Assert in SkLineClipper::IntersectLine |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5890518291316736 Fuzzer: libFuzzer_paint_op_buffer_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Abrt Crash Address: 0x053900004b09 Crash State: sk_abort_no_print SkLineClipper::IntersectLine SkLineClipper::IntersectLine Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=555638:555648 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5890518291316736 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jun 2 2018
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Jun 5 2018
Mike: the fuzzer found some values that make SkLineClipper::IntersectLine complain. It doesn't seem like there's a security issue here, so marking this as a lower priority. But, it might be something you want to look at. It's easy to repro. I wasn't sure who to assign this to, so am sending it your way. Feel free to close if this is too low priority to fix.
Here's the values for this function:
src[0] = {fX = -4.67746776e+23, fY = -4.18426559e+23}
src[1] = {fX = 9.73221392e+18, fY = 8.70602818e+18}
dst[0] = {fX = 2.86985925e-42, fY = 3.45728357e-41}
dst[1] = {fX = 5.56035231e-42, fY = 3.49988304e-41}
clip = (const SkRect &) @0x7ffff299e2e0: {fLeft = -32767, fTop = -32767,
fRight = 32767, fBottom = 32767}
bounds = {fLeft = 32767, fTop = -3.76547836e+11, fRight = 4.20906795e+11,
fBottom = 32767}
,
Jun 6 2018
ClusterFuzz has detected this issue as fixed in range 564660:564675. Detailed report: https://clusterfuzz.com/testcase?key=5890518291316736 Fuzzer: libFuzzer_paint_op_buffer_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Abrt Crash Address: 0x053900004b09 Crash State: sk_abort_no_print SkLineClipper::IntersectLine SkLineClipper::IntersectLine Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=555638:555648 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=564660:564675 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5890518291316736 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 6 2018
ClusterFuzz testcase 5890518291316736 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Jun 2 2018Labels: Test-Predator-Auto-Components