Divide-by-zero in blink::TableSectionPainter::PaintRepeatingFooterGroup |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4654994199674880 Fuzzer: ifratric-browserfuzzer-v3 Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: Divide-by-zero Crash Address: 0x62345080 Crash State: blink::TableSectionPainter::PaintRepeatingFooterGroup blink::TableSectionPainter::Paint blink::LayoutTableSection::Paint Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=492183:492248 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4654994199674880 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Aug 19 2017
ClusterFuzz has detected this issue as fixed in range 495542:495750. Detailed report: https://clusterfuzz.com/testcase?key=4654994199674880 Fuzzer: ifratric-browserfuzzer-v3 Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: Divide-by-zero Crash Address: 0x62345080 Crash State: blink::TableSectionPainter::PaintRepeatingFooterGroup blink::TableSectionPainter::Paint blink::LayoutTableSection::Paint Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=492183:492248 Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=495542:495750 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4654994199674880 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 19 2017
ClusterFuzz testcase 4654994199674880 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Aug 21 2017
ClusterFuzz has detected this issue as fixed in range 495542:495750. Detailed report: https://clusterfuzz.com/testcase?key=4654994199674880 Fuzzer: ifratric-browserfuzzer-v3 Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: Divide-by-zero Crash Address: 0x62345080 Crash State: blink::TableSectionPainter::PaintRepeatingFooterGroup blink::TableSectionPainter::Paint blink::LayoutTableSection::Paint Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=492183:492248 Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=495542:495750 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4654994199674880 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Aug 21 2017
,
Aug 23 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5728bdc52ff12d4f70a96b79a93508c90bca2b94 commit 5728bdc52ff12d4f70a96b79a93508c90bca2b94 Author: Robert Hogan <robhogan@gmail.com> Date: Wed Aug 23 00:18:02 2017 Check if page height is known when painting table footers The testcase no longer fails due to unrelated changes, so this is a preventive measure - it was an oversight not to add it when landing the original CL. Bug: 756410 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2 Change-Id: I3f653b17bc3e02b382171f4e2f20701cff30e6e4 Reviewed-on: https://chromium-review.googlesource.com/624165 Commit-Queue: Robert Hogan <robhogan@gmail.com> Reviewed-by: Morten Stenshorne <mstensho@opera.com> Cr-Commit-Position: refs/heads/master@{#496519} [modify] https://crrev.com/5728bdc52ff12d4f70a96b79a93508c90bca2b94/third_party/WebKit/Source/core/paint/TableSectionPainter.cpp |
|||
►
Sign in to add a comment |
|||
Comment 1 by msrchandra@chromium.org
, Aug 18 2017Labels: M-62 Test-Predator-Wrong
Owner: robhogan@chromium.org
Status: Assigned (was: Untriaged)