Issue 910926 link

Starred by 1 user

Issue metadata

Status:	Assigned
Owner:	zuan@chromium.org
Cc:	apronin@chromium.org zuan@chromium.org emaxx@chromium.org metzman@chromium.org louiscollard@chromium.org manojgupta@chromium.org
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	1
Type:	Bug
Stability-Crash Reproducible Stability-Memory-AddressSanitizer Stability-Libfuzzer Clusterfuzz ClusterFuzz-Auto-CC Cros-Hwsec-Ready

CHECK failure: message.size() >= kMessageHeaderSize + handles_blob.size() in resource_manager.c

Project Member Reported by ClusterFuzz, Dec 2

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=4834694300172288

Fuzzer: libFuzzer_chromeos_trunks_resource_manager_fuzzer
Job Type: libfuzzer_asan_chromeos
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  message.size() >= kMessageHeaderSize + handles_blob.size() in resource_manager.c
  trunks::ResourceManager::ReplaceHandles
  trunks::ResourceManager::SendCommandAndWait
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_asan_chromeos&range=3166387:3180910

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4834694300172288

Issue filed automatically.

See https://chromium.googlesource.com/chromiumos/docs/+/master/fuzzing.md#Reproducing-crashes-from-ClusterFuzz for more information.

Project Member

Comment 1 by ClusterFuzz, Dec 2

Cc: apronin@chromium.org dkrahn@chromium.org emaxx@chromium.org
Labels: ClusterFuzz-Auto-CC

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Comment 2 by apronin@chromium.org, Dec 4

Cc: -dkrahn@chromium.org louiscollard@chromium.org
Labels: Cros-Hwsec-Ready

Project Member

Comment 3 by ClusterFuzz, Dec 4

Labels: -Reproducible Unreproducible

ClusterFuzz testcase 4834694300172288 appears to be flaky, updating reproducibility label.

Comment 4 by metzman@google.com, Dec 4

Labels: -Unreproducible Reproducible

Please ignore the last comment about testcase being unreproducible. 
The testcase is still reproducible. 
This was caused by a bug in ClusterFuzz that has been fixed. 
Sorry for the inconvenience.

Comment 5 by louiscollard@chromium.org, Dec 5

Cc: zuan@chromium.org

John maybe you'd like to take a look?

Comment 6 by zuan@chromium.org, Dec 5

Owner: zuan@chromium.org
Status: Assigned (was: Untriaged)

I'll take it.

►

Issue 910926 link

Issue metadata

CHECK failure: message.size() >= kMessageHeaderSize + handles_blob.size() in resource_manager.c

Issue description

Comment 1 by ClusterFuzz, Dec 2

Comment 1 Deleted

Comment 2 by apronin@chromium.org, Dec 4

Comment 2 Deleted

Comment 3 by ClusterFuzz, Dec 4

Comment 3 Deleted

Comment 4 by metzman@google.com, Dec 4

Comment 4 Deleted

Comment 5 by louiscollard@chromium.org, Dec 5

Comment 5 Deleted

Comment 6 by zuan@chromium.org, Dec 5

Comment 6 Deleted

Sign in to add a comment