Open
Bug 1589496
Opened 6 years ago
Updated 3 years ago
signed integer overflow in [@ mozilla::RoundUpToMultiple]
Categories
(Core :: Graphics, defect, P3)
Core
Graphics
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox71 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-undefined, testcase)
This is triggered when running gtests with an UBSan build.
To enable this check add the following to your mozconfig:
ac_add_options --enable-address-sanitizer
ac_add_options --enable-signed-overflow-sanitizer
ac_add_options --disable-jemalloc
[ RUN ] Gfx.TiledRegionBoundaryConditions2
src/objdir-ff-ubsan/dist/include/mozilla/gfx/NumericTools.h:33:20: runtime error: signed integer overflow: 2147483647 + 256 cannot be represented in type 'int'
#0 0x7f9eca64ea8e in mozilla::RoundUpToMultiple(int, int) src/objdir-ff-ubsan/dist/include/mozilla/gfx/NumericTools.h:33:20
#1 0x7f9eca6192ec in mozilla::gfx::IterationEndReason mozilla::gfx::ProcessIntersectedTiles<mozilla::gfx::TiledRegionImpl::AddRect(pixman_box32 const&)::$_0, mozilla::gfx::TiledRegionImpl::AddRect(pixman_box32 const&)::$_1, nsTArray<pixman_box32> >(pixman_box32 const&, nsTArray<pixman_box32>&, mozilla::gfx::TiledRegionImpl::AddRect(pixman_box32 const&)::$_0, mozilla::gfx::TiledRegionImpl::AddRect(pixman_box32 const&)::$_1) src/gfx/src/TiledRegion.cpp:186:32
#2 0x7f9eca6190c1 in mozilla::gfx::TiledRegionImpl::AddRect(pixman_box32 const&) src/gfx/src/TiledRegion.cpp:269:10
#3 0x7f9ec77ac76d in mozilla::gfx::TiledRegion<mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> >::Add(mozilla::gfx::IntRegionTyped<mozilla::gfx::UnknownUnits> const&) src/objdir-ff-ubsan/dist/include/mozilla/gfx/TiledRegion.h:121:18
#4 0x7f9ec7769763 in Gfx_TiledRegionBoundaryConditions2_Test::TestBody() src/gfx/tests/gtest/TestRegion.cpp:1470:15
#5 0x7f9ec75214db in testing::Test::Run() src/testing/gtest/gtest/src/gtest.cc:2519:5
#6 0x7f9ec752234d in testing::TestInfo::Run() src/testing/gtest/gtest/src/gtest.cc:2695:11
#7 0x7f9ec7522b21 in testing::TestCase::Run() src/testing/gtest/gtest/src/gtest.cc:2813:28
#8 0x7f9ec7530212 in testing::internal::UnitTestImpl::RunAllTests() src/testing/gtest/gtest/src/gtest.cc:5179:43
#9 0x7f9ec752fd31 in testing::UnitTest::Run() src/testing/gtest/gtest/src/gtest.cc:4788:10
#10 0x7f9ec75669a7 in mozilla::RunGTestFunc(int*, char**) src/testing/gtest/mozilla/GTestRunner.cpp:158:10
#11 0x7f9ed1fd63ee in XREMain::XRE_mainStartup(bool*) src/toolkit/xre/nsAppRunner.cpp:3788:16
#12 0x7f9ed1fdeb63 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4722:12
#13 0x7f9ed1fdf523 in XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4816:21
#14 0x55a54ecb8b10 in do_main(int, char**, char**) src/browser/app/nsBrowserApp.cpp:218:22
#15 0x55a54ecb8312 in main src/browser/app/nsBrowserApp.cpp:300:16
|
||
Comment 1•6 years ago
|
||
The priority flag is not set for this bug.
:jbonisteel, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(jbonisteel)
|
||
Updated•6 years ago
|
Flags: needinfo?(jbonisteel)
Priority: -- → P3
|
||
Updated•3 years ago
|
Severity: normal → S3
|
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•