New issue
Advanced search Search tips

Issue 614246 link

Starred by 0 users
Status: WontFix
Owner:
yosin@chromium.org
Closed: Jun 2016
Cc:
nyerramilli@chromium.org
joone....@intel.com
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Crash in blink::CompositeEditCommand::insertNodeAfter

Project Member Reported by ClusterFuzz, May 24 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6503391329255424

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000048
Crash State:
  blink::CompositeEditCommand::insertNodeAfter
  blink::InsertLineBreakCommand::doApply
  blink::CompositeEditCommand::applyCommandToComposite
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=395131:395342

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94vU41ptJmpJcT-SCOnuKDYrSn16-1gYmx5Io_tUaVjvWk1PymbqzrSgHe6VmFi2Wx1MSsj2Uciv3mrUvqVS-vy9T4W3vVyz9mPtTTKWU6dWxpIZPRQBLSFwjoBEKybk2uTQoYR5uUhu2CMzJgMmuSVEsgU0rAHUCfEF_-DaU-nfz1fKao


Additional requirements: Requires Gestures

Filer: nyerramilli

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by nyerramilli@chromium.org, May 24 2016

Cc: nyerramilli@chromium.org joone....@intel.com
Components: Tools>Test>FindIt>CorrectResult
Labels: findit-for-crash Te-Logged M-51
Owner: yosin@chromium.org
Status: Assigned (was: Available)
based on Find it results, joone.hur@, Could you please check the above issue & help us in finding an owner it its not yours.

Suspected CLs	The result is a list of CLs that change the crashed files.

Author: joone.hur
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/89893f9b723937f618ac6f8e8349cb3c4d09efad
Time: Mon May 23 08:28:56 2016
Files TypingCommand.cpp, CompositeEditCommand.cpp are changed in this cl (and is part of stack frame #5, "blink::TypingCommand::insertLineBreak"; frame #6, "blink::TypingCommand::insertLineBreak")
Minimum distance from crash line to modified line: 10. (file: CompositeEditCommand.cpp, crashed on: 259, modified: 269).

Suspected Project: chromium
Suspected Component: Blink>Editing

unable to assign joone.hur@intel.com, hence assigning to Reviewer Yosin@ and cced joone.hur@intel.com
Project Member

Comment 2 by ClusterFuzz, May 26 2016 

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6503391329255424

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000048
Crash State:
  blink::CompositeEditCommand::insertNodeAfter
  blink::InsertLineBreakCommand::doApply
  blink::CompositeEditCommand::applyCommandToComposite
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=395131:395342

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94vU41ptJmpJcT-SCOnuKDYrSn16-1gYmx5Io_tUaVjvWk1PymbqzrSgHe6VmFi2Wx1MSsj2Uciv3mrUvqVS-vy9T4W3vVyz9mPtTTKWU6dWxpIZPRQBLSFwjoBEKybk2uTQoYR5uUhu2CMzJgMmuSVEsgU0rAHUCfEF_-DaU-nfz1fKao


Additional requirements: Requires Gestures

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Comment 3 by joone....@intel.com, May 26 2016 

 nyerramilli@ could you upload the test case that causes the crash?

Comment 4 by yosin@chromium.org, Jun 7 2016

Status: WontFix (was: Assigned)
Mark WontFix according #c2.
Project Member

Comment 5 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment