Crash in base::debug::DebugBreak |
|||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5098280683044864 Fuzzer: libfuzzer_html_preload_scanner_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x03e9000065a2 Crash State: base::debug::DebugBreak blink::LinkLoader::getResourceTypeFromAsAttribute blink::TokenPreloadScanner::StartTagScanner::resourceType Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=416298:416360 Minimized Testcase (6.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95GMDYK-6RTi2n7qORoT2DNP8mHxsrYH7PqZaBqSG8unSlKdY0AW1Sw-9scLtyVCyGCG7OaCGtk0OOs3S8bPZ5_27py7PjlAWTzYn5Qs9OMehW5HOzFJwtXNaHh-6u1eSxF1BQGZZ8c8Judh9ewgzAi5HZIYw?testcase_id=5098280683044864 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Nov 14 2016
Definitely not related to my changes but I'll try to look into it anyways. I also wrote this fuzzer.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Nov 29 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/50ccef041685519550b26723c1e6bec74b9f9fc3 commit 50ccef041685519550b26723c1e6bec74b9f9fc3 Author: csharrison <csharrison@chromium.org> Date: Tue Nov 29 13:52:56 2016 Support as=<UPPERCASE VALUE> for link preloads in preload scanner The LinkLoader code assumes all link preloads will have lowercased 'as' values. This is not the case for preloads coming in via the preload scanner. This patch fixes that issue and adds a unit test that reproduces this failure. BUG= 664744 Review-Url: https://codereview.chromium.org/2496343002 Cr-Commit-Position: refs/heads/master@{#434978} [modify] https://crrev.com/50ccef041685519550b26723c1e6bec74b9f9fc3/third_party/WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp [modify] https://crrev.com/50ccef041685519550b26723c1e6bec74b9f9fc3/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
,
Nov 29 2016
,
Nov 30 2016
ClusterFuzz has detected this issue as fixed in range 434974:435013. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5098280683044864 Fuzzer: libfuzzer_html_preload_scanner_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x03e9000065a2 Crash State: base::debug::DebugBreak blink::LinkLoader::getResourceTypeFromAsAttribute blink::TokenPreloadScanner::StartTagScanner::resourceType Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=416298:416360 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=434974:435013 Minimized Testcase (6.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95GMDYK-6RTi2n7qORoT2DNP8mHxsrYH7PqZaBqSG8unSlKdY0AW1Sw-9scLtyVCyGCG7OaCGtk0OOs3S8bPZ5_27py7PjlAWTzYn5Qs9OMehW5HOzFJwtXNaHh-6u1eSxF1BQGZZ8c8Judh9ewgzAi5HZIYw?testcase_id=5098280683044864 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||
►
Sign in to add a comment |
|||
Comment 1 by msrchandra@chromium.org
, Nov 14 2016Components: Infra>Git
Labels: Test-Predator-Wrong-CLs
Owner: csharrison@chromium.org
Status: Assigned (was: Untriaged)