Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/7206487ebd05fd4f30226ec59b730bb41c5013f2 ([Zucchini] ZTF Apply Fuzzer).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0ca1928abfdce0efe539655cc09e9a8f4ece063f

commit 0ca1928abfdce0efe539655cc09e9a8f4ece063f
Author: Calder Kitagawa <ckitagawa@chromium.org>
Date: Tue May 29 19:54:22 2018

[Zucchini]: Fix CHECK failure in Apply

Fixes a CHECK failure in Zucchini Apply found by ClusterFuzz.

Scenario:
A disassembler parses an image element and shrinks it to be the
understood size. Apply expects that this understood size is identical to
the size of the element it is trying to patch. This expectation will
always hold for "good" patch data but for an arbitary patch may not.
This results in a CHECK failure when getting reference writers.

Solution:
After parsing, check that the disassembler sizes match their respective
image sizes. Fail to Apply and print an error message if this is not the
case.

Bug:  847278 
Change-Id: I96edb738b8f9ea2d16193ea1aa2def7319ee8f70
Reviewed-on: https://chromium-review.googlesource.com/1076369
Commit-Queue: Calder Kitagawa <ckitagawa@chromium.org>
Reviewed-by: Samuel Huang <huangs@chromium.org>
Cr-Commit-Position: refs/heads/master@{#562560}
[modify] https://crrev.com/0ca1928abfdce0efe539655cc09e9a8f4ece063f/components/zucchini/disassembler_no_op.cc
[modify] https://crrev.com/0ca1928abfdce0efe539655cc09e9a8f4ece063f/components/zucchini/zucchini_apply.cc

ClusterFuzz has detected this issue as fixed in range 562546:562561.

Detailed report: https://clusterfuzz.com/testcase?key=6740409003540480

Fuzzer: libFuzzer_zucchini_apply_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  image.size() == disasm->size() in disassembler.cc
  zucchini::ReferenceGroup::GetWriter
  zucchini::ApplyReferencesCorrection
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=562259:562262
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=562546:562561

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6740409003540480

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6740409003540480 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.