!nextSibling || nextSibling->isBox() in LayoutBlockFlow.cpp |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6506312114634752 Fuzzer: inferno_layout_test_unmodified Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !nextSibling || nextSibling->isBox() in LayoutBlockFlow.cpp blink::LayoutBlockFlow::layoutBlockChildren blink::LayoutBlockFlow::layoutBlockFlow Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=416613:416628 Minimized Testcase (0.90 Kb): https://cluster-fuzz.appspot.com/download/AMIfv9418r9QEqkDGfQk81IHKWHWyEkVI_slTGEpt1jmgAbFwf3zQkbWdvhoq_Hovk2oihV98zDi5KNCZRNstkz8jb7GZoj-63gWWDmiEvJ19zV4TeinMaxIMytMubFIA07d5XFEeX93TR-DguKSFaVnEY-veu2Hng?testcase_id=6506312114634752 Additional requirements: Requires Gestures Issue manually filed by: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Sep 8 2016
Yep, this is the same test as in issue 632848 , where I couldn't reproduce the crash locally. I added the CHECKs to see if it would reveal a case in the wild that trigger the crash that I could reproduce, but the same test again isn't going to help. Other than trying harder, is there any recourse when reproduction fails?
,
Nov 18 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 22 2016
ClusterFuzz testcase 6506312114634752 is flaky and no longer reproduces, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by mmohammad@chromium.org
, Sep 8 2016Status: Assigned (was: Untriaged)