Heap-use-after-free in test_runner::WebWidgetTestClient::AnimateNow |
|||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4684808261992448 Fuzzer: inferno_twister Job Type: mac_asan_content_shell Platform Id: mac Crash Type: Heap-use-after-free READ 8 Crash Address: 0x6160000a2980 Crash State: test_runner::WebWidgetTestClient::AnimateNow base::debug::TaskAnnotator::RunTask base::sequence_manager::internal::ThreadControllerImpl::DoWork Sanitizer: address (ASAN) Recommended Security Severity: High Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=502229:502259 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4684808261992448 Additional requirements: Requires HTTP Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jun 6 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/a40712f84aed485b3da6d212938e330ae3b85605 (Mojofy DidCommitProvisionalLoad.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jun 6 2018
,
Jun 6 2018
Is this another test_runner-only bug? If so, we can stop following it as a security bug.
,
Jun 7 2018
,
Jun 7 2018
,
Jun 7 2018
,
Jun 11 2018
I'm going to take this out of the security queue; I think it's another test_runner-only thing.
,
Jun 13 2018
,
Jul 12
ClusterFuzz testcase 4684808261992448 appears to be flaky, updating reproducibility label.
,
Jul 28
ClusterFuzz testcase 4684808261992448 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by ClusterFuzz
, Jun 6 2018Labels: Test-Predator-Auto-Components