Crash Annotation GraphicsCriticalError with clearRect

RESOLVED DUPLICATE of bug 1018527

Status

()

Core
Graphics
RESOLVED DUPLICATE of bug 1018527
2 years ago
2 years ago

People

(Reporter: Aral Yaman, Unassigned)

Tracking

44 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

(Reporter)

Description

2 years ago
Created attachment 8715223 [details]
test.html

User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36

Steps to reproduce:

I tested test.html with ASan on Linux.

This line causes an error message:

ctx.clearRect(20, 20, 100, 340282366920938463463374607431768211406); 



Actual results:

Message shows up in the console:

Crash Annotation GraphicsCriticalError: |[0][GFX1-]: ClearRect with invalid argument 0x0x7f690c18e630 with 100xinf [20, 20]|[1][GFX1-]: ClearRect with invalid argument 0x0x7f68e4a2e800 with 100xinf [20, 20][GFX1-]: ClearRect with invalid argument 0x0x7f68e4a2e800 with 100xinf [20, 20]




Expected results:

No Crash message on ASan Console

Updated

2 years ago
Group: firefox-core-security → core-security
Component: Untriaged → Graphics
Product: Firefox → Core
Please attach the ASAN log as an attachment (the error, the stack, etc).

Which "console" is this showing up in? Your terminal window? Or the "Web Console" or "Browser Console" in the browser?

Which version of Firefox are you testing? Your initial comment only mentions your chrome version, but you set the bug's "Version" field to "41 branch". Firefox 41 is no longer supported. Is that what you were actually testing or were you testing a more recent version? The Release version of Firefox is 44, and the "mozilla-central" nightly version is 47.
Group: core-security → gfx-core-security
Flags: needinfo?(aral.yaman)
(Reporter)

Comment 2

2 years ago
Created attachment 8715692 [details]
testcase.JPG
Flags: needinfo?(aral.yaman)
(Reporter)

Comment 3

2 years ago
I'm sorry I thought that would be clear :-/

I took the latest version from here: https://ftp.mozilla.org/pub/firefox/tinderbox-builds/mozilla-central-linux64-asan/latest/ 

So the version is: firefox-44.0a1.en-US.linux

I meant with console the terminal. 

I also uploaded a picture (testcase.JPG) from my testcase whichs should answer all your questions.
Version: 41 Branch → 44 Branch
Assignee: nobody → milan
Blocks: 1018527
This is fixed in 45 with bug 1018527.  Not sure it needs an uplift?
Assignee: milan → nobody
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Group: gfx-core-security → core-security-release
Group: core-security-release
Resolution: FIXED → DUPLICATE
Duplicate of bug: 1018527
You need to log in before you can comment on or make changes to this bug.