New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 617884 link

Starred by 0 users

Issue metadata

Status: Duplicate
Merged: issue 617526
Owner:
Closed: Jun 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Fatal error in asm-wasm-builder.cc

Project Member Reported by ClusterFuzz, Jun 7 2016

Issue description

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4984143729655808

Fuzzer: mbarbella_js_mutation
Job Type: linux_asan_d8_v8_arm64_dbg
Platform Id: linux

Crash Type: Fatal error
Crash Address: 
Crash State:
  asm-wasm-builder.cc
  

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97rmp6czXMRvcJoIo9zRj1_pmldUBdiR0gaQpEfOZc-IKx17krsBUdEXtuYTfZy-SJQB0IKL32Ch8NX1M_MR7hmLOtLlo2n-fwbwOlma6IB7f2oGYwxAjp8Yocf4NbiPiosEOFJg7ROBSQ9qRNe9ub8U9k8mDqMT0W1To6PpJRpuDAhEx0


Filer: mstarzinger

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
 
Cc: bradnelson@chromium.org
Owner: titzer@chromium.org
Status: Assigned (was: Available)
Mergedinto: 617526
Status: Duplicate (was: Assigned)
Project Member

Comment 3 by bugdroid1@chromium.org, Jun 7 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/ce291bedd0bd4b32a37aa02e34416b62a8688b7e

commit ce291bedd0bd4b32a37aa02e34416b62a8688b7e
Author: titzer <titzer@chromium.org>
Date: Tue Jun 07 09:35:52 2016

[wasm] Dont compute global offsets if the module had errors (e.g. invalid memory type for global).

R=ahaas@chromium.org,bradnelson@chromium.org
BUG= chromium:617884 

Review-Url: https://codereview.chromium.org/2044833002
Cr-Commit-Position: refs/heads/master@{#36779}

[modify] https://crrev.com/ce291bedd0bd4b32a37aa02e34416b62a8688b7e/src/wasm/module-decoder.cc
[modify] https://crrev.com/ce291bedd0bd4b32a37aa02e34416b62a8688b7e/test/unittests/wasm/module-decoder-unittest.cc

Project Member

Comment 4 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment