CHECK failure: 0u != id in quic_session.cc |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4599611556888576 Fuzzer: libFuzzer_net_quic_stream_factory_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: 0u != id in quic_session.cc net::QuicSession::IsClosedStream net::QuicSession::GetOrCreateDynamicStream Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=514627:514664 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4599611556888576 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Nov 16 2017
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/3d55bbb391a5a2e7ba3dd5c083f46bfdb950adcb (Add Quic Stream Factory Fuzzer). If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
,
Nov 16 2017
Ned, we've filed a bug against Monorail team https://bugs.chromium.org/p/monorail/issues/detail?id=3211 Hopefully you'll stop being assigned as an owner soon :)
,
Nov 16 2017
Pretty sure this is a dup of 783897, which was marked as closed when the fuzzer "broke" because the certs were not bundled with the fuzzer. So I'm actually quite happy to see this reopen because I've not landed the fix (https://chromium-review.googlesource.com/c/chromium/src/+/767329) which will happen later today.
,
Nov 16 2017
mmoroz, thanks for following up on that! I also noticed I can't really see details on ClusterFuzz for this fuzzer, but some are visible. I see that there's an ACL allowing me to see these fuzzers, but I only see some info from the AFL build. I was able to see the null deref bug from yesterday, but none of the other ones that were filed. It would be nice to be able to get the corpus so I can play with the fuzzer locally and do another CL for connection migration etc. Let me know if there's a place to file a bug for this.
,
Nov 18 2017
ClusterFuzz has detected this issue as fixed in range 517454:517498. Detailed report: https://clusterfuzz.com/testcase?key=4599611556888576 Fuzzer: libFuzzer_net_quic_stream_factory_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: 0u != id in quic_session.cc net::QuicSession::IsClosedStream net::QuicSession::GetOrCreateDynamicStream Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=514627:514664 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=517454:517498 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4599611556888576 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 18 2017
ClusterFuzz testcase 4599611556888576 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Nov 16 2017Labels: Test-Predator-Auto-Components