providing findit results for internal purpose:

Suspected CLs	Analysis of failed component others is not supported by Findit.

Suspected Project: others

-------------------------
unable to find the culprit, assigning to https://cs.chromium.org/chromium/src/net/OWNERS
agl@, asanka@ - Could you please check the above issue & help us in finding an owner.

-> mmenke for socks_client_socket_fuzzer.cc

Does the "Minimized Testcase (0.00 Kb)" mean it's an empty file, or just that it's under 10 bytes?  Given that I have no access to test case, seems rather important to know that before I try and dig into it.

And...it turns out that by default it was trying to use my chromium account, not my google account (It's actually a 1 byte file, not an empty one, but doesn't really matter).

So what's happening seems to be that net/base/fuzzer_test_support.cc is not being linked into the binary.  If I explicitly include it in socks_client_socket_fuzzer.cc, things magically work.

[+brettw]:  I'm guessing this breakage was caused by https://codereview.chromium.org/2151013002, and may be a GN bug.

Actually, maybe this is caused by the run time linker?  If a static library has a global that it should be initializing when it's loaded, but nothing directly uses the global by name, but instead relies on side effects of initializing it, might it get skipped?  Or if it's not exported, even remoed from the library on initialization?

*removed from the library when it's being created from object files, rather.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/35a30017c0177c14a272e4517a9e83d7c41ebea1

commit 35a30017c0177c14a272e4517a9e83d7c41ebea1
Author: mmenke <mmenke@chromium.org>
Date: Fri Jul 15 19:20:12 2016

Fix net/ fuzzers.

They were broken in https://codereview.chromium.org/2151013002. They
depend on a global that's never directly used being linked in, which
that CL broke.

BUG= 628503 

Review-Url: https://codereview.chromium.org/2155713002
Cr-Commit-Position: refs/heads/master@{#405813}

[modify] https://crrev.com/35a30017c0177c14a272e4517a9e83d7c41ebea1/net/BUILD.gn

 Issue 628705  has been merged into this issue.

ClusterFuzz has detected this issue as fixed in range 405811:405925.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5666768899276800

Fuzzer: libfuzzer_net_socks_client_socket_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  scoped_refptr
  base::ThreadTaskRunnerHandle::Get
  net::MockHostResolverBase::Resolve
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=405519:405688
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=405811:405925

Minimized Testcase (0.00 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv951YI6Y3LhzEOR6EJwb23Abta4ojOoRf2SzJcUsaEwHzaMe5ZGUwMOHXC0Q5d3Vkd7zkJ8DkWFyl8SG-Py5WN4VVmNEGvsjQcJ5i591Heu9DMRr-AGC84yL6fyF4wgharwq646_qQBvw67ACthrpYzbyX9vhw?testcase_id=5666768899276800
X


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Clusterfuzz is still complaining for similar crash, hence re-opening it.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5023778226831360

Fuzzer: afl_net_socks_client_socket_fuzzer
Job Type: afl_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  base::ThreadTaskRunnerHandle::Get
  net::MockHostResolverBase::Resolve
  net::SOCKSClientSocket::DoLoop
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=413168:413317

Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv950FUXX-WQANKTJ4XdLt851aghS99A007Z7xNQsRIxDOBJN0xwPNkEBTnPCjSLCU9AZ8QoY4WCoZPZZqTNmjNV66kM_q5gEHtUeU9Vu3Q9Zg8j33RT6Ms8FZgXfliAiJHlx6wA-saGWPg9Y_GU08x7JceQAwQ?testcase_id=5023778226831360

Issue manually filed by: durga.behera

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

"Still complaining" or "complaining again"?  This was fixed one month ago.  Did we have any failures in the meantime, or is this a new breakage?

Hm my CL moving fuzzed_data_provider is in the regression range, so I'm suspecting that.
https://codereview.chromium.org/2250263003

I'll take a look.

It seems like we just need to include fuzzer_test_support.cc in the net_fuzzer_test_support target. Not sure how that happened?

mmenke@ how is InitGlobals supposed to be linked in? To me it looks like a raw file only referenced by DEPS.

It is a raw file only referenced in deps, but the obj file is included in the binary, and has a function call that runs at global scope (Which...erm...is weird, and probably violates the Google Style Guide, but seems to work).

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/37ef985f4359f4b5b4b26489b5880d0025a61772

commit 37ef985f4359f4b5b4b26489b5880d0025a61772
Author: csharrison <csharrison@chromium.org>
Date: Tue Aug 23 19:00:19 2016

Add fuzzer_test_support.cc to net_fuzzer_test_support target

This was broken by https://codereview.chromium.org/2250263003/,
which deleted the fuzzer_test_support cc file from the source
set.

BUG= 628503 

Review-Url: https://codereview.chromium.org/2269133002
Cr-Commit-Position: refs/heads/master@{#413801}

[modify] https://crrev.com/37ef985f4359f4b5b4b26489b5880d0025a61772/net/BUILD.gn

ClusterFuzz has detected this issue as fixed in range 413723:414068.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5023778226831360

Fuzzer: afl_net_socks_client_socket_fuzzer
Job Type: afl_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  base::ThreadTaskRunnerHandle::Get
  net::MockHostResolverBase::Resolve
  net::SOCKSClientSocket::DoLoop
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=413168:413317
Fixed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=413723:414068

Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv950FUXX-WQANKTJ4XdLt851aghS99A007Z7xNQsRIxDOBJN0xwPNkEBTnPCjSLCU9AZ8QoY4WCoZPZZqTNmjNV66kM_q5gEHtUeU9Vu3Q9Zg8j33RT6Ms8FZgXfliAiJHlx6wA-saGWPg9Y_GU08x7JceQAwQ?testcase_id=5023778226831360

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot