CHECK failure: result || flags & PartitionAllocReturnNull in partition_alloc.h |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6452134531563520 Fuzzer: inferno_twister Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: result || flags & PartitionAllocReturnNull in partition_alloc.h blink::V8Document::createTextNodeMethodCallback v8::internal::FunctionCallbackArguments::Call Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6452134531563520 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Aug 8
assigning to cf sheriff for further triage.
,
Aug 8
This is an OOM situation inside of the DOM method to add a text node. The test case adds a very large string to the DOM 1024 times and goes OOM. The allocation path has no OOM checks. (from the CF issue): #0 0xf7f9ef38 in [vdso] #1 0x639872de in logging::LogMessage::~LogMessage() base/logging.cc:865:7 #2 0x6f41ba26 in PartitionAllocGenericFlags base/allocator/partition_allocator/partition_alloc.h:351:3 #3 0x6f41ba26 in Alloc base/allocator/partition_allocator/partition_alloc.h:370 #4 0x6f41ba26 in BufferMalloc third_party/blink/renderer/platform/wtf/allocator/partitions.h:97 #5 0x6f41ba26 in WTF::StringImpl::CreateUninitialized(unsigned int, unsigned char*&) third_party/blink/renderer/platform/wtf/text/string_impl.cc:115 #6 0x7748acce in CreateUninitialized third_party/blink/renderer/platform/wtf/text/wtf_string.h:366:12
,
Aug 9
It is unclear to me how this issue is related to DOM's implementation directly.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
Ignore the "obsolete fuzzer" messages, we are working on a fix.
,
Aug 20
ClusterFuzz testcase 6452134531563520 is associated with an obsolete fuzzer and can no longer be processed. Please close the issue if it is no longer actionable.
,
Aug 20
Closing these now due to obsolete fuzzer issue, ClusterFuzz should file new ones with fixed testcases. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by kkaluri@chromium.org
, Aug 3