New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 636833 link

Starred by 1 user
Status: WontFix
Owner:
yukishiino@chromium.org
Closed: Jan 2017
Cc:
nyerramilli@chromium.org
msrchandra@chromium.org
haraken@chromium.org
lfg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Crash in blink::ScriptState::context

Project Member Reported by ClusterFuzz, Aug 11 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4858093957808128

Fuzzer: inferno_twister
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x0000000f
Crash State:
  blink::ScriptState::context
  blink::WebLocalFrameImpl::mainWorldScriptContext
  content::MojoBindingsController::CreateContextState
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=411257:411277

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96zIRUNfu8R6uXjoWK5SRc8kkygn3ruOqD5mT6s2yoOx-dpgZAzl-GU6y-PaE14In-qwUZxIu1b8H3zgUxpUH3nLHtdiwPK-jlNJUaMW-l0feH2LZ54HtwQZOzd8yAlIwOhxrP9DDtBYiTqzt9LQqQu0W3x248tFN4JuQd_sbB6IZV6K7A?testcase_id=4858093957808128


Additional requirements: Requires Gestures

Additional requirements: Requires HTTP

Issue manually filed by: nyerramilli

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by nyerramilli@google.com, Aug 11 2016

Cc: nyerramilli@chromium.org
Components: Tools>Test>FindIt>WrongResult
Labels: findit-wrong Te-Logged
Owner: dglazkov@chromium.org
Status: Assigned (was: Untriaged)
providing Findit results for internal purpose:
Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: dcarney@chromium.org
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/cf5ff5a14cd677ff603b55ccf196e2913837008a
Time: Thu May 02 20:18:42 2013
The CL last changed line 7754 of file v8.h, which is stack frame 0.

Author: rockot
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/4a038f904fc285301fbd6dbf46c3394071eb3058
Time: Tue Nov 24 21:52:46 2015
The CL last changed line 42 of file mojo_bindings_controller.cc, which is stack frame 4.

Author: rob
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/43ea0649d4b70fdcf3e9fa5c03aee1bbba0b04bb
Time: Sat Mar 19 01:05:01 2016
The CL last changed line 3524 of file render_frame_impl.cc, which is stack frame 5.

Suspected Project: chromium

using codesearch, seeing some changes to 'WebLocalFrameImpl.cpp' in
https://chromium.googlesource.com/chromium/src/+/8f8060f3c58fe047bc3d9de90752cf3735f6beac

dglazkov@, Could you please check the above issue & help us in finding an owner it its not yours.

Comment 2 by dglazkov@chromium.org, Aug 15 2016

Cc: haraken@chromium.org
Components: -Tools>Test>FindIt>WrongResult Blink>Bindings
Owner: ----
Status: Untriaged (was: Assigned)

Comment 3 by haraken@chromium.org, Aug 15 2016

Owner: yukishiino@chromium.org
yukishiino: Would you mind taking a look at this?

Comment 4 by peria@chromium.org, Aug 25 2016

Status: Available (was: Untriaged)
Project Member

Comment 5 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 6 by msrchandra@chromium.org, Dec 12 2016

Cc: msrchandra@chromium.org
Labels: -findit-wrong Test-Predator-Wrong-CLs
Status: Assigned (was: Available)
@yukishiino -- Could you please look into the issue as per Comment#3.
Kindly re-assign if this is nothing to do with your changes.
Thank You.

Comment 7 by yukishiino@chromium.org, Dec 14 2016 

I'm sorry for leaving this issue so long.  By the way, is this issue still reproducible?  There were several changes around context things, so I'm wondering if this is still happening or not.  msrchandra@, can you confirm repro?
Project Member

Comment 8 by ClusterFuzz, Jan 13 2017

Status: WontFix (was: Assigned)
ClusterFuzz testcase 4858093957808128 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment