New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 660711 link

Starred by 1 user
Status: Verified
Owner: ----
Closed: Nov 2016
Cc:
ben@chromium.org
nyerramilli@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

!type.isUnsizedArray()

Project Member Reported by ClusterFuzz, Oct 30 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5526059341840384

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  !type.isUnsizedArray()
  TParseContext::checkConstructorArguments
  TParseContext::addConstructor
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=420312:420423

Minimized Testcase (0.24 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94LrzQswDNSfYu9gdBmLUrej17JjtrJLdJTf3cp_zUuKau03GtIv_2WxccQjTJcNlsOMwEm2odquSmBOjg01DLKNKupwuNofXOu6kgCGH60Vg9WDQm1gqni7NzlhE1nFtBByx1Rf0hol3244l8LYs3CKHWGSg?testcase_id=5526059341840384

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by nyerramilli@chromium.org, Oct 31 2016

Cc: nyerramilli@chromium.org ben@chromium.org
Components: Infra>Git
Labels: findit-wrong M-55
providing Findit results for internal purpose:
Suspected CLs	Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: Olli Etuaho
Project: chromium-angle
Changelist: https://chromium.googlesource.com/angle/angle.git/+/856c497e47988e69afaf17ebec3d8c9d02e340c7
Time: Mon Aug 08 08:38:39 2016
The CL last changed line 566 of file ParseContext.cpp, which is stack frame 4.

Author: Olli Etuaho
Project: chromium-angle
Changelist: https://chromium.googlesource.com/angle/angle.git/+/8a17626d1bf64b6f9e9abd8822cea9dc8198a72a
Time: Tue Aug 16 11:23:01 2016
The CL last changed line 2584 of file ParseContext.cpp, which is stack frame 5.

Author: Olli Etuaho
Project: chromium-angle
Changelist: https://chromium.googlesource.com/angle/angle.git/+/856c497e47988e69afaf17ebec3d8c9d02e340c7
Time: Mon Aug 08 08:38:39 2016
The CL last changed line 4188 of file ParseContext.cpp, which is stack frame 6.

Suspected Project: chromium

requesting someone from third party team to look into this issue and update.
Project Member

Comment 2 by ClusterFuzz, Nov 5 2016 

ClusterFuzz has detected this issue as fixed in range 429934:429988.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5526059341840384

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  !type.isUnsizedArray()
  TParseContext::checkConstructorArguments
  TParseContext::addConstructor
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=420312:420423
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=429934:429988

Minimized Testcase (0.24 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94LrzQswDNSfYu9gdBmLUrej17JjtrJLdJTf3cp_zUuKau03GtIv_2WxccQjTJcNlsOMwEm2odquSmBOjg01DLKNKupwuNofXOu6kgCGH60Vg9WDQm1gqni7NzlhE1nFtBByx1Rf0hol3244l8LYs3CKHWGSg?testcase_id=5526059341840384

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 3 by ClusterFuzz, Nov 5 2016

Labels: ClusterFuzz-Verified
Status: Verified (was: Untriaged)
ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
Project Member

Comment 4 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment