vello_common: harden gradient LUT against invalid stop positions#1311
Open
waywardmonkeys wants to merge 1 commit intolinebender:mainfrom
Open
vello_common: harden gradient LUT against invalid stop positions#1311waywardmonkeys wants to merge 1 commit intolinebender:mainfrom
waywardmonkeys wants to merge 1 commit intolinebender:mainfrom
Conversation
- Sanitize gradient stop positions with `sanitize_stop_position` to clamp NaNs, infinities, and out-of- range values into [0, 1]. - Use sanitized positions in `determine_lut_size` and LUT ramp construction to ensure indices are finite, monotonic, and within bounds. - Keep the 4-wide write in `GradientLut::new` bounded by `lut_size` so very small LUTs cannot trigger end- index panics. - Add targeted tests to verify sanitization behavior and ensure `GradientLut` handles infinite and out-of-range stop offsets without panicking.
waywardmonkeys
force-pushed
the
harden-gradient-lut
branch
from
f291f5b to
44cc593
Compare
Collaborator
Author
|
This should fix against the panic mentioned by @nicoburns in a comment in #1302. Some notes / questions:
|
tomcur
reviewed
Dec 1, 2025
Comment on lines
+44
to
+53
| fn sanitize_stop_position(pos: f32) -> f32 { | ||
| if pos.is_nan() { | ||
| 0.0 | ||
| } else if pos.is_infinite() { | ||
| if pos.is_sign_negative() { 0.0 } else { 1.0 } | ||
| } else { | ||
| pos.clamp(0.0, 1.0) | ||
| } | ||
| } | ||
|
|
Member
There was a problem hiding this comment.
The following is a branchless way to do this.
Suggested change
| fn sanitize_stop_position(pos: f32) -> f32 { | |
| if pos.is_nan() { | |
| 0.0 | |
| } else if pos.is_infinite() { | |
| if pos.is_sign_negative() { 0.0 } else { 1.0 } | |
| } else { | |
| pos.clamp(0.0, 1.0) | |
| } | |
| } | |
| #[inline] | |
| fn sanitize_stop_position(pos: f32) -> f32 { | |
| pos.max(0.).min(1.) | |
| } |
f32:{max,min} don't propagate NaNs (so the NaN gets turned in to 0., if pos.max(0.) is first).
LaurenzV
requested changes
Dec 1, 2025
Collaborator
LaurenzV
left a comment
LaurenzV
left a comment
There was a problem hiding this comment.
We already have a method that aims to validate the gradient before even encoding it:
So I feel like it might be better to just add this additional case here? Not much point in trying to fix a gradient that is fundamentally broken. 😄
Collaborator
|
I'm actually surprised this doesn't already work, because we already are checking that each stop is between 0 and 1... |
Collaborator
Author
|
I will figure out why and fix it! |
Collaborator
Author
|
(I already know why, just have to drive home) |
nicoburns
added
the
C-sparse-strips
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
sanitize_stop_positionto clamp NaNs, infinities, and out-of- range values into [0, 1].determine_lut_sizeand LUT ramp construction to ensure indices are finite, monotonic, and within bounds.GradientLut::newbounded bylut_sizeso very small LUTs cannot trigger end- index panics.GradientLuthandles infinite and out-of-range stop offsets without panicking.