New issue
Advanced search Search tips

Issue 593588 link

Starred by 1 user
Status: WontFix
Owner:
m...@chromium.org
Closed: Apr 2016
Cc:
nyerramilli@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Crash in blink::WebLocalFrameImpl::mainWorldScriptContext

Project Member Reported by ClusterFuzz, Mar 10 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4957084820439040

Fuzzer: inferno_twister
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x0000000b
Crash State:
  blink::WebLocalFrameImpl::mainWorldScriptContext
  blink::WebTestingSupport::injectInternalsObject
  content::BlinkTestRunner::DidClearWindowObject
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=380056:380094

Minimized Testcase (3.31 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96jmKSEDVgjdAR1AqSgkkGyX8DakQ_9NsLFfn_IzW0bXLnZ8lEqIOe5NwWoQiK8evRxF-yparM3zSNibtT0JonXNfYAu-Tc09UzppHPoWXuo2qXmC3zlxfgkhW9graTjdD7lAdA0ShJVKI3RZueWd-8MTq9dA

Additional requirements: Requires HTTP

Filer: nyerramilli

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by nyerramilli@chromium.org, Mar 10 2016

Cc: nyerramilli@chromium.org
Labels: -Type-Bug findit-for-crash Te-Logged Type-Bug-Regression
Owner: m...@chromium.org
Status: Assigned (was: Available)
From Findit:
---------------
The result is a list of CLs that change the crashed files.

Author: miu
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/26bfd80549511a7e05f23c9941c41ced104ddf28
Time: Wed Mar 09 04:32:44 2016
File blink_test_runner.cc is changed in this cl (and is part of stack frame #3, "content_shell!content::BlinkTestRunner::DidClearWindowObject+0xb")
Minimum distance from crash line to modified line: 6. (file: blink_test_runner.cc, crashed on: 798, modified: 792).

Suspected Component: chromium

miu@, Could you please check the above issue & help us in finding an owner it its not yours.
Project Member

Comment 2 by ClusterFuzz, Mar 11 2016 

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4957084820439040

Fuzzer: inferno_twister
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x0000000b
Crash State:
  blink::WebLocalFrameImpl::mainWorldScriptContext
  blink::WebTestingSupport::injectInternalsObject
  content::BlinkTestRunner::DidClearWindowObject
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=380056:380094

Minimized Testcase (3.31 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96jmKSEDVgjdAR1AqSgkkGyX8DakQ_9NsLFfn_IzW0bXLnZ8lEqIOe5NwWoQiK8evRxF-yparM3zSNibtT0JonXNfYAu-Tc09UzppHPoWXuo2qXmC3zlxfgkhW9graTjdD7lAdA0ShJVKI3RZueWd-8MTq9dA

Additional requirements: Requires HTTP

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Comment 3 by lafo...@chromium.org, Mar 18 2016

Components: Blink
Labels: -cr-blink
Remove legacy label cr-blink

Comment 4 by m...@chromium.org, Apr 7 2016

Status: WontFix (was: Assigned)
Per comment 2, ClusterFuzz seems happy now.
Project Member

Comment 5 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment