Predator and regression range did not given any suspected CL. could some please take a look?
Thank you.

Reproduced the bug locally with a DEBUG build of the qcms fuzzer.

Some assert() conditions in qcms are advisory only: they are not real errors and the code returns a failure code in all cases right after such asserts().

Fix is to disable assert() like these when running in the qcms fuzzer.  However, other assert() in qcms code are real errors: we should leave those alone.

Lemme fix it ...

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/188c1056bbfb9c98eca691c12f5641d4204f6066

commit 188c1056bbfb9c98eca691c12f5641d4204f6066
Author: noel <noel@chromium.org>
Date: Fri Apr 14 07:08:35 2017

[qcms] Disable advisory asserts when running in libfuzzer

Some QCMS assert() conditions are purely advisory so disable those when
running the code in libfuzzer.  Other qcms assert() conditions are real
errors and should be enabled even when fuzzing.

TBR=ccameron@chromium.org
BUG= 711418 

Review-Url: https://codereview.chromium.org/2815303003
Cr-Commit-Position: refs/heads/master@{#464697}

[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/BUILD.gn
[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/README.chromium
[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/src/chain.c
[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/src/iccread.c
[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/src/transform.c
[modify] https://crrev.com/188c1056bbfb9c98eca691c12f5641d4204f6066/third_party/qcms/src/transform_util.c

ClusterFuzz has detected this issue as fixed in range 464421:464462.

Detailed report: https://clusterfuzz.com/testcase?key=6108207895543808

Fuzzer: libfuzzer_qcms_color_space_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  0 && "input type"
  qcms_transform_create
  ColorTransform
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=464399:464421
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=464421:464462

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95JxwcOfV22Eb0qAQXylzvPWLYLTbMZjCREA72Kd3cBvJOkJAOQe95BdRYcb9l5YBaKYSBb82BsxbZyhArzpj3PbZeFZncw-86_FFbhE_hDkbS6rI16_2AQWREvAXj-dyX8T8-viOozJ_uHrnB8-hGnSVtpBBaGpAVYLWMvGBI-sXID-NhECCzZvRrWqfV3scVHklOjx36pbpWvZPhvYFZWZ74hCM6EYIoqLuc_0MbTEzz2_NkmwuyHmPAlPq8jpa5-nF4oewIn5xmI6y9iEo4GlSyKJ-ER0hyqV1Q2Z1eok-QiSg0Ryp-fKGQ6REpGU-rRl_lGeJHBi0r8j5LykrSvGDad_dvuLYhx5IlMYjdTALxJBic?testcase_id=6108207895543808


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.