Closed
Bug 1307257
Opened 8 years ago
Closed 8 years ago
Framebuffer11::invalidateBase can crash
Categories
(Core :: Graphics: CanvasWebGL, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla52
People
(Reporter: milan, Assigned: milan, NeedInfo)
Details
(Whiteboard: [gfx-noted])
Attachments
(1 file)
|
58 bytes,
text/x-review-board-request
|
mtseng
:
review+
jgilbert
:
review+
gchang
:
approval-mozilla-aurora+
|
Details |
Unlike the rest of the places that call getColorAttachment() function, Framebuffer11::invalidateBase uses the return value without checking for null. When that returns null, we crash.
|
Assignee | |
Updated•8 years ago
|
Priority: -- → P1
Whiteboard: [gfx-noted]
| Comment hidden (mozreview-request) |
|
|
Assignee | |
Comment 2•8 years ago
|
||
Morris, if this passes your review, could you get Jeff to take a look (and if OK) land, and arrange for upstream?
|
|
Assignee | |
Comment 3•8 years ago
|
||
We'll also want to uplift this to at least 51.
|
||
Comment 4•8 years ago
|
||
| mozreview-review | ||
Comment on attachment 8797289 [details] Bug 1307257: Check for getColorAttachment returning null before using it. https://reviewboard.mozilla.org/r/82888/#review81592 LGTM
Attachment #8797289 -
Flags: review?(mtseng) → review+
|
|
||
Updated•8 years ago
|
Attachment #8797289 -
Flags: review?(jgilbert)
|
||
Comment 5•8 years ago
|
||
Thanks for looking into this. This crash is also reproducible in 51 and 52.
|
||
Comment 6•8 years ago
|
||
| mozreview-review | ||
Comment on attachment 8797289 [details] Bug 1307257: Check for getColorAttachment returning null before using it. https://reviewboard.mozilla.org/r/82888/#review82514 InvalidateFramebuffer is supposed to ignore missing attachments.
Attachment #8797289 -
Flags: review?(jgilbert) → review+
|
|
Assignee | |
Comment 7•8 years ago
|
||
Morris, can you make sure this gets up-streamed?
Assignee: nobody → milan
Flags: needinfo?(mtseng)
Pushed by msreckovic@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9d162f236562 Check for getColorAttachment returning null before using it. r=jgilbert,mtseng
|
||
Comment 9•8 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/9d162f236562
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox52:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
|
|
||
Comment 10•8 years ago
|
||
Sure, keep the ni flag for reminding me.(In reply to Milan Sreckovic [:milan] from comment #7) > Morris, can you make sure this gets up-streamed? Sure, keep the ni flag for reminding me. I'll also add this patch to our tracked angle repo.
|
|
Assignee | |
Comment 11•8 years ago
|
||
Comment on attachment 8797289 [details] Bug 1307257: Check for getColorAttachment returning null before using it. Approval Request Comment This is tied to WebGL2 for 51.
Attachment #8797289 -
Flags: approval-mozilla-aurora?
|
||
Updated•8 years ago
|
status-firefox51:
--- → affected
|
|
||
Comment 12•8 years ago
|
||
Comment on attachment 8797289 [details] Bug 1307257: Check for getColorAttachment returning null before using it. Fix a potential crash. Take it in 51 aurora.
Attachment #8797289 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
|
|
||
Comment 13•8 years ago
|
||
I have pushed the patch to our tracked ANGLE repo. See https://github.com/mozilla/angle/commits/mozilla I'll do upstream next.
|
||
Comment 14•8 years ago
|
||
| bugherder uplift | ||
https://hg.mozilla.org/releases/mozilla-aurora/rev/349aa8535038
You need to log in
before you can comment on or make changes to this bug.
Description
•