New issue
Advanced search Search tips

Issue 866319 link

Starred by 1 user

Issue metadata

Status: Verified
Owner:
Closed: Jul 27
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Abrt in sk_abort_no_print

Project Member Reported by ClusterFuzz, Jul 22

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=6496755693387776

Fuzzer: libFuzzer_paint_op_buffer_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: Abrt
Crash Address: 0x053900007ad3
Crash State:
  sk_abort_no_print
  merge_collinear_edges
  merge_collinear_edges
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=568139:568162

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6496755693387776

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
 
Project Member

Comment 1 by ClusterFuzz, Jul 22

Components: Internals>Skia
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.
Project Member

Comment 2 by ClusterFuzz, Jul 22

Labels: Test-Predator-Auto-Owner
Owner: senorblanco@chromium.org
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/df18b96b443774d232e39ead6cbd81c848b8563c (Adjust the edge-AA tessellator maximum verb count.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
Project Member

Comment 3 by bugdroid1@chromium.org, Jul 26

The following revision refers to this bug:
  https://skia.googlesource.com/skia/+/d26b4d865ac57d1b5ef810dd4408d8cc147b3460

commit d26b4d865ac57d1b5ef810dd4408d8cc147b3460
Author: Stephen White <senorblanco@chromium.org>
Date: Thu Jul 26 14:38:56 2018

GrTessellator: fix for collinear edge merging.

In some cases, two edges can be collinear when tested on one side
(e.g., left top vs right edge), but non-collinear when tested on the
other (e.g., right top vs left edge). We were actually merging based
on one criterion, but assserting based on the other.

The safest fix is to merge if either condition is true, and then
assert that both conditions are false.

Bug:  866319 
Change-Id: Ia1be330caf62f6d7961746752f73993ca098d0a3
Reviewed-on: https://skia-review.googlesource.com/143501
Reviewed-by: Robert Phillips <robertphillips@google.com>
Commit-Queue: Stephen White <senorblanco@chromium.org>

[modify] https://crrev.com/d26b4d865ac57d1b5ef810dd4408d8cc147b3460/tests/TessellatingPathRendererTests.cpp
[modify] https://crrev.com/d26b4d865ac57d1b5ef810dd4408d8cc147b3460/src/gpu/GrTessellator.cpp

Project Member

Comment 4 by bugdroid1@chromium.org, Jul 26

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2d6091e607350b6daedfd0547fbd23e2dc23e8c5

commit 2d6091e607350b6daedfd0547fbd23e2dc23e8c5
Author: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Date: Thu Jul 26 19:21:54 2018

Roll src/third_party/skia b5093bc9ede3..897f256413c1 (2 commits)

https://skia.googlesource.com/skia.git/+log/b5093bc9ede3..897f256413c1


git log b5093bc9ede3..897f256413c1 --date=short --no-merges --format='%ad %ae %s'
2018-07-26 ziadb@google.com SkAR Java: smooth finger painting, planes draw with outlines
2018-07-26 senorblanco@chromium.org GrTessellator: fix for collinear edge merging.


Created with:
  gclient setdep -r src/third_party/skia@897f256413c1

The AutoRoll server is located here: https://autoroll.skia.org

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, please contact the current sheriff, who should
be CC'd on the roll, and stop the roller if necessary.

CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;luci.chromium.try:android_optional_gpu_tests_rel;luci.chromium.try:linux_optional_gpu_tests_rel;luci.chromium.try:mac_optional_gpu_tests_rel;luci.chromium.try:win_optional_gpu_tests_rel

BUG= chromium:866319 
TBR=benjaminwagner@chromium.org

Change-Id: I8cd6673f999a9f27ebcb29c5c7e3e6161008f153
Reviewed-on: https://chromium-review.googlesource.com/1151550
Reviewed-by: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Commit-Queue: skia-chromium-autoroll <skia-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#578397}
[modify] https://crrev.com/2d6091e607350b6daedfd0547fbd23e2dc23e8c5/DEPS

Project Member

Comment 5 by ClusterFuzz, Jul 27

ClusterFuzz has detected this issue as fixed in range 578393:578397.

Detailed report: https://clusterfuzz.com/testcase?key=6496755693387776

Fuzzer: libFuzzer_paint_op_buffer_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: Abrt
Crash Address: 0x053900007ad3
Crash State:
  sk_abort_no_print
  merge_collinear_edges
  merge_collinear_edges
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=568139:568162
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=578393:578397

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6496755693387776

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 6 by ClusterFuzz, Jul 27

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)
ClusterFuzz testcase 6496755693387776 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment