New issue
Advanced search Search tips

Issue 921321 link

Starred by 1 user
Status: Assigned
Owner:
rharrison@chromium.org
Cc:
cwallez@chromium.org
kainino@chromium.org
metzman@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Stack-overflow in spirv_cross::Compiler::to_name

Project Member Reported by ClusterFuzz, Jan 12 
Detailed report: https://clusterfuzz.com/testcase?key=6013367353081856

Fuzzer: afl_dawn_spirv_cross_msl_fast_fuzzer
Fuzz target binary: dawn_spirv_cross_msl_fast_fuzzer
Job Type: afl_chrome_asan
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7ffdf2b6eff8
Crash State:
  spirv_cross::Compiler::to_name
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=afl_chrome_asan&range=609745:609757

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6013367353081856

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.
Project Member

Comment 1 by ClusterFuzz, Jan 12

Cc: kainino@chromium.org cwallez@chromium.org
Labels: ClusterFuzz-Auto-CC
Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Comment 2 by cwallez@google.com, Jan 12

Components: Internals>GPU>Dawn
Owner: rharrison@chromium.org
Status: Assigned (was: Untriaged)

Comment 3 by rharrison@chromium.org, Jan 14 

This looks like this is causing an infinite recursion in spirv_cross. Running the input through spirv-val, the input is not actually a valid SPIR-V file, so I suspect this issue will be resolved when we migrate to using spvc for calling spirv-cross. I will keep this open, so I can retest this once the conversion is completed.

Sign in to add a comment