https://bugs.kde.org/show_bug.cgi?id=516850
Bug ID: 516850
Summary: Multibrush tool can trigger integer UB.
Classification: Applications
Product: krita
Version First 6.0.0-beta2
Reported In:
Platform: Other
OS: Linux
Status: REPORTED
Severity: crash
Priority: NOR
Component: General
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
STEPS TO REPRODUCE
1. Compile krita with
-fsanitize-trap=signed-integer-overflow,integer-divide-by-zero (these might be
clang specific, and probably the more general -fsanitize=undefined would work
too, though this causes more of a slowdown)
2. Use the multibrush tool (I used "symmetric" with 16 brushes to trigger this)
and spam random lines for a minute or so, it takes a while to trigger a crash.
OBSERVED RESULT
Krita crashes with SIGILL (this is only because the flag that makes integer UB
crash is enabled, but it's still a bug even when it doesn't crash).
EXPECTED RESULT
No crash (and no undefined behaviour).
SOFTWARE/OS VERSIONS
Linux: Chimera Linux
KDE Plasma Version: 6.6.0
KDE Frameworks Version: 6.23.0
Qt Version: 6.10.2
Graphics Platform: Wayland
ADDITIONAL INFORMATION
Chimera Linux compiles packages with flags to trap on integer UB by default,
since it helps reveal bugs and doesn't really affect performance. If there's
lots of integer UB or it would be too difficult to fix the bugs, those flags
can be disabled, but usually they're simple bugs that can actually cause
problems and are easy to fix.
--
You are receiving this mail because:
You are watching all bug changes.
