Float-cast-overflow in blink::ThemePainterDefault::PaintSliderTrack |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4748010874208256 Fuzzer: ifratric-browserfuzzer-v3 Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Float-cast-overflow Crash Address: Crash State: blink::ThemePainterDefault::PaintSliderTrack blink::BoxPainter::PaintBoxDecorationBackgroundWithRect blink::BoxPainter::PaintBoxDecorationBackground Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=552707:552711 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4748010874208256 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Apr 26 2018
Crash is with this code and zoom = 0.01: unzoomed_rect.SetWidth(unzoomed_rect.Width() / zoom_level); I don't think this one is actionable in that it does not go through any explicit cast and we don't want range checking in SetWidth on IntRect.
,
May 3 2018
ClusterFuzz testcase 4748010874208256 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace. |
|||
►
Sign in to add a comment |
|||
Comment 1 by ClusterFuzz
, Apr 26 2018Labels: Test-Predator-Auto-Components