Stack-overflow in blink::FontCache::GetFontPlatformData |
|||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6327368889925632 Fuzzer: inferno_layout_test_unmodified Job Type: mac_asan_chrome Platform Id: mac Crash Type: Stack-overflow Crash Address: 0x7fff56fb5bf8 Crash State: blink::FontCache::GetFontPlatformData blink::FontCache::GetFontData blink::CSSFontSelector::GetFontData Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=537307:537349 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6327368889925632 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Mar 18 2018
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Mar 18 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/0aca50f1552c882bc72ed5c419085fa975847a9c ([Squad] Unnecessary use of mutable style in vp propagation.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Mar 19 2018
It's a very deep table layout recursion with a stack overflow. I haven't checked if it's simply a deep enough tree or if there's a real bug. Where it crashes depends on platform and configuration, so GetFontPlatformData is sort of arbitrary.
,
Mar 19 2018
,
Mar 26 2018
ClusterFuzz testcase 6327368889925632 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
Mar 26 2018
Like the previous eight million variations of the same test case this is a stack overflows due to a deeply nested DOM tree and as such is considered WontFix. Please stop filing these bugs.
,
Apr 14 2018
ClusterFuzz has detected this issue as fixed in range 550604:550609. Detailed report: https://clusterfuzz.com/testcase?key=6327368889925632 Fuzzer: inferno_layout_test_unmodified Job Type: mac_asan_chrome Platform Id: mac Crash Type: Stack-overflow Crash Address: 0x7fff56fb5bf8 Crash State: blink::FontCache::GetFontPlatformData blink::FontCache::GetFontData blink::CSSFontSelector::GetFontData Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=537307:537349 Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=550604:550609 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6327368889925632 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by ClusterFuzz
, Mar 18 2018