Closed
Bug 1404572
Opened 7 years ago
Closed 7 years ago
fsanitize=enum (ubsan) runtime errors for ReferrerPolicy in gfxUserFontSet.h
Categories
(Core :: Graphics: Text, defect, P3)
Core
Graphics: Text
Tracking
()
RESOLVED
FIXED
mozilla58
| Tracking | Status | |
|---|---|---|
| firefox56 | --- | wontfix |
| firefox57 | --- | fix-optional |
| firefox58 | --- | fixed |
People
(Reporter: arthur, Assigned: arthur)
References
(Blocks 1 open bug)
Details
(Whiteboard: [tor][gfx-noted])
Attachments
(1 file)
|
1.56 KB,
patch
|
jfkthame
:
review+
|
Details | Diff | Splinter Review |
When I run a gcc -fsanitize=enum through the Mozilla automated tests, I get the following error and stack trace:
> /builds/worker/workspace/build/src/gfx/thebes/gfxUserFontSet.h:41:8: runtime error: load of value 3857049061, which is not a valid value for type 'ReferrerPolicy'
> #0 0xf056af81 in gfxFontFaceSrc* nsTArray_Impl<gfxFontFaceSrc, nsTArrayInfallibleAllocator>::ReplaceElementsAt<gfxFontFaceSrc, nsTArrayInfallibleAllocator>(unsigned int, unsigned int, gfxFontFaceSrc const*, unsigned int) (/builds/worker/workspace/build/application/firefox/libxul.so+0x12b2f81)
> #1 0xf056b07b in gfxUserFontEntry::gfxUserFontEntry(gfxUserFontSet*, nsTArray<gfxFontFaceSrc> const&, unsigned int, int, unsigned char, nsTArray<gfxFontFeature> const&, unsigned int, gfxCharacterMap*, unsigned char) (/builds/worker/workspace/build/application/firefox/libxul.so+0x12b307b)
> #2 0xf19deceb in mozilla::dom::FontFaceSet::UserFontSet::CreateUserFontEntry(nsTArray<gfxFontFaceSrc> const&, unsigned int, int, unsigned char, nsTArray<gfxFontFeature> const&, unsigned int, gfxCharacterMap*, unsigned char) (/builds/worker/workspace/build/application/firefox/libxul.so+0x2726ceb)
> #3 0xf05649c3 in gfxUserFontSet::FindOrCreateUserFontEntry(nsTSubstring<char16_t> const&, nsTArray<gfxFontFaceSrc> const&, unsigned int, int, unsigned char, nsTArray<gfxFontFeature> const&, unsigned int, gfxCharacterMap*, unsigned char) (/builds/worker/workspace/build/application/firefox/libxul.so+0x12ac9c3)
> #4 0xf19f64dd in mozilla::dom::FontFaceSet::FindOrCreateUserFontEntryFromFontFace(nsTSubstring<char16_t> const&, mozilla::dom::FontFace*, mozilla::SheetType) (/builds/worker/workspace/build/application/firefox/libxul.so+0x273e4dd)
> #5 0xf19f6e03 in mozilla::dom::FontFaceSet::FindOrCreateUserFontEntryFromFontFace(mozilla::dom::FontFace*) (/builds/worker/workspace/build/application/firefox/libxul.so+0x273ee03)
> #6 0xf19f6e45 in mozilla::dom::FontFace::CreateUserFontEntry() (/builds/worker/workspace/build/application/firefox/libxul.so+0x273ee45)
> #7 0xf19f6e91 in mozilla::dom::FontFace::DoLoad() (/builds/worker/workspace/build/application/firefox/libxul.so+0x273ee91)
> #8 0xf19f7156 in mozilla::dom::FontFace::Constructor(mozilla::dom::GlobalObject const&, nsTSubstring<char16_t> const&, mozilla::dom::StringOrArrayBufferOrArrayBufferView const&, mozilla::dom::FontFaceDescriptors const&, mozilla::ErrorResult&) (/builds/worker/workspace/build/application/firefox/libxul.so+0x273f156)
> #9 0xf0de9d07 in mozilla::dom::FontFaceBinding::_constructor(JSContext*, unsigned int, JS::Value*) (/builds/worker/workspace/build/application/firefox/libxul.so+0x1b31d07)
> #10 0xf2e8285b in InternalConstruct(JSContext*, js::AnyConstructArgs const&) (/builds/worker/workspace/build/application/firefox/libxul.so+0x3bca85b)
> #11 0xf2e7d1b2 in Interpret(JSContext*, js::RunState&) (/builds/worker/workspace/build/application/firefox/libxul.so+0x3bc51b2)
> #12 0xf2e81d4d in js::RunScript(JSContext*, js::RunState&) [clone .part.427] (/builds/worker/workspace/build/application/firefox/libxul.so+0x3bc9d4d)
> #13 0xf2e8233a in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) (/builds/worker/workspace/build/application/firefox/libxul.so+0x3bca33a)
> #14 0xf2e82e76 in js::CallFromStack(JSContext*, JS::CallArgs const&) (/builds/worker/workspace/build/application/firefox/libxul.so+0x3bcae76)
> #15 0xf2f1e7c9 in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) (/builds/worker/workspace/build/application/firefox/libxul.so+0x3c667c9)
> #16 0x23ae7841 (<unknown module>)
|
Assignee | |
Comment 1•7 years ago
|
||
I saw several runtime errors in the automated tests with -fsanitize=enum. Here's a patch that eliminates them. Try results (third patch from top): https://treeherder.mozilla.org/#/jobs?repo=try&revision=f21afcdcb815
Assignee: nobody → arthuredelstein
Attachment #8914026 -
Flags: review?(jfkthame)
|
||
Updated•7 years ago
|
Attachment #8914026 -
Flags: review?(jfkthame) → review+
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/9b0b7aea865e Fix ubsan runtime error for ReferrerPolicy enum in FontFaceSet.cpp. r=jfkthame
Keywords: checkin-needed
|
||
Updated•7 years ago
|
status-firefox56:
--- → wontfix
status-firefox57:
--- → fix-optional
status-firefox58:
--- → fix-optional
Priority: -- → P3
Whiteboard: [tor] → [tor][gfx-noted]
|
||
Comment 4•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/9b0b7aea865e
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
You need to log in
before you can comment on or make changes to this bug.
Description
•