Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/df18b96b443774d232e39ead6cbd81c848b8563c (Adjust the edge-AA tessellator maximum verb count.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

I can't repro this one.

I tried an ASAN and a Debug build of paint_op_buffer_fuzzer with the test case above. Passes. Since the regression point is pretty old (Jun 18), I tried reverting all of my Skia changes back to that point to see if one of them might have fixed it. Still passes.

Did you try using the clusterfuzz reproduce tool?

Yeah, clusterfuzz reproduce tool reproduces this on Linux for me at ToT (i.e. passing --current --skip-deps).

The following revision refers to this bug:
  https://skia.googlesource.com/skia/+/71ed661963ba57200e6f9b3d5ad64105b607bb98

commit 71ed661963ba57200e6f9b3d5ad64105b607bb98
Author: Stephen White <senorblanco@chromium.org>
Date: Mon Jul 16 17:57:19 2018

GrTessellator: collinear edges during sanitize.

When three collinear edges occur during the sanitize_contours() pass,
their vertices may not yet have been discovered to be coincident.  So
we must do the vertex comparison by point, rather than by pointer.

Bug:  860655 
Change-Id: I89dc7526905bb5473206661348fee431371731a0
Reviewed-on: https://skia-review.googlesource.com/141523
Reviewed-by: Robert Phillips <robertphillips@google.com>
Commit-Queue: Stephen White <senorblanco@chromium.org>

[modify] https://crrev.com/71ed661963ba57200e6f9b3d5ad64105b607bb98/tests/TessellatingPathRendererTests.cpp
[modify] https://crrev.com/71ed661963ba57200e6f9b3d5ad64105b607bb98/src/gpu/GrTessellator.cpp

Weird, I got it to repro in a Debug build where I didn't before. (At least, I *think* it's the same bug.) Anyway, fix landed, we'll see what ClusterFuzz says.

BTW what's the clusterfuzz reproduce tool? I couldn't find it on the reference.md page linked above.

If you click on the detailed report link that clusterfuzz files, at the bottom of the Overview box at the top of the page, there's instructions on how to run it.  It's really just a one-liner with magic scripts, so really easy to do.

I usually run with --current --skip-deps (which saves syncing back in time to wherever clusterfuzz found the bug if I suspect it still applies at ToT).

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f1202ab036fd682e64fcb39d0fe94966b5e38d73

commit f1202ab036fd682e64fcb39d0fe94966b5e38d73
Author: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Date: Mon Jul 16 21:09:46 2018

Roll src/third_party/skia b965fcb47296..c45a5c559365 (3 commits)

https://skia.googlesource.com/skia.git/+log/b965fcb47296..c45a5c559365


git log b965fcb47296..c45a5c559365 --date=short --no-merges --format='%ad %ae %s'
2018-07-16 fmalita@chromium.org [skottie] Treat color properties as optional (default black)
2018-07-16 senorblanco@chromium.org GrTessellator: collinear edges during sanitize.
2018-07-16 herb@google.com Device interface uses glyph run list


Created with:
  gclient setdep -r src/third_party/skia@c45a5c559365

The AutoRoll server is located here: https://autoroll.skia.org

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, please contact the current sheriff, who should
be CC'd on the roll, and stop the roller if necessary.

CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;luci.chromium.try:android_optional_gpu_tests_rel;luci.chromium.try:linux_optional_gpu_tests_rel;luci.chromium.try:mac_optional_gpu_tests_rel;luci.chromium.try:win_optional_gpu_tests_rel

BUG= chromium:860655 
TBR=bungeman@chromium.org

Change-Id: I491d21ea6bdd24a7af0debf9ce017d957ebd164e
Reviewed-on: https://chromium-review.googlesource.com/1138695
Reviewed-by: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Commit-Queue: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#575422}
[modify] https://crrev.com/f1202ab036fd682e64fcb39d0fe94966b5e38d73/DEPS

ClusterFuzz has detected this issue as fixed in range 575420:575422.

Detailed report: https://clusterfuzz.com/testcase?key=5101936005873664

Fuzzer: libFuzzer_paint_op_buffer_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: Abrt
Crash Address: 0x053900003234
Crash State:
  sk_abort_no_print
  merge_collinear_edges
  merge_collinear_edges
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=568139:568162
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=575420:575422

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5101936005873664

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5101936005873664 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.