fuzzer for third_party icu::UnicodeString::UnicodeString (invokes doCodepageCreate) implemented

fuzzer for third_party icu::UnicodeString::UnicodeString (invokes doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572
Committed: https://crrev.com/6604dc8a92b4c635de2c5c29e2f303f4dc573016
Cr-Commit-Position: refs/heads/master@{#367162}

[inferno, 2015-12-16 16:58:08]

inferno@chromium.org changed reviewers:
+ jshin@chromium.org

[inferno, 2015-12-16 16:58:08]

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
File testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc (right):

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:12: // Need
null-terminated string
Nit: end with period (.).

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:16: //TODO:
need best input generation for third argument passed
Nit: space b/w // and TODO and next line, no need of extra starting space.

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:20:
buffer.data());
I wonder if we should split data into two parts and use one for buffer and one
for codepage. +cc Jshin@, our unicode expert.

[krasin, 2015-12-16 19:54:37]

krasin@google.com changed reviewers:
+ krasin@google.com

[krasin, 2015-12-16 19:54:37]

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
File testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc (right):

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:17: //     
may be use dicitonary of different codepages
typo: s/dicitonary/dictionary

https://codereview.chromium.org/1531743002/diff/1/testing/libfuzzer/fuzzers/u...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:20:
buffer.data());
On 2015/12/16 16:58:08, inferno wrote:
> I wonder if we should split data into two parts and use one for buffer and one
> for codepage. +cc Jshin@, our unicode expert.

That's generally a good idea. See
https://code.google.com/p/chromium/codesearch#chromium/src/testing/libfuzzer/...
as an example (I split the data into three parts there)

Otherwise, it sometimes is not possible to get the full (or even decent)
coverage.

[jungshik at Google, 2015-12-18 23:02:03]

LGTM

https://codereview.chromium.org/1531743002/diff/20001/testing/libfuzzer/fuzze...
File testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc (right):

https://codereview.chromium.org/1531743002/diff/20001/testing/libfuzzer/fuzze...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:8: #include
"unicode/unistr.h"
nit: In chromium, we use a longer path :
third_party/icu/source/common/unicode/unistr.h

(in Blink, we use a shorter path).

https://codereview.chromium.org/1531743002/diff/20001/testing/libfuzzer/fuzze...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:17: // may be
use dictionary of different codepages.
I agree. The list of encoding names (and their aliases) in use by Blink and
Chrome is in third_party/icu/source/data/mappings/convrtrs.txt or
third_party/icu/source/data/mappings/ucmlocal.txt

[mmoroz, 2015-12-29 16:21:44]

The CQ bit was checked by mmoroz@chromium.org

[mmoroz, 2015-12-29 16:21:44]

The patchset sent to the CQ was uploaded after l-g-t-m from jshin@chromium.org
Link to the patchset: https://codereview.chromium.org/1531743002/#ps40001
(title: "fix header path and upgrade choosing of codepage parameter")

[commit-bot: I haz the power, 2015-12-29 16:21:52]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1531743002/40001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1531743002/40001

[commit-bot: I haz the power, 2015-12-29 16:23:51]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2015-12-29 16:23:52]

Try jobs failed on following builders:
  ios_dbg_simulator_ninja on tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/ios_dbg_simulator...)

[mmoroz, 2015-12-30 12:18:17]

The CQ bit was checked by mmoroz@chromium.org

[commit-bot: I haz the power, 2015-12-30 12:18:30]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1531743002/40001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1531743002/40001

[commit-bot: I haz the power, 2015-12-30 12:19:43]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2015-12-30 12:19:43]

Try jobs failed on following builders:
  ios_dbg_simulator_ninja on tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/ios_dbg_simulator...)
  ios_rel_device_ninja on tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/ios_rel_device_ni...)
  mac_chromium_gn_rel on tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_gn_r...)

[inferno, 2015-12-30 16:46:02]

https://codereview.chromium.org/1531743002/diff/60001/testing/libfuzzer/fuzze...
File testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc (right):

https://codereview.chromium.org/1531743002/diff/60001/testing/libfuzzer/fuzze...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:83: if
(offset < 0)
offset is confusing, just change size.

https://codereview.chromium.org/1531743002/diff/60001/testing/libfuzzer/fuzze...
testing/libfuzzer/fuzzers/unicode_string_codepage_create_fuzzer.cc:94:
icu::UnicodeString unicode_string(buffer.data() + 1, offset, codepage);
buffer.data()+1 seems wrong, it should be buffer.data()

[inferno, 2015-12-30 16:59:31]

The CQ bit was checked by inferno@chromium.org

[inferno, 2015-12-30 16:59:31]

lgtm

[inferno, 2015-12-30 16:59:32]

The patchset sent to the CQ was uploaded after l-g-t-m from jshin@chromium.org
Link to the patchset: https://codereview.chromium.org/1531743002/#ps80001
(title: "removed confusing local var + fixed buffer passed to UnicodeString
constructor")

[inferno, 2015-12-30 16:59:50]

Description was changed from

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
BUG=539572
==========

to

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572
==========

[commit-bot: I haz the power, 2015-12-30 17:00:03]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1531743002/80001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1531743002/80001

[inferno, 2015-12-30 17:00:58]

The CQ bit was unchecked by inferno@chromium.org

[inferno, 2015-12-30 17:01:26]

The CQ bit was checked by inferno@chromium.org

[commit-bot: I haz the power, 2015-12-30 17:02:38]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1531743002/80001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1531743002/80001

[commit-bot: I haz the power, 2015-12-30 17:46:33]

Description was changed from

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572
==========

to

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572
==========

[commit-bot: I haz the power, 2015-12-30 17:46:34]

Committed patchset #5 (id:80001)

[commit-bot: I haz the power, 2015-12-30 17:47:22]

Description was changed from

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572
==========

to

==========
fuzzer for third_party icu::UnicodeString::UnicodeString (invokes
doCodepageCreate) implemented

R=aizatsky@chromium.org, inferno@chromium.org, krasin@chromium.org
TBR=krasin@chromium.org
BUG=539572

Committed: https://crrev.com/6604dc8a92b4c635de2c5c29e2f303f4dc573016
Cr-Commit-Position: refs/heads/master@{#367162}
==========

[commit-bot: I haz the power, 2015-12-30 17:47:24]

Patchset 5 (id:??) landed as
https://crrev.com/6604dc8a92b4c635de2c5c29e2f303f4dc573016
Cr-Commit-Position: refs/heads/master@{#367162}