Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2472763002:
Fix fuzzer assert in GradientShaderBase4fContext::TSampler (Closed)
DescriptionFix fuzzer assert in GradientShaderBase4fContext::TSampler
The arithmetic in tileProc<kMirror> may cause the result to snap to the
open interval value - which violates invariants down the line.
We need to clamp the result to nextafterf(2, 0) to ensure it stays less
than two.
BUG=skia:5913
R=reed@google.com,herb@google.com
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2472763002
Committed: https://skia.googlesource.com/skia/+/8ffb3e5d4c3731d02b3502a89c7a7eb18daf398c
Patch Set 1 #Patch Set 2 : Win build fix #
Total comments: 2
Messages
Total messages: 19 (11 generated)
Description was changed from ========== Fix fuzzer assert in GradientShaderBase4fContext::TSampler The arithmetic in tileProc<kMirror> may cause the result to snap to the open interval value - which violates invariants down the line. We need to clamp the result to nextafterf(2, 0) to ensure it stays less than two. BUG=skia:5913 R=reed@google.com,herb@google.com ========== to ========== Fix fuzzer assert in GradientShaderBase4fContext::TSampler The arithmetic in tileProc<kMirror> may cause the result to snap to the open interval value - which violates invariants down the line. We need to clamp the result to nextafterf(2, 0) to ensure it stays less than two. BUG=skia:5913 R=reed@google.com,herb@google.com GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2472763002 ==========
The CQ bit was checked by fmalita@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: Build-Win-MSVC-x86-Debug-Trybot on master.client.skia.compile (JOB_FAILED, http://build.chromium.org/p/client.skia.compile/builders/Build-Win-MSVC-x86-D...)
The CQ bit was checked by fmalita@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
https://codereview.chromium.org/2472763002/diff/20001/src/effects/gradients/S... File src/effects/gradients/Sk4fGradientBase.cpp (right): https://codereview.chromium.org/2472763002/diff/20001/src/effects/gradients/S... src/effects/gradients/Sk4fGradientBase.cpp:440: SkScalar fLargestLessThanTwo; Can this be static constexpr?
https://codereview.chromium.org/2472763002/diff/20001/src/effects/gradients/S... File src/effects/gradients/Sk4fGradientBase.cpp (right): https://codereview.chromium.org/2472763002/diff/20001/src/effects/gradients/S... src/effects/gradients/Sk4fGradientBase.cpp:440: SkScalar fLargestLessThanTwo; On 2016/11/04 14:58:44, herb_g wrote: > Can this be static constexpr? Unfortunately not, nextafterf is not constexpr :(
lgtm
The CQ bit was checked by fmalita@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Fix fuzzer assert in GradientShaderBase4fContext::TSampler The arithmetic in tileProc<kMirror> may cause the result to snap to the open interval value - which violates invariants down the line. We need to clamp the result to nextafterf(2, 0) to ensure it stays less than two. BUG=skia:5913 R=reed@google.com,herb@google.com GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2472763002 ========== to ========== Fix fuzzer assert in GradientShaderBase4fContext::TSampler The arithmetic in tileProc<kMirror> may cause the result to snap to the open interval value - which violates invariants down the line. We need to clamp the result to nextafterf(2, 0) to ensure it stays less than two. BUG=skia:5913 R=reed@google.com,herb@google.com GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2472763002 Committed: https://skia.googlesource.com/skia/+/8ffb3e5d4c3731d02b3502a89c7a7eb18daf398c ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001) as https://skia.googlesource.com/skia/+/8ffb3e5d4c3731d02b3502a89c7a7eb18daf398c |
