Issue metadata
Sign in to add a comment
|
resolvedMainSize >= LayoutUnit() in LayoutFlexibleBox.cpp |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4508176429088768 Fuzzer: inferno_twister Job Type: linux_debug_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: resolvedMainSize >= LayoutUnit() in LayoutFlexibleBox.cpp blink::LayoutFlexibleBox::adjustChildSizeForMinAndMax blink::LayoutFlexibleBox::constructFlexItem Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=356531:356692 Minimized Testcase (0.24 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv94XSS4fUfQInS2v-dyQg7yRYH-esuTVkk1uJJkze_1fwNV4W5tvvFYvObCRkaYsHZ-otdEd_oOvL2SGvlxfKgbwS9Ad_ZHN0MCEcVXxh0L7LatKdCt0uVGzPR5yjaWf0HzCWHW7R4xoIOaKo0ws77oWQiYUkw?testcase_id=4508176429088768 <link href=resources/flexbox.css rel=stylesheet> <div class=flexbox><div style="width: 50%"><style> @keyframes cfpulse2 { 0% { opacity: 0.6616; } 100% { opacity: 0.8086; } } * { animation-name: cfpulse56; padding: 41446 3449399263px 15 113px; Issue manually filed by: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Aug 24 2016
Yeah, that patch changed the message. The actual issue is bug 500725 .
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 1 2017
ClusterFuzz has detected this issue as fixed in range 452556:452596. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4508176429088768 Fuzzer: inferno_twister Job Type: linux_debug_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: resolvedMainSize >= LayoutUnit() in LayoutFlexibleBox.cpp blink::LayoutFlexibleBox::adjustChildSizeForMinAndMax blink::LayoutFlexibleBox::constructFlexItem Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=356531:356692 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=452556:452596 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94XSS4fUfQInS2v-dyQg7yRYH-esuTVkk1uJJkze_1fwNV4W5tvvFYvObCRkaYsHZ-otdEd_oOvL2SGvlxfKgbwS9Ad_ZHN0MCEcVXxh0L7LatKdCt0uVGzPR5yjaWf0HzCWHW7R4xoIOaKo0ws77oWQiYUkw?testcase_id=4508176429088768 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 1 2017
ClusterFuzz has detected this issue as fixed in range 452556:452596. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4508176429088768 Fuzzer: inferno_twister Job Type: linux_debug_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: resolvedMainSize >= LayoutUnit() in LayoutFlexibleBox.cpp blink::LayoutFlexibleBox::adjustChildSizeForMinAndMax blink::LayoutFlexibleBox::constructFlexItem Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=356531:356692 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=452556:452596 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94XSS4fUfQInS2v-dyQg7yRYH-esuTVkk1uJJkze_1fwNV4W5tvvFYvObCRkaYsHZ-otdEd_oOvL2SGvlxfKgbwS9Ad_ZHN0MCEcVXxh0L7LatKdCt0uVGzPR5yjaWf0HzCWHW7R4xoIOaKo0ws77oWQiYUkw?testcase_id=4508176429088768 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by mmohammad@chromium.org
, Aug 23 2016Status: Assigned (was: Untriaged)