Closed
Bug 959842
Opened 10 years ago
Closed 10 years ago
[OMTC][PGO] crash in mozilla::layers::DeprecatedContentClientDoubleBuffered::UpdateDestinationFrom(mozilla::layers::RotatedBuffer const&, nsIntRegion const&)
Categories
(Core :: Graphics: Layers, defect)
Tracking
()
VERIFIED
FIXED
mozilla29
People
(Reporter: alice0775, Assigned: nrc)
References
Details
(Keywords: crash, Whiteboard: [dupeme])
Crash Data
Attachments
(2 files)
2.17 KB,
patch
|
kats
:
review+
|
Details | Diff | Splinter Review |
9.41 KB,
patch
|
mattwoodrow
:
review+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-b4298e3a-0ec2-4eac-b36c-063632140114. ============================================================= Browser(Nightly29.0a1 and m-i PGO) crashes with OMTC enabled. This crash happens only PGO build. Steps To Reproduce: 1. Enable OMTC layers.offmainthreadcomposition.enabled = true 2. Restart Browser 3. Open http://www.youtube.com/watch?v=FEm8PZ_lUh8
Reporter | ||
Comment 1•10 years ago
|
||
Regression window(m-c pgo) Good: http://hg.mozilla.org/mozilla-central/rev/12d3ba62a599 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 ID:20140112180004 Bad; http://hg.mozilla.org/mozilla-central/rev/80a27198344a Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 ID:20140113060018 Pushlog: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=12d3ba62a599&tochange=80a27198344a Regression window(m-i pgo) Good: http://hg.mozilla.org/integration/mozilla-inbound/rev/656e14ae9363 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 ID:20140110090110 Crash http://hg.mozilla.org/integration/mozilla-inbound/rev/7d5fcd8a3a99 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 ID:20140110120002 Pushlog: http://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=656e14ae9363&tochange=7d5fcd8a3a99 Suspected : Bug 958375, Bug 958369, Bug 958437 ???
Reporter | ||
Updated•10 years ago
|
Component: General → Graphics: Layers
Assignee | ||
Comment 2•10 years ago
|
||
I think this needs a null check, I'll look into soon.
Assignee: nobody → ncameron
Comment 3•10 years ago
|
||
I've seen what appears to be the same crash in 2014_01_14 nightly. https://bugzilla.mozilla.org/show_bug.cgi?id=959624
Reporter | ||
Comment 4•10 years ago
|
||
And also see Bug 960266
Assignee | ||
Comment 5•10 years ago
|
||
One of these I stole from one of your patches I reviewed in another bug, hope you don't mind!
Attachment #8360667 -
Flags: review?(nical.bugzilla)
Assignee | ||
Updated•10 years ago
|
Attachment #8360667 -
Flags: review?(nical.bugzilla) → review?(bugmail.mozilla)
Comment 6•10 years ago
|
||
Comment on attachment 8360667 [details] [diff] [review] patch Review of attachment 8360667 [details] [diff] [review]: ----------------------------------------------------------------- rs=me
Attachment #8360667 -
Flags: review?(bugmail.mozilla) → review+
Assignee | ||
Comment 7•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/c040b200b336
Assignee | ||
Comment 8•10 years ago
|
||
This patch is necessary, but possibly not sufficient to fix the problem.
Whiteboard: [dupeme] → [dupeme][leave-open]
Comment 10•10 years ago
|
||
I certainly get crashes still with the latest nightly.
Comment 11•10 years ago
|
||
with the latest nightly, i get a crash while scrolling http://www.globalfundexchange.com/faqs/86-glossary/307-what-is-the-treynor-ratio with OMTC enabled. https://crash-stats.mozilla.com/report/index/6b48d312-6a7c-43ca-bd40-0d6252140120
Assignee | ||
Comment 12•10 years ago
|
||
Was just testing the nightly and got a crash on the youtube link from the first comment, but the crash was in flash, not Firefox (https://crash-stats.mozilla.com/report/index/bb5b0483-4479-45ff-b280-706062140121)
Assignee | ||
Comment 15•10 years ago
|
||
Confirmed we are still crashing when visiting http://www.globalfundexchange.com/faqs/86-glossary/307-what-is-the-treynor-ratio at ReturnDrawTarget. I assume we just need a page with component alpha (and thus an OnWhite DT) to trigger this bug. I don't see anything wrong here though. It is possible it is a PGO bug. Perhaps we could move ReturnDrawTarget from the header to the cpp so it is less likely to be inlined?
Assignee | ||
Comment 16•10 years ago
|
||
(In reply to Nick Cameron [:nrc] from comment #15) > I don't see anything wrong here though. It is possible it is a PGO bug. > Perhaps we could move ReturnDrawTarget from the header to the cpp so it is > less likely to be inlined? This did not help.
Comment 17•10 years ago
|
||
Are we sure that https://hg.mozilla.org/integration/mozilla-inbound/rev/c040b200b336 has made it into nightly? I'm still seeing my version of the crash in the latest nightly as well.
Assignee | ||
Comment 18•10 years ago
|
||
(In reply to Marc Auslander from comment #17) > Are we sure that > https://hg.mozilla.org/integration/mozilla-inbound/rev/c040b200b336 has made > it into nightly? > > I'm still seeing my version of the crash in the latest nightly as well. Yes, I checked that.
Assignee | ||
Comment 19•10 years ago
|
||
However, I've also been spinning my own PGO builds to test my guesswork, and those didn't have the null-checks. Let me do another build... (And thanks for the reminder!)
Assignee | ||
Updated•10 years ago
|
Whiteboard: [dupeme][leave-open] → [dupeme]
Assignee | ||
Comment 20•10 years ago
|
||
The renaming is not needed for the fix, I just found it awkward when fixing that the RotatedBuffer and ContentClient methods had the same name. The bug is the missing '&' from the signature of ReturnDrawTargetToBuffer.
Attachment #8364824 -
Flags: review?(matt.woodrow)
Comment 21•10 years ago
|
||
Comment on attachment 8364824 [details] [diff] [review] patch Review of attachment 8364824 [details] [diff] [review]: ----------------------------------------------------------------- Can you land this as two patches please :)
Attachment #8364824 -
Flags: review?(matt.woodrow) → review+
Assignee | ||
Comment 22•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/2e93f0faa6ad https://hg.mozilla.org/integration/mozilla-inbound/rev/dc8f8287710b
Comment 23•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/2e93f0faa6ad https://hg.mozilla.org/mozilla-central/rev/dc8f8287710b
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
Comment 24•10 years ago
|
||
I'm still seeing the same crash with the 1/24 build of nightly.
Assignee | ||
Comment 25•10 years ago
|
||
(In reply to Marc Auslander from comment #24) > I'm still seeing the same crash with the 1/24 build of nightly. Give it another day, it might not have made it in time. (I have a working PGO build, so its possible I needed the .h -> .cpp changes too, but that seems unlikely)
Comment 26•10 years ago
|
||
Crashed again here https://crash-stats.mozilla.com/report/index/0d2fab26-bc59-475a-a47f-cf5562140125 Latest nightly Built from http://hg.mozilla.org/mozilla-central/rev/9d650c07b547
Reporter | ||
Comment 27•10 years ago
|
||
(In reply to wojtekka from comment #26) > Crashed again here > https://crash-stats.mozilla.com/report/index/0d2fab26-bc59-475a-a47f- > cf5562140125 > Latest nightly Built from > http://hg.mozilla.org/mozilla-central/rev/9d650c07b547 Build ID is 20140124030216in your reports. It means not Latest nightly Built. Try again with Latest nightly Build ID 20140125030205.
Comment 28•10 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/9e06d42c2a6a in buildconfig problem appears fixed in my test profile I'm turning omc back on for my working profile and report any troubles. thanks.
Comment 29•10 years ago
|
||
Verified as fixed with the STR from comment 0 on Win 7 x86, using latest Aurora.
Status: RESOLVED → VERIFIED
Keywords: verifyme
You need to log in
before you can comment on or make changes to this bug.
Description
•