Null-dereference READ in __msan_memcpy |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6427923742195712 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000004 Crash State: __msan_memcpy SkWriter32::writeRect SkTextBlob::flatten Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=548593:548601 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6427923742195712 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jul 15
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Jul 15
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/c96940cb27bc403ba1d3806b26e7160b3d47133d (cc: Avoid extra allocation and copy for SkTextBlob serialization.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jul 28
ClusterFuzz has detected this issue as fixed in range 578890:578896. Detailed report: https://clusterfuzz.com/testcase?key=6427923742195712 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000004 Crash State: __msan_memcpy SkWriter32::writeRect SkTextBlob::flatten Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=548593:548601 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=578890:578896 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6427923742195712 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 28
ClusterFuzz testcase 6427923742195712 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Nov 17
The following revision refers to this bug: https://chromium.googlesource.com/chromium/deps/icu.git/+/797b7c7359c0491c3d53a07f00d0815ca4247479 commit 797b7c7359c0491c3d53a07f00d0815ca4247479 Author: Jungshik Shin <jshin@chromium.org> Date: Sat Nov 17 23:11:31 2018 Add more locale variants Make the locale variant support more uniform across locale categories. What's supported in the main locale categories (data/locales) are added to data/{unit,curr} as well. The list of locales in data/zone is not yet updated. Moreover, sr and sw variants are added to data/{locales,unit,curr}. The cast removal list is simplified using 'glob' pattern instead of listing individual files for curr and unit categories. The data size is still under control on most platforms. They're actually smaller than the first ICU 63.1 update thanks to additional trimming in zone/unit categories except on desktop (59kB increase). Initial 63.1 This CL Platform 6375056 6353648 android 4916608 4745488 cast 10268240 10324816 common 880512 880928 flutter 6361376 6313376 ios TBR=almasrymina@chromium.org,ftang@chromium.org,gsathya@chromium.org Change-Id: I21dc5ec752795f485cfeb64ab1eb7eb8b23f3991 Bug: 863739 Test: {base,components,net}_unittests, blink, v8(intl/*,test262/intl402) Reviewed-on: https://chromium-review.googlesource.com/c/1335789 Reviewed-by: Jungshik Shin <jshin@chromium.org> [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/android/icudtl.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/cast/cast-removed-resources.txt [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/cast/icudtl.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/cast/patch_locale.sh [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/common/icudtb.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/common/icudtl.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/flutter/flutter-removed-resources.txt [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/flutter/icudtl.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/ios/icudtl.dat [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/patches/locale_google.patch [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/scripts/trim_data.sh [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/source/data/curr/reslocal.mk [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/source/data/locales/reslocal.mk [modify] https://crrev.com/797b7c7359c0491c3d53a07f00d0815ca4247479/source/data/unit/reslocal.mk
,
Nov 18
Sorry I had a typo in the CL description. It's bug 863749. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Jul 15Labels: Test-Predator-Auto-Components