New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 668417 link

Starred by 2 users
Status: Verified
Owner:
asanka@chromium.org
Closed: Mar 2017
Cc:
csharrison@chromium.org
asanka@chromium.org
brajkumar@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Crash in base::debug::DebugBreak

Project Member Reported by ClusterFuzz, Nov 24 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5016379649687552

Fuzzer: libfuzzer_net_http_proxy_client_socket_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e9000062bc
Crash State:
  base::debug::DebugBreak
  net::HttpAuthController::ResetAuth
  _start
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=433648:433747

Minimized Testcase (0.29 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv95FM-EFIbYBwQUPvCWRdMhSHHSI5oNTTyRqubdqYDcbVWcVyjjiaaFGvg629488x6ph6-0DNsJPWmOzry77vLKq49uM8wCOCgs3fVRRV8n4ex39IbKFbQ8OiotyDjNXb549mpuhhHj-ctZCNRYDxexIrmBeNQ?testcase_id=5016379649687552
HTTP/6.0 407
Proxy-AUthenticate:Digest nonce=0Ci�(�
Content-Length: 0

5Psi\^*HTHTTP 407colon
Proxy-Authenticate:Digest stale=truE,"HHTTP 407
Proxy-Authenticate:Digest nonce=0Ce:Basic
Conloe1�./814
Proxy-Authenticate: basic

,oxy-Authenticate:Digesnce=0Ce:ascate:Digest nonce=0HTHTTP 407


Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by ajha@chromium.org, Nov 24 2016

Labels: M-57

Comment 2 by sigbjo...@opera.com, Nov 25 2016

Components: Internals>Network>Auth

Comment 3 by brajkumar@chromium.org, Jan 18 2017

Cc: brajkumar@chromium.org
Labels: -Type-Bug Test-Predator-Wrong Type-Bug-Regression
Owner: csharrison@chromium.org
Status: Assigned (was: Untriaged)
Find it and CL did not provide any possible suspect.
Using code search for file "http_proxy_client_socket_fuzzer.cc" from line #31 suspecting the below change
Review URL: https://codereview.chromium.org/2250263003

csharrison@ - Observed some changes on this file so assigning to you, could you please check if this is caused with respect to your change, if not please help us in reassign the issue to the right owner.

Thanks!

Comment 4 by csharrison@chromium.org, Jan 18 2017

Cc: asanka@chromium.org csharrison@chromium.org
Owner: ----
Status: Available (was: Assigned)
Marking as untriaged so an auth person can take a look. Asanka, you're the only one I know who triages this component :) so cc.

Comment 5 by csharrison@chromium.org, Jan 18 2017

Status: Untriaged (was: Available)

Comment 6 by asanka@chromium.org, Jan 20 2017

Owner: asanka@chromium.org
Status: Assigned (was: Untriaged)
I'll have a look, but it will have to be next week when I'm back in the office.
Project Member

Comment 7 by ClusterFuzz, Mar 8 2017 

ClusterFuzz has detected this issue as fixed in range 455091:455226.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5016379649687552

Fuzzer: libfuzzer_net_http_proxy_client_socket_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e900001f86
Crash State:
  base::debug::DebugBreak
  net::HttpAuthController::ResetAuth
  _start
  
Sanitizer: address (ASAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=433648:433747
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226

Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97YQ8ozovdojkuWp7vqntYzUElP0-1xrKKDQnOk8Gbxe9gV7lrtSyYlGb2XgMOCkOmdwv3rLoM10bHSKkSECjBBAIAARWi80-77OTqbSmIK2KyvzMHhjqKt5npFwl9_EM4VbTC9ZoDOC0FbaJw6MSOTWjG1okFX5G_dgeZIwmh8ICbY_rSdlUPkcoytx2yQqCuOPm0H1vMn4LFE0gehIitK6rsapF4zXtr7MKna7YIkTh5Fp7GfQ5H2p3iGvYAwSq0HoOeAF1Kw4jBKa6AR4KzbT-75utNuvcusTsHGCbHT4hYYlp8wGFS1TygUvU-5DkF2nYUMFJ97UzNla2wpIRx3zLocj7MR9YOjFhi3aNXtNj22rGo?testcase_id=5016379649687552


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 8 by ClusterFuzz, Mar 8 2017

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)
ClusterFuzz testcase 5016379649687552 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment