CHECK failure: !current->HasClipRelatedProperty() || current->StyleRef().ContainsPaint() || (cu |
|||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6378386242142208 Fuzzer: ifratric-browserfuzzer-v3 Job Type: mac_asan_chrome Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: !current->HasClipRelatedProperty() || current->StyleRef().ContainsPaint() || (cu blink::FindParentLayerOnClippingContainerChain blink::CompositingInputsUpdater::UpdateRecursive Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=472186:472211 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6378386242142208 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 17 2017
,
May 17 2017
ClusterFuzz has detected this issue as fixed in range 472221:472281. Detailed report: https://clusterfuzz.com/testcase?key=6378386242142208 Fuzzer: ifratric-browserfuzzer-v3 Job Type: mac_asan_chrome Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: !current->HasClipRelatedProperty() || current->StyleRef().ContainsPaint() || (cu blink::FindParentLayerOnClippingContainerChain blink::CompositingInputsUpdater::UpdateRecursive Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=472186:472211 Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=472221:472281 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6378386242142208 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
May 17 2017
It was not fixed.
,
May 17 2017
ClusterFuzz testcase 6378386242142208 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
May 17 2017
,
May 17 2017
,
May 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c13e012c60b19fbc1d8166e3bcd2448830e1bf84 commit c13e012c60b19fbc1d8166e3bcd2448830e1bf84 Author: chrishtr <chrishtr@chromium.org> Date: Thu May 18 07:15:11 2017 Fix DCHECK to account for child SVG objects not having PaintLayers. BUG= 723285 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2 Review-Url: https://codereview.chromium.org/2887173002 Cr-Commit-Position: refs/heads/master@{#472719} [add] https://crrev.com/c13e012c60b19fbc1d8166e3bcd2448830e1bf84/third_party/WebKit/LayoutTests/svg/clip-path/clip-path-foreign-object-crash.html [modify] https://crrev.com/c13e012c60b19fbc1d8166e3bcd2448830e1bf84/third_party/WebKit/Source/core/layout/compositing/CompositingInputsUpdater.cpp
,
May 18 2017
,
Sep 18 2017
We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by msrchandra@chromium.org
, May 17 2017Labels: M-60 Test-Predator-Wrong
Owner: chrishtr@chromium.org
Status: Assigned (was: Untriaged)