Issue metadata
Sign in to add a comment
|
Use-of-uninitialized-value in SkOpPtT::addOpp |
||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5415733619326976 Fuzzer: libfuzzer_skia_pathop_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: SkOpPtT::addOpp SkOpContour::joinSegments SkOpContourHead::joinAllSegments Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=438538:438687 Minimized Testcase (0.24 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95YJN3Kscb38iMeggqwofaZOArrVvrx713F2M7drrAM-1c71E0X2SSmFxM_ji3wWz40O_nNot3zlfP-EJhHIWBeZkVYhetJDOiqL3Ph-XFMxOJmLKdEn_KNWSTEqacZex6U_uyucF0kVxP2KVAanW4KzW8yHA?testcase_id=5415733619326976 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Dec 17 2016
This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 17 2016
,
Dec 20 2016
caryclark: Would you mind taking a look at this?
,
Dec 20 2016
ClusterFuzz has detected this issue as fixed in range 439626:439695. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5415733619326976 Fuzzer: libfuzzer_skia_pathop_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: SkOpPtT::addOpp SkOpContour::joinSegments SkOpContourHead::joinAllSegments Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=438538:438687 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=439626:439695 Minimized Testcase (0.24 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95YJN3Kscb38iMeggqwofaZOArrVvrx713F2M7drrAM-1c71E0X2SSmFxM_ji3wWz40O_nNot3zlfP-EJhHIWBeZkVYhetJDOiqL3Ph-XFMxOJmLKdEn_KNWSTEqacZex6U_uyucF0kVxP2KVAanW4KzW8yHA?testcase_id=5415733619326976 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 20 2016
ClusterFuzz testcase 5415733619326976 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Dec 20 2016
,
Dec 20 2016
The following revision refers to this bug: https://skia.googlesource.com/skia.git/+/8e444a68024bf1e082bbfffe12ae08c981bb26d3 commit 8e444a68024bf1e082bbfffe12ae08c981bb26d3 Author: Cary Clark <caryclark@google.com> Date: Tue Dec 20 17:52:34 2016 check for empty contours in sortable top TBR=reed@google.com BUG= 675132 Change-Id: I022ce0c59574b450e47e22a3dac0929034439b1b Reviewed-on: https://skia-review.googlesource.com/6334 Reviewed-by: Cary Clark <caryclark@google.com> Commit-Queue: Cary Clark <caryclark@google.com> [modify] https://crrev.com/8e444a68024bf1e082bbfffe12ae08c981bb26d3/src/pathops/SkPathOpsWinding.cpp
,
Dec 20 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/911fd06007472f0c79e31ba8947d8edf4661daa8 commit 911fd06007472f0c79e31ba8947d8edf4661daa8 Author: skia-deps-roller <skia-deps-roller@chromium.org> Date: Tue Dec 20 23:38:42 2016 Roll src/third_party/skia/ 86cedfc31..6ad3d2fa3 (11 commits). https://skia.googlesource.com/skia.git/+log/86cedfc31588..6ad3d2fa3858 $ git log 86cedfc31..6ad3d2fa3 --date=short --no-merges --format='%ad %ae %s' 2016-12-20 halcanary xps.gni 2016-12-20 bsalomon Rename batch->op in GrAuditTrail. 2016-12-20 brianosman Add color space xform to GrMagnifierEffect 2016-12-20 bsalomon Rename files, macros, types, and functions related to GrDrawOp testing. 2016-12-20 bsalomon Remove the last "batch tracker" from AAStrokeRectOp. 2016-12-20 brianosman Add color space xform support to GrDisplacementEffect 2016-12-20 brianosman Add color space xform bits to key for texture domain effect 2016-12-20 robertphillips Fix more Skia filter fuzzer bugs 2016-12-20 caryclark check for empty contours in sortable top 2016-12-20 bsalomon GPU: Fix for fuzzer issue for sw-rendered paths with large bounds. 2016-12-19 robertphillips Fix mapping from src to dst image space in SkAlphaThresholdFilter BUG= 675132 , 675315 , 675332 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, see: http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel TBR=rmistry@google.com Review-Url: https://codereview.chromium.org/2590913005 Cr-Commit-Position: refs/heads/master@{#439928} [modify] https://crrev.com/911fd06007472f0c79e31ba8947d8edf4661daa8/DEPS
,
Jan 27 2017
,
Mar 28 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, Dec 17 2016