Assertion failure: mDecoded.IsEqualEdges(frameRect), at /builds/worker/checkouts/gecko/image/imgFrame.cpp:547
Categories
(Core :: Graphics: ImageLib, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr91 | --- | unaffected |
| firefox99 | --- | wontfix |
| firefox100 | --- | wontfix |
| firefox101 | --- | wontfix |
| firefox102 | --- | verified |
People
(Reporter: tsmith, Assigned: tnikkel)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: assertion, regression, testcase, Whiteboard: [bugmon:bisected,confirmed])
Attachments
(2 files)
testcase.jpg
Found while fuzzing m-c 20220414-6c55ba30c858 (--enable-debug --enable-fuzzing)
To reproduce via Grizzly Replay:
$ pip install fuzzfetch grizzly-framework
$ python -m fuzzfetch -d --fuzzing -n firefox
$ python -m grizzly.replay ./firefox/firefox testcase.jpg
Assertion failure: mDecoded.IsEqualEdges(frameRect), at /builds/worker/checkouts/gecko/image/imgFrame.cpp:547
#0 0x7f83b5ae52c0 in mozilla::image::imgFrame::Finish(mozilla::image::Opacity, bool) /builds/worker/checkouts/gecko/image/imgFrame.cpp:547:3
#1 0x7f83b5a826ce in mozilla::image::Decoder::PostFrameStop(mozilla::image::Opacity) /builds/worker/checkouts/gecko/image/Decoder.cpp:480:18
#2 0x7f83b5a8248a in mozilla::image::Decoder::CompleteDecode() /builds/worker/checkouts/gecko/image/Decoder.cpp:246:5
#3 0x7f83b5a748d3 in mozilla::image::Decoder::Decode(mozilla::image::IResumable*) /builds/worker/checkouts/gecko/image/Decoder.cpp:197:3
#4 0x7f83b5a80683 in mozilla::image::DecodedSurfaceProvider::Run() /builds/worker/checkouts/gecko/image/DecodedSurfaceProvider.cpp:125:34
#5 0x7f83b5a981a3 in mozilla::image::DecodingTask::Run() /builds/worker/checkouts/gecko/image/DecodePool.cpp:146:12
#6 0x7f83b44dff77 in mozilla::TaskController::RunPoolThread() /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:256:33
#7 0x7f83ca0c9a57 in _pt_root /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:201:5
#8 0x7f83cae43608 in start_thread /build/glibc-sMfBJT/glibc-2.31/nptl/pthread_create.c:477:8
#9 0x7f83caa0a162 in __clone /build/glibc-sMfBJT/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Reporter | |
Comment 1•2 years ago
|
||
A Pernosco session is available here: https://pernos.co/debug/G5tcIqOnUMZJH6q49DZ12Q/index.html
|
||
Comment 2•2 years ago
|
||
Bugmon Analysis
Verified bug as reproducible on mozilla-central 20220421152318-c95859201259.
The bug appears to have been introduced in the following build range:
Start: 55ab13abb8c2465b2d68f25ea6a4abf2647e4a76 (20211006135407)
End: ef7b596bb385f46280eb1492009bf8fb541e17db (20211006152024)
Pushlog: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=55ab13abb8c2465b2d68f25ea6a4abf2647e4a76&tochange=ef7b596bb385f46280eb1492009bf8fb541e17db
|
||
Comment 3•2 years ago
|
||
Set release status flags based on info from the regressing bug 1732115
|
|
||
Comment 4•2 years ago
|
||
:aosmond, since you are the author of the regressor, bug 1732115, could you take a look?
For more information, please visit auto_nag documentation.
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Comment 5•2 years ago
|
||
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
|
||
Updated•2 years ago
|
|
||
Updated•2 years ago
|
Pushed by tnikkel@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/adf9fd785bb9 Deal with oriented image frames in imgFrame::Finish. r=aosmond
|
||
Comment 7•2 years ago
|
||
| bugherder | ||
|
|
||
Comment 8•2 years ago
|
||
Bugmon Analysis
Verified bug as fixed on rev mozilla-central 20220507213841-1d8f6404d0b9.
Removing bugmon keyword as no further action possible. Please review the bug and re-add the keyword for further analysis.
|
|
||
Comment 9•2 years ago
|
||
The patch landed in nightly and beta is affected.
:tnikkel, is this bug important enough to require an uplift?
If not please set status_beta to wontfix.
For more information, please visit auto_nag documentation.
|
|
Assignee | |
Updated•2 years ago
|
Description
•