Issue 835751 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Owner:	----
Closed:	Apr 2018
Cc:	ifratric@google.com █ brajkumar@chromium.org
Components:	Blink>Fonts
EstimatedDays:	----
NextAction:	----
OS:	Linux , Windows
Pri:	1
Type:	Bug-Regression
Stability-Crash Reproducible Clusterfuzz Stability-UndefinedBehaviorSanitizer Test-Predator-Wrong M-66 CF-NeedsTriage Test-Predator-Auto-Components

Null-dereference READ in blink::FontCache::CrashWithFontInfo

Project Member Reported by ClusterFuzz, Apr 23 2018

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5417480647081984

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  blink::FontCache::CrashWithFontInfo
  blink::FontFallbackIterator::Next
  blink::FontFallbackIterator::Next
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=523880:523906

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5417480647081984

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.

Project Member

Comment 1 by ClusterFuzz, Apr 23 2018

Labels: OS-Windows

Project Member

Comment 2 by ClusterFuzz, Apr 23 2018

Components: Internals>Core Internals>Media
Labels: Test-Predator-Auto-Components

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 3 by brajkumar@chromium.org, Apr 24 2018

Cc: brajkumar@chromium.org
Components: -Internals>Media -Internals>Core Blink>Fonts
Labels: -Type-Bug M-66 Test-Predator-Wrong Type-Bug-Regression

Unable to find actual suspect through code search and also observing no possible suspect CL under regression range, hence adding appropriate label and requesting someone from blink team to look in to this issue.

Thanks!

Comment 4 by kkaluri@chromium.org, Apr 30 2018

Labels: CF-NeedsTriage

Comment 5 by e...@chromium.org, Apr 30 2018

Mergedinto: 561873
Status: Duplicate (was: Untriaged)

Project Member

Comment 6 by ClusterFuzz, Jun 18 2018

ClusterFuzz has detected this issue as fixed in range 567946:567947.

Detailed report: https://clusterfuzz.com/testcase?key=5417480647081984

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  blink::FontCache::CrashWithFontInfo
  blink::FontFallbackIterator::Next
  blink::FontFallbackIterator::Next
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=523880:523906
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=567946:567947

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5417480647081984

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

►

Issue 835751 link

Issue metadata

Null-dereference READ in blink::FontCache::CrashWithFontInfo

Issue description

Comment 1 by ClusterFuzz, Apr 23 2018

Comment 1 Deleted

Comment 2 by ClusterFuzz, Apr 23 2018

Comment 2 Deleted

Comment 3 by brajkumar@chromium.org, Apr 24 2018

Comment 3 Deleted

Comment 4 by kkaluri@chromium.org, Apr 30 2018

Comment 4 Deleted

Comment 5 by e...@chromium.org, Apr 30 2018

Comment 5 Deleted

Comment 6 by ClusterFuzz, Jun 18 2018

Comment 6 Deleted

Sign in to add a comment