Issue metadata
Sign in to add a comment
|
Heap-use-after-free in test_runner::WebFrameTestClient::DidAddMessageToConsole |
||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6483154689589248 Fuzzer: inferno_twister Job Type: mac_asan_content_shell Platform Id: mac Crash Type: Heap-use-after-free READ 8 Crash Address: 0x61100005e528 Crash State: test_runner::WebFrameTestClient::DidAddMessageToConsole test_runner::WebFrameTestProxy<content::RenderFrameImpl, content::RenderFrameImp blink::ChromeClientImpl::AddMessageToConsole Sanitizer: address (ASAN) Recommended Security Severity: High Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=338204:338244 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6483154689589248 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
May 25 2018
Looks like this is in the content_shell test runner, and given the blame is from 2015, I don't think this is really actionable.
,
Jun 1 2018
ClusterFuzz testcase 6483154689589248 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
Aug 31
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by ClusterFuzz
, May 25 2018