Closed
Bug 1507259
Opened 6 years ago
Closed 3 years ago
AddressSanitizer: stack-overflow /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cc:27:3 in __asan_memset
Categories
(Core :: Graphics, defect, P5)
Core
Graphics
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| firefox65 | --- | affected |
People
(Reporter: jkratzer, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: crash, testcase)
Attachments
(1 file)
|
547 bytes,
text/html
|
Details |
Testcase found while fuzzing mozilla-central rev 073045259e75.
SUMMARY: AddressSanitizer: stack-overflow /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cc:27:3 in __asan_memset
==32386==ABORTING
=================================================================
==7391==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc1bc21ff8 (pc 0x560d3c87027e bp 0x7ffc1bc22850 sp 0x7ffc1bc22000 T0)
#0 0x560d3c87027d in __asan_memset /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cc:27:3
#1 0x7f146a13340a in list_remove<(anonymous namespace)::Edge, &(anonymous namespace)::Edge::fPrevEdgeAbove, &(anonymous namespace)::Edge::fNextEdgeAbove> /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp:133:14
#2 0x7f146a13340a in remove_edge_above /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp:917
#3 0x7f146a13340a in set_bottom /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp:1004
#4 0x7f146a13340a in (anonymous namespace)::merge_edges_above((anonymous namespace)::Edge*, (anonymous namespace)::Edge*, (anonymous namespace)::EdgeList*, (anonymous namespace)::Vertex**, (anonymous namespace)::Comparator&) /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp:1029
#5 0x7f146a132273 in (anonymous namespace)::merge_collinear_edges((anonymous namespace)::Edge*, (anonymous namespace)::EdgeList*, (anonymous namespace)::Vertex**, (anonymous namespace)::Comparator&) /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp
#6 0x7f146a132273 in (anonymous namespace)::merge_collinear_edges((anonymous namespace)::Edge*, (anonymous namespace)::EdgeList*, (anonymous namespace)::Vertex**, (anonymous namespace)::Comparator&) /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp
#7 0x7f146a132273 in (anonymous namespace)::merge_collinear_edges((anonymous namespace)::Edge*, (anonymous namespace)::EdgeList*, (anonymous namespace)::Vertex**, (anonymous namespace)::Comparator&) /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp
#8 0x7f146a132273 in (anonymous namespace)::merge_collinear_edges((anonymous namespace)::Edge*, (anonymous namespace)::EdgeList*, (anonymous namespace)::Vertex**, (anonymous namespace)::Comparator&) /builds/worker/workspace/build/src/gfx/skia/skia/src/gpu/GrTessellator.cpp
...truncated...Flags: in-testsuite?
|
||
Comment 1•6 years ago
|
||
I was only able to reproduce with gfx.canvas.azure.accelerated set to true (+ forcing OpenGL acceleration). Reviewing bug 1468801, I don't think we should normally hit this code path since we deprecated support.
Priority: -- → P3
|
|
||
Updated•6 years ago
|
Priority: P3 → P5
| Comment hidden (Intermittent Failures Robot) |
|
||
Comment 3•3 years ago
|
||
Hey Jason,
Please update the resolution or the affected flags for this issue when you have the time. Thank you!
Flags: needinfo?(jkratzer)
|
Reporter | |
Comment 4•3 years ago
|
||
I can no longer reproduce this issue on mozilla-central rev fc74eb2c7b84. I think we can safely close this issue.
Status: NEW → RESOLVED
Closed: 3 years ago
Flags: needinfo?(jkratzer)
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•