Stack-overflow in blink::LayoutSVGContainer::UpdateLayout |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4956759537221632 Fuzzer: attekett_surku_fuzzer Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: Stack-overflow Crash Address: 0x7ffc66a56fa8 Crash State: blink::LayoutSVGContainer::UpdateLayout blink::LayoutSVGViewportContainer::UpdateLayout blink::SVGLayoutSupport::LayoutChildren Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=428077:428329 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4956759537221632 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Apr 1 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/0ed6ce9088448d73aa7466bfe706190b5c28b093 (Remove ASSERT_WITH_SECURITY_IMPLICATION.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Apr 2 2018
There has always been the possibility of stack overflow, so WontFix.
,
Apr 9 2018
ClusterFuzz testcase 4956759537221632 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
Apr 9 2018
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ClusterFuzz
, Apr 1 2018Labels: Test-Predator-Auto-Components