parsed_output == double_parsed_output. Parser/Writer mismatch. |
||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4534161798070272 Fuzzer: libfuzzer_base_json_correctness_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: parsed_output == double_parsed_output. Parser/Writer mismatch. libpthread.so.0 base::debug::DebugBreak Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94jnlX0QzIsVGqN_hmCl5wmZbuX5P61PxyzOyE3HhWbFyRyjpHg8rJV8SrXPD4YBDpQyY7YfFW-7srcVA_7IydE0GQzONU4y-yCPKaWV5jNieEI91BELQ2mauHfmfb9zmXRFDvEPY3OjTS5RVWrl8Y8mn6BT5loR_FuqkZjZkmluFllc2SebgtWFVCfwG0w0GU5evTaHi3jcGGTbjWXqOFN-cKEjoph58H5UA_15xefuZSDx8GfZXB5P0rzVXm1ymzJG3TqGSBzvUbnxVKlxqybV20Q7CXH9cu31zx1R5PClq8DulO4rpqw-f1Q8Cf9p-ZlRHsJxF522g95IFtpFYczhaKPVGJqcFpnQJKI3IXTYXIvi8g?testcase_id=4534161798070272 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Mar 8 2017
The CL that introduced the fuzzer notes: "It's probably worth pointing out that the base json parser is not meant to be security hardened and handle invalid json. So depending on what kind of fuzzing you're doing we may or may not want to act on the results. See https://bugs.chromium.org/p/chromium/issues/detail?id=644664#c5." It's unclear from this report whether the behavior encountered is expected.
,
Mar 8 2017
Even if the fuzzer isn't secure, it is probably assumed that it is correct. I.e. if you serialize data, read it back and serialize again, then it should match. This is what the fuzzer checks.
,
Apr 18 2017
ClusterFuzz has detected this issue as fixed in range 464993:465034. Detailed report: https://clusterfuzz.com/testcase?key=4534161798070272 Fuzzer: libfuzzer_base_json_correctness_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: parsed_output == double_parsed_output. Parser/Writer mismatch. base::debug::DebugBreak _start Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=464993:465034 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv96RKph3lMWZai_nU_JqKJqzj8UNOejlmERI12Mk9I_0XNvsYhnUSJBSxp6pImydYp4UULjTuIddRHNcWTtx5gkGNxnxbthN7v7-USYOfa_F6OOUSlUiUCToNeGbQuo7pHZ0561r0my_HiLafHK0drcYLwo6544FiLTail2UNl6VDMzlzZb778uZHIsx2xLMHgLTscf5-q37s0c7z-C7i0AxMwC3s_EjcVj8l9FfSt8haNoQYCDqpGeGflk7HH0icxSwUnIAz7XslbrjepScrhT6NsO1YUiUof2e_MtgOlnIdatSacCKqjyUaEC752qzegNbUsujNGf6M7CErG3PppUbllQRRRr9vdG8uXmN_fkFkah9vbk?testcase_id=4534161798070272 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Apr 18 2017
ClusterFuzz testcase 4534161798070272 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||
►
Sign in to add a comment |
||
Comment 1 by durga.behera@chromium.org
, Mar 8 2017Labels: Test-Predator-Correct-CLs M-59
Owner: aizatsky@chromium.org
Status: Assigned (was: Untriaged)