Closed Bug 928399 Opened 11 years ago Closed 11 years ago

crash [@ gfxContext::CurrentSurface]

Categories

(Core :: Widget: Gtk, defect)

Product:
Core
Component:
Widget: Gtk
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: stransky, Unassigned)

References

Details

I see this crash at browser startup: in ContentClientBasic::CreateBuffer() mManager->GetTarget() return NULL so gfxContext::CurrentSurface crashes with: (gdb) p* mCairo Cannot access memory at address 0x70 #0 0x00007ffff291243d in gfxContext::CurrentSurface (this=0x0, dx=0x0, dy=0x0) at /home/komat/tmp981-trunk/src/gfx/thebes/gfxContext.cpp:161 #1 0x00007ffff0acb208 in gfxContext::CurrentSurface (this=0x0) at ../../dist/include/gfxContext.h:69 #2 0x00007ffff29b895a in mozilla::layers::ContentClientBasic::CreateBuffer (this=0x7fffd2077e40, aType=GFX_CONTENT_COLOR, aRect=..., aFlags=1, aBlackSurface=0x7fffffffaa40, aWhiteSurface=0x7fffffffaa30, aBlackDT=0x7fffffffaa20, aWhiteDT= 0x7fffffffaa10) at /home/komat/tmp981-trunk/src/gfx/layers/client/ContentClient.cpp:109 #3 0x00007ffff2a12d74 in mozilla::layers::ThebesLayerBuffer::BeginPaint (this=0x7fffd2077ea0, aLayer=0x7fffd1629000, aContentType=GFX_CONTENT_COLOR, aFlags=0) at /home/komat/tmp981-trunk/src/gfx/layers/ThebesLayerBuffer.cpp:706 #4 0x00007ffff29b80b8 in mozilla::layers::ContentClientBasic::BeginPaintBuffer (this=0x7fffd2077e40, aLayer=0x7fffd1629000, aContentType=GFX_CONTENT_COLOR, aFlags=0) at ../../dist/include/mozilla/layers/ContentClient.h:147 #5 0x00007ffff2987809 in mozilla::layers::BasicThebesLayer::Validate (this=0x7fffd1629000, aCallback= 0x7ffff09658ca <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>, aCallbackData=0x7fffffffb710) at /home/komat/tmp981-trunk/src/gfx/layers/basic/BasicThebesLayer.cpp:221 #6 0x00007ffff297ea53 in mozilla::layers::BasicContainerLayer::Validate (this=0x7fffd1628c00, aCallback= 0x7ffff09658ca <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>, aCallbackData=0x7fffffffb710) at /home/komat/tmp981-trunk/src/gfx/layers/basic/BasicContainerLayer.cpp:124 #7 0x00007ffff2982ce8 in mozilla::layers::BasicLayerManager::EndTransactionInternal (this=0x7fffd1cb3e60, aCallback= 0x7ffff09658ca <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>, aCallbackData=0x7fffffffb710, aFlags=mozilla::layers::LayerManager::END_NO_COMPOSITE) at /home/komat/tmp981-trunk/src/gfx/layers/basic/BasicLayerManager.cpp:595 #8 0x00007ffff298276c in mozilla::layers::BasicLayerManager::EndTransaction (this=0x7fffd1cb3e60, aCallback= 0x7ffff09658ca <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>, aCallbackData=0x7fffffffb710, aFlags=mozilla::layers::LayerManager::END_NO_COMPOSITE) at /home/komat/tmp981-trunk/src/gfx/layers/basic/BasicLayerManager.cpp:529 #9 0x00007ffff09e16c6 in nsDisplayList::PaintForFrame (this=0x7fffffffb620, aBuilder=0x7fffffffb710, aCtx=0x0, aForFrame= 0x7fffd8c66420, aFlags=13) at /home/komat/tmp981-trunk/src/layout/base/nsDisplayList.cpp:1270 #10 0x00007ffff09e0d42 in nsDisplayList::PaintRoot (this=0x7fffffffb620, aBuilder=0x7fffffffb710, aCtx=0x0, aFlags=13) at /home/komat/tmp981-trunk/src/layout/base/nsDisplayList.cpp:1117 #11 0x00007ffff0a220ce in nsLayoutUtils::PaintFrame (aRenderingContext=0x0, aFrame=0x7fffd8c66420, aDirtyRegion=..., aBackstop=4293783021, aFlags=772) at /home/komat/tmp981-trunk/src/layout/base/nsLayoutUtils.cpp:2178 #12 0x00007ffff0a55f09 in PresShell::Paint (this=0x7fffd8c57800, aViewToPaint=0x7fffd8c64080, aDirtyRegion=..., aFlags=1) at /home/komat/tmp981-trunk/src/layout/base/nsPresShell.cpp:5659 #13 0x00007ffff13450d2 in nsViewManager::ProcessPendingUpdatesForView (this=0x7fffd8c77d40, aView=0x7fffd8c64080, aFlushDirtyRegion=true) at /home/komat/tmp981-trunk/src/view/src/nsViewManager.cpp:420 #14 0x00007ffff1346c6a in nsViewManager::ProcessPendingUpdates (this=0x7fffd8c77d40) at /home/komat/tmp981-trunk/src/view/src/nsViewManager.cpp:1052 #15 0x00007ffff0a6ddbf in nsRefreshDriver::Tick (this=0x7fffd8c57400, aNowEpoch=1382107783196837, aNowTime=...) at /home/komat/tmp981-trunk/src/layout/base/nsRefreshDriver.cpp:1211 #16 0x00007ffff0a6b427 in mozilla::RefreshDriverTimer::TickDriver (driver=0x7fffd8c57400, jsnow=1382107783196837, now=...) at /home/komat/tmp981-trunk/src/layout/base/nsRefreshDriver.cpp:168 #17 0x00007ffff0a6b37b in mozilla::RefreshDriverTimer::Tick (this=0x7fffe2586ec0) at /home/komat/tmp981-trunk/src/layout/base/nsRefreshDriver.cpp:160 #18 0x00007ffff0a6b44d in mozilla::RefreshDriverTimer::TimerTick (aTimer=0x7fffe1b98fa0, aClosure=0x7fffe2586ec0) at /home/komat/tmp981-trunk/src/layout/base/nsRefreshDriver.cpp:185 #19 0x00007ffff285feb0 in nsTimerImpl::Fire (this=0x7fffe1b98fa0) #20 0x00007ffff286026d in nsTimerEvent::Run (this=0x7fffe1c98050) at /home/komat/tmp981-trunk/src/xpcom/threads/nsTimerImpl.cpp:630 #21 0x00007ffff2858053 in nsThread::ProcessNextEvent (this=0x7ffff7d36ae0, mayWait=false, result=0x7fffffffc6af) at /home/komat/tmp981-trunk/src/xpcom/threads/nsThread.cpp:622 #22 0x00007ffff27ddac4 in NS_ProcessNextEvent (thread=0x7ffff7d36ae0, mayWait=false) at /home/komat/tmp981-trunk/src/xpcom/glue/nsThreadUtils.cpp:238 #23 0x00007ffff1fb7443 in mozilla::ipc::MessagePump::Run (this=0x7fffe8babec0, aDelegate=0x7ffff7dde6f0) at /home/komat/tmp981-trunk/src/ipc/glue/MessagePump.cpp:85 #24 0x00007ffff28bd913 in MessageLoop::RunInternal (this=0x7ffff7dde6f0) at /home/komat/tmp981-trunk/src/ipc/chromium/src/base/message_loop.cc:220 #25 0x00007ffff28bd8a4 in MessageLoop::RunHandler (this=0x7ffff7dde6f0) at /home/komat/tmp981-trunk/src/ipc/chromium/src/base/message_loop.cc:213 #26 0x00007ffff28bd87d in MessageLoop::Run (this=0x7ffff7dde6f0) at /home/komat/tmp981-trunk/src/ipc/chromium/src/base/message_loop.cc:187 #27 0x00007ffff1ea7972 in nsBaseAppShell::Run (this=0x7fffe7246780) at /home/komat/tmp981-trunk/src/widget/xpwidgets/nsBaseAppShell.cpp:161 #28 0x00007ffff1b80508 in nsAppStartup::Run (this=0x7fffe7244330) at /home/komat/tmp981-trunk/src/toolkit/components/startup/nsAppStartup.cpp:268 #29 0x00007ffff0401446 in XREMain::XRE_mainRun (this=0x7fffffffcb70) at /home/komat/tmp981-trunk/src/toolkit/xre/nsAppRunner.cpp:3886 #30 0x00007ffff040172e in XREMain::XRE_main (this=0x7fffffffcb70, argc=4, argv=0x7fffffffe048, aAppData=0x7fffffffcd20) at /home/komat/tmp981-trunk/src/toolkit/xre/nsAppRunner.cpp:3954 #31 0x00007ffff0401961 in XRE_main (argc=4, argv=0x7fffffffe048, aAppData=0x7fffffffcd20, aFlags=0) at /home/komat/tmp981-trunk/src/toolkit/xre/nsAppRunner.cpp:4156 #32 0x0000000000404abd in do_main (argc=4, argv=0x7fffffffe048, xreDirectory=0x7ffff7d3f540) at /home/komat/tmp981-trunk/src/browser/app/nsBrowserApp.cpp:275 #33 0x0000000000404ea0 in main (argc=4, argv=0x7fffffffe048) at /home/komat/tmp981-trunk/src/browser/app/nsBrowserApp.cpp:635
Is this with gtk3?
Yes, it's gtk3 only. Gtk2 works fine. Looks like mTarget of the Layer Manager (BasicLayerManager here) is not set.
The difference is that Gtk2 version has LayerManager with attached widget. Gtk3 LayerManager is missing it so the surface is created from target which is null.
Seems to be fixed by latest trunk.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Resolution: FIXED → WORKSFORME
Blocks: 1034064
No longer blocks: 1034064
You need to log in before you can comment on or make changes to this bug.