CHECK failure: !IsMasterInterfaceId(id) || reason in multiplex_router.cc |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6186009615400960 Fuzzer: libFuzzer_mojo_parse_message_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !IsMasterInterfaceId(id) || reason in multiplex_router.cc base::debug::DebugBreak mojo::internal::MultiplexRouter::OnPeerAssociatedEndpointClosed Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=492039:492095 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6186009615400960 Issue manually filed by: tjbecker See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Aug 10 2017
Will work on it. Thanks! (Already have a CL for 752723 in CQ, btw)
,
Aug 14 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3439e77cb6ef4abf98efc3a9973d894466311bf0 commit 3439e77cb6ef4abf98efc3a9973d894466311bf0 Author: Yuzhu Shen <yzshen@chromium.org> Date: Mon Aug 14 23:55:07 2017 Mojo bindings: remove an unnecessary DCHECK. This DCHECK ensures that we shouldn't receive PeerAssociatedEndpointClosedEvent control message for the master interface unless it is used to specify a disconnect reason. However, we shouldn't crash (when DCHECK is on) the receiver for such a message. BUG= 754353 Change-Id: Icc4b41b3dc523260eb28a9147c2500be7824fa11 Reviewed-on: https://chromium-review.googlesource.com/611143 Reviewed-by: Ken Rockot <rockot@chromium.org> Commit-Queue: Yuzhu Shen <yzshen@chromium.org> Cr-Commit-Position: refs/heads/master@{#494254} [modify] https://crrev.com/3439e77cb6ef4abf98efc3a9973d894466311bf0/ipc/ipc_mojo_bootstrap.cc [modify] https://crrev.com/3439e77cb6ef4abf98efc3a9973d894466311bf0/mojo/public/cpp/bindings/lib/multiplex_router.cc [modify] https://crrev.com/3439e77cb6ef4abf98efc3a9973d894466311bf0/mojo/public/js/new_bindings/router.js
,
Aug 15 2017
ClusterFuzz has detected this issue as fixed in range 494191:494276. Detailed report: https://clusterfuzz.com/testcase?key=6186009615400960 Fuzzer: libFuzzer_mojo_parse_message_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !IsMasterInterfaceId(id) || reason in multiplex_router.cc base::debug::DebugBreak mojo::internal::MultiplexRouter::OnPeerAssociatedEndpointClosed Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=492039:492095 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=494191:494276 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6186009615400960 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 15 2017
ClusterFuzz testcase 6186009615400960 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||
►
Sign in to add a comment |
|||
Comment 1 by tjbecker@google.com
, Aug 10 2017