New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 869263 link

Starred by 1 user
Status: WontFix
Owner:
f...@opera.com
Closed: Aug 20
Cc:
pdr@chromium.org
junov@chromium.org
f...@opera.com
pnangunoori@chromium.org
infe...@chromium.org
style-bugs@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Float-cast-overflow in blink::CSSPrimitiveValue::Create

Project Member Reported by ClusterFuzz, Jul 31 
Detailed report: https://clusterfuzz.com/testcase?key=4514148055252992

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Float-cast-overflow
Crash Address: 
Crash State:
  blink::CSSPrimitiveValue::Create
  blink::ValueForMatrixTransform
  blink::ComputedStyleUtils::ComputedTransform
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=551565:563900

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4514148055252992

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
Project Member

Comment 1 by ClusterFuzz, Jul 31

Components: Blink>CSS
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 2 by pnangunoori@chromium.org, Jul 31

Cc: f...@opera.com pnangunoori@chromium.org
Labels: M-68 Test-Predator-Wrong
Owner: tkent@chromium.org
Status: Assigned (was: Untriaged)
Using the provided regression range assigning to the possible suspect as per the change made for the file, “css_primitive_value.cc”
Suspecting Commit#
https://chromium.googlesource.com/chromium/src/+/68b36958a5252b72df14ef11646554c5d6760cb3

@tkent -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes.

Also cc'ing fs@ for the suspecting files computed_style_utils.cc in the provided regression range. Suspecting Commits:
https://chromium.googlesource.com/chromium/src/+/7004d7e19279e2d31f92fb295e06a8b987700f18
https://chromium.googlesource.com/chromium/src/+/3431b89c8be2d7b1a60f5eb135b1d27ce432ce9b

Thanks!

Comment 3 by tkent@chromium.org, Jul 31

Owner: ----
Status: Untriaged (was: Assigned)
> Suspecting Commit# https://chromium.googlesource.com/chromium/src/+/68b36958a5252b72df14ef11646554c5d6760cb3

No, the CL just renamed variables. It doesn't affect compiled code.

The regression range is too large.  Route to CSS triage.

Comment 4 by pnangunoori@chromium.org, Aug 1

Cc: pdr@chromium.org junov@chromium.org
Owner: f...@opera.com
Status: Assigned (was: Untriaged)
fs@ -- Could you please take a look into the issue based on the suspecting files provided in Comment @#2.
Also, cc'ing the reviewers - junov@, pdr@
Project Member

Comment 5 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 6 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 7 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 8 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 9 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 10 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 11 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 12 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 13 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 14 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 15 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 16 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 17 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 18 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 19 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 20 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 21 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 22 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 23 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 24 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 25 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 26 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 27 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 28 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 29 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 30 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 31 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 32 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 33 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.

Comment 34 by pdr@chromium.org, Aug 20

Cc: infe...@chromium.org
Project Member

Comment 35 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 36 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 37 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 38 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 39 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
Project Member

Comment 40 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.

Comment 41 by infe...@chromium.org, Aug 20 

Ignore the "obsolete fuzzer" messages, we are working on a fix.
Project Member

Comment 42 by ClusterFuzz, Aug 20 

ClusterFuzz testcase 4514148055252992 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.

Comment 43 by infe...@chromium.org, Aug 20

Status: WontFix (was: Assigned)
Closing these now due to obsolete fuzzer issue, ClusterFuzz should file new ones with fixed testcases.

Sign in to add a comment