New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 734610 link

Starred by 1 user
Status: WontFix
Owner:
brettw@chromium.org
Last visit 26 days ago
Closed: Jul 2017
Cc:
ifratric@google.com
msrchandra@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Crash in blink::FocusController::NextFocusableElementInForm

Project Member Reported by ClusterFuzz, Jun 19 2017 
Detailed report: https://clusterfuzz.com/testcase?key=5757986017640448

Fuzzer: ifratric-browserfuzzer-v3
Job Type: windows_asan_chrome_no_sandbox
Platform Id: windows

Crash Type: UNKNOWN READ
Crash Address: 0x4d597880
Crash State:
  blink::FocusController::NextFocusableElementInForm
  blink::InputMethodController::TextInputFlags
  blink::InputMethodController::TextInputInfo
  
Sanitizer: address (ASAN)

Recommended Security Severity: Low

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5757986017640448


Additional requirements: Requires Gestures

Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by msrchandra@chromium.org, Jun 21 2017

Cc: msrchandra@chromium.org
Labels: M-61 Test-Predator-Correct-CLs
Owner: brettw@chromium.org
Status: Assigned (was: Untriaged)
Assigning to concern owner from Predator results --
Regression information is not available. The result is the blame information. 

Author: brettw@google.com
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/d028296ec1c0fdfbd40e2390ca3121de7055295d
Time: Sat Jan 01 16:08:52 2011
The CL last changed line 18 of file debugger_win.cc, which is stack frame 0. 

Author: rch@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/82d89abc03ea6fd6b9258f0e57be0290b33d7eb1
Time: Fri Feb 28 18:25:34 2014
The CL last changed line 783 of file logging.cc, which is stack frame 1. 

Author: ajith.v
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/8d80ad1410dcb23f55c323a97e57eed750a611dc
Time: Tue Jun 13 20:21:13 2017
The CL last changed line 1072 of file FocusController.cpp, which is stack frame 2. 

Author: ajith.v
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/8d80ad1410dcb23f55c323a97e57eed750a611dc
Time: Tue Jun 13 20:21:13 2017
The CL last changed line 1139 of file InputMethodController.cpp, which is stack frame 3.

@brettw -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.
Project Member

Comment 2 by ClusterFuzz, Jul 21 2017

Status: WontFix (was: Assigned)
ClusterFuzz testcase 5757986017640448 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment