Float-cast-overflow in blink::StrokeData::SetupPaintDashPathEffect |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5107653584617472 Fuzzer: ifratric-browserfuzzer-v3 Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Float-cast-overflow Crash Address: Crash State: blink::StrokeData::SetupPaintDashPathEffect blink::GraphicsContextState::StrokeFlags void blink::GraphicsContext::DrawTextPasses<void blink::GraphicsContext::DrawTex Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=552707:552711 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5107653584617472 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Apr 25 2018
Overflow in setting up painting operations with very large inputs is generally not a problem.
,
May 2 2018
ClusterFuzz testcase 5107653584617472 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
May 2 2018
Assigning a float to an int in an unchecked way. So I should fix it.
,
May 2 2018
Issue 836491 has been merged into this issue.
,
May 4 2018
|
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Apr 24 2018Labels: Test-Predator-Auto-Components