build/buildd/eglibc-2.15/csu/libc-start.c:258)
> _start (dist/bin/b2g)
> [Parent 309] ###!!! ABORT: unknown union type: file PLayersParent.cpp, line 1919
|
Reporter | |
Comment 1•12 years ago
|
||
> [Parent 309] ###!!! ABORT: unknown union type: file PLayersParent.cpp, line 1919
I guess this means that the parent process is dying because it's getting unexpected data from the child. This of course should never happen.
|
|
Reporter | |
Comment 2•12 years ago
|
||
(In reply to Justin Lebar [:jlebar] from comment #1)
> I guess this means that the parent process is dying because it's getting
> unexpected data from the child. This of course should never happen.
No, the problem is that the parent process is sending bogus data itself.
In ShadowLayersParent::RecvUpdate, within the |Edit::TOpPaintThebesBuffer| case, we do
OptionalThebesBuffer newBack;
nsIntRegion newValidRegion;
OptionalThebesBuffer readonlyFront;
nsIntRegion frontUpdatedRegion;
thebes->Swap(newFront, op.updatedRegion(),
&newBack, &newValidRegion,
&readonlyFront, &frontUpdatedRegion);
replyv.push_back(
OpThebesBufferSwap(
shadow, NULL,
newBack, newValidRegion,
readonlyFront, frontUpdatedRegion));
But thebes->Swap does not necessarily initialize readonlyFront:
void
ShadowThebesLayerOGL::Swap(const ThebesBuffer& aNewFront,
const nsIntRegion& aUpdatedRegion,
OptionalThebesBuffer* aNewBack,
nsIntRegion* aNewBackValidRegion,
OptionalThebesBuffer* aReadOnlyFront,
nsIntRegion* aFrontUpdatedRegion)
{
if (mDestroyed) {
// Don't drop buffers on the floor.
*aNewBack = aNewFront;
*aNewBackValidRegion = aNewFront.rect();
return;
}
|
|
Reporter | |
Comment 3•12 years ago
|
||
I have no idea if this is correct, but it does prevent the crash. All the other symptoms above are still present.
Attachment #652128 -
Flags: review?(roc)
|
|
Reporter | |
Updated•12 years ago
|
blocking-basecamp: --- → ?
|
||
Updated•12 years ago
|
Attachment #652128 -
Flags: review?(roc) → review+
|
|
||
Updated•12 years ago
|
blocking-basecamp: ? → +
|
|
Reporter | |
Comment 4•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/4db58ba7848f
I'll figure out the rest of the issues (blank screen and then blank-er screen) in a separate bug.
|
|
Reporter | |
Comment 5•12 years ago
|
||
The first blank screen is bug 783106. That may or may not also be the cause of the /second/ blank screen...
|
||
Comment 6•12 years ago
|
||
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•