Abrt in cc::PaintedScrollbarLayer::RasterizeScrollbarPart |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5358389944385536 Fuzzer: marty_html_twiddler Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: Abrt Crash Address: 0x03e900000001 Crash State: cc::PaintedScrollbarLayer::RasterizeScrollbarPart cc::PaintedScrollbarLayer::Update cc::LayerTreeHost::DoUpdateLayers Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=419755:419848 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5358389944385536 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 11 2017
Hard finding something to chase in this stack, but it doesn't look to be coming from Skia...to compositor team for a look
,
Jul 21 2017
,
Aug 30 2017
Issue 747372 has been merged into this issue.
,
Aug 30 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/71acf7f01a747fcebf2d208261593f78242bc906 commit 71acf7f01a747fcebf2d208261593f78242bc906 Author: Adrienne Walker <enne@chromium.org> Date: Wed Aug 30 23:21:03 2017 Fix OOM crash in PaintedScrollbarLayer If allocating the bitmap for a scrollbar would OOM, then clip that size to something more reasonable. Scrollbar textures are already stretched to the size they need to be, so this will just be fuzzy instead of crashing, which seems like a better alternative. The bug attached here was trying to make a 32767970x30 scrollbar bitmap. (Thanks, fuzzer!) Bug: 726963 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: I08405a92e5d827e7832bb4747de9db5bcfe847c0 Reviewed-on: https://chromium-review.googlesource.com/639236 Commit-Queue: Vladimir Levin <vmpstr@chromium.org> Reviewed-by: Vladimir Levin <vmpstr@chromium.org> Cr-Commit-Position: refs/heads/master@{#498660} [modify] https://crrev.com/71acf7f01a747fcebf2d208261593f78242bc906/cc/layers/painted_scrollbar_layer.cc
,
Aug 31 2017
ClusterFuzz has detected this issue as fixed in range 498655:498677. Detailed report: https://clusterfuzz.com/testcase?key=5358389944385536 Fuzzer: marty_html_twiddler Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: Abrt Crash Address: 0x03e900000001 Crash State: cc::PaintedScrollbarLayer::RasterizeScrollbarPart cc::PaintedScrollbarLayer::Update cc::LayerTreeHost::DoUpdateLayers Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=419755:419848 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=498655:498677 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5358389944385536 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 31 2017
ClusterFuzz testcase 5358389944385536 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Oct 20 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/chromite/+/d1f54eb2ef1807668a09b733a825b562c63a0119 commit d1f54eb2ef1807668a09b733a825b562c63a0119 Author: Allen Li <ayatane@chromium.org> Date: Fri Oct 20 04:15:31 2017 cbuildbot: Fix mode bits for Go binaries BUG= chromium:726963 TEST=Tryjob Change-Id: I58bc0ef0b9dc92a0db17f69cfadf2c16cf26d317 Reviewed-on: https://chromium-review.googlesource.com/726373 Commit-Ready: Allen Li <ayatane@chromium.org> Tested-by: Allen Li <ayatane@chromium.org> Reviewed-by: Prathmesh Prabhu <pprabhu@chromium.org> Reviewed-by: Don Garrett <dgarrett@chromium.org> [modify] https://crrev.com/d1f54eb2ef1807668a09b733a825b562c63a0119/cbuildbot/stages/infra_stages.py |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by msrchandra@chromium.org
, Jun 14 2017Labels: Test-Predator-Wrong-CLs M-60