Null-dereference READ in spvtools::val::Instruction::opcode |
|||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5737804925239296 Fuzzer: libFuzzer_spvtools_val_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x00000000003a Crash State: spvtools::val::Instruction::opcode spvtools::val::ValidateArrayLength spvtools::val::MemoryPass Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=611369:611409 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5737804925239296 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Nov 29
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Nov 29
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/external/github.com/KhronosGroup/SPIRV-Tools/+/4e22b601224b1ddc3eb60ab38d9d1d89e81135e5 (Add validation for OpArrayLength. (#2117)). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Nov 29
,
Dec 1
ClusterFuzz testcase 5737804925239296 appears to be flaky, updating reproducibility label.
,
Dec 1
Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.
,
Dec 4
ClusterFuzz has detected this issue as fixed in range 613208:613234. Detailed report: https://clusterfuzz.com/testcase?key=5737804925239296 Fuzzer: libFuzzer_spvtools_val_fuzzer Fuzz target binary: spvtools_val_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x00000000003a Crash State: spvtools::val::Instruction::opcode spvtools::val::ValidateArrayLength spvtools::val::MemoryPass Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=611369:611409 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=613208:613234 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5737804925239296 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 4
ClusterFuzz testcase 5737804925239296 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by ClusterFuzz
, Nov 29Labels: Test-Predator-Auto-Components