New issue
Advanced search Search tips

Issue 636836 link

Starred by 1 user
Status: WontFix
Owner:
pkotw...@chromium.org
Closed: Dec 2016
Cc:
jam@chromium.org
pkotw...@chromium.org
nyerramilli@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Crash in content::WebContentsImpl::OnUpdateFaviconURL

Project Member Reported by ClusterFuzz, Aug 11 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5741165607649280

Fuzzer: ipc_fuzzer_gen
Job Type: windows_asan_chrome_ipc
Platform Id: windows

Crash Type: UNKNOWN READ
Crash Address: 0x00000024
Crash State:
  content::WebContentsImpl::OnUpdateFaviconURL
  IPC::MessageT<struct ViewHostMsg_UpdateFaviconURL_Meta,class std::tuple<class st
  content::WebContentsImpl::OnMessageReceived
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_asan_chrome_ipc&range=411257:411277

Minimized Testcase (0.43 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94F9C6w57bhG5oQX3_-UlYSv7q2r1x_9t1-JqZnhuXJQ9MfmjqvgmFbCrBzaHFkFzYdEfY9zb9Z_BJjU1N7slY8HnNQ6NSGPN2l576Gx3Qpt73w1GOd_6hkalzLHMVceDw8UpJZD57ZWzeLp7t-3MWDkaf3_Q?testcase_id=5741165607649280

Issue manually filed by: nyerramilli

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by nyerramilli@google.com, Aug 11 2016

Cc: nyerramilli@chromium.org
Components: Tools>Test>FindIt>WrongResult
Labels: M-54 findit-wrong Te-Logged
Owner: f...@chromium.org
Status: Assigned (was: Untriaged)
Providing Findit results for internal purpose:
Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: pkotwicz
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f9bc2059a2053a7e43b94b23a8047a42939934b8
Time: Tue Apr 21 18:57:06 2015
The CL last changed line 3808 of file web_contents_impl.cc, which is stack frame 0.

Author: mdempsky
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/8a5190449d48e06efa581390426dfa3bb6750f4c
Time: Tue Feb 09 05:41:47 2016
The CL last changed line 120 of file ipc_message_templates.h, which is stack frame 1.

Author: dimich@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/41225fe51b815b70bdc6df2775fa3f36bd832171
Time: Fri Mar 29 05:32:02 2013
The CL last changed line 739 of file web_contents_impl.cc, which is stack frame 2.

Author: jam@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f114fa461f5dbdf55ae5805983167f90b6cc9166
Time: Fri Dec 06 17:06:44 2013
The CL last changed line 4041 of file web_contents_impl.cc, which is stack frame 3.

Author: jam@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f114fa461f5dbdf55ae5805983167f90b6cc9166
Time: Fri Dec 06 17:06:44 2013
The CL last changed line 545 of file render_frame_host_impl.cc, which is stack frame 4.

Author: nasko@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/039b84a4289dc5e816ed645c127129a97c060c9a
Time: Fri Jun 21 20:23:37 2013
The CL last changed line 1857 of file render_process_host_impl.cc, which is stack frame 5.

Author: initial.commit
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/09911bf300f1a419907a9412154760efd0b7abc3
Time: Sat Jul 26 23:55:29 2008
The CL last changed line 314 of file ipc_channel_proxy.cc, which is stack frame 6.

Suspected Project: chromium
Suspected Component: Internals>Core

using codesearch, seeing some changes to 'web_contents_impl.cc' in
felt@, Could you please check the above issue & help us in finding an owner it its not yours.

Comment 2 by f...@chromium.org, Aug 13 2016

Owner: ----
Status: Untriaged (was: Assigned)
I have no idea, none of these changes are related to anything I've worked on, nor are any of my CLs in the regression range

Comment 3 by mmohammad@chromium.org, Sep 13 2016

Cc: jam@chromium.org pkotw...@chromium.org mdempsky@chromium.org

Comment 4 by kateso...@chromium.org, Oct 18 2016

Components: -Tools>Test>FindIt>WrongResult
Labels: Test-Predator-Wrong

Comment 5 by mmohammad@chromium.org, Nov 3 2016

Owner: mdempsky@chromium.org
Status: Assigned (was: Untriaged)
mdempsky @ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

Comment 6 by mdempsky@chromium.org, Nov 3 2016

Cc: -mdempsky@chromium.org
Owner: mmohammad@chromium.org
mmohammad: Sorry, I'm not on Chrome anymore. Also, every time I've been assigned a bug for ipc_message_templates.h, it has turned out to be a false positive. It's almost certainly somewhere else.

Comment 7 by mmohammad@chromium.org, Nov 3 2016

Owner: ----
Status: Untriaged (was: Assigned)
sure. Thank you

Comment 8 by pkotw...@chromium.org, Nov 4 2016

Owner: pkotw...@chromium.org
Status: Assigned (was: Untriaged)
Project Member

Comment 9 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 10 by ClusterFuzz, Dec 22 2016

Status: WontFix (was: Assigned)
ClusterFuzz testcase 5741165607649280 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment