Null-dereference READ in blink::BoxPainter::PaintMaskImages |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5904383884394496 Fuzzer: bj_broddelwerk Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x0000006c Crash State: blink::BoxPainter::PaintMaskImages blink::BoxPainter::PaintMask blink::LayoutBox::PaintMask Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=531437:531438 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5904383884394496 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jan 25 2018
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Jan 25 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/05f80f7a4125ae48603ae5fbda1fe1b64a059673 ([SPv175] Use kSrcOver to paint inline mask). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jan 25 2018
ClusterFuzz has detected this issue as fixed in range 531556:531560. Detailed report: https://clusterfuzz.com/testcase?key=5904383884394496 Fuzzer: bj_broddelwerk Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x0000006c Crash State: blink::BoxPainter::PaintMaskImages blink::BoxPainter::PaintMask blink::LayoutBox::PaintMask Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=531437:531438 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=531556:531560 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5904383884394496 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 25 2018
ClusterFuzz testcase 5904383884394496 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Jan 25 2018
[Auto-generated comment by a script] We noticed that this issue is targeted for M-65; it appears the fix may have landed after branch point, meaning a merge might be required. Please confirm if a merge is required here - if so add Merge-Request-65 label, otherwise remove Merge-TBD label. Thanks.
,
Jan 25 2018
The break happened after m65 branch. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Jan 25 2018