all description is in "Other comments"
Reported by
28ask...@gmail.com,
Aug 11 2017
|
|||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36 Steps to reproduce the problem: 1. all description is in "Other comments" 2. 3. What is the expected behavior? What went wrong? [11496.770324] traps: chromium[14951] trap int3 ip:2c7f003ca7 sp:7ffcff4c2ba0 error:0 Crashed report ID: How much crashed? Whole browser Is it a problem with a plugin? No Did this work before? N/A Chrome version: 60.0.3112.90 Channel: stable OS Version: Flash Version: Shockwave Flash 26.0 r0 To whom it my concern, I found a vulnerability on chromium 60.0.3112.90. The sample of "dmesg": [11496.770324] traps: chromium[14951] trap int3 ip:2c7f003ca7 sp:7ffcff4c2ba0 error:0 The file is attached on this report. Email: constantine@mailfa.com Best Regards
,
Aug 12 2017
To whom it may concern, would you please let me know about my report's status? should i stay for you answer ?
,
Aug 14 2017
Thanks for your report. Tested the issue on ubuntu 14.04 using chrome M60 #60.0.3112.90 and followed steps : 1. Downloaded given html file and observed no crash. @28askari-- Could you please provide us the crash id from chrome://crashes and also please try in a fresh chrome profile without any extensiona and flags enabled and update us with observations. Thanks!
,
Aug 14 2017
Thank you Crash ID: crash/9fb8ff04c2b58443
,
Aug 14 2017
Thank you for providing more feedback. Adding requester "hdodda@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 14 2017
Thank you Crash ID: crash/9fb8ff04c2b58443
,
Aug 16 2017
28askari@ : Thanks for the issue Able to reproduce this issue on Windows 7 using chrome latest stable 60.0.3112.101 and canary 62.0.3187.0. This is a Non-regression issue which is observed 45.0.2454.103 chrome version. Note: This issue is not reproducible on Ubuntu 14.04 and Mac OS using chrome latest stable 60.0.3112.101 and canary 62.0.3187.0. From the given Crash ID: 9fb8ff04c2b58443, looks like this crash happened due to OutOfMemory. Below is the Stack Trace for the same :- Thread 0 (id: 2272) CRASHED [Out of Memory @ 0x753f0f63 ] MAGIC SIGNATURE THREAD Stack Quality79%Show frame trust levels 0x753f0f63 (KERNELBASE.dll + 0x00010f63 ) RaiseException 0x62193254 (chrome_child.dll -partitions.cpp:143 ) WTF::PartitionsOutOfMemoryUsing128M 0x621931f0 (chrome_child.dll -partitions.cpp:185 ) WTF::Partitions::HandleOutOfMemory() 0x61b13106 (chrome_child.dll -partition_alloc.cc:266 ) base::PartitionOutOfMemory 0x61471e8b (chrome_child.dll -partition_alloc.cc:818 ) base::PartitionAllocSlowPath(base::PartitionRootBase *,int,unsigned int,base::PartitionBucket *) 0x6163e618 (chrome_child.dll -partitionallocator.h:43 ) WTF::PartitionAllocator::AllocateVectorBacking<std::unique_ptr<blink::GraphicsContextState,std::default_delete<blink::GraphicsContextState> > >(unsigned int) 0x6126259c (chrome_child.dll -vector.h:373 ) WTF::VectorBufferBase<blink::CSSParserToken,1,WTF::PartitionAllocator>::AllocateExpandedBuffer(unsigned int) 0x60e36248 (chrome_child.dll -csstokenizer.cpp:34 ) blink::CSSTokenizer::CSSTokenizer(WTF::String const &) 0x60f01e16 (chrome_child.dll -cssparserimpl.cpp:57 ) blink::CSSParserImpl::ParseValue(blink::MutableStylePropertySet *,blink::CSSPropertyID,WTF::String const &,bool,blink::CSSParserContext const *) 0x60f3c570 (chrome_child.dll -parser-base.h:3426 ) v8::internal::ParserBase<v8::internal::Parser>::ParseMemberWithNewPrefixesExpression(bool *,bool *) 0x60f3b9bb (chrome_child.dll -parser-base.h:1987 ) v8::internal::ParserBase<v8::internal::Parser>::ParseExpressionCoverGrammar(bool,bool *) 0x60fc7990 (chrome_child.dll -builtins-api.cc:216 ) v8::internal::Builtins::InvokeApiFunction(v8::internal::Isolate *,bool,v8::internal::Handle<v8::internal::HeapObject>,v8::internal::Handle<v8::internal::Object>,int,v8::internal::Handle<v8::internal::Object> * const,v8::internal::Handle<v8::internal::HeapObject>) 0x60d77b24 (chrome_child.dll -execution.cc:88 ) v8::internal::`anonymous namespace'::Invoke 0x60fc9a1f (chrome_child.dll -execution.cc:207 ) v8::internal::Execution::New(v8::internal::Isolate *,v8::internal::Handle<v8::internal::Object>,v8::internal::Handle<v8::internal::Object>,int,v8::internal::Handle<v8::internal::Object> * const) 0x60fc99cb (chrome_child.dll -api.cc:5246 ) v8::Function::NewInstance(v8::Local<v8::Context>,int,v8::Local<v8::Value> * const) 0x6103e075 (chrome_child.dll -hashtable.h:1782 ) WTF::HashTable<blink::WeakMember<blink::CSSStyleSheet>,blink::WeakMember<blink::CSSStyleSheet>,WTF::IdentityExtractor,WTF::MemberHash<blink::CSSStyleSheet>,WTF::HashTraits<blink::WeakMember<blink::CSSStyleSheet> >,WTF::HashTraits<blink::WeakMember<blink::CSSStyleSheet> >,blink::HeapAllocator>::Rehash(unsigned int,blink::WeakMember<blink::CSSStyleSheet> *) 0x6103e02b (chrome_child.dll -hashtable.h:1635 ) WTF::HashTable<blink::WeakMember<blink::CSSStyleSheet>,blink::WeakMember<blink::CSSStyleSheet>,WTF::IdentityExtractor,WTF::MemberHash<blink::CSSStyleSheet>,WTF::HashTraits<blink::WeakMember<blink::CSSStyleSheet> >,WTF::HashTraits<blink::WeakMember<blink::CSSStyleSheet> >,blink::HeapAllocator>::Expand(blink::WeakMember<blink::CSSStyleSheet> *) 0x60e329f0 (chrome_child.dll -kurl.cpp:260 ) blink::KURL::KURL(blink::KURL const &) Thanks
,
Jun 1 2018
This is a generic OOM error. Crash report no longer exists. Closing stale issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by manoranj...@chromium.org
, Aug 11 2017