AllowHeapAllocation::IsAllowed() in src/heap/heap-inl.h |
|||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4939768253382656 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: AllowHeapAllocation::IsAllowed() in src/heap/heap-inl.h Regressed: V8: r36391:36392 Minimized Testcase (9.13 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94apUgXYR4Z_6Qze055GeeXWzlYCUi1CmEzn46QqjiBHhFK6cvylD6O2j79AF7r21ID9bhVUX_JAbgMEv7kgNstjxVuLEZWnYtAB005wED7m8OTZlLK9kWJ08Jzwz3mkfZUcnFZ5h5PLBFiPdv_oAdtYdMi-A Filer: mstarzinger See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 20 2016
Stupid little mistake. I found it by looking at the code. Fix upcoming.
,
May 23 2016
,
May 23 2016
,
May 23 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/46aeb2aed87aa24bcb86608b719480230e8567fe commit 46aeb2aed87aa24bcb86608b719480230e8567fe Author: yangguo <yangguo@chromium.org> Date: Mon May 23 09:16:28 2016 [json] fix encoding change for two-byte gap strings. R=mstarzinger@chromium.org BUG= chromium:613570 Review-Url: https://codereview.chromium.org/1997003002 Cr-Commit-Position: refs/heads/master@{#36433} [modify] https://crrev.com/46aeb2aed87aa24bcb86608b719480230e8567fe/src/json-stringifier.h [add] https://crrev.com/46aeb2aed87aa24bcb86608b719480230e8567fe/test/mjsunit/regress/regress-crbug-613570.js
,
May 23 2016
ClusterFuzz has detected this issue as fixed in range 36432:36433. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4939768253382656 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: AllowHeapAllocation::IsAllowed() in src/heap/heap-inl.h Regressed: V8: r36391:36392 Fixed: V8: r36432:36433 Minimized Testcase (9.13 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94apUgXYR4Z_6Qze055GeeXWzlYCUi1CmEzn46QqjiBHhFK6cvylD6O2j79AF7r21ID9bhVUX_JAbgMEv7kgNstjxVuLEZWnYtAB005wED7m8OTZlLK9kWJ08Jzwz3mkfZUcnFZ5h5PLBFiPdv_oAdtYdMi-A See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by mstarzinger@chromium.org
, May 20 2016