CHECK failure: false. Can't find cached display item in PaintController.cpp |
||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5800949183676416 Fuzzer: ochang_domfuzzer Job Type: linux_asan_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: false. Can't find cached display item in PaintController.cpp blink::PaintController::FindOutOfOrderCachedItemForward blink::PaintController::FindCachedItem Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=446211:446231 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5800949183676416 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Oct 21 2017
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/a980b812f2f213270551f986fc7c4fdf0cc2d3a8 (Migrate WTF::HashSet::add() to ::insert() [part 1 of N]). If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
,
Oct 23 2017
,
Oct 23 2017
,
Oct 24 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e194df4fabdd701804c001c805ea3f5c244acb04 commit e194df4fabdd701804c001c805ea3f5c244acb04 Author: Xianzhu Wang <wangxianzhu@chromium.org> Date: Tue Oct 24 03:28:12 2017 Fix LayoutBlockFlow::SetAncestorShouldPaintFloatingObject() Previously it stopped at the first ancestor which should paint the float, sometimes leaving ShouldPaint flag on some grand ancestor. Now continue to clear ShouldPaint flags on all ancestors after finding the first ancestor which should paint the float. Bug: 777113 Change-Id: I31ce8db5e5484e3d9eee2f31cb7faf6e2795303d Reviewed-on: https://chromium-review.googlesource.com/734160 Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org> Reviewed-by: Chris Harrelson <chrishtr@chromium.org> Cr-Commit-Position: refs/heads/master@{#511031} [add] https://crrev.com/e194df4fabdd701804c001c805ea3f5c244acb04/third_party/WebKit/LayoutTests/fast/block/float/float-overhanging-grandparent-change-self-painting-expected.html [add] https://crrev.com/e194df4fabdd701804c001c805ea3f5c244acb04/third_party/WebKit/LayoutTests/fast/block/float/float-overhanging-grandparent-change-self-painting.html [modify] https://crrev.com/e194df4fabdd701804c001c805ea3f5c244acb04/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp
,
Oct 25 2017
ClusterFuzz has detected this issue as fixed in range 511027:511047. Detailed report: https://clusterfuzz.com/testcase?key=5800949183676416 Fuzzer: ochang_domfuzzer Job Type: linux_asan_content_shell_drt Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: false. Can't find cached display item in PaintController.cpp blink::PaintController::FindOutOfOrderCachedItemForward blink::PaintController::FindCachedItem Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=446211:446231 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=511027:511047 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5800949183676416 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Oct 25 2017
,
Oct 26 2017
ClusterFuzz testcase 5800949183676416 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Nov 7 2017
,
Nov 7 2017
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by ClusterFuzz
, Oct 21 2017Labels: Test-Predator-AutoComponents