Bus in blink::CopyPixels |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6487606016344064 Fuzzer: noel-image-surku Job Type: linux_cfi_chrome Platform Id: linux Crash Type: Bus Crash Address: 0x7eff053f8000 Crash State: blink::CopyPixels blink::ImageFrameGenerator::DecodeAndScale blink::DecodingImageGenerator::GetPixels Sanitizer: cfi (CFI) Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=523197:523221 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6487606016344064 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Feb 1 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/f579c56a8d3992efa37e4ddbee426749fb02c344 (Move DecodeStashingImageProvider into its own file.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Feb 2 2018
,
Feb 5 2018
Curious how the auto-assigner picked my CL. While it is in a nearby area of code, I don't believe any part of my CL shows up in the callstack. Also, my CL was a simple refactor (moving code from one file to another, no logic changes), although it makes sense that the auto-assigner wouldn't know this. Looking at the error, it seems unlikely that we can come up with a fix without a reproducible testcase (or a debuggable crash dump). Does clusterfuzz produce a dump which can be opened under gdb? I didn't see one, but might have missed something. Duping to the related crash bug which seems to have more info.
,
Mar 1 2018
Issue 817340 has been merged into this issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Feb 1 2018Labels: Test-Predator-Auto-Components