Crash in SkOpCoincidence::addOverlap |
||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5799018693394432 Fuzzer: afl_skia_pathop_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000000 Crash State: SkOpCoincidence::addOverlap SkOpCoincidence::findOverlaps HandleCoincidence Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=402185:402404 Minimized Testcase (0.09 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97dabJCKwou7ZscrSRvPDU3-NjJpanyOlEh0HnrMfQkrr0EfrX0219EVbVvPHZhg-GxFobYBrfxWFMkUyfoq45Zrlr5LwZ_i6DrQA2YUOSaFBZzJwoKASggu0hofIBn3Ua6vOwk468NzVpgT5xO_XgM2g_lfQ?testcase_id=5799018693394432 Filer: mummareddy See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 6 2016
,
Jul 8 2016
,
Jul 8 2016
,
Jul 13 2016
Issue 627987 has been merged into this issue.
,
Jul 14 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6663425321336832 Fuzzer: afl_skia_pathop_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000000 Crash State: SkOpCoincidence::addOverlap SkOpCoincidence::findOverlaps HandleCoincidence Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94wIQ2O9WD7n6srNduR16HAua6MK80sxyuO57C5WuGkU-689O0tOpIdmGNbCZwSg15ZK1pakC9-FqHZxP47yvwChn7d7od66-0nD8trvUSX3mFTDTQHV1YXDmFoaODqYo1_aDebpjfrQNjg6EH9J4QB0fMd_A?testcase_id=6663425321336832 Filer: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 15 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6074298951532544 Fuzzer: afl_skia_pathop_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000000 Crash State: SkOpCoincidence::addOverlap SkOpCoincidence::findOverlaps HandleCoincidence Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96dHMSauTIASfW0dWFfvHgvej1mhgRN6pyVvokqvGCao4LqGrvJbuM-D70fmuJ8CfGP4SOtv541xcRfAockKHB3zDXhehs4bJsvlbI53rqnZZtOOqQbg-pzf1VG-IkFfmcn7FPjMclhcPX_j8rPTsvqhjmUsQ?testcase_id=6074298951532544 Filer: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 19 2016
Fixed? Can't repro with any of the above test cases
,
Jul 19 2016
,
Oct 5 2016
still seeing this failure ,please check the below comment. Thank you
,
Oct 5 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5132343025336320 Fuzzer: afl_skia_pathop_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000000 Crash State: SkOpCoincidence::addOverlap SkOpCoincidence::findOverlaps HandleCoincidence Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=423154:423192 Minimized Testcase (0.23 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94Mo6pdPsRSsjqJrti5V0pzwl6uS29IEBI8phSNKIJtckZSqXJPfbSDEGVXPmfHnpB7-277YgdMMYQRj9G63ADlPP-hVh0YjI-RL2fIBqFAW-csLzrBcmmUiYCSSCJQVLORjCvh67S4qD606QviBcslVm7PMA?testcase_id=5132343025336320 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Oct 6 2016
,
Oct 6 2016
The following revision refers to this bug: https://skia.googlesource.com/skia.git/+/40f23780e7ca36818660add0faf783fda81bf0b1 commit 40f23780e7ca36818660add0faf783fda81bf0b1 Author: Cary Clark <caryclark@google.com> Date: Thu Oct 06 16:04:16 2016 fuzzer fix Error out when fuzzing conditions are met. Also, make degenerate input line ends consistent. TBR=reed@google.com BUG= 653452 , 626164 , skia:5829 GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=3048 Change-Id: I23a01adde9dec07b54d66ab2418b3ea0b96e4456 Reviewed-on: https://skia-review.googlesource.com/3048 Commit-Queue: Cary Clark <caryclark@google.com> Reviewed-by: Cary Clark <caryclark@google.com> [modify] https://crrev.com/40f23780e7ca36818660add0faf783fda81bf0b1/src/pathops/SkOpCoincidence.cpp [modify] https://crrev.com/40f23780e7ca36818660add0faf783fda81bf0b1/src/pathops/SkOpCoincidence.h [modify] https://crrev.com/40f23780e7ca36818660add0faf783fda81bf0b1/src/pathops/SkOpEdgeBuilder.cpp [modify] https://crrev.com/40f23780e7ca36818660add0faf783fda81bf0b1/src/pathops/SkPathOpsCommon.cpp [modify] https://crrev.com/40f23780e7ca36818660add0faf783fda81bf0b1/tests/PathOpsOpTest.cpp
,
Oct 6 2016
,
Oct 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c243409f8f9f7cfcae4264c1b1884cbef4feef3c commit c243409f8f9f7cfcae4264c1b1884cbef4feef3c Author: skia-deps-roller <skia-deps-roller@chromium.org> Date: Fri Oct 07 21:11:33 2016 Roll src/third_party/skia/ d207884bf..221a4bb55 (21 commits). https://chromium.googlesource.com/skia.git/+log/d207884bf5d1..221a4bb55b51 $ git log d207884bf..221a4bb55 --date=short --no-merges --format='%ad %ae %s' 2016-10-07 caryclark fix fuzz busters 2016-10-07 mtklein SkRasterPipeline: 8x pipelines, attempt 2 2016-10-07 senorblanco GrTessellator: refactor Line out of Edge. 2016-10-07 bungeman Whitespace change to kick build. 2016-10-07 jvanverth Reduce geometry size for circles to help fill rate. 2016-10-07 stephana Disable svgs on nanobench when running on Valgrind 2016-10-07 mtklein Revert "SkRasterPipeline: 8x pipelines" 2016-10-06 robertphillips Disable antialiasing on interior of filled RRects that need distance vectors 2016-10-06 mtklein SkRasterPipeline: 8x pipelines 2016-10-06 fmalita Assorted Android fixes 2016-10-05 bungeman Auto re-gen for gn cmake generator. 2016-10-06 robertphillips Add distance values to interior of filled RRects 2016-10-06 fmalita Harden SkPicturePlayback::handleOp() skips 2016-10-06 egdaniel Fix Vulkan orientation during screne rotations 2016-10-06 herb Fix SkDeferredCanvas for use on android. 2016-10-06 caryclark remove sprintf 2016-10-06 mtklein Make load4 and store4 part of SkNx properly. 2016-10-06 caryclark fuzzer fix 2016-10-06 reed fix other printf warning for SkBlendMode 2016-10-06 caryclark fix mac all build 2016-10-06 xidachen Fix SkPath::arcTo when sweepAngle is tiny and radius is big BUG= 653452 , 626164 , 640031 CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel TBR=stephana@google.com Review-Url: https://codereview.chromium.org/2405553002 Cr-Commit-Position: refs/heads/master@{#423965} [modify] https://crrev.com/c243409f8f9f7cfcae4264c1b1884cbef4feef3c/DEPS
,
Oct 8 2016
ClusterFuzz has detected this issue as fixed in range 423951:424006. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5132343025336320 Fuzzer: afl_skia_pathop_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000000 Crash State: SkOpCoincidence::addOverlap SkOpCoincidence::findOverlaps HandleCoincidence Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=423154:423192 Fixed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=423951:424006 Minimized Testcase (0.23 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94Mo6pdPsRSsjqJrti5V0pzwl6uS29IEBI8phSNKIJtckZSqXJPfbSDEGVXPmfHnpB7-277YgdMMYQRj9G63ADlPP-hVh0YjI-RL2fIBqFAW-csLzrBcmmUiYCSSCJQVLORjCvh67S4qD606QviBcslVm7PMA?testcase_id=5132343025336320 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by mummare...@chromium.org
, Jul 6 2016Status: Assigned (was: Available)