Crash in blink::Range::getBorderAndTextQuads |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4675788164300800 Fuzzer: ifratric-browserfuzzer-v3 Job Type: mac_asan_chrome Platform Id: mac Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::Range::getBorderAndTextQuads blink::Range::getClientRects blink::RangeV8Internal::getClientRectsMethodCallback Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=430550:430572 Minimized Testcase (3.87 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97iCVIKTn-3yVNlXkJTiH5UHbmC0Fpa6g30k-5bBEdn1RPir6dq2Bpv1w2QfTtrwt1gqPVnZnBTurY_x5m7Sz_KjtRsBMoA-zeBEryX2nL3HQuVXzFUJSQt9s3VWA5iFRsuNRaOGaH309BO5aFM6KTFlnDuNw?testcase_id=4675788164300800 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Dec 27 2016
,
Jan 12 2017
,
Jan 20 2017
ClusterFuzz has detected this issue as fixed in range 444877:444912. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4675788164300800 Fuzzer: ifratric-browserfuzzer-v3 Job Type: mac_asan_chrome Platform Id: mac Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::Range::getBorderAndTextQuads blink::Range::getClientRects blink::RangeV8Internal::getClientRectsMethodCallback Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=430550:430572 Fixed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=444877:444912 Minimized Testcase (3.87 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97iCVIKTn-3yVNlXkJTiH5UHbmC0Fpa6g30k-5bBEdn1RPir6dq2Bpv1w2QfTtrwt1gqPVnZnBTurY_x5m7Sz_KjtRsBMoA-zeBEryX2nL3HQuVXzFUJSQt9s3VWA5iFRsuNRaOGaH309BO5aFM6KTFlnDuNw?testcase_id=4675788164300800 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 20 2017
ClusterFuzz testcase 4675788164300800 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by erikc...@chromium.org
, Dec 27 2016