NEEDS_MINIMIZATION InsertUnorderedList command crashes |
|||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5441234708725760 Fuzzer: bj_broddelwerk Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: blink::TextIteratorAlgorithm<class blink::EditingAlgorithm<class blink::NodeTrav blink::TextIteratorAlgorithm<class blink::EditingAlgorithm<class blink::NodeTrav blink::CompositeEditCommand::MoveParagraphs Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5441234708725760 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jan 2 2018
,
Jan 2 2018
Lower to P3 due to low usage of InsertUnorderedListCommand
,
Jan 4 2018
,
Jan 10 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a7ece4a8392ad07bcbd813dd01c3641d58781388 commit a7ece4a8392ad07bcbd813dd01c3641d58781388 Author: tanvir.rizvi <tanvir.rizvi@samsung.com> Date: Wed Jan 10 09:17:08 2018 InsertListCommand crash while cleanup InsertListCommand tries to clean the destination node during one scenario, when on the table element webkit-appearance property is applied. Because of this DCHECK is reached. Bug: 798176 Change-Id: Id5c60e2cf4c8b95c746456d663aacea2f64d07ab Reviewed-on: https://chromium-review.googlesource.com/856416 Reviewed-by: Yoshifumi Inoue <yosin@chromium.org> Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org> Commit-Queue: Tanvir Rizvi <tanvir.rizvi@samsung.com> Cr-Commit-Position: refs/heads/master@{#528266} [modify] https://crrev.com/a7ece4a8392ad07bcbd813dd01c3641d58781388/third_party/WebKit/Source/core/editing/commands/CompositeEditCommand.cpp [modify] https://crrev.com/a7ece4a8392ad07bcbd813dd01c3641d58781388/third_party/WebKit/Source/core/editing/commands/InsertListCommandTest.cpp
,
Jan 11 2018
ClusterFuzz has detected this issue as fixed in range 528265:528270. Detailed report: https://clusterfuzz.com/testcase?key=5441234708725760 Fuzzer: bj_broddelwerk Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: blink::TextIteratorAlgorithm<class blink::EditingAlgorithm<class blink::NodeTrav blink::TextIteratorAlgorithm<class blink::EditingAlgorithm<class blink::NodeTrav blink::CompositeEditCommand::MoveParagraphs Sanitizer: address (ASAN) Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=528265:528270 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5441234708725760 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 11 2018
ClusterFuzz testcase 5441234708725760 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by pnangunoori@chromium.org
, Jan 2 2018Components: Blink
Labels: M-64 Test-Predator-Wrong
Owner: xiaoche...@chromium.org
Status: Assigned (was: Untriaged)