Author: Blink Reformat
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/1c8e1a7719e9d223cc84e838c9a31a0210f5878b
Time: Sat Oct 01 00:25:32 2016
The CL last changed line 379 of file ThreadState.h, which is stack frame 1.

Author: Blink Reformat
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/1c8e1a7719e9d223cc84e838c9a31a0210f5878b
Time: Sat Oct 01 00:25:32 2016
The CL last changed line 1466 of file ThreadState.cpp, which is stack frame 2.

Author: Blink Reformat
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/1c8e1a7719e9d223cc84e838c9a31a0210f5878b
Time: Sat Oct 01 00:25:32 2016
The CL last changed line 243 of file Persistent.h, which is stack frame 3.

Author: Blink Reformat
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/1c8e1a7719e9d223cc84e838c9a31a0210f5878b
Time: Sat Oct 01 00:25:32 2016
The CL last changed line 97 of file Persistent.h, which is stack frame 4.

Author: tapted
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/e7e804c7d491ea23cfbf5b57a9ec1f8fa78b44a7
Time: Thu May 14 08:03:32 2015
The CL last changed line 497 of file bind_internal.h, which is stack frame 6.

Suspected Project: chromium
Suspected Component: Blink>MemoryAllocator

As per  issue 653046 , assigning to haraken@. please close if already fixed.

Thanks

ClusterFuzz has detected this issue as fixed in range 424939:424963.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5618278024347648

Fuzzer: lcamtuf_cross_fuzz
Job Type: linux_asan_chrome_chromeos
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000010
Crash State:
  blink::ThreadState::freePersistentNode
  base::internal::BindState<void
  device::blink::BatteryMonitor_QueryNextStatus_ForwardToCallback::~BatteryMonitor
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_chromeos&range=419386:419387
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_chromeos&range=424939:424963

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94Q39v40tYEWWHuBHHvjz_D27tj2p03_FXsxGZuhUxLRo83aUKdXJtftep17hXiFKxqhLCqQguuZsXsBvX8obL49ZGz9IokyxHPNTAJf32oo8Unb3EyIRA2r_zOamoFTrt1pXNoZSuPCadOGGfYW9hF57QZ9yLXmh7Gg41EIoBzoAJ3A3k?testcase_id=5618278024347648


Additional requirements: Requires Gestures

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot