CHECK failure: !std::isnan(static_cast<double>(value)) in math_extras.h |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5035371711430656 Fuzzer: inferno_twister_c Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !std::isnan(static_cast<double>(value)) in math_extras.h float clampTo<float, double> blink::AffineTransform::MapPoint Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5035371711430656 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Sep 18
Is it possible to teach the bot to ignore this assert and instead blame the caller? That would be helpful because the asserts just check that the input arguments are correct. This seems to be a NaN that appears through a transformed svg so I'll forward it to someone working on svg.
,
Sep 18
#4 0x7fcd1dce2802 in float clampTo<float, double>(double, float, float) third_party/blink/renderer/platform/wtf/math_extras.h:322:3
#5 0x7fcd1f0cfc10 in blink::AffineTransform::MapPoint(blink::FloatPoint const&) const third_party/blink/renderer/platform/transforms/affine_transform.cc:267:41
#6 0x7fcd1f0d1145 in blink::AffineTransform::MapRect(blink::FloatRect const&) const third_party/blink/renderer/platform/transforms/affine_transform.cc:301:16
#7 0x7fcd2dd9b631 in blink::LayoutSVGRoot::LocalVisualRectIgnoringVisibility() const third_party/blink/renderer/core/layout/svg/layout_svg_root.cc:450:38
#8 0x7fcd2d58744b in blink::LayoutObject::LocalVisualRect() const third_party/blink/renderer/core/layout/layout_object.h:1510:12
#9 0x7fcd2e6bcde5 in blink::PaintInvalidator::ComputeVisualRect(blink::LayoutObject const&, blink::PaintInvalidatorContext const&) third_party/blink/renderer/core/paint/paint_invalidator.cc:175:34
#10 0x7fcd2e6b8e24 in blink::PaintInvalidator::UpdateVisualRect(blink::LayoutObject const&, blink::FragmentData&, blink::PaintInvalidatorContext&) third_party/blink/renderer/core/paint/paint_invalidator.cc:328:32
#11 0x7fcd2e6b2bde in blink::PaintInvalidator::InvalidatePaint(blink::LayoutObject const&, blink::PaintPropertyTreeBuilderContext const*, blink::PaintInvalidatorContext&) third_party/blink/renderer/core/paint/paint_invalidator.cc:501:7
#12 0x7fcd2e84b379 in blink::PrePaintTreeWalk::WalkInternal(blink::LayoutObject const&, blink::PrePaintTreeWalk::PrePaintTreeWalkContext&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:339:22
#13 0x7fcd2e8485fb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:420:3
#14 0x7fcd2e8486e8 in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:428:5
#15 0x7fcd2e8486e8 in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:428:5
#16 0x7fcd2e8486e8 in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:428:5
#17 0x7fcd2e8477d4 in blink::PrePaintTreeWalk::Walk(blink::LocalFrameView&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:126:5
#18 0x7fcd2e846a97 in blink::PrePaintTreeWalk::WalkTree(blink::LocalFrameView&) third_party/blink/renderer/core/paint/pre_paint_tree_walk.cc:54:3
#19 0x7fcd2b990962 in blink::LocalFrameView::RunPrePaintLifecyclePhase(blink::DocumentLifecycle::LifecycleState) third_party/blink/renderer/core/frame/local_frame_view.cc:2573:24
#20 0x7fcd2b98df9a in blink::LocalFrameView::UpdateLifecyclePhasesInternal(blink::DocumentLifecycle::LifecycleState) third_party/blink/renderer/core/frame/local_frame_view.cc:2445:33
#21 0x7fcd2b98a2a3 in blink::LocalFrameView::UpdateLifecyclePhases(blink::DocumentLifecycle::LifecycleState) third_party/blink/renderer/core/frame/local_frame_view.cc:2398:3
#22 0x7fcd2b989609 in blink::LocalFrameView::UpdateAllLifecyclePhases() third_party/blink/renderer/core/frame/local_frame_view.cc:2199:39
#23 0x7fcd2e2c48fc in blink::PageAnimator::UpdateAllLifecyclePhases(blink::LocalFrame&) third_party/blink/renderer/core/page/page_animator.cc:110:9
#24 0x7fcd2e2de62e in blink::PageWidgetDelegate::UpdateLifecycle(blink::Page&, blink::LocalFrame&, blink::WebWidget::LifecycleUpdate) third_party/blink/renderer/core/page/page_widget_delegate.cc:70:21
#25 0x7fcd2b4864f6 in blink::WebViewImpl::UpdateLifecycle(blink::WebWidget::LifecycleUpdate) third_party/blink/renderer/core/exported/web_view_impl.cc:1574:3
#26 0x7fcd2bca54e4 in blink::WebViewFrameWidget::UpdateLifecycle(blink::WebWidget::LifecycleUpdate) third_party/blink/renderer/core/frame/web_view_frame_widget.cc:66:21
#27 0x7fcd871f9b3e in content::RenderWidget::UpdateVisualState() content/renderer/render_widget.cc:1108:19
#28 0x7fcd86153c51 in content::LayerTreeView::UpdateLayerTreeHost() content/renderer/gpu/layer_tree_view.cc:595:14
#29 0x7fcd71fd3081 in cc::LayerTreeHost::RequestMainFrameUpdate() cc/trees/layer_tree_host.cc:281:12
#30 0x7fcd72426070 in cc::ProxyMain::BeginMainFrame(std::__1::unique_ptr<cc::BeginMainFrameAndCommitState, std::__1::default_delete<cc::BeginMainFrameAndCommitState> >) cc/trees/proxy_main.cc:222:21
,
Jan 8
ClusterFuzz has detected this issue as fixed in range 620568:620571. Detailed report: https://clusterfuzz.com/testcase?key=5035371711430656 Fuzzer: inferno_twister_c Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !std::isnan(static_cast<double>(value)) in math_extras.h float clampTo<float, double> blink::AffineTransform::MapPoint Sanitizer: address (ASAN) Fixed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=620568:620571 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5035371711430656 See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 8
ClusterFuzz testcase 5035371711430656 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||
►
Sign in to add a comment |
|||
Comment 1 by pnangunoori@chromium.org
, Sep 18Labels: M-71 Test-Predator-Wrong
Owner: brat...@opera.com
Status: Assigned (was: Untriaged)