Null-dereference READ in blink::ThreadState::ScheduleIdleGC |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4554093283770368 Fuzzer: afl_content_security_policy_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: blink::ThreadState::ScheduleIdleGC blink::NormalPageArena::OutOfLineAllocate AllocateObject Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4554093283770368 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.
,
Sep 12 2017
This CL is a revert of another CL (while sheriffing). Re-assigning to keishi@chromium.org (the creator of that CL) to investigate or re-land (if this CL fixes a null dereference).
,
Sep 12 2017
,
Oct 1 2017
Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.
,
Oct 17 2017
ClusterFuzz testcase 4554093283770368 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Nov 7 2017
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by kkaluri@chromium.org
, Sep 12 2017Components: Blink
Labels: Test-Predator-Wrong
Owner: mgiuca@chromium.org
Status: Assigned (was: Untriaged)