Closed Bug 1883793 Opened 4 months ago Closed 3 months ago

/src/toolkit/components/glean/bindings/private/TimingDistribution.cpp:171:21: runtime error: -3.91041e+09 is outside the range of representable values of type 'unsigned long'

Categories

(Data Platform and Tools :: Glean: SDK, defect, P2)

Product:
Data Platform and Tools
Component:
Glean: SDK
Type:
defect

Tracking

(firefox125 wontfix, firefox126 fixed)

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox125 --- wontfix
firefox126 --- fixed

People

(Reporter: tsmith, Assigned: janerik)

References

(Blocks 3 open bugs)

Details

(Keywords: csectype-undefined)

Attachments

(1 file)

Bug 1883793 - Catch negative durations and round to integer. r?chutten!
48 bytes, text/x-phabricator-request
Details | Review

Found with m-c 20240304-00550f024b47 (--enable-undefined-sanitizer="float-cast-overflow" --enable-fuzzing)

This is triggered by https://youtube.com.

This was found while trying to reproduce bug 1436778.

/src/toolkit/components/glean/bindings/private/TimingDistribution.cpp:171:21: runtime error: -3.91041e+09 is outside the range of representable values of type 'unsigned long'
    #0 0x7fddefe2da90 in mozilla::glean::impl::TimingDistributionMetric::AccumulateRawDuration(mozilla::BaseTimeDuration<mozilla::TimeDurationValueCalculator> const&) const /src/toolkit/components/glean/bindings/private/TimingDistribution.cpp:171:21
    #1 0x7fdddb03759c in mozilla::layers::PotentialCheckerboardDurationTracker::CheckerboardDone(bool) /src/gfx/layers/apz/src/PotentialCheckerboardDurationTracker.cpp:33:12
    #2 0x7fdddae7b260 in mozilla::layers::AsyncPanZoomController::UpdateCheckerboardEvent(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&, unsigned int) /src/gfx/layers/apz/src/AsyncPanZoomController.cpp:5312:35
    #3 0x7fdddad85ac7 in mozilla::layers::AsyncPanZoomController::ReportCheckerboard(mozilla::layers::SampleTime const&, mozilla::gfx::RectTyped<mozilla::ParentLayerPixel, float> const&) /src/gfx/layers/apz/src/AsyncPanZoomController.cpp:5296:3
    #4 0x7fdddad727f8 in mozilla::layers::APZCTreeManager::AdvanceAnimationsInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&, mozilla::layers::SampleTime const&) /src/gfx/layers/apz/src/APZCTreeManager.cpp:1038:11
    #5 0x7fdddad6eb6c in mozilla::layers::APZCTreeManager::SampleForWebRender(mozilla::Maybe<mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>> const&, mozilla::wr::TransactionWrapper&, mozilla::layers::SampleTime const&) /src/gfx/layers/apz/src/APZCTreeManager.cpp:769:33
    #6 0x7fdddadf2213 in mozilla::layers::APZSampler::SampleForWebRender(mozilla::Maybe<mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>> const&, mozilla::wr::TransactionWrapper&) /src/gfx/layers/apz/src/APZSampler.cpp:100:9
    #7 0x7fdddadf1db5 in mozilla::layers::APZSampler::SampleForWebRender(mozilla::wr::WrWindowId const&, unsigned long const*, mozilla::wr::Transaction*) /src/gfx/layers/apz/src/APZSampler.cpp:73:14
    #8 0x7fdddadf4ad8 in apz_sample_transforms /src/gfx/layers/apz/src/APZSampler.cpp:212:3
    #9 0x7fddf668c6f7 in _$LT$webrender_bindings..bindings..SamplerCallback$u20$as$u20$webrender..renderer..init..AsyncPropertySampler$GT$::sample::hb9474de83c3ba3c6 /src/gfx/webrender_bindings/src/bindings.rs:1059:13
    #10 0x7fddf6abcbcb in webrender::render_backend::RenderBackend::update_document::h48d0c305ccfc38e9 /src/gfx/wr/webrender/src/render_backend.rs:1369:39
    #11 0x7fddf6abc84c in webrender::render_backend::RenderBackend::prepare_transactions::h00db3f479defc412 /src/gfx/wr/webrender/src/render_backend.rs:1283:28
    #12 0x7fddf6aba722 in webrender::render_backend::RenderBackend::process_api_msg::hccdd7faebc5eac3d /src/gfx/wr/webrender/src/render_backend.rs:1136:17
    #13 0x7fddf6ab88bc in webrender::render_backend::RenderBackend::run::h6e98a4161ff6e616 /src/gfx/wr/webrender/src/render_backend.rs:787:21
    #14 0x7fddf68f7ed1 in webrender::renderer::init::create_webrender_instance::_$u7b$$u7b$closure$u7d$$u7d$::hb2c6b1f80a80ce0a /src/gfx/wr/webrender/src/renderer/init.rs:685:9
    #15 0x7fddf68c903a in std::sys_common::backtrace::__rust_begin_short_backtrace::h17dcedb9254661a6 /rustc/d78329b92e8d141d19505e7c1527181c4ab87ed4/library/std/src/sys_common/backtrace.rs:155:18

SUMMARY: UndefinedBehaviorSanitizer: float-cast-overflow /src/toolkit/components/glean/bindings/private/TimingDistribution.cpp:171:21 in

Moving this to the right component to get triaged for Glean things. Thanks for reporting!

Component: Telemetry → Glean: SDK
Product: Toolkit → Data Platform and Tools
Assignee: nobody → jrediger
Priority: -- → P2

I can easily reproduce this, time to fix it.

Pushed by jrediger@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f512114c168d
Catch negative durations and round to integer. r=chutten
https://hg.mozilla.org/integration/autoland/rev/f635514491d2
1886198: apply code formatting via Lando
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: