Closed
Bug 802144
Opened 12 years ago
Closed 12 years ago
crash in mozilla::gfx::BaseRect
Categories
(Core :: Graphics: ImageLib, defect)
Tracking
()
VERIFIED
FIXED
mozilla19
People
(Reporter: scoobidiver, Assigned: jdm)
References
Details
(Keywords: crash, regression, topcrash)
Crash Data
Attachments
(1 file)
It started spiking in 19.0a1/20121016 and is currently #1 top crasher in today's build. The regression range for the spike is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=942ed5747b63&tochange=8f145599e4bf It might be a regression from bug 801405. Signature mozilla::gfx::BaseRect<int, nsIntRect, nsIntPoint, nsIntSize, nsIntMargin>::Union(nsIntRect const&) More Reports Search UUID 16d3e13c-1f64-4c9b-9b94-86d5c2121016 Date Processed 2012-10-16 14:20:25 Uptime 252 Last Crash 4.5 minutes before submission Install Age 4.2 minutes since version was first installed. Install Time 2012-10-16 14:15:44 Product Firefox Version 19.0a1 Build ID 20121016030544 Release Channel nightly OS Windows NT OS Version 6.2.9200 Build Architecture x86 Build Architecture Info GenuineIntel family 6 model 42 stepping 7 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x28 App Notes Cisco VPN AdapterVendorID: 0x8086, AdapterDeviceID: 0x0102, AdapterSubsysID: 1494103c, AdapterDriverVersion: 9.17.10.2828 D2D? D2D+ DWrite? DWrite+ D3D10 Layers? D3D10 Layers+ EMCheckCompatibility True Adapter Vendor ID 0x8086 Adapter Device ID 0x0102 Total Virtual Memory 4294836224 Available Virtual Memory 3397189632 System Memory Use Percentage 59 Available Page File 2225999872 Available Physical Memory 1699692544 Frame Module Signature Source 0 xul.dll mozilla::gfx::BaseRect<int,nsIntRect,nsIntPoint,nsIntSize,nsIntMargin>::Union obj-firefox/dist/include/mozilla/gfx/BaseRect.h:132 1 xul.dll mozilla::image::Decoder::FlushInvalidations image/src/Decoder.cpp:151 2 xul.dll mozilla::image::Decoder::PostFrameStop image/src/Decoder.cpp:235 3 xul.dll mozilla::image::nsBMPDecoder::FinishInternal image/decoders/nsBMPDecoder.cpp:136 4 xul.dll mozilla::image::nsICODecoder::FinishInternal image/decoders/nsICODecoder.cpp:90 5 xul.dll mozilla::image::Decoder::Finish image/src/Decoder.cpp:88 6 xul.dll mozilla::image::RasterImage::ShutdownDecoder image/src/RasterImage.cpp:2427 7 xul.dll mozilla::image::RasterImage::~RasterImage image/src/RasterImage.cpp:280 8 xul.dll mozilla::image::RasterImage::Release image/src/RasterImage.cpp:206 9 xul.dll imgRequest::~imgRequest image/src/imgRequest.cpp:107 10 xul.dll imgRequest::`scalar deleting destructor' 11 xul.dll imgRequest::Release image/src/imgRequest.cpp:78 12 xul.dll imgRequestProxy::`scalar deleting destructor' 13 xul.dll imgRequestProxy::Release image/src/imgRequestProxy.cpp:29 14 xul.dll nsImageBoxFrame::`vector deleting destructor' 15 xul.dll nsFrame::DestroyFrom layout/generic/nsFrame.cpp:668 16 xul.dll nsImageBoxFrame::DestroyFrom layout/xul/base/src/nsImageBoxFrame.cpp:178 17 xul.dll nsContainerFrame::DestroyFrom layout/generic/nsContainerFrame.cpp:217 18 xul.dll nsBoxFrame::DestroyFrom layout/xul/base/src/nsBoxFrame.cpp:948 19 xul.dll nsContainerFrame::DestroyFrom layout/generic/nsContainerFrame.cpp:217 20 xul.dll nsBoxFrame::DestroyFrom layout/xul/base/src/nsBoxFrame.cpp:948 21 xul.dll nsContainerFrame::DestroyFrom layout/generic/nsContainerFrame.cpp:217 22 xul.dll nsBoxFrame::DestroyFrom layout/xul/base/src/nsBoxFrame.cpp:948 23 xul.dll nsBoxFrame::RemoveFrame layout/xul/base/src/nsBoxFrame.cpp:1011 24 xul.dll nsFrameManager::RemoveFrame layout/base/nsFrameManager.cpp:497 25 xul.dll nsCSSFrameConstructor::ContentRemoved layout/base/nsCSSFrameConstructor.cpp:7593 26 xul.dll nsCSSFrameConstructor::RecreateFramesForContent layout/base/nsCSSFrameConstructor.cpp:9390 27 xul.dll nsCSSFrameConstructor::ProcessRestyledFrames layout/base/nsCSSFrameConstructor.cpp:8138 28 xul.dll mozilla::css::RestyleTracker::DoProcessRestyles layout/base/RestyleTracker.cpp:209 29 xul.dll nsCSSFrameConstructor::ProcessPendingRestyles layout/base/nsCSSFrameConstructor.cpp:12120 30 xul.dll PresShell::FlushPendingNotifications layout/base/nsPresShell.cpp:3828 31 xul.dll nsRefreshDriver::Notify layout/base/nsRefreshDriver.cpp:383 ... More reports at: https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Agfx%3A%3ABaseRect%3Cint%2C+nsIntRect%2C+nsIntPoint%2C+nsIntSize%2C+nsIntMargin%3E%3A%3AUnion%28nsIntRect+const%26%29
Reporter | ||
Updated•12 years ago
|
tracking-firefox19:
--- → ?
Assignee | ||
Comment 2•12 years ago
|
||
I'm a bit afraid of whack-a-mole problems here. Joe, my first instinct is to add a check for mFinishing in RasterImage::FrameUpdate; do you see any problems with that?
Comment 3•12 years ago
|
||
It seems like you could just make RasterImage's dtor delete the frames and mAnim after calling ShutdownDecoder instead of before.
Assignee | ||
Comment 4•12 years ago
|
||
Yes, I have a patch that does that, and it avoids the crashes that I can reproduce without it applied. I'm not trying to write an automated test.
Assignee | ||
Comment 5•12 years ago
|
||
I give up on trying to write a test.
Attachment #672048 -
Flags: review?(joe)
Updated•12 years ago
|
Attachment #672048 -
Flags: review?(joe) → review+
Assignee | ||
Comment 6•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/f8e886802231
Reporter | ||
Comment 7•12 years ago
|
||
There are about 1000 crashes per build. It would be fine to land it in m-c ASAP and rebuild.
Comment 8•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/f8e886802231
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla19
Reporter | ||
Updated•12 years ago
|
Crash Signature: [@ mozilla::gfx::BaseRect<int, nsIntRect, nsIntPoint, nsIntSize, nsIntMargin>::Union(nsIntRect const&)] → [@ mozilla::gfx::BaseRect<int, nsIntRect, nsIntPoint, nsIntSize, nsIntMargin>::Union(nsIntRect const&)]
[@ mozilla::gfx::BaseRect<int, nsIntRect, nsIntPoint, nsIntSize, nsIntMargin>::Union(nsIntRect const&) const]
OS: Windows 7 → All
Updated•12 years ago
|
status-firefox19:
--- → fixed
Comment 11•11 years ago
|
||
No crashes on FF > 18 based on crash stats. I guess we can call this verified fixed.
Status: RESOLVED → VERIFIED
Comment 12•11 years ago
|
||
Actually there is 1 crash on FF 19b2 - https://crash-stats.mozilla.com/report/index/954d4cb5-d453-45fc-a09b-3a5932130119 Any thoughts?
You need to log in
before you can comment on or make changes to this bug.
Description
•