New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 661037 link

Starred by 1 user
Status: Verified
Owner:
jperaza@chromium.org
Closed: Mar 2017
Cc:
everestmz@chromium.org
mmoroz@chromium.org
wfh@chromium.org
ta...@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Crash in google_breakpad::MinidumpModule::debug_file

Project Member Reported by ClusterFuzz, Nov 1 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4573122734063616

Fuzzer: libfuzzer_minidump_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  google_breakpad::MinidumpModule::debug_file
  google_breakpad::MinidumpModule::debug_file
  google_breakpad::BasicCodeModule::BasicCodeModule
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=415984:416149

Minimized Testcase (1.34 Kb): https://cluster-fuzz.appspot.com/download/AMIfv9547YhB6H2_KdhxYFloJzfbphWkEkF4HZJNbcm5WrmcHeHKZ5wRjTik8xYaXyz2jdQ4PHUSALS5aZ4c-NsjhHNt5FkB31lRBQSzkUwmgTMqPgRYsv_BUArUoDSIb-pNv0JGL3l6jyRLcQWRJLAQIHWa-iQ-8Q?testcase_id=4573122734063616

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by mmohammad@chromium.org, Nov 1 2016

Owner: ivanpe@chromium.org
Status: Assigned (was: Untriaged)
ivanpe@ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

Comment 2 by mmoroz@chromium.org, Nov 9 2016

Cc: mmoroz@chromium.org wfh@chromium.org
Components: Internals>CrashReporting
Project Member

Comment 3 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 4 by ivanpe@chromium.org, Mar 3 2017

Owner: jperaza@chromium.org

Comment 5 by ta...@google.com, Mar 3 2017

Cc: ta...@google.com everestmz@chromium.org
Project Member

Comment 6 by ClusterFuzz, Mar 8 2017 

ClusterFuzz has detected this issue as fixed in range 455109:455254.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4573122734063616

Fuzzer: libfuzzer_minidump_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  google_breakpad::MinidumpModule::debug_file
  google_breakpad::MinidumpModule::debug_file
  google_breakpad::BasicCodeModule::BasicCodeModule
  
Sanitizer: address (ASAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=415984:416149
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=455109:455254

Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94jfhKm0WUHt_tB5e9huUXEy8FyXgDllARtEriVro3rWzYPup1-BHsTSYCpVrSCl35ppVOlGP33olSJ8yu2YO_u5WRav75WVrugzNLEH9XRzm73My322HkGpATQ9-1rpS7D_zceUBGUfzey_fFkXhNwD2mKHNQevEsiecnrtJfMjvgrRsKdCMs1B-5VrwAAG2wTATWI2TL5WkKwXGrrQtD2JVC1Kdr_j8gFSwps3EoPweJ7qHyU1kNGGzglLSyycPnnGXuLZuEuLQPvUmbxpP73bWAqx5gQnLjZ8Chl_15wtxmNXVyBTlbq01ZviuDms8C9HmNOAwWM4bF_nKuYO1kPevK2VBINOnYs835Ufa0TTEfbX7s?testcase_id=4573122734063616


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 7 by ClusterFuzz, Mar 8 2017

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)
ClusterFuzz testcase 4573122734063616 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
Project Member

Comment 8 by bugdroid1@chromium.org, Mar 8 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/breakpad/breakpad/+/5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f

commit 5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f
Author: Joshua Peraza <jperaza@chromium.org>
Date: Wed Mar 08 21:31:16 2017

Fix segfault when interpreting bad debug_file

BUG= chromium:661037 

Change-Id: Ia4da0bd9787c232a6a199cfdfccfbed60c2515c2
Reviewed-on: https://chromium-review.googlesource.com/450090
Reviewed-by: Joshua Peraza <jperaza@chromium.org>

[modify] https://crrev.com/5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f/src/processor/minidump.cc
Project Member

Comment 9 by bugdroid1@chromium.org, Mar 8 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/breakpad/breakpad/+/5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f

commit 5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f
Author: Joshua Peraza <jperaza@chromium.org>
Date: Wed Mar 08 21:31:16 2017

Fix segfault when interpreting bad debug_file

BUG= chromium:661037 

Change-Id: Ia4da0bd9787c232a6a199cfdfccfbed60c2515c2
Reviewed-on: https://chromium-review.googlesource.com/450090
Reviewed-by: Joshua Peraza <jperaza@chromium.org>

[modify] https://crrev.com/5dbd93a0f8b8a79b00c74fe92a6806a8ff6f5b6f/src/processor/minidump.cc

Sign in to add a comment