CHECK failure: result == scrollable_area_->layer_->GraphicsLayerBacking()->VisualRect() in pain |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6529317519228928 Fuzzer: marty_html_twiddler Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: result == scrollable_area_->layer_->GraphicsLayerBacking()->VisualRect() in pain blink::PaintLayerScrollableArea::ScrollingBackgroundDisplayItemClient::VisualRec blink::DisplayItem::DisplayItem Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=603217:603228 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6529317519228928 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Dec 11
Automatically adding ccs based on suspected regression changelists: [PE] Fix raster cpu regression of crrev.com/c/1297131 by wangxianzhu@chromium.org - https://chromium.googlesource.com/chromium/src/+/2779a9b0df225a3e2ca284ab1d076f4dcd090c31 Snap after pressing arrow key. by sunyunjia@chromium.org - https://chromium.googlesource.com/chromium/src/+/e806ef73a7d39067e1bfcf451b4c16f0c56d4837 If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.
,
Dec 11
This doesn't seem to be caused by my change. As I checked that my patch doesn't touch the stack trace.
,
Dec 11
,
Dec 15
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7edf71d1a997df5fe2ecd71e8cdbcdcd7d4b520a commit 7edf71d1a997df5fe2ecd71e8cdbcdcd7d4b520a Author: Xianzhu Wang <wangxianzhu@chromium.org> Date: Sat Dec 15 01:48:45 2018 [PE] Fix DCHECK failure in scrolling background visual rect Now use the same pixel snapping method for scrolling contents layer used in CompositeLayerMapping to avoid the DCHECK failure. The scrolling contents should originate from the pixel snapped clip rect. Bug: 913843 Change-Id: Ibce87b324567f971516148f865608f00e80d4bee Reviewed-on: https://chromium-review.googlesource.com/c/1378850 Reviewed-by: Chris Harrelson <chrishtr@chromium.org> Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org> Cr-Commit-Position: refs/heads/master@{#616909} [modify] https://crrev.com/7edf71d1a997df5fe2ecd71e8cdbcdcd7d4b520a/third_party/blink/renderer/core/paint/paint_layer_scrollable_area.cc [modify] https://crrev.com/7edf71d1a997df5fe2ecd71e8cdbcdcd7d4b520a/third_party/blink/renderer/core/paint/paint_layer_scrollable_area_test.cc
,
Dec 15
ClusterFuzz has detected this issue as fixed in range 616906:616910. Detailed report: https://clusterfuzz.com/testcase?key=6529317519228928 Fuzzer: marty_html_twiddler Job Type: linux_debug_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: result == scrollable_area_->layer_->GraphicsLayerBacking()->VisualRect() in pain blink::PaintLayerScrollableArea::ScrollingBackgroundDisplayItemClient::VisualRec blink::DisplayItem::DisplayItem Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=603217:603228 Fixed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=616906:616910 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6529317519228928 See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 15
ClusterFuzz testcase 6529317519228928 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Dec 11Labels: Test-Predator-Auto-Components