Issue metadata
Sign in to add a comment
|
Crash in blink::PositionTemplate<blink::EditingAlgorithm<blink::NodeTraversal> >::lastPos |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5568131814916096 Fuzzer: attekett_dom_fuzzer Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::PositionTemplate<blink::EditingAlgorithm<blink::NodeTraversal> >::lastPos blink::PositionTemplate<blink::EditingAlgorithm<blink::NodeTraversal> > blink::l blink::lastEditablePositionBeforePositionInRoot Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=371266:371316 Minimized Testcase (0.58 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95eKHvY1rrr4rZITdP1GrbTWQx7y_ejrMmXTT65BT4FZB8IXgb9ucUS8YWt2jxEf1j0hUDFetA6njebAxBrBCc_qf7HV-JB_TrNYWwedSKZ22rX2akJFvQHHWVaCQKVDYQfz6vgGk57iclOlBuijfa4vQoQ3Q?testcase_id=5568131814916096 Issue manually filed by: ranjitkan See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Oct 6 2016
Reproduced Version 55.0.2881.5 canary (64-bit) on win.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 6 2016
,
Mar 9 2017
ClusterFuzz has detected this issue as fixed in range 455091:455392. Detailed report: https://clusterfuzz.com/testcase?key=5568131814916096 Fuzzer: attekett_dom_fuzzer Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::PositionTemplate<blink::EditingAlgorithm<blink::NodeTraversal> >::lastPos blink::PositionTemplate<blink::EditingAlgorithm<blink::NodeTraversal> > blink::l blink::lastEditablePositionBeforePositionInRoot Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=371266:371316 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=455091:455392 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95eKHvY1rrr4rZITdP1GrbTWQx7y_ejrMmXTT65BT4FZB8IXgb9ucUS8YWt2jxEf1j0hUDFetA6njebAxBrBCc_qf7HV-JB_TrNYWwedSKZ22rX2akJFvQHHWVaCQKVDYQfz6vgGk57iclOlBuijfa4vQoQ3Q?testcase_id=5568131814916096 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 9 2017
ClusterFuzz testcase 5568131814916096 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by ranjitkan@chromium.org
, Oct 3 2016Components: Tools>Test>FindIt>CorrectResult
Labels: -Pri-1 -Type-Bug Findit-for-crash M-55 Te-Logged Pri-2 Type-Bug-Regression
Owner: yoichio@chromium.org