New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 783379 link

Starred by 1 user
Status: WontFix
Owner:
geoffl...@chromium.org
Closed: Nov 2017
Cc:
kbr@chromium.org
pnangunoori@chromium.org
boliu@chromium.org
msrchandra@chromium.org
dsinclair@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

CHECK failure: false. GL error NUMBER was unhandled in error_state.cc

Project Member Reported by ClusterFuzz, Nov 9 2017 
Detailed report: https://clusterfuzz.com/testcase?key=6356001052950528

Fuzzer: libFuzzer_gpu_angle_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  false. GL error NUMBER was unhandled in error_state.cc
  gpu::gles2::ErrorStateImpl::ClearRealGLErrors
  gpu::gles2::ScopedGLErrorSuppressor::~ScopedGLErrorSuppressor
  
Sanitizer: address (ASAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6356001052950528

Issue manually filed by: piman

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.
Project Member

Comment 1 by ClusterFuzz, Nov 10 2017

Components: Internals>GPU>Internals
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 2 by pnangunoori@chromium.org, Nov 10 2017

Cc: msrchandra@chromium.org pnangunoori@chromium.org
Labels: Test-Predator-Wrong CF-NeedsTriage
Redo Task has been performed for regression range.
Thank You.

Comment 3 by fsamuel@google.com, Nov 10 2017

Owner: boliu@chromium.org
Status: Assigned (was: Untriaged)
Looks like boliu@ last modified GLES2DecoderImpl::ClearFramebufferForWorkaround. Any thoughts on this?

Comment 4 by boliu@chromium.org, Nov 13 2017

Cc: boliu@chromium.org
Labels: -Pri-1 Pri-2
Owner: kbr@chromium.org
Current log says the error is GL_INVALID_OPERATION, from the GL clear workaround blit.

It's crashing on a NOTREACHED: https://chromium.googlesource.com/chromium/src/+/1af4b9e0047dd97ba32c26c111d631c1566e0715/gpu/command_buffer/service/error_state.cc#215 meaning asan bot enabled DCHECKs

Assign this to kbr since this is desktop. A few things to consider:
* should asan bot even be building with DCHECKs enabled? seems pretty brittle
* should that NOTREACHED just be removed? doesn't seem to be service much since error is already logged
* clusterfuzz added Unreproducible label, so presumably this was transient, and will automatically closed in awhile anyway

Comment 5 by kbr@chromium.org, Nov 14 2017

Cc: kbr@chromium.org
Owner: geoffl...@chromium.org
Yes, we should build with DCHECKs enabled everywhere we can, to catch errors earlier.

This is happening with a test case from the libFuzzer_gpu_angle_fuzzer. Geoff, can you help diagnose this? Theoretically it's happening on Linux.

Comment 6 by geoffl...@chromium.org, Nov 14 2017 

I'll be able to take a look at this when I get back to my office.  There have been some recent changes with fuzzer GL error handling so this may not be relevant anymore.
Project Member

Comment 7 by ClusterFuzz, Nov 22 2017

Status: WontFix (was: Assigned)
ClusterFuzz testcase 6356001052950528 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment