New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 820713 link

Starred by 1 user
Status: WontFix
Owner:
enne@chromium.org
Closed: Mar 2018
Cc:
brajkumar@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Abrt in [vdso]

Project Member Reported by ClusterFuzz, Mar 10 2018 
Detailed report: https://clusterfuzz.com/testcase?key=5034319257796608

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_v8_arm
Platform Id: linux

Crash Type: Abrt
Crash Address: 0x00000001
Crash State:
  [vdso]
  cc::PaintedScrollbarLayer::RasterizeScrollbarPart
  cc::PaintedScrollbarLayer::Update
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=524630:524632

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5034319257796608

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
Project Member

Comment 1 by ClusterFuzz, Mar 10 2018

Components: Internals>Compositing
Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 2 by brajkumar@chromium.org, Mar 13 2018

Cc: brajkumar@chromium.org
Labels: M-67 Test-Predator-Wrong
Owner: enne@chromium.org
Status: Assigned (was: Untriaged)
This issue looks similar to  bug 786740 , hence assigning to the same dev for more updates on this issue.

enne@ Could you please take a look in to this issue?

Thanks!

Comment 3 by enne@chromium.org, Mar 13 2018

Labels: -Pri-1 -Clusterfuzz -M-67 ClusterFuzz-Ignore Pri-2
Status: WontFix (was: Assigned)
I'm unable to reproduce this locally.

This is an OOM crash.  I've already added some logic in to make the max dimension of the scrollbar to be 8k if the allocation fails which ends up being 8k x 16 pixels wide x 4 bytes per color = ~500k.  It's possible there's a bug here where maybe the scrollbar can be extremly wide or take up way more than this, but it seems unlikely.

I'm going to WontFix this one.
Project Member

Comment 4 by ClusterFuzz, Mar 20 2018

Labels: Needs-Feedback
ClusterFuzz testcase 5034319257796608 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Comment 5 by enne@chromium.org, Mar 20 2018

Labels: -Needs-Feedback
Project Member

Comment 6 by ClusterFuzz, Jul 11 

ClusterFuzz has detected this issue as fixed in range 574099:574100.

Detailed report: https://clusterfuzz.com/testcase?key=5034319257796608

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_v8_arm
Platform Id: linux

Crash Type: Abrt
Crash Address: 0x00000001
Crash State:
  cc::PaintedScrollbarLayer::RasterizeScrollbarPart
  cc::PaintedScrollbarLayer::Update
  cc::PaintedScrollbarLayer::Update
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=524630:524632
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=574099:574100

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5034319257796608

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Sign in to add a comment