Crash in blink::InsertParagraphSeparatorCommand::doApply |
|||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6264308523859968 Fuzzer: inferno_twister Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::InsertParagraphSeparatorCommand::doApply blink::CompositeEditCommand::applyCommandToComposite blink::TypingCommand::insertParagraphSeparator Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=268656:269696 Minimized Testcase (0.97 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv96QuHpG0IHoOgEorEkdO8hoZlR_KKIb5rz58IKCz9-mB4iJ1hUj08SVltx__BvmhHZE2W3z-v7t5g0B-09I3gLYTejcHqhWgrKu5msjJD7PD273GTA3_dHSnS2VCiAI0NUNrryEfYRt44VgxZrIhOXfE7cCbr1GVoFrOpzmjHv8IYGvE8MPgU51M-CiZHnArSJkRoR14NIVacpufDBKFY79FTmGGeRSyK7GiiEDIgERaHpWX7k07nR1i8Qlbe7YG5DkIuhdpD3stPPeCgWEPH-eS-8s_UsrD5fSMrg14YAwAXqlnaqKCPmhuNPBNY0YthOpIAna3vKt-24Vm6YFNhpRPx8pObs9G2S6IWdlfoEjDLbNziE?testcase_id=6264308523859968 8<script> var event_handler_12C_DOMSubtreeModified_active = false; function event_handler_12C_DOMSubtreeModified() { if (event_handler_12C_DOMSubtreeModified_active) return ; event_handler_12C_DOMSubtreeModified_active = true; document.designMode = document.designMode == "on" ? "off" : "on"; var oSelection=window.getSelection(); document.execCommand("SelectAll") oSelection.modify('move', 'forward', 'paragraph') var oParentElement = ({ })(); } document.addEventListener("DOMSubtreeModified", event_handler_12C_DOMSubtreeModified); function event_handler_12D_DOMFocusOut() { var oParent = (function(){ if (aoElements.length) return aoElements[44 % aoElements.length]; })(); } var oParent = (function(){ })(); function event_handler_12F_DOMNodeInserted() { document.execCommand('InsertOrderedList'); } document.addEventListener("DOMNodeInserted", event_handler_12F_DOMNodeInserted); var oElement = ({ })(); </script> <body class="CLASS6 CLASS11"> Additional requirements: Requires Gestures Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jan 24 2017
Lowering to P2 due to low usage of 'insertOrderedList' yosin@: I don't know how to reproduce this one. Do you know what "Additional requirements: Requires Gestures" means?
,
Mar 1 2017
ClusterFuzz has detected this issue as fixed in range 452175:452490. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6264308523859968 Fuzzer: inferno_twister Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::InsertParagraphSeparatorCommand::doApply blink::CompositeEditCommand::applyCommandToComposite blink::TypingCommand::insertParagraphSeparator Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=268656:269696 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=452175:452490 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96QuHpG0IHoOgEorEkdO8hoZlR_KKIb5rz58IKCz9-mB4iJ1hUj08SVltx__BvmhHZE2W3z-v7t5g0B-09I3gLYTejcHqhWgrKu5msjJD7PD273GTA3_dHSnS2VCiAI0NUNrryEfYRt44VgxZrIhOXfE7cCbr1GVoFrOpzmjHv8IYGvE8MPgU51M-CiZHnArSJkRoR14NIVacpufDBKFY79FTmGGeRSyK7GiiEDIgERaHpWX7k07nR1i8Qlbe7YG5DkIuhdpD3stPPeCgWEPH-eS-8s_UsrD5fSMrg14YAwAXqlnaqKCPmhuNPBNY0YthOpIAna3vKt-24Vm6YFNhpRPx8pObs9G2S6IWdlfoEjDLbNziE?testcase_id=6264308523859968 Additional requirements: Requires Gestures See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 1 2017
ClusterFuzz has detected this issue as fixed in range 452175:452490. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6264308523859968 Fuzzer: inferno_twister Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000010 Crash State: blink::InsertParagraphSeparatorCommand::doApply blink::CompositeEditCommand::applyCommandToComposite blink::TypingCommand::insertParagraphSeparator Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=268656:269696 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_mp&range=452175:452490 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96QuHpG0IHoOgEorEkdO8hoZlR_KKIb5rz58IKCz9-mB4iJ1hUj08SVltx__BvmhHZE2W3z-v7t5g0B-09I3gLYTejcHqhWgrKu5msjJD7PD273GTA3_dHSnS2VCiAI0NUNrryEfYRt44VgxZrIhOXfE7cCbr1GVoFrOpzmjHv8IYGvE8MPgU51M-CiZHnArSJkRoR14NIVacpufDBKFY79FTmGGeRSyK7GiiEDIgERaHpWX7k07nR1i8Qlbe7YG5DkIuhdpD3stPPeCgWEPH-eS-8s_UsrD5fSMrg14YAwAXqlnaqKCPmhuNPBNY0YthOpIAna3vKt-24Vm6YFNhpRPx8pObs9G2S6IWdlfoEjDLbNziE?testcase_id=6264308523859968 Additional requirements: Requires Gestures See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 1 2017
ClusterFuzz testcase 6264308523859968 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||
►
Sign in to add a comment |
|||
Comment 1 by mummare...@chromium.org
, Jan 24 2017Labels: Test-Predator-Wrong M-56
Owner: xiaoche...@chromium.org
Status: Assigned (was: Untriaged)