Issue metadata
Sign in to add a comment
|
Fatal error in asm-wasm-builder.cc |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4984143729655808 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_v8_arm64_dbg Platform Id: linux Crash Type: Fatal error Crash Address: Crash State: asm-wasm-builder.cc Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97rmp6czXMRvcJoIo9zRj1_pmldUBdiR0gaQpEfOZc-IKx17krsBUdEXtuYTfZy-SJQB0IKL32Ch8NX1M_MR7hmLOtLlo2n-fwbwOlma6IB7f2oGYwxAjp8Yocf4NbiPiosEOFJg7ROBSQ9qRNe9ub8U9k8mDqMT0W1To6PpJRpuDAhEx0 Filer: mstarzinger See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 7 2016
,
Jun 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/ce291bedd0bd4b32a37aa02e34416b62a8688b7e commit ce291bedd0bd4b32a37aa02e34416b62a8688b7e Author: titzer <titzer@chromium.org> Date: Tue Jun 07 09:35:52 2016 [wasm] Dont compute global offsets if the module had errors (e.g. invalid memory type for global). R=ahaas@chromium.org,bradnelson@chromium.org BUG= chromium:617884 Review-Url: https://codereview.chromium.org/2044833002 Cr-Commit-Position: refs/heads/master@{#36779} [modify] https://crrev.com/ce291bedd0bd4b32a37aa02e34416b62a8688b7e/src/wasm/module-decoder.cc [modify] https://crrev.com/ce291bedd0bd4b32a37aa02e34416b62a8688b7e/test/unittests/wasm/module-decoder-unittest.cc
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by mstarzinger@chromium.org
, Jun 7 2016Owner: titzer@chromium.org
Status: Assigned (was: Available)