[llvm-bugs] Issue 15836 in oss-fuzz: llvm/llvm-opt-fuzzer--x86_64-simplifycfg: Use-of-uninitialized-value in bool llvm::DenseMapBase<llvm::DenseMap<llvm::StringRef, llvm::detail::DenseSetEm

ClusterFuzz-External via monorail via llvm-bugs llvm-bugs at lists.llvm.org
Mon Jul 15 04:56:38 PDT 2019 

Status: New
Owner: ----
CC: kcc at google.com, mascasa at google.com, jdevlieg... at apple.com,  
igm... at gmail.com, mitchp at google.com, bigchees... at gmail.com,  
eneyman at google.com, llvm-b... at lists.llvm.org, jfb at chromium.org,  
v... at apple.com, mitchphi... at outlook.com, xpl... at gmail.com,  
akils... at apple.com
Labels: ClusterFuzz Stability-Memory-MemorySanitizer Unreproducible  
Engine-libfuzzer OS-Linux Proj-llvm Security_Severity-Medium  
Reported-2019-07-15
Type: Bug-Security

New issue 15836 by ClusterFuzz-External:  
llvm/llvm-opt-fuzzer--x86_64-simplifycfg: Use-of-uninitialized-value in  
bool llvm::DenseMapBase<llvm::DenseMap<llvm::StringRef,  
llvm::detail::DenseSetEm
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15836

Detailed report: https://oss-fuzz.com/testcase?key=5688396233572352

Project: llvm
Fuzzer: libFuzzer_llvm_llvm-opt-fuzzer--x86_64-simplifycfg
Fuzz target binary: llvm-opt-fuzzer--x86_64-simplifycfg
Job Type: libfuzzer_msan_llvm
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address:
Crash State:
   bool llvm::DenseMapBase<llvm::DenseMap<llvm::StringRef,  
llvm::detail::DenseSetEm
   llvm::detail::DenseSetPair<llvm::StringRef>*  
llvm::DenseMapBase<llvm::DenseMap<l
   llvm::UniqueStringSaver::save

Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Reproducer Testcase:  
https://oss-fuzz.com/download?testcase_id=5688396233572352

Issue filed automatically.

See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for  
instructions to reproduce this bug locally.

Note: This crash might not be reproducible with the provided testcase. That  
said, for the past 14 days we've been seeing this crash frequently. If you  
are unable to reproduce this, please try a speculative fix based on the  
crash stacktrace in the report. The fix can be verified by looking at the  
crash statistics in the report, a day after the fix is deployed. We will  
auto-close the bug if the crash is not seen for 14 days.

-- 
You received this message because:
   1. You were specifically CC'd on the issue

You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings

Reply to this email to add a comment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190715/1f2adf16/attachment.html>

More information about the llvm-bugs mailing list