providing Findit results for internal purpose:

Suspected CLs	Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: erg@google.com
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/eae9c0623d1800201739b4be146649103a45cd93
Time: Tue Jan 11 00:50:59 2011
The CL last changed line 782 of file logging.cc, which is stack frame 2.

Author: erg@google.com
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/eae9c0623d1800201739b4be146649103a45cd93
Time: Tue Jan 11 00:50:59 2011
The CL last changed line 504 of file logging.cc, which is stack frame 3.

Author: sugoi@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/6e8e4f83184b28130f22cc8ec184832b0d7aba2a
Time: Mon Nov 18 23:35:21 2013
The CL last changed line 49 of file filter_fuzz_stub.cc, which is stack frame 4.

Author: sugoi@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/6e8e4f83184b28130f22cc8ec184832b0d7aba2a
Time: Mon Nov 18 23:35:21 2013
The CL last changed line 66 of file filter_fuzz_stub.cc, which is stack frame 5.

Author: sugoi@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/6e8e4f83184b28130f22cc8ec184832b0d7aba2a
Time: Mon Nov 18 23:35:21 2013
The CL last changed line 85 of file filter_fuzz_stub.cc, which is stack frame 6.

Suspected Project: chromium

unable to find the culprit, sugoi@ - could you please check the issue and help.

Generally, when a fuzzer crashes, this is related to a code change within skia rather than within the fuzzer itself, especially since the fuzzer hasn't changed since 2013. That being said, maybe the code in skia changed in a way that would require an update to the fuzzer code.

Adding mtklein@ so he can delegate this to the right person.

I don't think I understand.  Skia is not on this stack, is it?  It looks like it's crashing in logging.

Oh, ok, so something changed in the logging code, I guess?  I'll try to find someone who knows about logging.

Also, I don't know what this means:
AddressSanitizer: soft rss limit exhausted (512Mb vs 528Mb)
ASAN:DEADLYSIGNAL

Is this a clusterfuzz issue? Adding mbarbella@, he might have a better understanding of this issue than me.

It basically means that this is an OOM. ASan gives us an option to set an rss limit, and allocations will fail if it's exceeded.

Based on offline chat with Martin I am marking the bug as P2 and someone from skia please take a look at this bug.

Feel free to WontFix if it doesn't seem important to handle OOM in this case. From a security perspective, there are enough ways that a compromised renderer can cause a benign browser crash that we don't really care.

SGTM.  We generally call malloc-or-crash routines... I'd only really be concerned here if we actively saw Skia on the stack still trying to do its thing after not crashing when it should have.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot