We're a bit flooded with issues, and this one is lower in priority than others, but passing to Cary for a look as time permits.

The overflow in question is here: (SkEdge.cpp:462)

            newx    = oldx + (fCDx >> dshift);
            fCDx    += fCDDx >> ddshift;
            fCDDx   += fCDDDx;

            newy    = oldy + (fCDy >> dshift);
            fCDy    += fCDDy >> ddshift;
            fCDDy   += fCDDDy;

If any of these adds overflow, at worst, we'll draw wrong. Otherwise, there's no harm done.

Given that the fuzzed input are not values that are expected to draw, this is working as intended.

Since this issue was filed automatically, what is the testing mechanism to suppress this check in the future?

@manoranjan -- Could you please help me with this issue.
Thanks in Advance.

+ Abhishek for further inputs.

see https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#disabling-instrumentation-with-attribute-no-sanitize-undefined

adding signed integer overflow suppressions to skia

There is some concern about the safety of using the info in #6 as it may hide future more serious bugs. Please consider another methodology on the testing end to suppress this.

If there is no way to avoid generating this in automated testing, in the long run Skia can rewrite its code to avoid generating this error in UBSan. However, this rewrite would not improve security or remove any actual operational bugs, and would take time. The effort required to do so would need to be weighed against the risks and benefits.

 Issue 683001  has been merged into this issue.

ClusterFuzz has detected this issue as fixed in range 446702:446785.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5118854838878208

Fuzzer: libfuzzer_skia_path_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  SkCubicEdge::updateCubic
  SkEdgeBuilder::addCubic
  SkEdgeBuilder::addClipper
  
Sanitizer: undefined (UBSAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=400437:400524
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=446702:446785

Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97oIEXWxtW9dwZLI1pyLmUojd__rp-Ur7MBNIDO7h47v96TlP7m4w55774wZVNF9w0f9dXj-hq_lIMPlfUfMmY2h4yvvVr5TUFk_MIliBZxlssKnieXpvoilYJRXNo5so6dFHT0vmAvU3pLyLuVYxPnc85aZJV-p1HSjjLbY0zDNtWwzw7zF4bp7fj83HQiL-M9H6i8LTtAFNI-aQTbpLj79hWlSl4WR16FpRMCMbU-8KvIervreqUh-xqYl6Or0No27WwulyuhYovddpFeFVCZpoCFhx3Vx-54pGXNwK4Dbx81cOSAkays0Dn3V7k5MkKpZdeamamsWVBBOMUq58BNsbLhaj_yIi9Rc7mkSOr5RaYrp18?testcase_id=5118854838878208

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4579730679660544 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.