Abrt in gpu::CommandBufferSetup::LogGLDebugMessage |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5739878037061632 Fuzzer: libFuzzer_gpu_angle_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Abrt Crash Address: 0x03e900001aa3 Crash State: gpu::CommandBufferSetup::LogGLDebugMessage gl::Debug::insertMessage gl::Debug::insertMessage Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=515302:515341 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5739878037061632 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Nov 10 2017
Predator has provided 2 possible suspects Using the search for the file, “fuzzer_main.cc” assigning to concern owner. The Suspected CL: https://chromium.googlesource.com/chromium/src/+/b336d705f4e01900f5a18357c8a5cbde9e56669d piman@ -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes. Thank You.
,
Nov 10 2017
This is the same crbug.com/783054 but we get a proper stack trace now. Per https://bugs.chromium.org/p/chromium/issues/detail?id=783054#c3: This is glTexParameterf(GL_TEXTURE_2D, GL_TEXTURE_BASE_LEVEL, param), where param is -7.30157126e-07, which is negative, but rounds to 0. The decoder first converts to int (by rounding), then validates that it is non-negative. ANGLE validates that it is non-negative before rounding. According to the spec (2.3.1 Data Conversion For State-Setting Commands), the decoder does the right thing, so ANGLE should first convert (round) then validate: "Validation of values performed by state-setting commands is performed after conversion, unless specified otherwise for a specific command."
,
Nov 14 2017
The following revision refers to this bug: https://chromium.googlesource.com/angle/angle/+/fb7685f4035e38494aedbb3cb05163427d0daacf commit fb7685f4035e38494aedbb3cb05163427d0daacf Author: Geoff Lang <geofflang@chromium.org> Date: Tue Nov 14 20:34:49 2017 Validate texture parameters for >0 after rounding. From the spec (2.3.1 Data Conversion For State-Setting Commands): "Validation of values performed by state-setting commands is performed after conversion, unless specified otherwise for a specific command." BUG= 783574 Change-Id: I9edf585a17489ad284bc85a1c3c2236b53ee34d9 Reviewed-on: https://chromium-review.googlesource.com/766569 Reviewed-by: Corentin Wallez <cwallez@chromium.org> Commit-Queue: Geoff Lang <geofflang@chromium.org> [modify] https://crrev.com/fb7685f4035e38494aedbb3cb05163427d0daacf/src/tests/gl_tests/TextureTest.cpp [modify] https://crrev.com/fb7685f4035e38494aedbb3cb05163427d0daacf/src/libANGLE/queryconversions.h [modify] https://crrev.com/fb7685f4035e38494aedbb3cb05163427d0daacf/src/libANGLE/validationES.cpp
,
Nov 14 2017
The following revision refers to this bug: https://skia.googlesource.com/skia/+/6f8fca75d8f47ffe3a579aa474c3ace6dd9f078e commit 6f8fca75d8f47ffe3a579aa474c3ace6dd9f078e Author: angle-deps-roller@chromium.org <angle-deps-roller@chromium.org> Date: Tue Nov 14 22:16:34 2017 Roll skia/third_party/externals/angle2/ 7caa80e75..fb7685f40 (1 commit) https://chromium.googlesource.com/angle/angle.git/+log/7caa80e75989..fb7685f4035e $ git log 7caa80e75..fb7685f40 --date=short --no-merges --format='%ad %ae %s' 2017-11-13 geofflang Validate texture parameters for >0 after rounding. Created with: roll-dep skia/third_party/externals/angle2 BUG= 783574 The AutoRoll server is located here: https://angle-skia-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=skia.primary:Perf-Win10-Clang-AlphaR2-GPU-RadeonR9M470X-x86_64-Debug-All-ANGLE,Perf-Win10-MSVC-Golo-GPU-QuadroP400-x86_64-Debug-All-ANGLE,Perf-Win10-Clang-NUC5i7RYH-GPU-IntelIris6100-x86_64-Debug-All-ANGLE,Perf-Win10-Clang-NUC6i5SYK-GPU-IntelIris540-x86_64-Debug-All-ANGLE,Perf-Win10-Clang-NUCD34010WYKH-GPU-IntelHD4400-x86_64-Debug-All-ANGLE,Perf-Win10-Clang-ShuttleC-GPU-GTX960-x86_64-Debug-All-ANGLE,Test-Win10-Clang-AlphaR2-GPU-RadeonR9M470X-x86_64-Debug-All-ANGLE,Test-Win10-MSVC-Golo-GPU-QuadroP400-x86_64-Debug-All-ANGLE,Test-Win10-Clang-NUC5i7RYH-GPU-IntelIris6100-x86_64-Debug-All-ANGLE,Test-Win10-Clang-NUC6i5SYK-GPU-IntelIris540-x86_64-Debug-All-ANGLE,Test-Win10-Clang-NUCD34010WYKH-GPU-IntelHD4400-x86_64-Debug-All-ANGLE,Test-Win10-Clang-ShuttleC-GPU-GTX960-x86_64-Debug-All-ANGLE,Build-Debian9-GCC-x86_64-Release-ANGLE TBR=brianosman@google.com Change-Id: I2b70598b529efe875f402522796dc5f61c9bfee4 Reviewed-on: https://skia-review.googlesource.com/71583 Reviewed-by: angle-deps-roller . <angle-deps-roller@chromium.org> Commit-Queue: angle-deps-roller . <angle-deps-roller@chromium.org> [modify] https://crrev.com/6f8fca75d8f47ffe3a579aa474c3ace6dd9f078e/DEPS
,
Nov 14 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/de25397606d8da17d0be6b4fcfbbb20b572b6b9e commit de25397606d8da17d0be6b4fcfbbb20b572b6b9e Author: angle-deps-roller@chromium.org <angle-deps-roller@chromium.org> Date: Tue Nov 14 22:29:42 2017 Roll src/third_party/angle/ e8afa9025..fb7685f40 (3 commits) https://chromium.googlesource.com/angle/angle.git/+log/e8afa90250dd..fb7685f4035e $ git log e8afa9025..fb7685f40 --date=short --no-merges --format='%ad %ae %s' 2017-11-13 geofflang Validate texture parameters for >0 after rounding. 2017-11-14 oetuaho Edit tests to reference temporary variables 2017-11-14 jmadill Add generator for EGL proc table. Created with: roll-dep src/third_party/angle BUG= 783574 , 781460 The AutoRoll server is located here: https://angle-chromium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel TBR=ynovikov@chromium.org Change-Id: I8b015a2c4790a858a094ec96d20268f92db9dd72 Reviewed-on: https://chromium-review.googlesource.com/769767 Reviewed-by: angle-deps-roller . <angle-deps-roller@chromium.org> Commit-Queue: angle-deps-roller . <angle-deps-roller@chromium.org> Cr-Commit-Position: refs/heads/master@{#516465} [modify] https://crrev.com/de25397606d8da17d0be6b4fcfbbb20b572b6b9e/DEPS
,
Nov 15 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ef39aea5a536f491a6cd5aa852ce15e44ce7972f commit ef39aea5a536f491a6cd5aa852ce15e44ce7972f Author: skia-deps-roller@chromium.org <skia-deps-roller@chromium.org> Date: Wed Nov 15 00:42:21 2017 Roll src/third_party/skia/ 76589f9b9..6f8fca75d (5 commits) https://skia.googlesource.com/skia.git/+log/76589f9b9bec..6f8fca75d8f4 $ git log 76589f9b9..6f8fca75d --date=short --no-merges --format='%ad %ae %s' 2017-11-14 angle-deps-roller Roll skia/third_party/externals/angle2/ 7caa80e75..fb7685f40 (1 commit) 2017-11-14 scroggo Fix webp bug compositing alpha frames on opaque 2017-11-14 angle-deps-roller Roll skia/third_party/externals/angle2/ e8afa9025..7caa80e75 (2 commits) 2017-11-14 mtklein remove Win2016 NativeFonts bots 2017-11-14 brianosman Viewer: backspace jumps directly to the slide picker Created with: roll-dep src/third_party/skia BUG= 783574 , 781460 The AutoRoll server is located here: https://autoroll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel TBR=brianosman@chromium.org Change-Id: I9d7ae992684a93f89539d38b7cabb80aa146f8ee Reviewed-on: https://chromium-review.googlesource.com/769673 Reviewed-by: Skia Deps Roller <skia-deps-roller@chromium.org> Commit-Queue: Skia Deps Roller <skia-deps-roller@chromium.org> Cr-Commit-Position: refs/heads/master@{#516524} [modify] https://crrev.com/ef39aea5a536f491a6cd5aa852ce15e44ce7972f/DEPS
,
Nov 15 2017
ClusterFuzz has detected this issue as fixed in range 516445:516518. Detailed report: https://clusterfuzz.com/testcase?key=5739878037061632 Fuzzer: libFuzzer_gpu_angle_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Abrt Crash Address: 0x03e900001aa3 Crash State: gpu::CommandBufferSetup::LogGLDebugMessage gl::Debug::insertMessage gl::Debug::insertMessage Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=515302:515341 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=516445:516518 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5739878037061632 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 15 2017
ClusterFuzz testcase 5739878037061632 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Nov 10 2017Labels: Test-Predator-Auto-CC