message_buffer_.size() + chunk.data.size() <= message_buffer_size_ in devtools_a |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5044426460364800 Fuzzer: ipc_fuzzer_gen Job Type: windows_asan_chrome_ipc Platform Id: windows Crash Type: CHECK failure Crash Address: Crash State: message_buffer_.size() + chunk.data.size() <= message_buffer_size_ in devtools_a content::DevToolsMessageChunkProcessor::ProcessChunkedMessageFromAgent content::RenderFrameDevToolsAgentHost::OnDispatchOnInspectorFrontend Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_asan_chrome_ipc&range=405858:405980 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv948rspsx0z9Bo68HGjY9-ItAmlKSqKdyJ0uu72nmS6pxp5Hwww9R2kObwdH_PX5V_49qWsrJG6UClQzdHLpnMp12FFTyp5y6sVO9n8ArNO-q6ECMgAp8vfrmWmDm5TF68oNsHUPA43TiW94Au81am5_Rp7U5NPdLp_33-HDJoKa-3v3oZo?testcase_id=5044426460364800 Additional requirements: Requires Gestures Filer: mummareddy See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 18 2016
I don't think this has anything to do with changes in render_process_host_impl.cc Over to devtools for triage
,
Jul 30 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ada1f290086ca075071746783931ddbe3b653d5f commit ada1f290086ca075071746783931ddbe3b653d5f Author: pfeldman <pfeldman@chromium.org> Date: Sat Jul 30 01:39:06 2016 DevTools: do not CHECK devtools messages received from renderer in the browser, issue bad_message instead. BUG= 629307 Review-Url: https://codereview.chromium.org/2198503002 Cr-Commit-Position: refs/heads/master@{#408836} [modify] https://crrev.com/ada1f290086ca075071746783931ddbe3b653d5f/content/browser/bad_message.h [modify] https://crrev.com/ada1f290086ca075071746783931ddbe3b653d5f/content/browser/devtools/devtools_agent_host_impl.cc [modify] https://crrev.com/ada1f290086ca075071746783931ddbe3b653d5f/content/browser/devtools/devtools_agent_host_impl.h [modify] https://crrev.com/ada1f290086ca075071746783931ddbe3b653d5f/content/browser/devtools/render_frame_devtools_agent_host.cc [modify] https://crrev.com/ada1f290086ca075071746783931ddbe3b653d5f/tools/metrics/histograms/histograms.xml
,
Aug 1 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||||
►
Sign in to add a comment |
||||
Comment 1 by mummare...@chromium.org
, Jul 18 2016Owner: roc...@chromium.org
Status: Assigned (was: Available)