num_glyphs >= 0 |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5808042252959744 Fuzzer: libfuzzer_sfntly_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: num_glyphs >= 0 libpthread.so.0 sfntly::HorizontalMetricsTable::Builder::SetNumGlyphs Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95_Le2xZT1sIumXQIS6MzweU8it3ghVJcEW-_-6d4W2YRYbXVVYXanmEW-nLGGL0lxYs9sGwGPrxkT6xi6qFP-ngatFBTlYQCZ-R16-Ya3h6QB0Aiqe9kT8CRF7mI6u0nhh3q6xDyqqUn3WrOTxJsiNxiUb0sr9JVuDw2yLaPl1_5L5-MSMcuHcC8frsESNQThMbp7YJ-06fUNsIKYTYC53TsID5GOIv_t6XGJIRn8SZuzsQXIV55X-7WOwnDS4JPGzG1fwmvtZc8qXImayTtM2AqQf4G1_se9zEt3EnN1_WaFrnTJyUY79Rra4FoXQgq1iZbPwQfqs_W8yiMu_g7vkNcbbsEC7vyhaQn2qqe1F5yUADDk?testcase_id=5808042252959744 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Mar 9 2017
,
Mar 28 2017
,
Mar 28 2017
,
Mar 28 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/83d38421f79045fef26de00d4c76198c06067852 commit 83d38421f79045fef26de00d4c76198c06067852 Author: thestig <thestig@chromium.org> Date: Tue Mar 28 19:27:17 2017 Roll DEPS for sfntly de3cce5..04740d2 04740d2 Merge pull request #75 from leizleiz/morefixes 0c9b2fd Fix nits in OTFBasicEditing test. 3723ffd Fix ReadableFontData::ReadDateTimeAsLong(). 126f3b3 Fix assert failures in HorizontalMetricsTable. 8fcbf51 Check offsets in FontFactory::LoadCollectionForBuilding(). b95a8f4 Avoid integer overflow in LocaTable::GlyphLength(). cccd3aa Check for integer overflow in SetupGlyfBuilders. f1384b2 Fix more NULL pointer derefs in sfntly::Font::Builder. 7525f24 Revert commit 3e3a91a. BUG= 659936 ,663737, 666619 , 669806 , 699510 , 705357 TBR=behdad@chromium.org,jshin@chromium.org Review-Url: https://codereview.chromium.org/2784563002 Cr-Commit-Position: refs/heads/master@{#460186} [modify] https://crrev.com/83d38421f79045fef26de00d4c76198c06067852/DEPS
,
Mar 28 2017
,
Mar 29 2017
ClusterFuzz has detected this issue as fixed in range 460170:460210. Detailed report: https://clusterfuzz.com/testcase?key=5808042252959744 Fuzzer: libfuzzer_sfntly_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: num_glyphs >= 0 sfntly::HorizontalMetricsTable::Builder::SetNumGlyphs sfntly::Font::Builder::InterRelateBuilders Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=460170:460210 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv959Grc1nIJQJ7zl7b-c3PyEnwUHhKDxbl8xkRW9WRwdDnLimg9-rUGhfhBuOXMBpeA1rJ8BoW4e64i9AutWeuTU7WKdIYuq6V_Fp2psCouR34pVJr8DSWWVoZfNlY7Y8zzfyL1DN7Kr0hoa5o3jJpoYukZaHSb9-Xc5yh3Q67x1yrfyX9bv1ozNforD8qmA1PLPTxOboritNHDGxAuxz6HUSplfZunfK8BMcdmYM1anJgLWCTJSNKTX9wImLOufk5gf3MVui_pkdfd4cLT96R81w3zu_fI-yO8Cr1TRzZXD3UBni1zrmPHdyjhTzGHugXVSAZq5_brxNBSmPn3zl2I5IUPVK8-UNwnQZiIpxlqFo0uRVRw?testcase_id=5808042252959744 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
||||
►
Sign in to add a comment |
||||
Comment 1 by mummare...@chromium.org
, Mar 8 2017Labels: Test-Predator-Wrong M-59