Closed
Bug 1334366
Opened 7 years ago
Closed 7 years ago
Canvas2D: crash [@SkRect::joinNonEmptyArg(SkRect const&)]
Categories
(Core :: Graphics: Canvas2D, defect, P3)
Tracking
()
RESOLVED
FIXED
mozilla54
People
(Reporter: posidron, Assigned: lsalzman)
Details
(Keywords: crash, testcase, Whiteboard: [gfx-noted])
Crash Data
Attachments
(3 files)
|
528 bytes,
text/html
|
Details | |
|
1.32 KB,
patch
|
mchang
:
review+
|
Details | Diff | Splinter Review |
|
1.50 KB,
patch
|
mchang
:
review+
|
Details | Diff | Splinter Review |
Tested with https://hg.mozilla.org/integration/mozilla-inbound/rev/54cecb685bca ==45210==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000103598699 bp 0x7fff5cf4ab00 sp 0x7fff5cf4aae0 T0) ==45210==WARNING: invalid path to external symbolizer! ==45210==WARNING: Failed to use and restart external symbolizer! #0 0x103598698 in mozalloc_abort(char const*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/libmozglue.dylib+0x1698) #1 0x11c1adc0d in sk_abort_no_print() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbcd8c0d) #2 0x11c001a9b in SkRect::joinNonEmptyArg(SkRect const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb2ca9b) #3 0x11bfc5ea8 in GrAtlasTextBlob::appendGlyph(int, SkRect const&, unsigned int, GrBatchTextStrike*, GrGlyph*, SkGlyphCache*, SkGlyph const&, float, float, float, bool) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbaf0ea8) #4 0x11bfeecaf in GrTextUtils::BmpAppendGlyph(GrAtlasTextBlob*, int, GrBatchFontCache*, GrBatchTextStrike**, SkGlyph const&, int, int, unsigned int, SkGlyphCache*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb19caf) #5 0x11c00e3c1 in SkFindAndPlaceGlyph::GlyphFindAndPlaceSubpixel<GrTextUtils::DrawBmpPosText(GrAtlasTextBlob*, int, GrBatchFontCache*, SkSurfaceProps const&, SkPaint const&, unsigned int, unsigned int, SkMatrix const&, char const*, unsigned long, float const*, int, SkPoint const&)::$_1, (SkPaint::Align)0, (SkAxisAlignment)1>::findAndPositionGlyph(char const**, SkPoint, GrTextUtils::DrawBmpPosText(GrAtlasTextBlob*, int, GrBatchFontCache*, SkSurfaceProps const&, SkPaint const&, unsigned int, unsigned int, SkMatrix const&, char const*, unsigned long, float const*, int, SkPoint const&)::$_1&&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb393c1) #6 0x11bfdaeec in GrTextUtils::DrawBmpPosText(GrAtlasTextBlob*, int, GrBatchFontCache*, SkSurfaceProps const&, SkPaint const&, unsigned int, unsigned int, SkMatrix const&, char const*, unsigned long, float const*, int, SkPoint const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb05eec) #7 0x11bfdc51a in GrAtlasTextContext::CreateDrawPosTextBlob(GrTextBlobCache*, GrBatchFontCache*, GrShaderCaps const&, GrPaint const&, SkPaint const&, unsigned int, SkMatrix const&, SkSurfaceProps const&, char const*, unsigned long, float const*, int, SkPoint const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb0751a) #8 0x11bfdbfbe in GrAtlasTextContext::drawPosText(GrContext*, GrDrawContext*, GrClip const&, GrPaint const&, SkPaint const&, SkMatrix const&, SkSurfaceProps const&, char const*, unsigned long, float const*, int, SkPoint const&, SkIRect const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xbb06fbe) #9 0x11bb18823 in GrDrawContext::drawPosText(GrClip const&, GrPaint const&, SkPaint const&, SkMatrix const&, char const*, unsigned long, float const*, int, SkPoint const&, SkIRect const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xb643823) #10 0x11bedd5c7 in SkGpuDevice::drawPosText(SkDraw const&, void const*, unsigned long, float const*, int, SkPoint const&, SkPaint const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xba085c7) #11 0x11bd3c8d8 in SkCanvas::onDrawPosText(void const*, unsigned long, SkPoint const*, SkPaint const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xb8678d8) #12 0x11bd3f382 in SkCanvas::drawPosText(void const*, unsigned long, SkPoint const*, SkPaint const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xb86a382) #13 0x112b035dc in mozilla::gfx::DrawTargetSkia::FillGlyphs(mozilla::gfx::ScaledFont*, mozilla::gfx::GlyphBuffer const&, mozilla::gfx::Pattern const&, mozilla::gfx::DrawOptions const&, mozilla::gfx::GlyphRenderingOptions const*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x262e5dc) #14 0x1132f1187 in GlyphBufferAzure::Flush(bool) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2e1c187) #15 0x1132b448c in gfxFont::DrawGlyphs(gfxShapedText const*, unsigned int, unsigned int, gfxPoint*, TextRunDrawParams const&, FontDrawParams const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2ddf48c) #16 0x1132b82af in gfxFont::Draw(gfxTextRun const*, unsigned int, unsigned int, gfxPoint*, TextRunDrawParams const&, unsigned short) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2de32af) #17 0x113332e8b in gfxTextRun::DrawGlyphs(gfxFont*, gfxTextRun::Range, gfxPoint*, gfxTextRun::PropertyProvider*, gfxTextRun::Range, TextRunDrawParams&, unsigned short) const (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2e5de8b) #18 0x1133358bf in gfxTextRun::Draw(gfxTextRun::Range, gfxPoint, gfxTextRun::DrawParams const&) const (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2e608bf) #19 0x1160a171d in mozilla::dom::CanvasBidiProcessor::DrawText(int, int) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5bcc71d) #20 0x118c30013 in nsBidiPresUtils::ProcessText(char16_t const*, int, unsigned char, nsPresContext*, nsBidiPresUtils::BidiProcessor&, nsBidiPresUtils::Mode, nsBidiPositionResolve*, int, int*, nsBidi*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x875b013) #21 0x116005d79 in mozilla::dom::CanvasRenderingContext2D::DrawOrMeasureText(nsAString_internal const&, float, float, mozilla::dom::Optional<double> const&, mozilla::dom::CanvasRenderingContext2D::TextDrawOperation, float*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5b30d79) #22 0x1160047ca in mozilla::dom::CanvasRenderingContext2D::FillText(nsAString_internal const&, double, double, mozilla::dom::Optional<double> const&, mozilla::ErrorResult&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5b2f7ca) #23 0x114e16c8c in mozilla::dom::CanvasRenderingContext2DBinding::fillText(JSContext*, JS::Handle<JSObject*>, mozilla::dom::CanvasRenderingContext2D*, JSJitMethodCallArgs const&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x4941c8c) #24 0x115ee8bb9 in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5a13bb9) #25 0x11c746b4f in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc271b4f) #26 0x11c72ae28 in Interpret(JSContext*, js::RunState&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc255e28) #27 0x11c70e887 in js::RunScript(JSContext*, js::RunState&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc239887) #28 0x11c74ae8b in js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JSObject&, JS::Value const&, js::AbstractFramePtr, JS::Value*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc275e8b) #29 0x11c7b748d in EvalKernel(JSContext*, JS::Handle<JS::Value>, EvalType, js::AbstractFramePtr, JS::Handle<JSObject*>, unsigned char*, JS::MutableHandle<JS::Value>) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc2e248d) #30 0x11c7b8a5b in js::DirectEval(JSContext*, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc2e3a5b) #31 0x11e616c7c in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xe141c7c) #32 0x10ad93110 (<unknown module>) #33 0x62100107daff (<unknown module>) #34 0x158f8cdf0 (<unknown module>) #35 0x6210028a0e0f (<unknown module>) #36 0x10ad91e1c (<unknown module>) #37 0x11e64456c in EnterBaseline(JSContext*, js::jit::EnterJitData&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xe16f56c) #38 0x11e645d05 in js::jit::EnterBaselineAtBranch(JSContext*, js::InterpreterFrame*, unsigned char*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xe170d05) #39 0x11c732ae0 in Interpret(JSContext*, js::RunState&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc25dae0) #40 0x11c70e887 in js::RunScript(JSContext*, js::RunState&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc239887) #41 0x11c746baa in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc271baa) #42 0x11c74800d in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xc27300d) #43 0x11d33ee1c in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xce69e1c) #44 0x1158b0ea3 in mozilla::dom::EventListener::HandleEvent(JSContext*, JS::Handle<JS::Value>, mozilla::dom::Event&, mozilla::ErrorResult&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x53dbea3) #45 0x1163e2123 in void mozilla::dom::EventListener::HandleEvent<mozilla::dom::EventTarget*>(mozilla::dom::EventTarget* const&, mozilla::dom::Event&, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JSCompartment*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5f0d123) #46 0x1163e1bef in mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, nsIDOMEvent*, mozilla::dom::EventTarget*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5f0cbef) #47 0x1163e3bce in mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, nsIDOMEvent**, mozilla::dom::EventTarget*, nsEventStatus*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5f0ebce) #48 0x1163c8574 in mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5ef3574) #49 0x1163c6efa in mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5ef1efa) #50 0x1163cc087 in mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, nsIDOMEvent*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5ef7087) #51 0x1163cf3e3 in mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, nsIDOMEvent*, nsPresContext*, nsEventStatus*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x5efa3e3) #52 0x113c3abbb in nsINode::DispatchEvent(nsIDOMEvent*, bool*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x3765bbb) #53 0x113625a13 in nsContentUtils::DispatchEvent(nsIDocument*, nsISupports*, nsAString_internal const&, bool, bool, bool, bool*, bool) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x3150a13) #54 0x113625775 in nsContentUtils::DispatchTrustedEvent(nsIDocument*, nsISupports*, nsAString_internal const&, bool, bool, bool*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x3150775) #55 0x113b051cd in nsDocument::DispatchContentLoadedEvents() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x36301cd) #56 0x113c1f647 in mozilla::detail::RunnableMethodImpl<nsDocument*, void (nsDocument::*)(), true, false>::Run() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x374a647) #57 0x1107cb540 in nsThread::ProcessNextEvent(bool, bool*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2f6540) #58 0x1107c3810 in NS_ProcessPendingEvents(nsIThread*, unsigned int) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x2ee810) #59 0x11823ed0f in nsBaseAppShell::NativeEventCallback() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x7d69d0f) #60 0x11834ebb4 in nsAppShell::ProcessGeckoEvents(void*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x7e79bb4) #61 0x7fffcd058980 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xa7980) #62 0x7fffcd039a7c in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88a7c) #63 0x7fffcd038f75 in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87f75) #64 0x7fffcd038973 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x87973) #65 0x7fffcc5c4acb in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30acb) #66 0x7fffcc5c4900 in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30900) #67 0x7fffcc5c4735 in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30735) #68 0x7fffcab6aae3 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x46ae3) #69 0x7fffcb2e521e in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x7c121e) #70 0x11834d10c in -[GeckoNSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x7e7810c) #71 0x7fffcab5f464 in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3b464) #72 0x118350017 in nsAppShell::Run() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x7e7b017) #73 0x11a9be628 in XRE_RunAppShell() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xa4e9628) #74 0x1117abfba in mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x12d6fba) #75 0x1116e3207 in MessageLoop::RunInternal() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x120e207) #76 0x1116e2ecc in MessageLoop::Run() (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0x120decc) #77 0x11a9bd8f0 in XRE_InitChildProcess(int, char**, XREChildData const*) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/XUL+0xa4e88f0) #78 0x102ca6675 in content_process_main(mozilla::Bootstrap*, int, char**) (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container+0x100002675) #79 0x102ca6945 in main (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container+0x100002945) #80 0x102ca5343 in start (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container+0x100001343) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/libmozglue.dylib+0x1698) in mozalloc_abort(char const*) Command: /srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container -appdir /srv/mozilla/mozilla-inbound/ff-x86_64-apple-darwin16.3.0-asan-debug/dist/NightlyDebug.app/Contents/Resources/browser -profile /var/folders/ph/3q0jpmfd0j55k72jc86s9x0c0000gn/T/tmpnbt5kauz 45205 org.mozilla.machname.47059236 tab ==45210==ABORTING
|
Reporter | |
Updated•7 years ago
|
|
Assignee | |
Comment 1•7 years ago
|
||
Upstream Skia bug report: https://skia-review.googlesource.com/c/7700/
|
|
Assignee | |
Updated•7 years ago
|
Severity: critical → normal
Has STR: --- → yes
Priority: -- → P3
Whiteboard: [gfx-noted]
|
|
Assignee | |
Comment 2•7 years ago
|
||
This is somewhat innocuous, just triggering a debug assert. Basically, once the position of the glyphs moves out of the single-precision floating point range that can accurately represent the glyph bounds, the glyph bounds rect ends up rounding to empty, even when it should be non-empty. Not much we can do with these besides chuck them away before we try to render them.
|
||
Updated•7 years ago
|
Attachment #8831260 -
Flags: review?(mchang) → review+
Pushed by lsalzman@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/9b1d1dfb5b2d verify that glyph position rect is non-empty in GrAtlasTextBlob::appendGlyph. r=mchang
|
||
Comment 4•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/9b1d1dfb5b2d
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
|
||
Comment 5•7 years ago
|
||
Can we please land a test for this? In general, when we've got a testcase basically handed to us, it should be a matter of course that it lands with the patch. Not sure what older branches are affected by this, but please request backport to them where appropriate as well.
|
|
Assignee | |
Comment 6•7 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #5) > Can we please land a test for this? In general, when we've got a testcase > basically handed to us, it should be a matter of course that it lands with > the patch. Not sure what older branches are affected by this, but please > request backport to them where appropriate as well. I don't believe this will cause issues outside of debug builds where the assert is enabled, so don't think this is worth uplifting. But I can add a testcase.
Flags: needinfo?(lsalzman)
|
|
||
Updated•7 years ago
|
|
|
Assignee | |
Comment 7•7 years ago
|
||
Just makes testcase into a crashtest.
Attachment #8831777 -
Flags: review?(mchang)
|
|
||
Updated•7 years ago
|
Attachment #8831777 -
Flags: review?(mchang) → review+
Pushed by lsalzman@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/a53aa6836f3f add crashtest for bug 1334366. r=mchang
|
||
Comment 9•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/a53aa6836f3f
|
||
Comment 10•7 years ago
|
||
Setting qe-verify- since the fix pushed for this issue comes with an automated test (see Comment 7).
Flags: qe-verify-
You need to log in
before you can comment on or make changes to this bug.
Description
•