From 129cf5543e1c4e6849ff7523fa621fecd020cb10 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Mon, 1 Nov 2021 15:31:44 -0700 Subject: [PATCH] Fix the bug (#27899) --- src/core/lib/surface/call.cc | 2 + .../testcase-6703968097271808 | 62 +++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 test/core/end2end/fuzzers/api_fuzzer_corpus/testcase-6703968097271808 diff --git a/src/core/lib/surface/call.cc b/src/core/lib/surface/call.cc index 2a4ec68057e..f74e9d6b5dc 100644 --- a/src/core/lib/surface/call.cc +++ b/src/core/lib/surface/call.cc @@ -1940,6 +1940,8 @@ done_with_error: if (stream_op->send_message) { call->sending_message = false; call->sending_stream->Orphan(); + call->sending_stream.Destroy(); + stream_op_payload->send_message.send_message.reset(); } if (stream_op->send_trailing_metadata) { call->sent_final_op = false; diff --git a/test/core/end2end/fuzzers/api_fuzzer_corpus/testcase-6703968097271808 b/test/core/end2end/fuzzers/api_fuzzer_corpus/testcase-6703968097271808 new file mode 100644 index 00000000000..cb144eb09f4 --- /dev/null +++ b/test/core/end2end/fuzzers/api_fuzzer_corpus/testcase-6703968097271808 @@ -0,0 +1,62 @@ +actions { + create_server { + } +} +actions { + create_channel { + target: "dns:server" + } +} +actions { + create_call { + method { + value: "/foo" + } + timeout: 1000000000 + } +} +actions { + queue_batch { + operations { + send_initial_metadata { + } + } + } +} +actions { + advance_time: 9541248 +} +actions { + queue_batch { + operations { + send_close_from_client { + } + } + operations { + send_message { + } + } + operations { + receive_initial_metadata { + } + flags: 1895825408 + } + } +} +actions { + queue_batch { + operations { + send_message { + message { + value: "grp[.default_authority" + intern: true + } + } + } + } +} +actions { + advance_time: 10000000 +} +actions { +}