NULL |
|||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4830702954348544 Fuzzer: svg_xml_tokenfuzz Job Type: linux_ubsan_vptr_content_shell_drt Platform Id: linux Crash Type: Null-dereference Crash Address: 0x000000000000 Crash State: NULL Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_content_shell_drt&range=606095:606116 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4830702954348544 Additional requirements: Requires Gestures Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Dec 8
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Dec 10
This bug is incorrect.
WebViewTestProxyBase::WebViewTestProxyBase()
: accessibility_controller_(new AccessibilityController(this)),
text_input_controller_(new TextInputController(this)),
// TODO(danakj): We should collapse WebViewTestProxy and
// WebViewTestProxyBase into one class really. They are both
// concrete types now.
view_test_runner_(
new TestRunnerForSpecificView(static_cast<WebViewTestProxy*>(this))) {
WebWidgetTestProxyBase::set_web_view_test_proxy_base(this);
}
It claims that `static_cast<WebViewTestProxy*>(this)` is incorrect, but WebViewTestProxyBase is always the base of a WebViewTestProxy. The stack trace shows that |this| is a WebViewTestProxy. Perhaps it doesn't like downcasting from the constructor?
#0 0x55e29af9abcb in test_runner::WebViewTestProxyBase::WebViewTestProxyBase() content/shell/test_runner/web_view_test_proxy.cc:142:41
#1 0x55e29afc4734 in WebViewTestProxy<content::CompositorDependencies *&, const content::mojom::CreateViewParams &> content/shell/test_runner/web_view_test_proxy.h:181:12
|
|||
►
Sign in to add a comment |
|||
Comment 1 by ClusterFuzz
, Dec 8Owner: danakj@chromium.org
Status: Assigned (was: Untriaged)