Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: tkent
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/bee5120a945d2d5136c0ddf90f1bad618a96e5b3
Time: Wed Sep 30 07:59:25 2015
The CL last changed line 72 of file OwnPtr.h, which is stack frame 0.

Author: kojii
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/052b913492d2a1371ed5d2a014fd57be8103a29a
Time: Thu Oct 01 07:24:33 2015
The CL last changed line 343 of file SimpleFontData.cpp, which is stack frame 1.

Author: eae
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/72d6de8fe7426c39384d34fac4eaf2d068a0d02b
Time: Fri Nov 13 21:36:43 2015
The CL last changed line 199 of file ShapeResult.cpp, which is stack frame 2.

Author: kojii@chromium.org
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/9dc9a12cc90c7b18565b1bd16194b7c1c3dffe32
Time: Mon Aug 10 03:28:17 2015
The CL last changed line 56 of file CachingWordShaper.cpp, which is stack frame 3.

Author: eae@chromium.org
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/7b8e339fefbc70518f203cd0d59e6eaa876eae32
Time: Wed Jul 08 15:50:09 2015
The CL last changed line 734 of file Font.cpp, which is stack frame 4.

Author: wangxianzhu@google.com
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f6232e46f5af78a69534e4e3111b1446fc458bc1
Time: Thu Jun 11 22:45:00 2015
The CL last changed line 238 of file Font.cpp, which is stack frame 5.

Author: wangxianzhu@google.com
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f6232e46f5af78a69534e4e3111b1446fc458bc1
Time: Thu Jun 11 22:45:00 2015
The CL last changed line 540 of file BreakingContextInlineHeaders.h, which is stack frame 6.

Suspected Component: chromium-blink
Suspected Cr- Label: Cr-Blink-Fonts-Emoji



Assigning it to kojii: Hey, would you mind checking the above issue as per plausible suspecting CL https://chromium.googlesource.com/chromium/src//+/052b913492d2a1371ed5d2a014fd57be8103a29a? 

Feel free to re-assign if that is not the case.

I appreciate your help.

Thank you!

Another case where primaryFont being nullptr, probably dup of issue 561873?

kulshin@, if this does not look related, could you please assign back to me?

ClusterFuzz has detected this issue as fixed in range 381899:381909.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5590973664460800

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x0000000004d0
Crash State:
  blink::SimpleFontData::isTextOrientationFallbackOf
  blink::ShapeResult::fallbackFonts
  blink::CachingWordShaper::width
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=172836:173286
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=381899:381909

Minimized Testcase (1.40 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94wKxu6GxPCzxbgtHdtzaUUiUZ2fSyZ70VcYd0D_xYWYup9asy9lkIo4Fku3jINzFnXeEDhVNhTzlc-eiI_u09zAOCnfWQjuQrAHbwmffhkYhOCs-3dEBgSPS0-L53NmipTERV1orPh_SG7T5R9pfgdLRB1iQ

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

It's hard to tell if this is related. It looks similar, but the callstack is not quite the same. If you can repro, can you check if it's failing to load all fonts, particularly the last resort fallback font, or if it's failing for some reason other than font loading? If it's failing to load the last resort font then it's almost certainly related - feel free to assign back to me in that case.

Thanks, will do, and I noticed that this isn't Windows so more likely I was wrong. Sorry for bothering.

Still unable to repro.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4820075139301376

Fuzzer: bj_broddelwerk
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x0000000004d0
Crash State:
  blink::SimpleFontData::isTextOrientationFallbackOf
  blink::ShapeResult::fallbackFonts
  blink::CachingWordShaper::width
  

Minimized Testcase (29.11 Kb): https://cluster-fuzz.appspot.com/download/AMIfv957PGz59BrG_pfNpbL_qFqam9DZO6t0bUhxgE7NaDMxRsuf4F2-qzmg8s-bjME7BfG2rwkPgIQHeOVpHTLwadbbQwgj2sdzwj-3nlg130ekOYDTw62s6IgvBWXDF14ZQwXKcL2gpQsdm9F0ldEPIm0BD6_syhV84meRkeQv9M_Q10d6ylI

Additional requirements: Requires Gestures

Filer: ssamanoori

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4820075139301376

Fuzzer: bj_broddelwerk
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x0000000004d0
Crash State:
  blink::SimpleFontData::isTextOrientationFallbackOf
  blink::ShapeResult::fallbackFonts
  blink::CachingWordShaper::width
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=144946:145047

Minimized Testcase (2.60 Kb): https://cluster-fuzz.appspot.com/download/AMIfv955o7pF3sHc57iCVEAuxBW-VPJylEHKPL9MHtgpkmGUmfSmcr_9G2FsmLF6W6d6WdYNy-WgSMhO3wiqLBMvaAXoBkjumL4SsZcrhwEuimWZXycy-2wSRcZWizkTqhMRkZxv0JERVYqJZJpYr8sHsQw6k8Gn6g

Additional requirements: Requires Gestures

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot