Closed
Bug 1498385
Opened 6 years ago
Closed 6 years ago
Crash Report [@ webrender::image::compute_tile_range ]
Categories
(Core :: Graphics: WebRender, defect, P2)
Core
Graphics: WebRender
Tracking
()
RESOLVED
FIXED
People
(Reporter: jrmuizel, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: testcase)
Crash Data
Attachments
(1 file)
156 bytes,
text/html
|
Details |
Reporter | ||
Updated•6 years ago
|
Blocks: stage-wr-trains
Reporter | ||
Updated•6 years ago
|
Priority: -- → P3
Updated•6 years ago
|
Blocks: wr-stability
Reporter | ||
Comment 1•6 years ago
|
||
https://github.com/servo/webrender/pull/3192 will help with diagnosing this.
Updated•6 years ago
|
Depends on: 1498376
See Also: → https://github.com/servo/webrender/pull/3192
Comment 2•6 years ago
|
||
I can reproduce this with tiled blob images: https://treeherder.mozilla.org/#/jobs?repo=try&revision=9e2e5b4d7eb112055060a6d606fc0e01487f4bdf&selectedJob=204993161
(lldb) p *visible_area
(euclid::rect::TypedRect<u32, webrender_api::units::DevicePixel>) $10 = {
origin = {
x = 113250
y = 26843548
}
size = {
width = 1601
height = 2001
}
}
Dividing y by the tile_size (256) gives us a number that's still too big for a u16 (104857), and then we panic.
Comment 3•6 years ago
|
||
This issue has also been found by a fuzzer. Would a testcase be useful at this point? I ask because I'll need to do it locally.
Comment 4•6 years ago
|
||
(In reply to Tyson Smith [:tsmith] from comment #3)
> This issue has also been found by a fuzzer. Would a testcase be useful at
> this point? I ask because I'll need to do it locally.
Yes, a test case would be useful. Thanks.
Priority: P3 → P2
Updated•6 years ago
|
Flags: needinfo?(twsmith)
Comment 5•6 years ago
|
||
Here is a reduced test case. It only reproduces on older builds. FWIW our fuzzers have not hit this issues since Oct 29.
Flags: needinfo?(twsmith)
Comment 6•6 years ago
|
||
With blob tiling enabled, this is covered by the existing crashtest xpcom/string/crashtests/1113005.html, and is now fixed.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: in-testsuite? → in-testsuite+
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•