Issue 702266 link

Starred by 2 users

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Aug 2017
Cc:	editing-dev@chromium.org
Components:	Blink>Editing>Command
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	3
Type:	Bug
Stability-Crash Reproducible Clusterfuzz M-57 Test-Predator-Wrong

Outdent command crashes with visiblity:collapse

Project Member Reported by ClusterFuzz, Mar 16 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=4610394498007040

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_debug_content_shell_drt
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  destination.deepEquivalent().isConnected(). #text "\n  "@offsetInAnchor[23]/Text
  blink::CompositeEditCommand::moveParagraphs
  blink::CompositeEditCommand::moveParagraph
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_debug_content_shell_drt&range=423391:423439

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv96O-96jlcnHPklGPVszDqNXynNBu90SDjp-11MCuoJGKQjKjUu7SUDxoIcMgWeWJzzMbNnl_ACUwAuBGmR6JMHxMkKwRsAeLGsJcB-d0SAcv6pEczPdrTqc57BiMZbfasNYRkJik-beKQ1BIMSzVioNA0iVpu5OegsMxXATAtn6wKwLvyd_FwadMoD07CpKOIkAamTnzy437EKVKVknstMGbfhkTFsco1wFpxl4HNp9QNL-j4D7m9z5EZXUzRcwHoMAuCQlUzkZK52G-2zvxoVWGiFMejYShnUmTKw-toC2SgdJ-Vw768ycrDJzvVjsBfBBp5OM4D8Ji5JPTEQFJE62GXHkF1biMh3jDu2Tz8YLYUk3PEnUH22-r3zLk7Bqpf_jW0KvpwkTQS_0dNIYEhMEpLxuzw?testcase_id=4610394498007040


Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by mummare...@chromium.org, Mar 16 2017

Components: Blink>Editing>Command
Labels: Test-Predator-Wrong M-57
Owner: yosin@chromium.org

Through code search on file CompositeEditCommand.cpp, suspected CL is
https://chromium.googlesource.com/chromium/src/+/337642ea1516b47bd972b0f980a0a71b19931dd2
yosin@, could you please take a look?
Thank you

Comment 2 by mummare...@chromium.org, Mar 16 2017

Status: Assigned (was: Untriaged)

Comment 3 by yosin@chromium.org, Mar 23 2017

Owner: ----
Status: Available (was: Assigned)

Comment 4 by yosin@chromium.org, Mar 25 2017

Labels: -Pri-1 Pri-2
Summary: Outdent command crashes with visiblity:collapse (was: destination.deepEquivalent().isConnected(). #text "\n "@offsetInAnchor[23]/Text)

Lower to Pri-2, since real world usage of Outdent command is low.

Comment 5 by xiaoche...@chromium.org, Apr 27 2017

 Issue 677343  has been merged into this issue.

Comment 6 by yosin@chromium.org, May 22 2017

Labels: Pri-3

Bulk set to Pri-3 for cluster fuzz bugs.
Since these issues are happens with unusual HTML.

Project Member

Comment 7 by ClusterFuzz, Aug 11 2017

Status: WontFix (was: Available)

ClusterFuzz testcase 5181912999264256 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

►

Issue 702266 link

Issue metadata

Outdent command crashes with visiblity:collapse

Issue description

Comment 1 by mummare...@chromium.org, Mar 16 2017

Comment 1 Deleted

Comment 2 by mummare...@chromium.org, Mar 16 2017

Comment 2 Deleted

Comment 3 by yosin@chromium.org, Mar 23 2017

Comment 3 Deleted

Comment 4 by yosin@chromium.org, Mar 25 2017

Comment 4 Deleted

Comment 5 by xiaoche...@chromium.org, Apr 27 2017

Comment 5 Deleted

Comment 6 by yosin@chromium.org, May 22 2017

Comment 6 Deleted

Comment 7 by ClusterFuzz, Aug 11 2017

Comment 7 Deleted

Sign in to add a comment