New issue
Advanced search Search tips

Issue 899606 link

Starred by 2 users
Status: ExternalDependency
Owner: ----
Cc:
kkaluri@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 1
Type: Bug



Sign in to add a comment

Null-dereference READ in content::BlinkTestController::OnTestFinished

Project Member Reported by ClusterFuzz, Oct 29 
Detailed report: https://clusterfuzz.com/testcase?key=5732857115574272

Fuzzer: inferno_layout_test_unmodified
Job Type: mac_asan_content_shell
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  content::BlinkTestController::OnTestFinished
  content::BlinkTestController::ReportResults
  base::internal::Invoker<base::internal::BindState<content::DelegatedFrameHost::C
  
Sanitizer: address (ASAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5732857115574272

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.

Comment 1 by kkaluri@chromium.org, Oct 30

Cc: kkaluri@chromium.org
Labels: M-71 Test-Predator-Wrong
Owner: eseckler@chromium.org
Status: Assigned (was: Untriaged)
Predator and CL could not provide any possible suspects.

Using Code Search for the file, "blink_test_controller.cc" suspecting the below Cl might have caused this issue

Suspect CL: https://chromium.googlesource.com/chromium/src/+/8652dcd5d8f35d68f105136b3857e9b54148c31b

eseckler@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 2 by eseckler@chromium.org, Oct 30

Owner: ----
Status: Untriaged (was: Assigned)
The patch you've linked is only a refactoring without functionality changes. It's unlikely to be the culprit here. I'm not familiar with the test that's failing myself I'm afraid.

Comment 3 by kkaluri@chromium.org, Oct 31

Labels: CF-NeedsTriage
Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from Dev team to look in to this issue.

Thanks!

Comment 4 by manoranjanr@google.com, Oct 31

Cc: jyasskin@chromium.org ortuno@chromium.org
Labels: -CF-NeedsTriage
Looping "https://cs.chromium.org/chromium/src/content/shell/browser/layout_test/OWNERS" for further inputs here.

Comment 5 by ortuno@chromium.org, Oct 31

Cc: -jyasskin@chromium.org -ortuno@chromium.org
Components: Blink>WebGL
This seems related to WebGL.

Comment 6 by kbr@chromium.org, Oct 31

Labels: Needs-Feedback
Status: ExternalDependency (was: Untriaged)
Could someone please confirm manually that this is reliably reproducible on a developer workstation, and is a serious stability problem, before we invest lots of time attempting to reproduce and debug it? I have spent a lot of time recently investing Clusterfuzz crashes which weren't reproducible. Thanks.

Sign in to add a comment