CHECK failure: patch_size <= kMaxImageSize * 2 in imposed_ensemble_matcher_fuzzer.cc |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5855535531032576 Fuzzer: libFuzzer_zucchini_imposed_ensemble_matcher_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: patch_size <= kMaxImageSize * 2 in imposed_ensemble_matcher_fuzzer.cc TestOneProtoInput imposed_ensemble_matcher_fuzzer.cc Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=572200:572201 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5855535531032576 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jul 3
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Jul 3
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/f7b526674131a74a43ba13394f1c4819cac9c2d2 ([Zucchini] imposed_ensemble_matcher Fuzzer). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jul 4
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f45c2a25b3b9b774db04db8d4393727e6a6186f4 commit f45c2a25b3b9b774db04db8d4393727e6a6186f4 Author: Calder Kitagawa <ckitagawa@chromium.org> Date: Wed Jul 04 15:38:05 2018 [Zucchini] Fix patch size check in fuzzer The fuzzer found another pathological case of repeated ZTF regions that causes the patch size check to be violated due to a large number of headers. The solution should be to increase this upper bound or remove it entirely. I've gone with the former but if it continues to cause trouble it might be worth removing as it only finds pathological cases so far. Bug: 860070 Change-Id: I276b51bc909ad0da46d9954aee9c98e03dc1973e Reviewed-on: https://chromium-review.googlesource.com/1126164 Reviewed-by: Samuel Huang <huangs@chromium.org> Commit-Queue: Calder Kitagawa <ckitagawa@chromium.org> Cr-Commit-Position: refs/heads/master@{#572581} [modify] https://crrev.com/f45c2a25b3b9b774db04db8d4393727e6a6186f4/components/zucchini/fuzzers/imposed_ensemble_matcher_fuzzer.cc
,
Jul 4
,
Jul 5
ClusterFuzz has detected this issue as fixed in range 572580:572590. Detailed report: https://clusterfuzz.com/testcase?key=5855535531032576 Fuzzer: libFuzzer_zucchini_imposed_ensemble_matcher_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: patch_size <= kMaxImageSize * 2 in imposed_ensemble_matcher_fuzzer.cc TestOneProtoInput imposed_ensemble_matcher_fuzzer.cc Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=572200:572201 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=572580:572590 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5855535531032576 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 5
ClusterFuzz testcase 5855535531032576 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ClusterFuzz
, Jul 3Labels: Test-Predator-Auto-Components