Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4709899209801728 Fuzzer: inferno_layout_test_unmodified Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000009 Crash State: blink::RootInlineBox::closestLeafChildForLogicalLeftPosition blink::RootInlineBox::closestLeafChildForPoint blink::nextLinePosition Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_v8_arm&range=387407:387538 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97CHiLLm12gacEqS2o5wWPQbaSDdoctvnpEchYRodjjlSibY-ecoYYuuVLsGvSk8lcf81DnMUjYpYzfzY0kc1Lt2dPNQbV9o0J-2JzjtxyavllUMBZzSNvNGbzEsvra-blbJTHN1CRoosneegrrOOQzLH4WpK0DjkOLs5vjsvyATHtgRx-NGiwwlw-n98FKte7qEVTflO3HaN98-7i-JXtNlsFoS6DRFKLXrrsmdVQXGQwg6iVxgOUF2yVyJKwpnfbp1EL6q9ASYUk5PBruLSMXo5RJM0rmkZqeICl-FxnCf_jH4dzJfjHhluhOV0RdBh3hn95kRgwkFIn_5SUA0cW6SgFQhScrsB2vcEcS0U2XoDmL0r4pkZ9N-I4_7IqXkxMx6o6vFrWxXQ9E2FyNZ61QSv_ocw?testcase_id=4709899209801728 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
Seems like dupe of issue 697610 . Through code search on file RootInlineBox.cpp, suspected CL is https://chromium.googlesource.com/chromium/src/+/eab82c830edc973964782a440d878ed077e6a5be%5E%21/#F55 robhogan@, could you please take a look?. Thank you
yosin@, could you please take a look?
Definitely a duplicate.
ClusterFuzz has detected this issue as fixed in range 455091:455392. Detailed report: https://clusterfuzz.com/testcase?key=4709899209801728 Fuzzer: inferno_layout_test_unmodified Job Type: linux_asan_chrome_v8_arm Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000009 Crash State: blink::RootInlineBox::closestLeafChildForLogicalLeftPosition blink::RootInlineBox::closestLeafChildForPoint blink::nextLinePosition Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=387407:387538 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=455091:455392 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv97CHiLLm12gacEqS2o5wWPQbaSDdoctvnpEchYRodjjlSibY-ecoYYuuVLsGvSk8lcf81DnMUjYpYzfzY0kc1Lt2dPNQbV9o0J-2JzjtxyavllUMBZzSNvNGbzEsvra-blbJTHN1CRoosneegrrOOQzLH4WpK0DjkOLs5vjsvyATHtgRx-NGiwwlw-n98FKte7qEVTflO3HaN98-7i-JXtNlsFoS6DRFKLXrrsmdVQXGQwg6iVxgOUF2yVyJKwpnfbp1EL6q9ASYUk5PBruLSMXo5RJM0rmkZqeICl-FxnCf_jH4dzJfjHhluhOV0RdBh3hn95kRgwkFIn_5SUA0cW6SgFQhScrsB2vcEcS0U2XoDmL0r4pkZ9N-I4_7IqXkxMx6o6vFrWxXQ9E2FyNZ61QSv_ocw?testcase_id=4709899209801728 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Comment 1 by mummare...@chromium.org
, Mar 1 2017Labels: Test-Layout Test-Predator-Wrong M-57
Owner: robhogan@chromium.org
Status: Assigned (was: Untriaged)