Use-of-uninitialized-value in _start |
||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5819203523444736 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: _start Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=421508:421597 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96G_7N3C8IMhO0YbAVMCo2S_0tB8_lhapagF2fE8xLbbybM3av34KGrKfllnmDCwM2vny3sDV5T6K_58elZqtBKK1_YQ9vdeH6z95KN6nMdzEA4E4wyukyysqzzUAZzpo5u82DHZlRVRqdCWUENJWikjAY5DQ?testcase_id=5819203523444736 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Sep 29 2016
This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 29 2016
,
Sep 29 2016
kcc@: There are multiple use-of-uninitialized-value reports that I don't think correspond to Chromium bugs, so I am suspecting they might be libfuzzer issues. The regression range for all of these includes a libfuzzer roll. https://chromium.googlesource.com/chromium/src/+/b8a5efc4d6c7100e6b889fb567c71a0c29fbf35b Are you able to look into this?
,
Sep 29 2016
Issue 651313 has been merged into this issue.
,
Sep 29 2016
Issue 651294 has been merged into this issue.
,
Sep 29 2016
Issue 651286 has been merged into this issue.
,
Sep 29 2016
This should have been fixed already by new libFuzzer roll. Max?
,
Sep 29 2016
This bug is reported as M55 Beta blocker.Please try to resolve this before M55 branch on Oct 6th,2016 so it has enough baking time in Dev.
,
Sep 29 2016
Should be fixed by https://codereview.chromium.org/2381073002/. Will let CF autoclose this tonight.
,
Sep 30 2016
CF doesn't think that roll fixes the problem. I am going to keep duping uninitialized value reports into this one until it gets resolved. If any of those reports still remain open after this is closed then I can dedupe.
,
Sep 30 2016
Issue 651632 has been merged into this issue.
,
Sep 30 2016
Issue 651849 has been merged into this issue.
,
Sep 30 2016
ClusterFuzz has detected this issue as fixed in range 421846:421912. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5819203523444736 Fuzzer: libfuzzer_icu_unicode_string_codepage_create_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: _start Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=421508:421597 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=421846:421912 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96G_7N3C8IMhO0YbAVMCo2S_0tB8_lhapagF2fE8xLbbybM3av34KGrKfllnmDCwM2vny3sDV5T6K_58elZqtBKK1_YQ9vdeH6z95KN6nMdzEA4E4wyukyysqzzUAZzpo5u82DHZlRVRqdCWUENJWikjAY5DQ?testcase_id=5819203523444736 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Sep 30 2016
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by sheriffbot@chromium.org
, Sep 29 2016