Author: Olli Etuaho
Project: chromium-angle
Changelist: https://chromium.googlesource.com/angle/angle.git/+/809ec54627b0bcda67d48e4dfd66ff70c188b7ac
Time: Wed Aug 26 11:30:57 2015
The CL last changed line 1609 of file ExpressionParser.cpp, which is stack frame 0.

Author: alokp@chromium.org
Project: chromium-angle
Changelist: https://chromium.googlesource.com/angle/angle.git/+/04d7d22bb835408a82600244e09b9dcacbc0fa11
Time: Wed May 16 19:24:07 2012
The CL last changed line 1995 of file ExpressionParser.cpp, which is stack frame 1.

@alokp: Assigning to you and @oetuaho: Cc'ing you. Request you to please take a look into it. Please help us to reassign the issue to the right owner if not with respect to your changes.

Thanks.!

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a8080680b93164bc5a385ed6d619be90bdfb5ce5

commit a8080680b93164bc5a385ed6d619be90bdfb5ce5
Author: cwallez <cwallez@chromium.org>
Date: Wed Oct 05 21:08:39 2016

Roll ANGLE 4c65524..d08f3b3

https://chromium.googlesource.com/angle/angle.git/+log/4c65524..d08f3b3

BUG= chromium:652223 

TBR=geofflang@chromium.org

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2391413002
Cr-Commit-Position: refs/heads/master@{#423290}

[modify] https://crrev.com/a8080680b93164bc5a385ed6d619be90bdfb5ce5/DEPS

ClusterFuzz has detected this issue as fixed in range 423278:423338.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6736086665789440

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  ppparse
  pp::ExpressionParser::parse
  pp::DirectiveParser::parseExpressionIf
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=420371:420478
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=423278:423338

Minimized Testcase (0.24 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96FKi-EL8GT6qIQVS9K3QBtLeMDOwYuU67WZpIj-JCIKq8waQF7tsBKgGCSc9hrcAS-up0Ji_-b-iltlRK6n86ZNH1_PgndAoR4SSDO7kaVC2kJJUsHJlrLPWCiwGPUWZIGay4PaQmnXIQzbvcODfOhtlO2Cw?testcase_id=6736086665789440

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

 Issue 653693  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a8080680b93164bc5a385ed6d619be90bdfb5ce5

commit a8080680b93164bc5a385ed6d619be90bdfb5ce5
Author: cwallez <cwallez@chromium.org>
Date: Wed Oct 05 21:08:39 2016

Roll ANGLE 4c65524..d08f3b3

https://chromium.googlesource.com/angle/angle.git/+log/4c65524..d08f3b3

BUG= chromium:652223 

TBR=geofflang@chromium.org

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2391413002
Cr-Commit-Position: refs/heads/master@{#423290}

[modify] https://crrev.com/a8080680b93164bc5a385ed6d619be90bdfb5ce5/DEPS

 Issue 660049  has been merged into this issue.

[Automated comment] removing mislabelled merge-merged-2840

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz testcase 5817404922003456 is still reproducing on tip-of-tree build (trunk).

Please re-test your fix against this testcase and if the fix was incorrect or incomplete, please re-open the bug. Otherwise, ignore this notification and add ClusterFuzz-Wrong label.