Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5826146647408640 Fuzzer: inferno_twister Job Type: linux_asan_chrome_gpu Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: count <= maxElementCountInBackingStore<T>() in PartitionAllocator.h blink::BlobData::appendBytes blink::Blob::populateBlobData Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_gpu&range=447304:447478 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95r3ocoJMyNwEi9WWIPJuZ---1Jk5z11o9F92GlLd0hViphVeRsYGZg2JQIB9OIGvH3h6YEHjXV6Ln2J5D0vnklJEFpfHmyQv1EsY7z4ZAKobtHMr_f-JyNsTmDkwxcf5iDYqdZ3Q3tciAVY6AmPeB5ZTwqEyGnd4RCmpdFlnAp2pEackc9dREw2r0zWk0AF0u5KRgibvXM7KxbIoSZ8yTkIFZ0y3JV1rM879Ot4NaLI3IAgUd7bXCDpttt7GWdFSxzoKKdcgbtPojazOjMhnugUObv9pXy1iJ6A_ve2yVfPS4yEym5wXUr8ozZACqIA5HKW_kXs1WgvmkN6_8mXHTkuPPIduontT5TzpuFBAF2f96zi2yI_e6bMYB1HoH6o-UN2lXEO3uxHW54_CklgpRr320EUg?testcase_id=5826146647408640 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
sigbjornf@, could you please check and close if it is not feasible. Thank you
ClusterFuzz has detected this issue as fixed in range 460757:461046. Detailed report: https://clusterfuzz.com/testcase?key=5826146647408640 Fuzzer: inferno_twister Job Type: linux_asan_chrome_gpu Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: count <= maxElementCountInBackingStore<T>() in PartitionAllocator.h blink::BlobData::appendBytes blink::Blob::populateBlobData Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_gpu&range=447304:447478 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_gpu&range=460757:461046 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv957vtiXwin1UVyyUwtH5Vpsm-K5_tpYp_fRMPrdobdQGRrXOEyRCxCVDnaY5luusjx6ewxULcXjSpcEDFlzR9sU2k_V0gxF95jzcVTjFd_VPFRh1A-uYA4Do2CDLHWoR9pZRZXTpUohHE8dLgFuuc6e1ztW3b3rG2mdPYL32J-OiIQYoh6ZOLo4XPXF4fm-GD9CMsHcu2iTl-2pexmHRJcme6PykdKZlP_DlVWV-s0tDqvpxl1XP-GDi2OJ1X-a3ic-Mj9S_WjtGOukve1WgOeMn1QCS05vTxhxESdfye6CZgw8kycn05yTFk1o9ViKu-VgF6soHzgr9Oh5rdhownMyHt0BmtrpDHZ9JG7IIu_2HTRGDMzihWtmQ8PSDlPKThKdeTYd40xFfSYhlWROa0WiRXyL3Q?testcase_id=5826146647408640 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Comment 1 by mummare...@chromium.org
, Feb 22 2017Owner: sigbjo...@opera.com
Status: Assigned (was: Untriaged)