Null-dereference READ in chrome |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4797277483565056 Fuzzer: inferno_twister Job Type: linux_cfi_chrome Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x00000000003d Crash State: chrome blink::InlineBox::LogicalLeft blink::RootInlineBox::ClosestLeafChildForLogicalLeftPosition Sanitizer: cfi (CFI) Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=523878:523922 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4797277483565056 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
May 28 2018
Unable to find actual suspect through code search and also observing no related CL's under regression range, hence adding appropriate label and requesting someone from blink team to look in to this issue. Thanks!
,
May 29 2018
Not a security issue and not seen in the wild. This code is going away relatively soon so marking as WontFix.
,
Jun 5 2018
ClusterFuzz testcase 4797277483565056 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, May 26 2018Labels: Test-Predator-Auto-Components