New issue
Advanced search Search tips

Issue 874566 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Aug 17
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Float-cast-overflow in blink::LayoutBox::AbsoluteContentBox

Project Member Reported by ClusterFuzz, Aug 15

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=4653194324738048

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Float-cast-overflow
Crash Address: 
Crash State:
  blink::LayoutBox::AbsoluteContentBox
  blink::LayoutBox::ComputeResourcePriority
  blink::PriorityFromObserver
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=569264:569265

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4653194324738048

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
 
Project Member

Comment 1 by ClusterFuzz, Aug 15

Components: Blink>Layout Blink>Loader
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.
Project Member

Comment 2 by ClusterFuzz, Aug 15

Labels: Test-Predator-Auto-Owner
Owner: arthurso...@chromium.org
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/10ad99b832eb1f4770cb39f95557dbdcfa96fe69 (UpgradeInsecureRequest: Stop upgrading port manually.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
Cc: arthurso...@chromium.org
Labels: Test-Predator-Wrong-CLs
Owner: ----
Status: Untriaged (was: Assigned)
I didn't tried to reproduce with/without my patch, but it looks clearly not related to my change.

My patch is trivial and happens on the browser process. This crash happens in Blink. My patch should not change Chrome behavior at all.

Components: -Blink>Loader
Status: WontFix (was: Untriaged)
Project Member

Comment 6 by ClusterFuzz, Aug 24

Labels: Needs-Feedback
ClusterFuzz testcase 4653194324738048 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Sign in to add a comment