New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 617525 link

Starred by 0 users

Issue metadata

Status: Fixed
Owner:
Closed: Jun 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

!locals_.has_sig() in encoder.cc

Project Member Reported by ClusterFuzz, Jun 6 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5498136760156160

Fuzzer: mbarbella_js_mutation
Job Type: linux_asan_d8_v8_arm_dbg
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  !locals_.has_sig() in encoder.cc
  
Regressed: V8: r36291:36292

Minimized Testcase (0.25 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv96Cytkz4JoEhVHn5s2ReitD7GLLdbig0yGRzTSH8xXAyrm94Suhpi6gbSwPP5tAW3kCaOdcrPyZw3HioHc0uUd6XOwXgcJXCwWbkF0GhI30J_89JMMltvKgds8hfmWm-BuBCVpU5kVUQUjPexodP31pgGBgiw
function __f_13(asmfunc) {
  var __v_9 = asmfunc.toString();
  var __v_13 = Wasm.instantiateModuleFromAsm(__v_9);
}
function __f_14() {
  "use asm";
  function __f_15() { return 0; }
  function __f_15() { return 137; }
  return {
};
}
__f_13(__f_14, {
});


Filer: mstarzinger

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
 
Cc: bradnelson@chromium.org
Owner: titzer@chromium.org
Status: Assigned (was: Available)
Status: Fixed (was: Assigned)
Project Member

Comment 4 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment