Crash in void fuzzer::TracePC::IterateInline8bitCounters<fuzzer::TracePC::InitializeUnsta |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6321468657631232 Fuzzer: libFuzzer_appcache_manifest_parser_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x3a0000298107 Crash State: void fuzzer::TracePC::IterateInline8bitCounters<fuzzer::TracePC::InitializeUnsta Sanitizer: address (ASAN) Recommended Security Severity: Medium Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6321468657631232 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.
,
Aug 31
The following revision refers to this bug: https://chrome-internal.googlesource.com/chrome/tools/clusterfuzz/+/d748d70d1ddd75fbe4ef99c1cb83658d4c6fb61a commit d748d70d1ddd75fbe4ef99c1cb83658d4c6fb61a Author: Jonathan Metzman <metzman@chromium.org> Date: Fri Aug 31 21:35:09 2018
,
Sep 1
,
Sep 1
,
Sep 6
Removing from the security queue.
,
Sep 15
ClusterFuzz testcase 6321468657631232 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by metzman@chromium.org
, Aug 31Owner: metzman@chromium.org
Status: Assigned (was: Untriaged)