crash in mozilla::layers::ContentHostTexture::Lock()

RESOLVED FIXED in mozilla31

Status

()

defect
--
critical
RESOLVED FIXED
5 years ago
4 years ago

People

(Reporter: nhirata, Assigned: nical)

Tracking

({crash})

28 Branch
mozilla31
All
Gonk (Firefox OS)
Points:
---

Firefox Tracking Flags

(tracking-b2g:backlog)

Details

(Whiteboard: [b2g-crash], crash signature)

Attachments

(1 attachment)

This bug was filed from the Socorro interface and is 
report bp-53d4b079-628b-4d23-a94f-5fdea2140417.
=============================================================
Frame 	Module 	Signature 	Source
0 	libxul.so 	mozilla::layers::ContentHostTexture::Lock() 	/builds/slave/b2g_m-cen_ham_ntly-00000000000/build/objdir-gecko/gfx/layers/../../dist/include/mozilla/layers/ContentHost.h
1 	libxul.so 	mozilla::layers::ContentHostBase::Composite(mozilla::layers::EffectChain&, float, mozilla::gfx::Matrix4x4 const&, mozilla::gfx::Filter const&, mozilla::gfx::RectTyped<mozilla::gfx::UnknownUnits> const&, nsIntRegion const*, mozilla::layers::TiledLayerProperties*) 	gfx/layers/composite/ContentHost.cpp
2 	libxul.so 	mozilla::layers::ThebesLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ThebesLayerComposite.cpp
3 	libxul.so 	void mozilla::layers::ContainerRender<mozilla::layers::ContainerLayerComposite>(mozilla::layers::ContainerLayerComposite*, mozilla::layers::LayerManagerComposite*, nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
4 	libxul.so 	mozilla::layers::ContainerLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
5 	libxul.so 	void mozilla::layers::ContainerRender<mozilla::layers::ContainerLayerComposite>(mozilla::layers::ContainerLayerComposite*, mozilla::layers::LayerManagerComposite*, nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
6 	libxul.so 	mozilla::layers::ContainerLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
7 	libxul.so 	void mozilla::layers::ContainerRender<mozilla::layers::RefLayerComposite>(mozilla::layers::RefLayerComposite*, mozilla::layers::LayerManagerComposite*, nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
8 	libxul.so 	mozilla::layers::RefLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
9 	libxul.so 	void mozilla::layers::ContainerRender<mozilla::layers::ContainerLayerComposite>(mozilla::layers::ContainerLayerComposite*, mozilla::layers::LayerManagerComposite*, nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
10 	libxul.so 	mozilla::layers::ContainerLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
11 	libxul.so 	void mozilla::layers::ContainerRender<mozilla::layers::ContainerLayerComposite>(mozilla::layers::ContainerLayerComposite*, mozilla::layers::LayerManagerComposite*, nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
12 	libxul.so 	mozilla::layers::ContainerLayerComposite::RenderLayer(nsIntRect const&) 	gfx/layers/composite/ContainerLayerComposite.cpp
13 	libxul.so 	mozilla::layers::LayerManagerComposite::Render() 	gfx/layers/composite/LayerManagerComposite.cpp
14 	libxul.so 	mozilla::layers::LayerManagerComposite::EndTransaction(void (*)(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, mozilla::layers::DrawRegionClip, nsIntRegion const&, void*), void*, mozilla::layers::LayerManager::EndTransactionFlags) 	gfx/layers/composite/LayerManagerComposite.cpp
15 	libxul.so 	mozilla::layers::LayerManagerComposite::EndEmptyTransaction(mozilla::layers::LayerManager::EndTransactionFlags) 	gfx/layers/composite/LayerManagerComposite.cpp
16 	libxul.so 	mozilla::layers::CompositorParent::CompositeToTarget(mozilla::gfx::DrawTarget*) 	gfx/layers/ipc/CompositorParent.cpp
17 	libxul.so 	mozilla::layers::CompositorParent::Composite() 	gfx/layers/ipc/CompositorParent.cpp
18 	libxul.so 	RunnableMethod<FdWatcher, void (FdWatcher::*)(), Tuple0>::Run() 	ipc/chromium/src/base/tuple.h
19 	libxul.so 	MessageLoop::RunTask(Task*) 	ipc/chromium/src/base/message_loop.cc
20 	libxul.so 	MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const&) 	ipc/chromium/src/base/message_loop.cc
21 	libxul.so 	MessageLoop::DoDelayedWork(base::TimeTicks*) 	ipc/chromium/src/base/message_loop.cc
22 	libxul.so 	base::MessagePumpDefault::Run(base::MessagePump::Delegate*) 	ipc/chromium/src/base/message_pump_default.cc
23 	libxul.so 	MessageLoop::RunInternal() 	ipc/chromium/src/base/message_loop.cc
24 	libxul.so 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc
25 	libxul.so 	base::Thread::ThreadMain() 	ipc/chromium/src/base/thread.cc
26 	libxul.so 	ThreadFunc 	ipc/chromium/src/base/platform_thread_posix.cc
27 	libc.so 	__thread_entry 	bionic/libc/bionic/pthread.c
28 	libc.so 	pthread_create 	bionic/libc/bionic/pthread.c

First crash started seems like 4/3?  Maybe related to bug 990437?  I am not sure.  I might be wrong.
Flags: needinfo?(nical.bugzilla)
The only URL I can find for this crash is : 
http://www.simonwessely.com/Downloads/Publications/Military/historical/Jones%202007%20-%20shell%20shock%20mtbi.pdf

I'm not sure if that's related as of yet.  We probably need STRs to figure this crash out?
Note - try to reproduce using the URL provided in comment 1 on trunk.
blocking-b2g: --- → backlog
Keywords: qawanted
Assignee

Comment 3

5 years ago
Looking at the crashing code, it's probably just a missing null check.
Flags: needinfo?(nical.bugzilla)
Assignee

Comment 4

5 years ago
Assignee: nobody → nical.bugzilla
Attachment #8410946 - Flags: review?(bjacob)
Attachment #8410946 - Flags: review?(bjacob) → review+
Assignee

Comment 5

5 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/3d11450e02cb

I don't know how busy qa is at the moment, but if you guys are very busy, then you can probably test whenever this patches makes it to trunk.
Keywords: qawanted
https://hg.mozilla.org/mozilla-central/rev/3d11450e02cb
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla31
blocking-b2g: backlog → ---
You need to log in before you can comment on or make changes to this bug.