Issue metadata
Sign in to add a comment
|
ranges.size() == run.length() in Font.cpp |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6039437540851712 Fuzzer: inferno_twister_custom_bundle Job Type: mac_asan_chrome Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: ranges.size() == run.length() in Font.cpp blink::Font::individualCharacterRanges blink::LayoutSVGInlineText::addMetricsFromRun Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=402879:403138 Minimized Testcase (0.67 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94A2mgr60TTQOmTgKYIHgInWSaNbZhtoq_pCwn9b0Z-Tef4-HD7pLXBNU8yRPZxOCc9yH6UmBODX2QcUQWdGuciHLph5phmoAfDY0bUuuj8tqBR3_hhBFcdnhd4C-FQynHurDE3p3LnrzkfumCqkKsmqUwQGQ?testcase_id=6039437540851712 Additional requirements: Requires HTTP Filer: kavvaru See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 15 2016
,
Jul 15 2016
Moving this nonessential bug to the next milestone. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 18 2016
My CL identified above is just moving some tests from one location to another. I've got another couple of changes in the specified CL range but don't see how they would be connected either. +hiroshige https://codereview.chromium.org/2108033005 touches fonts/mac/FontCacheMac.mm, which is at least in the right ballpark for a font-related crash on Mac, although the CL description suggests it was supposed to be a no-op change. hiroshige, can you take a look? I've pressed the redo button on clusterfuzz in case it's a flake.
,
Jul 21 2016
This is caused by https://chromium.googlesource.com/chromium/src/+/e4ff7ba1cfab002517238841505ca9bb7aff6595 and is a known issue on the old version of mac run by clusterfuzz. We're actively looking for repros on other platforms though. Merging into 620952.
,
Oct 18 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by kavvaru@chromium.org
, Jul 15 2016Labels: Te-Logged M-53
Owner: suzyh@chromium.org
Status: Assigned (was: Available)