Issue metadata
Sign in to add a comment
|
CHECK failure: state_ == kDetached || !is_promise_called_ || !GetScriptState()->ContextIsValid( |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4649286892257280 Fuzzer: lcamtuf_cross_fuzz Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: state_ == kDetached || !is_promise_called_ || !GetScriptState()->ContextIsValid( blink::ScriptPromiseResolver::~ScriptPromiseResolver blink::GarbageCollectedFinalized<blink::ScriptPromiseResolver>::FinalizeGarbageC Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=566155:566164 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4649286892257280 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Oct 5
Predator & CL could not provide any possible suspects. Using Code search for the file, "script_promise_resolver.h" suspecting the below Cl might have caused this issue Suspect CL: https://chromium.googlesource.com/chromium/src/+/8d9ab2bffbc57614331bc24edb50ff4b747238bd peria@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner. Thanks!
,
Oct 6
This issue is duplicate with the issue 867522 and hence the test looks flaky, due to lifetime management. I expect it'll be fixed when the unified GC is enabled by default.
,
Oct 8
Issue 893027 has been merged into this issue. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by ClusterFuzz
, Oct 4Labels: Test-Predator-Auto-Components