Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on OWNERS file / target commit history.

If this is incorrect, please add ClusterFuzz-Wrong label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/f83007304ba201e3a0ee9eaf198d369aa48f6090 (Add appcache_fuzzer).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

CC'ing Ned (author of the fuzzer) and assigning to Victor (AppCache OWNER).

ClusterFuzz testcase 5093988954275840 appears to be flaky, updating reproducibility label.

Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.

This crash occurs very frequently on windows platform and is likely preventing the fuzzer appcache_fuzzer from making much progress. Fixing this will allow more bugs to be found.

Marking this bug as a blocker for next Beta release.

If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.

Friendly ping for an update from pwnall@ as this is marked as Beta blocker.

Please take a look at this issue marked as M-73/Beta blocker and provide an update.

Is there any update on this? Please review the Beta blocker and adjust if this should not be blocking for M-73. 

Removing ReleaseBlock-Beta - this is reported by our fuzzing infrastructure, not necessarily seen in the wild. Also not new - just found by a new fuzzer. If we had crash reports from the field it'd be a different story.

(Needs a fix, and yay fuzzers, but not a blocker based on the data we have)

Looks the same as  issue 917827  and issue 918233

ClusterFuzz has detected this issue as fixed in range 622247:622250.

Detailed report: https://clusterfuzz.com/testcase?key=5093988954275840

Fuzzer: libFuzzer_appcache_fuzzer
Fuzz target binary: appcache_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000028
Crash State:
  GURL::spec
  content::AppCacheHost::FinishCacheSelection
  content::AppCacheStorageImpl::LoadCache
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=605701:605713
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=622247:622250

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5093988954275840

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5093988954275840 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.