Null-dereference READ in blink::LocalFrame::GetDocument |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5137114623377408 Fuzzer: attekett_dom_fuzzer Job Type: linux_asan_chrome_media Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000030 Crash State: blink::LocalFrame::GetDocument blink::DOMSelection::modify blink::V8Selection::modifyMethodCallback Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=562126:562127 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5137114623377408 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
May 27 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/7f78f6e9d658e473e95a27c00bd149cf411f134b (VideoSurfaceLayer: disable feature when Mash in enabled.). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
May 27 2018
Unfortunately, this wasn't the right CL as it was only disabling a feature for Mash.
,
May 28 2018
ClusterFuzz testcase 5137114623377408 appears to be flaky, updating reproducibility label.
,
May 29 2018
Lower to Pri-3 since it is caused by unusual HTML.
,
Jun 10 2018
ClusterFuzz testcase 5137114623377408 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, May 27 2018Labels: Test-Predator-Auto-Components