NEEDS_MINIMIZATION InsertOrderedList command crashes |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5650715497463808 Fuzzer: bj_broddelwerk Job Type: linux_cfi_chrome Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000010 Crash State: chrome blink::Node::IsDescendantOf blink::CompositeEditCommand::CloneParagraphUnderNewElement Sanitizer: cfi (CFI) Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=523197:523221 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5650715497463808 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Dec 24 2017
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/bb33dbbbcf6f36daa5d7d116769b72a3c91ed9dc (Remove ScriptStreamer::resource_). If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
,
Dec 26 2017
This is one of the many editing command bugs. Editing team should take it over. Lowered to P3 due to low usage of InsertOrderedList command.
,
Jan 15 2018
,
Jan 17 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/aac97245ee827c2f22b388d25a7c2c45e6543c41 commit aac97245ee827c2f22b388d25a7c2c45e6543c41 Author: tanvir.rizvi <tanvir.rizvi@samsung.com> Date: Wed Jan 17 04:22:02 2018 Fix for crash with InsertListCommand InsertListCommand on a list with collapsed visibility member crashes. The visible first node position and the last node position comes as null, which reaches the DCHECK. This CL does the safety check to avoid this scenario. Bug: 797520 Change-Id: I1f9a408dd31a69b001c39176da571e3486e471cf Reviewed-on: https://chromium-review.googlesource.com/868410 Commit-Queue: Yoshifumi Inoue <yosin@chromium.org> Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org> Reviewed-by: Yoshifumi Inoue <yosin@chromium.org> Cr-Commit-Position: refs/heads/master@{#529601} [modify] https://crrev.com/aac97245ee827c2f22b388d25a7c2c45e6543c41/third_party/WebKit/Source/core/editing/commands/CompositeEditCommand.cpp [modify] https://crrev.com/aac97245ee827c2f22b388d25a7c2c45e6543c41/third_party/WebKit/Source/core/editing/commands/InsertListCommandTest.cpp
,
Jan 17 2018
ClusterFuzz has detected this issue as fixed in range 529594:529620. Detailed report: https://clusterfuzz.com/testcase?key=5650715497463808 Fuzzer: bj_broddelwerk Job Type: linux_cfi_chrome Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000010 Crash State: chrome blink::Node::IsDescendantOf blink::CompositeEditCommand::CloneParagraphUnderNewElement Sanitizer: cfi (CFI) Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=523197:523221 Fixed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=529594:529620 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5650715497463808 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 17 2018
ClusterFuzz testcase 5650715497463808 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ClusterFuzz
, Dec 24 2017Labels: Test-Predator-Auto-Components