Direct-leak in partitionAllocGenericFlags |
|||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5103264244957184 Fuzzer: libfuzzer_renderer_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: partitionAllocGenericFlags partitionAllocGeneric fastMalloc Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95CSV-QsZcOcDFwQbdxpEbIQM9mFunBCL9IDd-wj68sJOeCbJ_zjUUW37Oj2yj9CCmeJKWtkV2G5UOx-ZZ1wHKRQ_PRoC-8wb1G93zgIi_fuz_4Z5tN5iFfNVASo2Q7qpl4zJSbhmlpVMuKLAExtbtzbLQ_SA Filer: ashejole See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 8 2016
,
Jun 10 2016
,
Jun 16 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5256099045572608 Fuzzer: renderer_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: partitionAllocGenericFlags partitionAllocGeneric fastMalloc Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94lfwmegO8DfgTXZLaW7GyRLKdxeC3HwJtMiIfRrgSI_1VLUKVFWMvUJ1wxIgr1KyuWrDXIiJRK21xh3bzgUH7ZiVNeNdVt2fsxtmzoIuPZHRffskYi9GZc4OXNtl202ilPYNJhkcRrCU-TdCQ9GleiQokR_A Filer: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Jun 16 2016
sky@, could you please help to triage this? I assumed that you may help, because you reviewed the fuzzer previously (https://codereview.chromium.org/2029323005/). Sorry if I'm wrong.
,
Jun 16 2016
blink::CSSSelectorList::adoptSelectorVector is initiating the call to create allocate memory. I'm not familiar with that code. Passing to Ojan who hopefully can assign to the right person.
,
Jul 16 2016
,
Jul 29 2016
ClusterFuzz has detected this issue as fixed in range 408165:408299. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5103264244957184 Fuzzer: libfuzzer_renderer_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: AllocateSlotSet v8::internal::MemoryChunk::AllocateOldToNewSlots AllocateSlotSet Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=397702:398136 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=408165:408299 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96QATxe4YnCWMR_5LU_Xew_EgmDvSB-W42XLAvCCVGUq4Jw9KGmrM_BRXIasVEXeE41MJcqToJzomiu5-i-UlNlpWqV_ajDltXgPuayCZUvZYbHukYyTZkshBYztu1H5_bS3q6WF1PCc-TwFxtSuN25xK8fcw?testcase_id=5103264244957184 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 29 2016
,
Oct 18 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 by ashej...@chromium.org
, Jun 8 2016Labels: Te-Logged