Crash in blink::InlineBox::logicalRight |
|||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6210573018857472 Fuzzer: bj_broddelwerk Job Type: windows_syzyasan_chrome Platform Id: windows Crash Type: UNKNOWN Crash Address: 0x0000000b Crash State: blink::InlineBox::logicalRight blink::RootInlineBox::closestLeafChildForLogicalLeftPosition blink::RootInlineBox::closestLeafChildForPoint Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_chrome&range=413430:413439 Minimized Testcase (2.34 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95mzSLEN5EBL8kPFGNH3DIWTv_4qLC54Im_StHGbg0ba7gEjdPsXIZuyhwD3Qsdmn9NRhT8xrIds3lOm6uqj4cm_kSSlGRtr1j6hZIQ5RaQ4axH0uRZcZKKgobb-WtkaRulA0L42Y8MwgWwaQ61_YrJ4bgROw?testcase_id=6210573018857472 Issue manually filed by: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Aug 23 2016
Please assign to layout owners if you can't find a reasonable guess, not to a CL renaming things across the codebase.
,
Aug 23 2016
wangxianzhu @ could you please look into this ,if not please feel free to re-assigned back if needed. thanks in advance
,
Aug 23 2016
I work on Blink>Paint.
,
Aug 23 2016
,
Aug 31 2016
we are no longer seeing this , will re- open if we get this again. Thanks
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by mmohammad@chromium.org
, Aug 23 2016Status: Assigned (was: Untriaged)