Abrt in rtc::webrtc_checks_impl::FatalLog |
|||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5824765445799936 Fuzzer: libFuzzer_ulpfec_generator_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Abrt Crash Address: 0x053900006966 Crash State: rtc::webrtc_checks_impl::FatalLog webrtc::internal::CopyColumn webrtc::ForwardErrorCorrection::InsertZerosInPacketMasks Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=567942:567947 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5824765445799936 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jun 30 2018
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Jun 30 2018
,
Jul 2
,
Jul 2
Looks like the fuzzer manages to trigger the newly added "RTC_CHECK_LT(new_bit_index, 8 * new_mask_bytes);" in the FEC internals. Reassigning to @yinwa, as you added that check and did some related fuzzer work in https://webrtc-review.googlesource.com/c/src/+/82802.
,
Jul 2
In rare case, two consecutive packets may have same sequence number in this fuzzer test. (When all packets in between are not "protected") Uploaded a CL https://webrtc-review.googlesource.com/c/src/+/86547
,
Jul 2
The following revision refers to this bug: https://webrtc.googlesource.com/src.git/+/6b33e602138812e6dfd01d29a9373535316fc6a0 commit 6b33e602138812e6dfd01d29a9373535316fc6a0 Author: Ying Wang <yinwa@webrtc.org> Date: Mon Jul 02 15:51:10 2018 In ULP FEC fuzzer test, make sure sequence number is not the same as previous sequence number. Bug: chromium:859265 Change-Id: I9acb9a177dfed3830ead0ba5a16ee4310f4d2b5b Reviewed-on: https://webrtc-review.googlesource.com/86547 Commit-Queue: Ying Wang <yinwa@webrtc.org> Reviewed-by: Henrik Lundin <henrik.lundin@webrtc.org> Cr-Commit-Position: refs/heads/master@{#23806} [modify] https://crrev.com/6b33e602138812e6dfd01d29a9373535316fc6a0/test/fuzzers/BUILD.gn [modify] https://crrev.com/6b33e602138812e6dfd01d29a9373535316fc6a0/test/fuzzers/ulpfec_generator_fuzzer.cc
,
Jul 2
,
Jul 2
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c4a57e47439da24e986039253f5e620dc591a4ea commit c4a57e47439da24e986039253f5e620dc591a4ea Author: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Mon Jul 02 22:25:12 2018 Roll src/third_party/webrtc 4d01146f1679..312466a20450 (3 commits) https://webrtc.googlesource.com/src.git/+log/4d01146f1679..312466a20450 git log 4d01146f1679..312466a20450 --date=short --no-merges --format='%ad %ae %s' 2018-07-02 buildbot@webrtc.org Roll chromium_revision c20726850b..a1981d69db (571826:571936) 2018-07-02 qingsi@google.com Add ADAPTER_TYPE_ANY in AdapterType. 2018-07-02 yinwa@webrtc.org In ULP FEC fuzzer test, make sure sequence number is not the same as previous sequence number. Created with: gclient setdep -r src/third_party/webrtc@312466a20450 The AutoRoll server is located here: https://webrtc-chromium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_chromium_archive_rel_ng;master.tryserver.chromium.mac:mac_chromium_archive_rel_ng BUG=chromium:None,chromium:859265 TBR=webrtc-chromium-sheriffs-robots@google.com Change-Id: Ibe3ca6c450a7f021ed739daea306e9fc9f395562 Reviewed-on: https://chromium-review.googlesource.com/1123079 Reviewed-by: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Commit-Queue: webrtc-chromium-autoroll <webrtc-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#572022} [modify] https://crrev.com/c4a57e47439da24e986039253f5e620dc591a4ea/DEPS
,
Jul 3
ClusterFuzz has detected this issue as fixed in range 572016:572024. Detailed report: https://clusterfuzz.com/testcase?key=5824765445799936 Fuzzer: libFuzzer_ulpfec_generator_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Abrt Crash Address: 0x053900006966 Crash State: rtc::webrtc_checks_impl::FatalLog webrtc::internal::CopyColumn webrtc::ForwardErrorCorrection::InsertZerosInPacketMasks Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=567942:567947 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=572016:572024 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5824765445799936 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 3
,
Jul 3
ClusterFuzz testcase 5824765445799936 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Jul 31
,
Aug 27
|
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by ClusterFuzz
, Jun 30 2018Labels: Test-Predator-Auto-CC