Bugzilla

Testcase found while fuzzing mozilla-central rev d3aa4a9e4dfd.

Assertion failure: mOffset == mSize, at /builds/worker/workspace/build/src/dom/filehandle/ActorsParent.cpp:1915

```
rax = 0x000055a6531b9340   rdx = 0x0000000000000000
rcx = 0x00007f6fc7c68941   rbx = 0x00007f6f9db1c660
rsi = 0x00007f6fd38a08b0   rdi = 0x00007f6fd389f680
rbp = 0x00007f6f9cffe470   rsp = 0x00007f6f9cff63f0
r8 = 0x00007f6fd38a08b0    r9 = 0x00007f6f9cfff700
r10 = 0x0000000000000002   r11 = 0x0000000000000000
r12 = 0x00007f6f9cff6430   r13 = 0x00007f6f9cff6418
r14 = 0x00007f6f9cff6420   r15 = 0x0000000000000000
rip = 0x00007f6fc37a6e58
OS|Linux|0.0.0 Linux 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64
CPU|amd64|family 6 model 94 stepping 3|8
GPU|||
Crash|SIGSEGV|0x0|68
68|0|libxul.so|mozilla::dom::CopyFileHandleOp::DoFileWork(mozilla::dom::FileHandle*)|hg:hg.mozilla.org/mozilla-central:dom/filehandle/ActorsParent.cpp:d3aa4a9e4dfd20e2be232a415a705a250aa17f63|1853|0x33
```

Testcase found while fuzzing mozilla-central rev d3aa4a9e4dfd (built with --enable-debug).

Assertion failure: mOffset == mSize, at /builds/worker/workspace/build/src/dom/filehandle/ActorsParent.cpp:1915

```
rax = 0x000055a6531b9340   rdx = 0x0000000000000000
rcx = 0x00007f6fc7c68941   rbx = 0x00007f6f9db1c660
rsi = 0x00007f6fd38a08b0   rdi = 0x00007f6fd389f680
rbp = 0x00007f6f9cffe470   rsp = 0x00007f6f9cff63f0
r8 = 0x00007f6fd38a08b0    r9 = 0x00007f6f9cfff700
r10 = 0x0000000000000002   r11 = 0x0000000000000000
r12 = 0x00007f6f9cff6430   r13 = 0x00007f6f9cff6418
r14 = 0x00007f6f9cff6420   r15 = 0x0000000000000000
rip = 0x00007f6fc37a6e58
OS|Linux|0.0.0 Linux 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64
CPU|amd64|family 6 model 94 stepping 3|8
GPU|||
Crash|SIGSEGV|0x0|68
68|0|libxul.so|mozilla::dom::CopyFileHandleOp::DoFileWork(mozilla::dom::FileHandle*)|hg:hg.mozilla.org/mozilla-central:dom/filehandle/ActorsParent.cpp:d3aa4a9e4dfd20e2be232a415a705a250aa17f63|1853|0x33
```