Detailed report: https://clusterfuzz.com/testcase?key=5090553604866048 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race WRITE 4 Crash Address: 0x7fd92a1a3198 Crash State: blink::ContainerNode::parserAppendChild blink::HTMLConstructionSite::executeTask blink::HTMLConstructionSite::executeQueuedTasks Sanitizer: thread (TSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=456256:456287 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv96j8X1s5y6AjxYdsK9UYMhrePuiQaJ2qf4a8HrMa1gNVLlC1rCsv2MIspXwHYq6a9kK64pfkipb35PJW_reAsFf72Mr0EO7TBFiGTA1X1n7K2Tip5LDLVs6HvQc8OFYL1vrhIO1JqWkhinSVNhwpksXiMSnICR7fayw4xdctd85glS77G_AMWvrtIuFBk8KpKgiy9p_rjOlUahOBEOwVDXTd2RtG2Sa6uHiK2YZVivSG_nxp7MLLH3iCuLCeJPxkEqcV5q3IazVuFvr7-5xtNI8vdlMPtbLNRfBlWhI1q2qJjv6d1OWgAfNVgvCT_5M7yblEQOESnht8H0RyG_TxmAuwe2Bdm5IuoTr5wy6E8sgJe11kOE?testcase_id=5090553604866048 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
ClusterFuzz has detected this issue as fixed in range 458081:458090. Detailed report: https://clusterfuzz.com/testcase?key=5090553604866048 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race WRITE 4 Crash Address: 0x7fd92a1a3198 Crash State: blink::ContainerNode::parserAppendChild blink::HTMLConstructionSite::executeTask blink::HTMLConstructionSite::executeQueuedTasks Sanitizer: thread (TSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=456256:456287 Fixed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=458081:458090 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv96j8X1s5y6AjxYdsK9UYMhrePuiQaJ2qf4a8HrMa1gNVLlC1rCsv2MIspXwHYq6a9kK64pfkipb35PJW_reAsFf72Mr0EO7TBFiGTA1X1n7K2Tip5LDLVs6HvQc8OFYL1vrhIO1JqWkhinSVNhwpksXiMSnICR7fayw4xdctd85glS77G_AMWvrtIuFBk8KpKgiy9p_rjOlUahOBEOwVDXTd2RtG2Sa6uHiK2YZVivSG_nxp7MLLH3iCuLCeJPxkEqcV5q3IazVuFvr7-5xtNI8vdlMPtbLNRfBlWhI1q2qJjv6d1OWgAfNVgvCT_5M7yblEQOESnht8H0RyG_TxmAuwe2Bdm5IuoTr5wy6E8sgJe11kOE?testcase_id=5090553604866048 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Comment 1 by tkent@chromium.org
, Mar 13 2017Status: Duplicate (was: Untriaged)