Issue 54851 in oss-fuzz: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
6 views
Skip to first unread message
ClusterFuzz-External via monorail
Jan 5, 2023, 8:55:41 PM1/5/23
to gviso...@googlegroups.com
Status: New
Owner: ----
CC: krak...@google.com, a...@adalogics.com, gviso...@googlegroups.com
Labels: Restrict-View-Commit ClusterFuzz Stability-Memory-AddressSanitizer Unreproducible Engine-libfuzzer OS-Linux Proj-gvisor Reported-2023-01-06
Type: Bug
New issue 54851 by ClusterFuzz-External: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851
Detailed Report: https://oss-fuzz.com/testcase?key=6248983800709120
Project: gvisor
Fuzzing Engine: libFuzzer
Fuzz Target: state_load_fuzz
Job Type: libfuzzer_asan_gvisor
Platform Id: linux
Crash Type: Null-dereference READ
Crash Address: 0x000000000010
Crash State:
NULL
Sanitizer: address (ASAN)
Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_asan_gvisor&revision=202301050613
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6248983800709120
Issue filed automatically.
See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.
************************* UNREPRODUCIBLE *************************
Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days, we've been seeing this crash frequently.
It may be possible to reproduce by trying the following options:
- Run testcase multiple times for a longer duration.
- Run fuzzing without testcase argument to hit the same crash signature.
If it still does not reproduce, try a speculative fix based on the crash stacktrace and verify if it works by looking at the crash statistics in the report. We will auto-close the bug if the crash is not seen for 14 days.
******************************************************************
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any stable releases.
* add any other useful information.
This information can help downstream consumers.
If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.
This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
Owner: ----
CC: krak...@google.com, a...@adalogics.com, gviso...@googlegroups.com
Labels: Restrict-View-Commit ClusterFuzz Stability-Memory-AddressSanitizer Unreproducible Engine-libfuzzer OS-Linux Proj-gvisor Reported-2023-01-06
Type: Bug
New issue 54851 by ClusterFuzz-External: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851
Detailed Report: https://oss-fuzz.com/testcase?key=6248983800709120
Project: gvisor
Fuzzing Engine: libFuzzer
Fuzz Target: state_load_fuzz
Job Type: libfuzzer_asan_gvisor
Platform Id: linux
Crash Type: Null-dereference READ
Crash Address: 0x000000000010
Crash State:
NULL
Sanitizer: address (ASAN)
Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_asan_gvisor&revision=202301050613
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6248983800709120
Issue filed automatically.
See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.
************************* UNREPRODUCIBLE *************************
Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days, we've been seeing this crash frequently.
It may be possible to reproduce by trying the following options:
- Run testcase multiple times for a longer duration.
- Run fuzzing without testcase argument to hit the same crash signature.
If it still does not reproduce, try a speculative fix based on the crash stacktrace and verify if it works by looking at the crash statistics in the report. We will auto-close the bug if the crash is not seen for 14 days.
******************************************************************
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any stable releases.
* add any other useful information.
This information can help downstream consumers.
If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.
This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
ClusterFuzz-External via monorail
Jan 19, 2023, 5:22:44 PM1/19/23
to gviso...@googlegroups.com
Updates:
Status: WontFix
Comment #2 on issue 54851 by ClusterFuzz-External: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851#c2
ClusterFuzz testcase 6248983800709120 is flaky and no longer crashes, so closing issue.
If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new
Status: WontFix
Comment #2 on issue 54851 by ClusterFuzz-External: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851#c2
ClusterFuzz testcase 6248983800709120 is flaky and no longer crashes, so closing issue.
If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new
ClusterFuzz-External via monorail
Jan 19, 2023, 5:22:48 PM1/19/23
to gviso...@googlegroups.com
Comment #3 on issue 54851 by ClusterFuzz-External: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851#c3
ClusterFuzz testcase 6248983800709120 is closed as invalid, so closing issue.
sheriffbot via monorail
Jan 21, 2023, 2:46:44 PM1/21/23
to gviso...@googlegroups.com
Updates:
Labels: -restrict-view-commit
Comment #4 on issue 54851 by sheriffbot: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851#c4
This bug has been fixed. It has been opened to the public.
- Your friendly Sheriffbot
Labels: -restrict-view-commit
Comment #4 on issue 54851 by sheriffbot: gvisor:state_load_fuzz: Null-dereference READ with empty stacktrace
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54851#c4
This bug has been fixed. It has been opened to the public.
- Your friendly Sheriffbot
Reply all
Reply to author
Forward
0 new messages