Visible canonicalization doesn't work with first-letter with visibility:hidden |
||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6346729752625152 Fuzzer: bj_broddelwerk Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: currentPos.atStartOfNode() in VisibleUnits.cpp blink::mostForwardCaretPosition<> blink::mostForwardCaretPosition Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_chrome&range=388139:388165 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97f2Jo_H18JLZjxnvmOypT2zktsozp2PybbNxVTWFVRs1YttRdUMRZBBMGw-q2jwX4Cw5WC_Y05-xcxqBftgi290-bT-a0khxg3eqHz244vV2A6elCP_ie83ZLzLNaPDy7-dAYW6jbcpiXdzNRK3-Y4SsEtQSDL-GPSlJ-SrCwILe1pp6U?testcase_id=6346729752625152 Issue manually filed by: mummareddy See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Sep 18 2016
Route to Editing triage
,
Sep 20 2016
,
Oct 18 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 14 2016
Unable to find the possible suspect using find it and CL. Using Code Search for the file, "currentPos.atStartOfNode() in VisibleUnits.cpp" assigning the concern owner. Suspecting Commit# https://chromium.googlesource.com/chromium/src/+/c7a2dfb0e4118e118fdbd2bd566aa3fa77a7d665 @xiaochengh -- Could you please look into this issue, kindly re-assign if this is not related to your change. Thank You
,
Jan 24 2017
Yet another bug with first-letter...
Minimized script hitting the same assertion:
<!doctype html>
<style>pre::first-letter{visibility:hidden}</style>
<pre contenteditable>ABCDE</pre>
<script>
document.execCommand('selectAll');
</script>
,
Mar 11 2017
ClusterFuzz has detected this issue as fixed in range 455565:456161. Detailed report: https://clusterfuzz.com/testcase?key=6346729752625152 Fuzzer: bj_broddelwerk Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: currentPos.atStartOfNode() in VisibleUnits.cpp blink::mostForwardCaretPosition<> blink::mostForwardCaretPosition Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=388139:388165 Fixed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=455565:456161 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv97f2Jo_H18JLZjxnvmOypT2zktsozp2PybbNxVTWFVRs1YttRdUMRZBBMGw-q2jwX4Cw5WC_Y05-xcxqBftgi290-bT-a0khxg3eqHz244vV2A6elCP_ie83ZLzLNaPDy7-dAYW6jbcpiXdzNRK3-Y4SsEtQSDL-GPSlJ-SrCwILe1pp6U?testcase_id=6346729752625152 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 11 2017
ClusterFuzz testcase 6346729752625152 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by mummare...@chromium.org
, Sep 17 2016Components: Tools>Test>FindIt>NoResult
Labels: M-54 Te-Logged
Owner: tkent@chromium.org
Status: Assigned (was: Untriaged)