CHECK failure: added_entries_.count(std::make_pair(type, id)) == 1u in transfer_cache_serialize |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6679761542971392 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: added_entries_.count(std::make_pair(type, id)) == 1u in transfer_cache_serialize cc::TransferCacheSerializeHelper::AssertLocked cc::TypefaceCataloger Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=526806:526830 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6679761542971392 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jan 4 2018
Predator and CL could not provide any possible suspects. Using Code Search for the file, "transfer_cache_serialize_helper.cc" assigning to the concern owner who might be related. Suspect CL: https://chromium.googlesource.com/chromium/src/+/7273cfe05dcb33f6abb7626457b5b6d36cbea31 vmpstr@ -- Could you please look into the issue. Thank You.
,
Jan 4 2018
Re: #2 and #3. I think this is not the right bug for an issue you're having. You can file a new bug at crbug.com/new and provide a description of the problem you're having there.
,
Jan 4 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a264968728b7744f360800784b8c199ef9e1938e commit a264968728b7744f360800784b8c199ef9e1938e Author: Vladimir Levin <vmpstr@chromium.org> Date: Thu Jan 04 19:12:14 2018 oop: Ignore DrawTextBlob ops in the paint op buffer equality fuzzer. DrawTextBlob pose an issue to the equality fuzzer in that we don't reconstruct typefaces at deserialization, making the op impossible to serialize again (it asserts). This patch ignores these ops in the equality fuzzer. R=enne@chromium.org Bug: 798939 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel Change-Id: I50c039e88737ac443c834b2207f77acb798c3612 Reviewed-on: https://chromium-review.googlesource.com/850538 Reviewed-by: enne <enne@chromium.org> Commit-Queue: vmpstr <vmpstr@chromium.org> Cr-Commit-Position: refs/heads/master@{#527055} [modify] https://crrev.com/a264968728b7744f360800784b8c199ef9e1938e/cc/paint/paint_op_buffer_eq_fuzzer.cc
,
Jan 4 2018
,
Jan 5 2018
ClusterFuzz has detected this issue as fixed in range 527052:527075. Detailed report: https://clusterfuzz.com/testcase?key=6679761542971392 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: added_entries_.count(std::make_pair(type, id)) == 1u in transfer_cache_serialize cc::TransferCacheSerializeHelper::AssertLocked cc::TypefaceCataloger Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=526806:526830 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=527052:527075 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6679761542971392 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 5 2018
ClusterFuzz testcase 6679761542971392 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Jan 4 2018Labels: Test-Predator-Auto-Components