Closed
Bug 1439439
Opened 7 years ago
Closed 5 years ago
UBSan: division by zero [@ nsLayoutUtils::CalculateRootCompositionSize]
Categories
(Core :: Layout, defect, P2)
Core
Layout
Tracking
()
RESOLVED
DUPLICATE
of bug 1605797
| Tracking | Status | |
|---|---|---|
| firefox60 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-undefined, testcase)
Attachments
(1 file)
|
87 bytes,
text/html
|
Details |
Found in mozilla-central changeset: 404376:d0d3693d9bef. Built with -fsanitize=float-divide-by-zero,integer-divide-by-zero
src/layout/base/Units.h:612:42: runtime error: division by zero
#0 0x7fa2ca0be9e3 in mozilla::gfx::SizeTyped<mozilla::CSSPixel, float> mozilla::operator/<mozilla::ScreenPixel, mozilla::CSSPixel>(mozilla::gfx::SizeTyped<mozilla::ScreenPixel, float> const&, mozilla::gfx::ScaleFactors2D<mozilla::CSSPixel, mozilla::ScreenPixel> const&) src/layout/base/Units.h:612:42
#1 0x7fa2ca090c5f in nsLayoutUtils::CalculateRootCompositionSize(nsIFrame*, bool, mozilla::layers::FrameMetrics const&) src/layout/base/nsLayoutUtils.cpp
#2 0x7fa2ca090427 in nsLayoutUtils::CalculateBasicFrameMetrics(nsIScrollableFrame*) src/layout/base/nsLayoutUtils.cpp:3404:7
#3 0x7fa2ca091063 in nsLayoutUtils::CalculateAndSetDisplayPortMargins(nsIScrollableFrame*, nsLayoutUtils::RepaintMode) src/layout/base/nsLayoutUtils.cpp:3423:26
#4 0x7fa2ca0912b3 in nsLayoutUtils::MaybeCreateDisplayPort(nsDisplayListBuilder&, nsIFrame*, nsLayoutUtils::RepaintMode) src/layout/base/nsLayoutUtils.cpp:3455:7
#5 0x7fa2ca0915d1 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3511:9
#6 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#7 0x7fa2ca091688 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3527:11
#8 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#9 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#10 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#11 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#12 0x7fa2ca091727 in nsLayoutUtils::MaybeCreateDisplayPortInFirstScrollFrameEncountered(nsIFrame*, nsDisplayListBuilder&) src/layout/base/nsLayoutUtils.cpp:3541:9
#13 0x7fa2ca0921f8 in nsLayoutUtils::PaintFrame(gfxContext*, nsIFrame*, nsRegion const&, unsigned int, nsDisplayListBuilderMode, nsLayoutUtils::PaintFrameFlags) src/layout/base/nsLayoutUtils.cpp:3810:5
#14 0x7fa2ca011ee5 in mozilla::PresShell::Paint(nsView*, nsRegion const&, unsigned int) src/layout/base/PresShell.cpp:6478:5
#15 0x7fa2c9be1714 in nsViewManager::ProcessPendingUpdatesPaint(nsIWidget*) src/view/nsViewManager.cpp:480:19
#16 0x7fa2c9be1117 in nsViewManager::ProcessPendingUpdatesForView(nsView*, bool) src/view/nsViewManager.cpp:412:33
#17 0x7fa2c9be2456 in nsViewManager::ProcessPendingUpdates() src/view/nsViewManager.cpp:1102:5
#18 0x7fa2c9fcc1b9 in nsRefreshDriver::Tick(long, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:2063:11
#19 0x7fa2c9fd25c9 in mozilla::RefreshDriverTimer::TickRefreshDrivers(long, mozilla::TimeStamp, nsTArray<RefPtr<nsRefreshDriver> >&) src/layout/base/nsRefreshDriver.cpp:310:7
#20 0x7fa2c9fd240c in mozilla::RefreshDriverTimer::Tick(long, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:332:5
#21 0x7fa2c9fd4c16 in mozilla::VsyncRefreshDriverTimer::RunRefreshDrivers(mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:773:5
#22 0x7fa2c9fd41bd in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:686:35
#23 0x7fa2c9fd3d72 in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::NotifyVsync(mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:587:9
#24 0x7fa2ca3e93c7 in mozilla::layout::VsyncChild::RecvNotify(mozilla::TimeStamp const&) src/layout/ipc/VsyncChild.cpp:68:16
#25 0x7fa2c7026657 in mozilla::layout::PVsyncChild::OnMessageReceived(IPC::Message const&) src/objdir-ff-ubsan/ipc/ipdl/PVsyncChild.cpp:155:20
#26 0x7fa2c6be5acd in mozilla::ipc::MessageChannel::DispatchAsyncMessage(IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2110:25
#27 0x7fa2c6be42b7 in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2040:17
#28 0x7fa2c6be51d8 in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1919:15
#29 0x7fa2c6143192 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1040:14
#30 0x7fa2c615ef00 in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:517:10
#31 0x7fa2c6be967b in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:97:21
#32 0x7fa2c6b11389 in RunHandler src/ipc/chromium/src/base/message_loop.cc:319:3
#33 0x7fa2c6b11389 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:299
#34 0x7fa2c9c294f6 in nsBaseAppShell::Run() src/widget/nsBaseAppShell.cpp:157:27
#35 0x7fa2cda64dc4 in XRE_RunAppShell() src/toolkit/xre/nsEmbedFunctions.cpp:892:22
#36 0x7fa2c6b11389 in RunHandler src/ipc/chromium/src/base/message_loop.cc:319:3
#37 0x7fa2c6b11389 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:299
#38 0x7fa2cda649f0 in XRE_InitChildProcess(int, char**, XREChildData const*) src/toolkit/xre/nsEmbedFunctions.cpp:718:34
#39 0x42d23b in content_process_main(mozilla::Bootstrap*, int, char**) src/browser/app/../../ipc/contentproc/plugin-container.cpp:63:30
#40 0x42d358 in main src/browser/app/nsBrowserApp.cpp:280:18
#41 0x7fa2ec6d21c0 in __libc_start_main /build/glibc-itYbWN/glibc-2.26/csu/../csu/libc-start.c:308
#42 0x407159 in _start (src/objdir-ff-ubsan/dist/bin/firefox+0x407159)
Flags: in-testsuite?
|
||
Comment 1•7 years ago
|
||
[ Triage 2017/02/20: P2 ] P2 bugs may become P1's after further analysis. Please prioritize diagnosis and repair.
Priority: -- → P2
|
Reporter | |
Comment 2•5 years ago
|
||
Oops I just logged this again. I'll close this one since the new once has an up to date stack and a Pernosco session.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•