Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4817879251025920 Fuzzer: bcrane-css-mutator Job Type: linux_ubsan_vptr_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: delegate in gamepad_controller.cc test_runner::GamepadController::Create test_runner::TestInterfaces::SetDelegate Sanitizer: undefined (UBSAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_vptr_content_shell_drt&range=454833:454835 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97oLNA2n0vkCEnpwIcYEQv46RWoNbqZfnAQKYiuPO1Ncf_DPHIgT-D2QtEw0p35D5wTXVvfRhQgMiUn9H3Gh-3p9rlAXuI2bFrFBCGfMA-3_3Dv4SepoOqBa6VzhjAeK0Sj_f2NXBsTPjtgOGjWmiKko9DbN6-QnUGgmdxZf1dXc5RfAby-gHCu7VqRXj4d9zF2Ge-QIoZ7rXamyIr6UcMhUEeS-SV04qLiZJuImFdQWP3eJ5IDD3t2YWXrQZkqNmVyN5Mr_jZxo0lDcMPmNKvCzUXICvxv7qzrOEQvPuTxdmPYezhxKLkm9t6zrqO4aXaO1lYZy42aehoRCOXFzCIQkNPC1xdl-lduxWUUAx7Zt3EgQ_Q?testcase_id=4817879251025920 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
From the above Chromium change Log suspecting the below. Review-Url: https://codereview.chromium.org/2734713002 sigbjornf@: Could you please take a look into this if its related to your change.
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a9c462ea8bf9588c2a6859e7fe9fde1e4c7f7353 commit a9c462ea8bf9588c2a6859e7fe9fde1e4c7f7353 Author: sigbjornf <sigbjornf@opera.com> Date: Tue Mar 07 03:40:21 2017 TestInterfaces: support delegate clearing. Following r454834, the implementation of SetDelegate() also needs to handle resetting of the test delegate. R= BUG= 698713 Review-Url: https://codereview.chromium.org/2738513004 Cr-Commit-Position: refs/heads/master@{#455030} [modify] https://crrev.com/a9c462ea8bf9588c2a6859e7fe9fde1e4c7f7353/content/shell/test_runner/test_interfaces.cc
Issue 699066 has been merged into this issue.
ClusterFuzz has detected this issue as fixed in range 454873:455052. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4817879251025920 Fuzzer: bcrane-css-mutator Job Type: linux_ubsan_vptr_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: delegate in gamepad_controller.cc test_runner::GamepadController::Create test_runner::TestInterfaces::SetDelegate Sanitizer: undefined (UBSAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_vptr_content_shell_drt&range=454833:454835 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_vptr_content_shell_drt&range=454873:455052 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97oLNA2n0vkCEnpwIcYEQv46RWoNbqZfnAQKYiuPO1Ncf_DPHIgT-D2QtEw0p35D5wTXVvfRhQgMiUn9H3Gh-3p9rlAXuI2bFrFBCGfMA-3_3Dv4SepoOqBa6VzhjAeK0Sj_f2NXBsTPjtgOGjWmiKko9DbN6-QnUGgmdxZf1dXc5RfAby-gHCu7VqRXj4d9zF2Ge-QIoZ7rXamyIr6UcMhUEeS-SV04qLiZJuImFdQWP3eJ5IDD3t2YWXrQZkqNmVyN5Mr_jZxo0lDcMPmNKvCzUXICvxv7qzrOEQvPuTxdmPYezhxKLkm9t6zrqO4aXaO1lYZy42aehoRCOXFzCIQkNPC1xdl-lduxWUUAx7Zt3EgQ_Q?testcase_id=4817879251025920 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Comment 1 by durga.behera@chromium.org
, Mar 6 2017Labels: Test-Predator-Correct-Regression M-59
Owner: sigbjo...@opera.com
Status: Assigned (was: Untriaged)