Crash in content::DeviceOrientationEventPump::SendFakeDataForTesting |
|||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5122181786238976 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=378023:378103 Minimized Testcase (0.28 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv95C-jpH-0D8ReLxVlL10GSlowSAoiRz4VaFM5RCiIrEk3ghviytKsbYXXsKqJas3qI3Knu8PbEcGXP9USt9cbpnz0PbNxmCMw2TOkbbcaviOLJkZCoejQXAA96yE2EgsCg6wR5z3CAqFsW2VUePCxcKT79GsQ <script> function __f_37() { document.writeln(); } </script> <body onload="__f_218();"> <script> testRunner.setMockDeviceOrientation(); ; window.addEventListener('deviceorientation', function() { }); function __f_218() { __f_37(); } </script> Filer: ranjitkan See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Feb 29 2016
,
Feb 29 2016
,
Mar 4 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5122181786238976 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=378023:378103 Minimized Testcase (0.28 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv95C-jpH-0D8ReLxVlL10GSlowSAoiRz4VaFM5RCiIrEk3ghviytKsbYXXsKqJas3qI3Knu8PbEcGXP9USt9cbpnz0PbNxmCMw2TOkbbcaviOLJkZCoejQXAA96yE2EgsCg6wR5z3CAqFsW2VUePCxcKT79GsQ <script> function __f_37() { document.writeln(); } </script> <body onload="__f_218();"> <script> testRunner.setMockDeviceOrientation(); ; window.addEventListener('deviceorientation', function() { }); function __f_218() { __f_37(); } </script> See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 5 2016
from the stack trace seems like this can be related to listener being null by the time the data is sent (i.e. the script zeroes the listener too early somehow): content::DeviceOrientationEventPump::SendFakeDataForTesting+0x29 [content/renderer/device_sensors/device_orientation_event_pump.cc @ 91] This is is a testing related issue and does not impact production versions of chrome. I will probably not have enough cycles to look into this further in the near future though, so if anybody wants to take a shot at this feel free to do so..
,
Mar 5 2016
,
Mar 18 2016
Issue 583164 has been merged into this issue.
,
Mar 18 2016
Issue 585367 has been merged into this issue.
,
Mar 18 2016
Issue 588686 has been merged into this issue.
,
Mar 18 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4744798233165824 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=381448:381525 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97ocWCcqWDDockhZo7La_n67PYbAG2sWjdNKOni3qYpFxceZ_bHuuRuZX-xkLo04EiynVTECqdrDlDdu-VdK-9hzEL7flUaAD8tS4OxjpDDqvr31OZFvBea5GrwktyAE4pI6jML8PYKhAeo6lmPz7FNCHARJg Filer: ajha See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Mar 19 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4744798233165824 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=381448:381525 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97ocWCcqWDDockhZo7La_n67PYbAG2sWjdNKOni3qYpFxceZ_bHuuRuZX-xkLo04EiynVTECqdrDlDdu-VdK-9hzEL7flUaAD8tS4OxjpDDqvr31OZFvBea5GrwktyAE4pI6jML8PYKhAeo6lmPz7FNCHARJg See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 21 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4543448824152064 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=381877:381899 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv977pPVTxIq4NVAUYQdd1Oh8r8r3Jm9wQb03SGVUpI2HHlQIlEeU5xidMm9RUDXsmHPHHXu2tYUJb5s0Htj1oC6N1wbLIebWh2ucuZOQCTHcdWe45VP3rA-iBiJTOaC-0bg7BK04mRQHgTFapl0fimowS0TdFA Filer: manoranjanr See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 12 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4543448824152064 Fuzzer: inferno_layout_test_unmodified Job Type: windows_syzyasan_content_shell Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x00000003 Crash State: content::DeviceOrientationEventPump::SendFakeDataForTesting base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base: base::debug::TaskAnnotator::RunTask Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=381877:381899 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv977pPVTxIq4NVAUYQdd1Oh8r8r3Jm9wQb03SGVUpI2HHlQIlEeU5xidMm9RUDXsmHPHHXu2tYUJb5s0Htj1oC6N1wbLIebWh2ucuZOQCTHcdWe45VP3rA-iBiJTOaC-0bg7BK04mRQHgTFapl0fimowS0TdFA See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 13 2016
Marking 'WontFix' as per c#13. Thank you!
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by ranjitkan@chromium.org
, Feb 29 2016Owner: mlamouri@chromium.org
Status: Assigned (was: Available)