Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/18afd13d94183587e05cb04031f2ee7d56ba98d9 (gpu fuzzers: AddRef on null pointers).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d4214b507906607ed46248718a3642a760d64ba4

commit d4214b507906607ed46248718a3642a760d64ba4
Author: Geoff Lang <geofflang@chromium.org>
Date: Tue Nov 28 18:23:28 2017

Don't delete the invalid service id.

It was possible to put thing in a bad state by calling glBind* with an
invalid client id (which binds the invalid service id) and then calling
glDelete* with an invalid client id (which deletes the invald service
id).

BUG= 785753 

Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: I4628f964e9d14a1d87bc12b1cde3f056acb8314e
Reviewed-on: https://chromium-review.googlesource.com/791011
Reviewed-by: Antoine Labour <piman@chromium.org>
Commit-Queue: Geoff Lang <geofflang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519752}
[modify] https://crrev.com/d4214b507906607ed46248718a3642a760d64ba4/gpu/command_buffer/service/gles2_cmd_decoder_passthrough_doers.cc

ClusterFuzz has detected this issue as fixed in range 519708:519758.

Detailed report: https://clusterfuzz.com/testcase?key=5266874052116480

Fuzzer: libFuzzer_gpu_angle_passthrough_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  service_id != invalid_service_id() in client_service_map.h
  gpu::gles2::ClientServiceMap<unsigned int, unsigned int>::SetIDMapping
  gpu::error::Error gpu::gles2::GenHelper<unsigned int, unsigned int, gpu::gles2::
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=512880:512907
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=519708:519758

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5266874052116480

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5266874052116480 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b93d7c1a57837c8b93135bed14a3c9a9478acd01

commit b93d7c1a57837c8b93135bed14a3c9a9478acd01
Author: Geoff Lang <geofflang@chromium.org>
Date: Wed Nov 29 20:23:27 2017

Revert "Don't delete the invalid service id."

This reverts commit d4214b507906607ed46248718a3642a760d64ba4.

Reason for revert: Possibly causing WebGL failures and other assertion failures.

BUG=789621

Original change's description:
> Don't delete the invalid service id.
> 
> It was possible to put thing in a bad state by calling glBind* with an
> invalid client id (which binds the invalid service id) and then calling
> glDelete* with an invalid client id (which deletes the invald service
> id).
> 
> BUG= 785753 
> 
> Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
> Change-Id: I4628f964e9d14a1d87bc12b1cde3f056acb8314e
> Reviewed-on: https://chromium-review.googlesource.com/791011
> Reviewed-by: Antoine Labour <piman@chromium.org>
> Commit-Queue: Geoff Lang <geofflang@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#519752}

TBR=geofflang@chromium.org,piman@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug:  785753 
Change-Id: If2343ecb8fd12c8bfc400bffa455de91f0caf8bb
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Reviewed-on: https://chromium-review.googlesource.com/797570
Reviewed-by: Geoff Lang <geofflang@chromium.org>
Commit-Queue: Geoff Lang <geofflang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#520222}
[modify] https://crrev.com/b93d7c1a57837c8b93135bed14a3c9a9478acd01/gpu/command_buffer/service/gles2_cmd_decoder_passthrough_doers.cc

 Issue 790948  has been merged into this issue.

Is this still an issue? It doesn't look like ClusterFuzz has encountered it again even though the patch was reverted.

I've changed the handling of ID mapping a bit so the issue may be fixed.  I'll verify that this particular problem is gone.

Fixed by https://chromium-review.googlesource.com/c/chromium/src/+/1082661