CHECK failure: frame.last_good_stream_id < next_outgoing_stream_id_ in quic_session.cc |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6438971902263296 Fuzzer: libFuzzer_net_quic_stream_factory_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: frame.last_good_stream_id < next_outgoing_stream_id_ in quic_session.cc net::QuicSession::OnGoAway net::QuicChromiumClientSession::OnGoAway Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=514627:514664 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6438971902263296 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Nov 17 2017
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/3d55bbb391a5a2e7ba3dd5c083f46bfdb950adcb (Add Quic Stream Factory Fuzzer). If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
,
Nov 17 2017
,
Nov 20 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ca8b3193c0c015a84cbe2c4fef4d444914d6d47f commit ca8b3193c0c015a84cbe2c4fef4d444914d6d47f Author: Ryan Hamilton <rch@chromium.org> Date: Mon Nov 20 21:12:40 2017 Remove invalid DCHECK from QuicSession::OnGoAway(). Go fuzzing! Merge internal change: 176168199 Bug: 786537 Change-Id: Ia5bc288a59744a9d3f107ed7cba814383ecdcd05 Reviewed-on: https://chromium-review.googlesource.com/777885 Commit-Queue: Ryan Hamilton <rch@chromium.org> Reviewed-by: Buck Krasic <ckrasic@chromium.org> Cr-Commit-Position: refs/heads/master@{#517929} [modify] https://crrev.com/ca8b3193c0c015a84cbe2c4fef4d444914d6d47f/net/quic/core/quic_session.cc [modify] https://crrev.com/ca8b3193c0c015a84cbe2c4fef4d444914d6d47f/net/quic/core/quic_session_test.cc
,
Nov 21 2017
ClusterFuzz has detected this issue as fixed in range 517893:517933. Detailed report: https://clusterfuzz.com/testcase?key=6438971902263296 Fuzzer: libFuzzer_net_quic_stream_factory_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: frame.last_good_stream_id < next_outgoing_stream_id_ in quic_session.cc net::QuicSession::OnGoAway net::QuicChromiumClientSession::OnGoAway Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=514627:514664 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=517893:517933 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6438971902263296 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 21 2017
ClusterFuzz testcase 6438971902263296 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Nov 17 2017Labels: Test-Predator-Auto-Components