New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 781515 link

Starred by 1 user
Status: WontFix
Owner:
fs...@chromium.org
Closed: Dec 2017
Cc:
pnangunoori@chromium.org
msrchandra@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Null-dereference in blink::Internals::textAffinity

Project Member Reported by ClusterFuzz, Nov 4 2017 
Detailed report: https://clusterfuzz.com/testcase?key=5356208767893504

Fuzzer: inferno_layout_test_unmodified
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: Null-dereference
Crash Address: 0x0000001b
Crash State:
  blink::Internals::textAffinity
  blink::V8Internals::textAffinityAttributeGetterCallback
  v8::internal::FunctionCallbackArguments::Call
  
Memory Tool: SYZYASAN

Regressed: https://clusterfuzz.com/revisions?job=windows_syzyasan_content_shell&range=513585:513618

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5356208767893504

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
Project Member

Comment 1 by ClusterFuzz, Nov 4 2017

Components: Blink>JavaScript
Labels: Test-Predator-AutoComponents
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 2 by mstarzinger@chromium.org, Nov 6 2017

Components: -Blink>JavaScript Blink
Labels: Test-Predator-Wrong-Components
No V8 roll in the regression range.

Comment 3 by pnangunoori@chromium.org, Nov 6 2017

Cc: msrchandra@chromium.org pnangunoori@chromium.org
Labels: M-64
Owner: fs...@chromium.org
Status: Assigned (was: Untriaged)
Test Predator has given the following results:

Plumb main thread load signal to GRC. by lpy@chromium.org
Suspected changelist touched file(s) associated with the component Blink, which we believe is related to this testcase based on information in OWNERS files.
Cleanup extraction of intervals for raster shapes by fs@opera.com
Suspected changelist touched file(s) associated with the component Blink, which we believe is related to this testcase based on information in OWNERS files.
Adds FontFaceSource on Workers by fserb@chromium.org
Suspected changelist touched file(s) associated with the component Blink, which we believe is related to this testcase based on information in OWNERS files.

@fserb -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes.

Thank You.

Comment 4 by mbarbe...@chromium.org, Nov 7 2017

Labels: Test-Predator-Auto-CC

Comment 5 by mbarbe...@chromium.org, Nov 7 2017

Labels: -Test-Predator-AutoComponents Test-Predator-Auto-Components

Comment 6 by mbarbe...@chromium.org, Nov 7 2017

Labels: -Test-Predator-Auto-CC

Comment 7 by kochi@chromium.org, Nov 9 2017

Components: -Blink Blink>Internals
Project Member

Comment 8 by ClusterFuzz, Dec 16 2017

Status: WontFix (was: Assigned)
ClusterFuzz testcase 5356208767893504 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment