Float-cast-overflow in blink::PaintLayerScrollableArea::CornerRect |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5737157143298048 Fuzzer: ifratric-browserfuzzer-v3 Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Float-cast-overflow Crash Address: Crash State: blink::PaintLayerScrollableArea::CornerRect blink::PaintLayerScrollableArea::ResizerCornerRect blink::ScrollingCoordinator::ComputeShouldHandleScrollGestureOnMainThreadRegion Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=552707:552711 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5737157143298048 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Apr 25 2018
Automatically adding ccs based on suspected regression changelists: Mark video-enter-exit-fullscreen-while-hovering-shows-controls.html timeout by xidachen@chromium.org - https://chromium.googlesource.com/chromium/src/+/7f9a4ddd4e17adce15d7e8e55a4554d7a420d1e3 Introduce a direct dependency Blink -> WebRTC by orphis@chromium.org - https://chromium.googlesource.com/chromium/src/+/254b97d5a6edc67def94977f747c4472182a867b If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.
,
Apr 25 2018
Overflow in setting up painting operations with very large inputs is generally not a problem.
,
May 2 2018
ClusterFuzz testcase 5737157143298048 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
May 2 2018
CFI is looking at the wrong CL. schenney@: could you triage this?
,
May 2 2018
ClsuterFuzz for some reason is ignoring the ClusterFuzz-Ignore label. This is not one we will fix.
,
Aug 31
ClusterFuzz has detected this issue as fixed in range 587601:587602. Detailed report: https://clusterfuzz.com/testcase?key=5737157143298048 Fuzzer: ifratric-browserfuzzer-v3 Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Float-cast-overflow Crash Address: Crash State: blink::PaintLayerScrollableArea::CornerRect blink::PaintLayerScrollableArea::ResizerCornerRect blink::ScrollingCoordinator::ComputeShouldHandleScrollGestureOnMainThreadRegion Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=552707:552711 Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=587601:587602 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5737157143298048 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Apr 25 2018Labels: Test-Predator-Auto-Components