Issue metadata
Sign in to add a comment
|
Integer-overflow in blink::IntRect::UniteEvenIfEmpty |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5614016886734848 Fuzzer: inferno_twister Job Type: linux_ubsan_chrome Platform Id: linux Crash Type: Integer-overflow Crash Address: Crash State: blink::IntRect::UniteEvenIfEmpty blink::Region::Unite blink::ScrollingCoordinator::ComputeShouldHandleScrollGestureOnMainThreadRegion Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=549059:549062 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5614016886734848 Additional requirements: Requires HTTP Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jun 12 2018
This issue looks similar to bug 837300 , hence assigning to the same owner for more updates. schenney@ Could you please take a look in to this issue? Thanks!
,
Jun 12 2018
,
Jun 12 2018
,
Jul 12
ClusterFuzz testcase 5614016886734848 appears to be flaky, updating reproducibility label. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by ClusterFuzz
, Jun 12 2018Labels: Test-Predator-Auto-Components