New issue
Advanced search Search tips

Issue 640150 link

Starred by 1 user
Status: Fixed
Owner:
sunyunjia@chromium.org
Closed: Aug 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Crash in blink::LayoutTheme::adjustSliderContainerStyle

Project Member Reported by ClusterFuzz, Aug 23 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6352013992656896

Fuzzer: bj_broddelwerk
Job Type: windows_asan_content_shell
Platform Id: windows

Crash Type: UNKNOWN READ
Crash Address: 0x00000000
Crash State:
  blink::LayoutTheme::adjustSliderContainerStyle
  blink::LayoutTheme::adjustStyle
  blink::StyleAdjuster::adjustComputedStyle
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_asan_content_shell&range=413548:413625

Minimized Testcase (0.93 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97oab7i2R6cSdMgGJFsditqS62tn7CHqkH2tmsw55c6An4KbpltAStiYxkopP8yTGVgmcicmKS0IaL7qC250h27WOr74j-EtZHryP3Qw9ugz2QfIvoTNG2YJ8F2Ls94oCOmpWTKelwQk7vL7e26PUevs6x8Sw?testcase_id=6352013992656896

Issue manually filed by: durga.behera

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by durga.behera@chromium.org, Aug 23 2016

Components: Blink>Layout Tools>Test>FindIt>CorrectResult
Labels: M-54 Te-Logged
Owner: sunyunjia@chromium.org
Status: Assigned (was: Untriaged)
Suspected CLs:
=================
The result is a list of CLs that change the crashed files.

Author: sunyunjia
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/cb18694aff180e913277a346a37e74835935b37d
Time: Tue Aug 23 01:11:30 2016
Lines 638 of file LayoutTheme.cpp which potentially caused crash are changed in this cl (frame #0, "blink::LayoutTheme::adjustSliderContainerStyle").
Minimum distance from crash line to modified line: 0. (file: LayoutTheme.cpp, crashed on: 636, modified: 636).

===========================
Suspected Project: chromium
Suspected Component: Blink>Layout

Suspecting below from the above Cl list.
https://chromium.googlesource.com/chromium/src/+/cb18694aff180e913277a346a37e74835935b37d
sunyunjia@ : Could you please take a look into this if its related to your change.
Project Member

Comment 2 by ClusterFuzz, Aug 23 2016

Labels: Hotlist-SyzyASAN
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5608668030828544

Fuzzer: miaubiz_svg_fuzzer
Job Type: windows_syzyasan_chrome
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000003
Crash State:
  blink::LayoutTheme::adjustSliderContainerStyle
  blink::LayoutTheme::adjustStyle
  blink::StyleAdjuster::adjustComputedStyle
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_chrome&range=413548:413625

Minimized Testcase (0.95 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96L99uzDvQN7oZUYZzXBdde0Wo7kRlkapefXBnO2QVDVNz7xWojvtA3yj6mawNJjFSOfOTuuEzAtkLhG8Iosglnrhg8byAAbhYCbI3n_T82uVkngHPf0RXPF31TJV94EIzrfo8rFcotvI1VBqsIH733h7Ljzg?testcase_id=5608668030828544

Issue manually filed by: durga.behera

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 3 by sunyunjia@chromium.org, Aug 23 2016

Status: Started (was: Assigned)

Comment 5 by sunyunjia@chromium.org, Aug 25 2016

Status: Fixed (was: Started)

Comment 6 by dtapu...@chromium.org, Sep 27 2016

Labels: Hotlist-Input-Dev
Project Member

Comment 7 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment