Crash in blink::Document::updateLayoutTreeIgnorePendingStylesheets |
|||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6486850098692096 Fuzzer: bj_broddelwerk Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x000000000530 Crash State: blink::Document::updateLayoutTreeIgnorePendingStylesheets blink::Document::updateLayoutIgnorePendingStylesheets blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::ra Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703 Minimized Testcase (1.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95zrBv6pejD-h2NnlW4mdz73wsZ8-li16HYA_zPzziYQBEAeGYuG6s-ZP6EdXYtw_8wtqv_fXVwRRiZT-tg-s_mnf60Gd0ZMjCZ7Stu7eEBfg0rgl-ogi75-PNYZ_vrDsIyzb_BHF_R42DGoUn-PfdiTxQbUA Filer: pucchakayala See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Mar 8 2016
Totally mine.
,
Mar 8 2016
Reverted the offending change in https://crrev.com/3576860f06d835f699521bccbb134b65d7326dca
,
Mar 8 2016
,
Mar 12 2016
ClusterFuzz has detected this issue as fixed in range 380105:380830. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6486850098692096 Fuzzer: bj_broddelwerk Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x000000000530 Crash State: blink::Document::updateLayoutTreeIgnorePendingStylesheets blink::Document::updateLayoutIgnorePendingStylesheets blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::ra Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=380105:380830 Minimized Testcase (1.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95zrBv6pejD-h2NnlW4mdz73wsZ8-li16HYA_zPzziYQBEAeGYuG6s-ZP6EdXYtw_8wtqv_fXVwRRiZT-tg-s_mnf60Gd0ZMjCZ7Stu7eEBfg0rgl-ogi75-PNYZ_vrDsIyzb_BHF_R42DGoUn-PfdiTxQbUA See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 15 2016
Clusterfuzz is complaining in M49 & M50 do we need to revert the patch ?
,
Mar 15 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6395815588790272 Fuzzer: bj_broddelwerk Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x000000000530 Crash State: blink::Document::updateLayoutTreeIgnorePendingStylesheets blink::Document::updateLayoutIgnorePendingStylesheets blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::Te Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96eTobKTxx4rn5f4Eh5D_nfLOvzUONIOSI5rmdP3-KMULHzlOClt35U6Ynu9VFmaowRZuhLB6caLqytzTaArAW-BwnuHirEamjklRz-MGUSperRA3mGdh_TH_Vn2XHPnLG6CCFNkGjMZMtCbpiSkKr9li7uqchGzhjYAMM6u-3C1ivBzuc Filer: ligimole See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Mar 15 2016
It would be weird if it was in 49. Are you sure it's the same issue? I already reverted the patch.
,
Mar 18 2016
Remove legacy label cr-blink
,
Mar 23 2016
,
Apr 4 2016
Hearing no feedback, closing.
,
Apr 12 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6395815588790272 Fuzzer: bj_broddelwerk Job Type: linux_lsan_chrome_mp Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x000000000530 Crash State: blink::Document::updateLayoutTreeIgnorePendingStylesheets blink::Document::updateLayoutIgnorePendingStylesheets blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::Te Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96eTobKTxx4rn5f4Eh5D_nfLOvzUONIOSI5rmdP3-KMULHzlOClt35U6Ynu9VFmaowRZuhLB6caLqytzTaArAW-BwnuHirEamjklRz-MGUSperRA3mGdh_TH_Vn2XHPnLG6CCFNkGjMZMtCbpiSkKr9li7uqchGzhjYAMM6u-3C1ivBzuc See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by pucchakayala@chromium.org
, Mar 8 2016Owner: dglazkov@chromium.org
Status: Assigned (was: Available)