New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 632607 link

Starred by 1 user
Status: Fixed
Owner:
caryclark@google.com
Last visit > 30 days ago
Closed: Aug 2016
Cc:
caryclark@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug-Regression



Sign in to add a comment

Crash in FixWinding

Project Member Reported by ClusterFuzz, Jul 29 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5388897509179392

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e900002661
Crash State:
  FixWinding
  SkOpBuilder::resolve
  LLVMFuzzerTestOneInput
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408389:408457

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96OPaxPBRYlUAFakC6HZXffOjqAPMm9OWWAeUvsnLBOXQdoyJ0DbyrWnkq5YAj-UaLbNw8grNrnlJ4dlnzb9xQRGkz6HQyRyZA-R-O7mj957CxMM_gBviG2JPcCA7MvWW_wDR9xBztYmMK4QAJXFADqbocWgw?testcase_id=5388897509179392

Filer: rnimmagadda

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by rnimmagadda@chromium.org, Jul 29 2016

Components: Tools>Test>FindIt>CorrectResult
Labels: -Pri-1 -Type-Bug M-54 Findit-for-crash Te-Logged Pri-2 Type-Bug-Regression
Owner: caryclark@chromium.org
Status: Assigned (was: Untriaged)
Based on this issue "617635".

@caryclark: Could you please look into this issue.

Thank you.

Comment 2 by caryclark@google.com, Jul 30 2016 

I'm away on vacation. I'll be back August 8th.
Project Member

Comment 3 by ClusterFuzz, Aug 1 2016 

ClusterFuzz has detected this issue as fixed in range 408588:408608.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5388897509179392

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e9000049fa
Crash State:
  FixWinding
  SkOpBuilder::resolve
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408389:408457
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408588:408608

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97lrpqpOU1YTwCMRjjqgr3nMOC6xpyfWiYxv7bnXBuS3LwDx4x0Pcjv6dRi5hkM4GJUolhNdHbYA3twMN-fGE_DuDOd6ONU5OEsbaHyXNa37xlQviuvGMI7ncVzaXau6NXBFzoy7Lk7uwH_2vugzyqyXtesSA?testcase_id=5388897509179392

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 4 by ClusterFuzz, Aug 1 2016

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)
ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Comment 5 by mummare...@chromium.org, Aug 2 2016

Status: Assigned (was: Verified)
Still seeing this crash, so reopening the bug.
Project Member

Comment 6 by ClusterFuzz, Aug 2 2016 

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5286871003561984

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e90000467b
Crash State:
  FixWinding
  SkOpBuilder::resolve
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=409082:409160

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94gXlVRgFtgidVEnX6X2XkiXoYY4ewXIMXEYrtlyfwB98cbmytajFmtlnZvECn6C-yS0MIXy5SFZB__c7csp4ve5LGkMt0R5I88hu60s7DMNgIBYtbWT9bHvDaqI3PfGeqBgbphO1SRtC8tTXSsdHm8It-BiA?testcase_id=5286871003561984

Filer: mummareddy

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
Project Member

Comment 7 by ClusterFuzz, Aug 3 2016 

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5286871003561984

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e90000467b
Crash State:
  FixWinding
  SkOpBuilder::resolve
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=409082:409160

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94gXlVRgFtgidVEnX6X2XkiXoYY4ewXIMXEYrtlyfwB98cbmytajFmtlnZvECn6C-yS0MIXy5SFZB__c7csp4ve5LGkMt0R5I88hu60s7DMNgIBYtbWT9bHvDaqI3PfGeqBgbphO1SRtC8tTXSsdHm8It-BiA?testcase_id=5286871003561984

Filer: ranjitkan

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
Project Member

Comment 8 by ClusterFuzz, Aug 3 2016 

ClusterFuzz has detected this issue as fixed in range 409160:409173.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5286871003561984

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e90000467b
Crash State:
  FixWinding
  SkOpBuilder::resolve
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=409082:409160
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=409160:409173

Minimized Testcase (0.03 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94gXlVRgFtgidVEnX6X2XkiXoYY4ewXIMXEYrtlyfwB98cbmytajFmtlnZvECn6C-yS0MIXy5SFZB__c7csp4ve5LGkMt0R5I88hu60s7DMNgIBYtbWT9bHvDaqI3PfGeqBgbphO1SRtC8tTXSsdHm8It-BiA?testcase_id=5286871003561984

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Comment 10 by caryclark@google.com, Aug 8 2016

Cc: caryclark@chromium.org
Owner: caryclark@google.com
Project Member

Comment 11 by bugdroid1@chromium.org, Aug 8 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ac8f7479131ebdf1ddc207a49e486ed300769070

commit ac8f7479131ebdf1ddc207a49e486ed300769070
Author: skia-deps-roller <skia-deps-roller@chromium.org>
Date: Mon Aug 08 23:10:07 2016

Roll src/third_party/skia/ c97796b47..643ede692 (3 commits).

https://chromium.googlesource.com/skia.git/+log/c97796b47b2f..643ede69216c

$ git log c97796b47..643ede692 --date=short --no-merges --format='%ad %ae %s'
2016-08-08 caryclark template intersection fuzz fixes
2016-08-08 fmalita [SVGDom] Improve whitespace handling in style parsing
2016-08-08 lsalzman make SpecialLineRec::addSegment assert more permissive to accomodate rounding error

BUG= 632607 , 632628 , 633063 , 633065 , 634251 , 633608 

CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel
TBR=halcanary@google.com

Review-Url: https://codereview.chromium.org/2227853002
Cr-Commit-Position: refs/heads/master@{#410488}

[modify] https://crrev.com/ac8f7479131ebdf1ddc207a49e486ed300769070/DEPS

Comment 12 by caryclark@google.com, Aug 9 2016

Status: Fixed (was: Assigned)
Project Member

Comment 13 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment