Issue metadata
Sign in to add a comment
|
Null-dereference READ in blink::ThreadState::Current |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6016072892547072 Fuzzer: libFuzzer_v8_serialized_script_value_fuzzer Job Type: mac_libfuzzer_chrome_asan Platform Id: mac Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: blink::ThreadState::Current unsigned char* blink::ThreadHeap::Allocate<WTF::Vector<blink::Member<blink::Mess blink::LLVMFuzzerTestOneInput Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=447329:447345 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6016072892547072 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Sep 1 2017
,
Oct 1 2017
Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.
,
Oct 24 2017
For more information, please see https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md. The link referenced in the description is no longer valid.
,
Nov 7 2017
,
Dec 1 2017
Jeremy, can you take a look? The fuzzer crash is in the SerializedScriptValueFuzzer.
,
Dec 22 2017
This also smells like LLVMFuzzerInitialize not getting called.
,
Dec 22 2017
Indeed, thanks for adding me! I'll land necessary fixes.
,
Dec 22 2017
,
Dec 22 2017
Actually, I'll probably fix those on a per fuzzer basis. Keeping this issue assigned to me.
,
Jan 7 2018
ClusterFuzz has detected this issue as fixed in range 526949:527421. Detailed report: https://clusterfuzz.com/testcase?key=6016072892547072 Fuzzer: libFuzzer_v8_serialized_script_value_fuzzer Job Type: mac_libfuzzer_chrome_asan Platform Id: mac Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: blink::ThreadState::Current unsigned char* blink::ThreadHeap::Allocate<WTF::Vector<blink::Member<blink::Mess blink::LLVMFuzzerTestOneInput Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=447329:447345 Fixed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=526949:527421 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6016072892547072 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 12 2018
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by msrchandra@chromium.org
, Sep 1 2017Labels: Test-Predator-Wrong-CLs M-62
Owner: hajimehoshi@chromium.org
Status: Assigned (was: Untriaged)