Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

I would not be shocked if this had something to do with your recent refactoring, engedy@. :)

Yeah, but the fuzzer input seemingly never calls CM API methods. So I'm not sure how this is possible. Any caveats I may be missing?

 Issue 797735  has been merged into this issue.

This can be reproduced locally, investigating...

 Issue 797132  has been merged into this issue.

 Issue 797190  has been merged into this issue.

 Issue 797459  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/17beb99df0260b16b2e08036a49219dc9fcf9f05

commit 17beb99df0260b16b2e08036a49219dc9fcf9f05
Author: Balazs Engedy <engedy@chromium.org>
Date: Thu Jan 04 16:36:07 2018

Ignore calls to CredentialsContainer whose responsible document was detached.

The `window.opener` might be storing a reference to `window.navigator.credentials`,
and call methods on it after the opened `window` is navigated away and hence its
relevant settings object's responsible document is already destroyed.

We should ignore calls to navigator.credentials methods in this case and not crash.

Bug:  797900 
Change-Id: I6507cb30b8d9d967a1d218135388fc833d215c69
Reviewed-on: https://chromium-review.googlesource.com/848914
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#527004}
[add] https://crrev.com/17beb99df0260b16b2e08036a49219dc9fcf9f05/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-detached.html
[add] https://crrev.com/17beb99df0260b16b2e08036a49219dc9fcf9f05/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/notify-opener-on-load.html
[modify] https://crrev.com/17beb99df0260b16b2e08036a49219dc9fcf9f05/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

ClusterFuzz has detected this issue as fixed in range 526988:527007.

Detailed report: https://clusterfuzz.com/testcase?key=4583102524686336

Fuzzer: lcamtuf_cross_fuzz
Job Type: linux_cfi_chrome
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  resolver->GetFrame() in CredentialsContainer.cpp
  blink::CheckSecurityRequirementsBeforeRequest
  blink::CredentialsContainer::get
  
Sanitizer: cfi (CFI)

Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=526172:526174
Fixed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=526988:527007

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4583102524686336

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4583102524686336 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

📍 Pinpoint job started.
https://pinpoint-dot-chromeperf.appspot.com/job/148c08d6840000

📍 Couldn't reproduce a difference.
https://pinpoint-dot-chromeperf.appspot.com/job/148c08d6840000