Open
Bug 1581672
Opened 5 years ago
Updated 1 year ago
left shift of negative value -32768 in gfx/cairo/cairo/src/cairo-fixed-private.h:62:14
Categories
(Core :: Graphics, defect, P3)
Core
Graphics
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox71 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-undefined)
This is triggered when running gtests with an UBSan build.
To enable this check add the following to your mozconfig:
ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="shift"
ac_add_options --disable-jemalloc
Traceback:
[ RUN ] Cairo.Simple
TestCairo:TryArcs centerY 0.000000, radius 14.000000
gfx/cairo/cairo/src/cairo-fixed-private.h:62:14: runtime error: left shift of negative value -32768
#0 0x7f59b7a64144 in _cairo_fixed_from_int gfx/cairo/cairo/src/cairo-fixed-private.h:62:14
#1 0x7f59b7a7f033 in _line_exceeds_16_16 gfx/cairo/cairo/src/cairo-image-surface.c:2386:16
#2 0x7f59b7a7e831 in _pixman_image_add_traps gfx/cairo/cairo/src/cairo-image-surface.c:2444:6
#3 0x7f59b7a7e34e in _composite_traps gfx/cairo/cairo/src/cairo-image-surface.c:2516:5
#4 0x7f59b7a80e31 in _clip_and_composite gfx/cairo/cairo/src/cairo-image-surface.c:2359:15
#5 0x7f59b7a866c9 in _clip_and_composite_trapezoids gfx/cairo/cairo/src/cairo-image-surface.c:3258:12
#6 0x7f59b7a86186 in _clip_and_composite_polygon gfx/cairo/cairo/src/cairo-image-surface.c:3625:15
#7 0x7f59b7a70dac in _cairo_image_surface_fill gfx/cairo/cairo/src/cairo-image-surface.c:3816:15
#8 0x7f59b7ad3af8 in _cairo_surface_fill gfx/cairo/cairo/src/cairo-surface.c:2352:11
#9 0x7f59b7a63ed2 in _cairo_gstate_fill gfx/cairo/cairo/src/cairo-gstate.c:1290:15
#10 0x7f59b7afc386 in _moz_cairo_fill_preserve gfx/cairo/cairo/src/cairo.c:2473:14
#11 0x7f59af019c22 in mozilla::layers::TryCircle(double, double, double) gfx/2d/unittest/TestCairo.cpp:24:3
#12 0x7f59af019993 in mozilla::layers::Cairo_Simple_Test::TestBody() gfx/2d/unittest/TestCairo.cpp:32:3
#13 0x7f59aee7d55b in testing::Test::Run() testing/gtest/gtest/src/gtest.cc:2519:5
#14 0x7f59aee7e405 in testing::TestInfo::Run() testing/gtest/gtest/src/gtest.cc:2695:11
#15 0x7f59aee7ebf1 in testing::TestCase::Run() testing/gtest/gtest/src/gtest.cc:2813:28
#16 0x7f59aee8c642 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/gtest/src/gtest.cc:5179:43
#17 0x7f59aee8c106 in testing::UnitTest::Run() testing/gtest/gtest/src/gtest.cc:4788:10
#18 0x7f59aeec54f7 in mozilla::RunGTestFunc(int*, char**) testing/gtest/mozilla/GTestRunner.cpp:158:10
#19 0x7f59b96a1450 in XREMain::XRE_mainStartup(bool*) toolkit/xre/nsAppRunner.cpp:3788:16
#20 0x7f59b96aa069 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4722:12
#21 0x7f59b96aaad1 in XRE_main(int, char**, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4816:21
#22 0x556b74927cae in do_main(int, char**, char**) browser/app/nsBrowserApp.cpp:218:22
#23 0x556b74927344 in main browser/app/nsBrowserApp.cpp:300:16
|
||
Comment 1•5 years ago
|
||
The problem is
#define CAIRO_FIXED_16_16_MIN _cairo_fixed_from_int (-32768)
where _cairo_fixed_from_int() shifts the argument left by 8.
So if you ignore the undefined behaviour I think it should be -8388608 or 1111 1111 1000 0000 0000 0000 0000 0000. But I'm not sure how to best define it. Lee?
Priority: -- → P3
|
||
Updated•2 years ago
|
Severity: normal → S3
|
Reporter | |
Updated•1 year ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•