Undefined-shift in T_UConverter_toUnicode_UTF32_LE |
||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6298698597793792 Fuzzer: libfuzzer_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=386932:386961 Minimized Testcase (0.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv9473v55maRVpuq3L_BT_pyUGYkMTlsEu8_XT2Fn4Madkcf2ZcndHlYb2-V0qIhqrnnSxW9i0DHbCAbGzYGE8dWr9WbktpMGKNX1uQb_yTo65yyK9SHQxRq_mRm8C06sTjrDQpBwSs-dnwbJqSHTl50nyrHybw Filer: mmoroz See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Apr 28 2016
Issue 605094 has been merged into this issue.
,
Apr 28 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6529106967003136 Fuzzer: libfuzzer_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _UTF32ToUnicodeWithOffsets _toUnicodeWithCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=386932:386961 Minimized Testcase (0.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96eJBK4o6tokNpBaegg6Xsv38oI-P2VTff3e_bnQtn7xBwEOwk3BqRrOg4iKMP4mriVuxy4oErGZQmbEWIYt1HhDRlZLzhMVAUQQr66uSnxfmrX0dj0c5EdQtsx2XQT0mt_wbeinNypuLb-QQC2gGzJO7PW9g Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Apr 28 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6529106967003136 Fuzzer: libfuzzer_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _UTF32ToUnicodeWithOffsets _toUnicodeWithCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=386932:386961 Minimized Testcase (0.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96eJBK4o6tokNpBaegg6Xsv38oI-P2VTff3e_bnQtn7xBwEOwk3BqRrOg4iKMP4mriVuxy4oErGZQmbEWIYt1HhDRlZLzhMVAUQQr66uSnxfmrX0dj0c5EdQtsx2XQT0mt_wbeinNypuLb-QQC2gGzJO7PW9g Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 15 2016
ClusterFuzz has detected this issue as fixed in range 399796:399855. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6529106967003136 Fuzzer: libfuzzer_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _UTF32ToUnicodeWithOffsets _toUnicodeWithCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=386932:386961 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=399796:399855 Minimized Testcase (0.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95qL9QEcW1K5VUGcPitD1OeidCQ6IMU5GQlCYGGPObJ4GfJWzD8eMBjmrJLVhW9rlfEscr9qo1wJyfgndWR9SYcIiIe1kfZDJp7AbCDj6vi8-TD8LdZvtbRigPilIfFp6CHNY-6hi7Y2aIm0djZYEuLKcG8iA See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 15 2016
ClusterFuzz has detected this issue as fixed in range 399796:399855. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6298698597793792 Fuzzer: libfuzzer_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=386932:386961 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=399796:399855 Minimized Testcase (0.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94q3fUTujEcHIZ0EvBqwXZOK88sazRry0K5rx5DWfuwve3xj8ZsVwj4eoO3X3wJs8dhhZRWBJpMxc9VbJuExlw4IrmpIn5u8IGCyRro7P5YynWE97Wsl1A2UnBEZqUY6haihhhSvihDS52enKTqs9DGTb-RVw See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 15 2016
ClusterFuzz testcase is verified as fixed, closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Jun 16 2016
,
Jun 16 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5081449736962048 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95odt_i-bDIbfCceAKbw1aOaaabfl-d767W8rEJF5YSM4LPRbiNmBieW7ck4b-9way7Jk-jrl2LXh0fnYeQmWJUE3uyMd6C6yAJmBLdP07fP0dVAQDw8vJ1Fc78rOri_ckC6R502n2ANHmQ9vMkPb6gFbZ57Q Additional requirements: Requires Gestures Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 16 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5081449736962048 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95odt_i-bDIbfCceAKbw1aOaaabfl-d767W8rEJF5YSM4LPRbiNmBieW7ck4b-9way7Jk-jrl2LXh0fnYeQmWJUE3uyMd6C6yAJmBLdP07fP0dVAQDw8vJ1Fc78rOri_ckC6R502n2ANHmQ9vMkPb6gFbZ57Q Additional requirements: Requires Gestures Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 16 2016
I kicked off redo "Fixed" job at that most recent CF report.
,
Jun 16 2016
Looks reproducible.
,
Jul 29 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6046970619887616 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Minimized Testcase (0.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97T6PsjxabezTHQTCLmdMtUMLkmiQVO6573hdS8P6aePnwGWeNAbWs6xMXqlIr8dOkEpAUvRUwBCrgUyOX1AJzjPzg_T_aQbO2QzNaXgZ3lKZ2J5qQAjJifuVU-_qty3ygjZiiSTROeq3ne3sRf6aRV5eHzBA?testcase_id=6046970619887616 Filer: rnimmagadda See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jul 29 2016
Gentle Ping. @jshin: Could you please provide some update on this issue. Thank you.
,
Aug 3 2016
,
Aug 3 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5222395015331840 Fuzzer: libfuzzer_libxml_xml_read_memory_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _UTF32ToUnicodeWithOffsets _toUnicodeWithCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=395640:395746 Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97s04-YAZUinRBbazTdMeeAtGrbzfq_g3zyC95oSdnyKknmjgn2c74zqhVYGHTccs_xN75j85dpV49alQCABm7VlwwLY1Vz168n6LcSUWi8JOf6khdWPTXeLEx4EgkRn-9NBZfMzR4xHdXeqPzU4ES-lvVobQ?testcase_id=5222395015331840 Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Aug 25 2016
ClusterFuzz has detected this issue as fixed in range 413961:414068. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6046970619887616 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=413961:414068 Minimized Testcase (0.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97T6PsjxabezTHQTCLmdMtUMLkmiQVO6573hdS8P6aePnwGWeNAbWs6xMXqlIr8dOkEpAUvRUwBCrgUyOX1AJzjPzg_T_aQbO2QzNaXgZ3lKZ2J5qQAjJifuVU-_qty3ygjZiiSTROeq3ne3sRf6aRV5eHzBA?testcase_id=6046970619887616 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 25 2016
ClusterFuzz has detected this issue as fixed in range 413961:414068. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5081449736962048 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _toUnicodeWithCallback ucnv_toUnicode_56 Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=397764:398208 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=413961:414068 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95odt_i-bDIbfCceAKbw1aOaaabfl-d767W8rEJF5YSM4LPRbiNmBieW7ck4b-9way7Jk-jrl2LXh0fnYeQmWJUE3uyMd6C6yAJmBLdP07fP0dVAQDw8vJ1Fc78rOri_ckC6R502n2ANHmQ9vMkPb6gFbZ57Q?testcase_id=5081449736962048 Additional requirements: Requires Gestures See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 26 2016
ClusterFuzz has detected this issue as fixed in range 413961:414068. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5222395015331840 Fuzzer: libfuzzer_libxml_xml_read_memory_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: T_UConverter_toUnicode_UTF32_LE _UTF32ToUnicodeWithOffsets _toUnicodeWithCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=395640:395746 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=413961:414068 Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97s04-YAZUinRBbazTdMeeAtGrbzfq_g3zyC95oSdnyKknmjgn2c74zqhVYGHTccs_xN75j85dpV49alQCABm7VlwwLY1Vz168n6LcSUWi8JOf6khdWPTXeLEx4EgkRn-9NBZfMzR4xHdXeqPzU4ES-lvVobQ?testcase_id=5222395015331840 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 22 2016
ClusterFuzz testcase 6376865845739520 is flaky and no longer reproduces, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by mmoroz@chromium.org
, Apr 14 2016Owner: js...@chromium.org