There is a custom data channel. Use clusterfuzz to ensure the parsing is sane.
brettw wrote tests: https://cs.chromium.org/chromium/src/chrome/profiling/memlog_stream_parser_unittest.cc?q=memlog_stream&sq=package:chromium&l=1 I'm not sure more fuzzing is going to be particularly useful right now. Removing the blocking label.
dcheng wants us to have this before launching OOP HP. It should be pretty easy to do.
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e029237704477a178081d7a346581022cf28b173 commit e029237704477a178081d7a346581022cf28b173 Author: erikchen <erikchen@chromium.org> Date: Fri Nov 03 21:08:00 2017 Add fuzzer for memlog stream. Remove unnecessary debugging. This CL adds a fuzzer for the memlog stream. It also removes unnecessary debugging, as the root issue has already been discovered. Bug: 751327 , 765836 Change-Id: I5dff26bf7653204763eeaec4e1930dad127d499b Reviewed-on: https://chromium-review.googlesource.com/751689 Commit-Queue: Erik Chen <erikchen@chromium.org> Reviewed-by: Brett Wilson <brettw@chromium.org> Cr-Commit-Position: refs/heads/master@{#513909} [modify] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/common/profiling/memlog_stream.h [modify] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/BUILD.gn [modify] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/memlog_connection_manager.cc [modify] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/memlog_receiver_pipe_posix.cc [add] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/memlog_stream_fuzzer.cc [add] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/memlog_stream_fuzzer.dict [modify] https://crrev.com/e029237704477a178081d7a346581022cf28b173/chrome/profiling/memlog_stream_parser.cc
Comment 1 by ajwong@chromium.org
, Aug 2 2017