Issue metadata
Sign in to add a comment
|
CHECK failure: !ScriptForbiddenScope::IsScriptForbidden() in V8PerIsolateData.cpp |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4814466175991808 Fuzzer: inferno_layout_test_unmodified Job Type: mac_asan_content_shell Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: !ScriptForbiddenScope::IsScriptForbidden() in V8PerIsolateData.cpp blink::BeforeCallEnteredCallback v8::CallDepthScope<true>::CallDepthScope Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=471391:471465 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4814466175991808 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 19 2017
The crash is in Accessibility code. So adding label there.
,
May 19 2017
Lowering the priority of this because the crash is in a test_runner callback calling back into JavaScript code, so it's definitely not something that could be exploited in the real browser.
,
May 22 2017
ClusterFuzz has detected this issue as fixed in range 473118:473135. Detailed report: https://clusterfuzz.com/testcase?key=4814466175991808 Fuzzer: inferno_layout_test_unmodified Job Type: mac_asan_content_shell Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: !ScriptForbiddenScope::IsScriptForbidden() in V8PerIsolateData.cpp blink::BeforeCallEnteredCallback v8::CallDepthScope<true>::CallDepthScope Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=471391:471465 Fixed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=473118:473135 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4814466175991808 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
May 22 2017
ClusterFuzz has detected this issue as fixed in range 473118:473135. Detailed report: https://clusterfuzz.com/testcase?key=4814466175991808 Fuzzer: inferno_layout_test_unmodified Job Type: mac_asan_content_shell Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: !ScriptForbiddenScope::IsScriptForbidden() in V8PerIsolateData.cpp blink::BeforeCallEnteredCallback v8::CallDepthScope<true>::CallDepthScope Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=471391:471465 Fixed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=473118:473135 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4814466175991808 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
May 22 2017
ClusterFuzz testcase 4814466175991808 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by spqc...@chromium.org
, May 16 2017