New issue
Advanced search Search tips

Issue 593229 link

Starred by 0 users

Issue metadata

Status: Duplicate
Owner:
Closed: Mar 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Crash in blink::TextFieldInputType::forwardEvent

Project Member Reported by ClusterFuzz, Mar 9 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6571717652119552

Fuzzer: inferno_layout_test_unmodified
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000008
Crash State:
  blink::TextFieldInputType::forwardEvent
  blink::HTMLInputElement::defaultEventHandler
  blink::EventDispatcher::dispatchEventPostProcess
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=378682:378707

Minimized Testcase (1.62 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95s85NWwCOGMLD3JXlSF7rU3WsALZNqbTb5L14E-Ql4GxCk4HpXNklvhEXHIckfX3WOXlJGKO9_o7MbnuG1Zi-Dya3NPUN-BevNuB92BdTesPFTakA--lhQ__ZCQYm7gFrj6TDpzKGwYU9IGbiOPDlI1YhTng

Filer: nyerramilli

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
 
Cc: nyerramilli@chromium.org
Labels: -Type-Bug findit-wrong Te-Logged Type-Bug-Regression
Owner: dtapu...@chromium.org
Status: Assigned (was: Available)
Find it:
Findit could not find any suspected CLs.
Suspected Component: chromium

using code search, seeing some chagnes to EventDispatcher.cpp in https://chromium.googlesource.com/chromium/src/+/c68b1aecf681958457d0f6c09c8e379ed02b6b80

@dtapuska, Could you please check the above issue & help us in finding an owner it its not yours.
Cc: dtapu...@chromium.org
Owner: tkent@chromium.org
I can't reproduce the specific crash; although this code path seems right up tkent@'s area and he has recently modified some code in this area.

Comment 3 by tkent@chromium.org, Mar 13 2016

Mergedinto: 580734
Status: Duplicate (was: Assigned)

Comment 4 by tkent@chromium.org, Mar 13 2016

Components: Blink>Forms>Text
Labels: -Cr-Blink-Events
Project Member

Comment 5 by ClusterFuzz, Mar 20 2016

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6571717652119552

Fuzzer: inferno_layout_test_unmodified
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000008
Crash State:
  blink::TextFieldInputType::forwardEvent
  blink::HTMLInputElement::defaultEventHandler
  blink::EventDispatcher::dispatchEventPostProcess
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=378682:378707

Minimized Testcase (1.62 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95s85NWwCOGMLD3JXlSF7rU3WsALZNqbTb5L14E-Ql4GxCk4HpXNklvhEXHIckfX3WOXlJGKO9_o7MbnuG1Zi-Dya3NPUN-BevNuB92BdTesPFTakA--lhQ__ZCQYm7gFrj6TDpzKGwYU9IGbiOPDlI1YhTng

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 6 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment