Direct-leak in scoped_refptr<cc::PaintTextBlob> base::MakeRefCounted<cc::PaintTextBlob, sk_sp<S |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5862082984804352 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: scoped_refptr<cc::PaintTextBlob> base::MakeRefCounted<cc::PaintTextBlob, sk_sp<S cc::PaintOpReader::Read cc::DrawTextBlobOp::Deserialize Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=527050:527055 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5862082984804352 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Jan 5 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/a264968728b7744f360800784b8c199ef9e1938e (oop: Ignore DrawTextBlob ops in the paint op buffer equality fuzzer.). If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
,
Jan 5 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/cf8a6580c48887c3bf9148158c04aabfa077aa75 commit cf8a6580c48887c3bf9148158c04aabfa077aa75 Author: Vladimir Levin <vmpstr@chromium.org> Date: Fri Jan 05 18:44:44 2018 oop: Destroy the ignored eq fuzzer op to prevent leaks. My previous patch in the equality fuzzer neglected to destroy the op that is being ignored, which causes leaks. This patch fixes it. R=enne@chromium.org Bug: 799368 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel Change-Id: Ic1424ffc588d48b339764994fb59de0307ad2632 Reviewed-on: https://chromium-review.googlesource.com/852478 Commit-Queue: enne <enne@chromium.org> Reviewed-by: enne <enne@chromium.org> Cr-Commit-Position: refs/heads/master@{#527334} [modify] https://crrev.com/cf8a6580c48887c3bf9148158c04aabfa077aa75/cc/paint/paint_op_buffer_eq_fuzzer.cc
,
Jan 5 2018
,
Jan 6 2018
ClusterFuzz has detected this issue as fixed in range 527331:527341. Detailed report: https://clusterfuzz.com/testcase?key=5862082984804352 Fuzzer: libFuzzer_paint_op_buffer_eq_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: scoped_refptr<cc::PaintTextBlob> base::MakeRefCounted<cc::PaintTextBlob, sk_sp<S cc::PaintOpReader::Read cc::DrawTextBlobOp::Deserialize Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=527050:527055 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=527331:527341 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5862082984804352 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 6 2018
ClusterFuzz testcase 5862082984804352 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Jan 5 2018Labels: Test-Predator-Auto-Components