Crash in v8::Context::Enter |
|||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5127255479287808 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8 Platform Id: windows Crash Type: UNKNOWN READ Crash Address: 0x00000000 Crash State: v8::Context::Enter v8::Shell::CreateEvaluationContext v8::Shell::RunMain Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_asan_d8&range=399234:399406 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97Rfvw2KjPhSVZajZoiYtPVIl9-Id0o5I6Sat4Xj-mi3k6jmI2aL7hDqB2lUXyZaqKQQiJ1WxGyHH6IKbfWg_TDcQCOShQQP_W2tFT8WCGtyMj6kqZtaBWSLJC8qXXbPpJVu71Y2FDIPoFVTuxfodc7S3YgwA Filer: mummareddy See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 14 2016
The "Minimized Testcase" is an empty file. This is a startup failure. Presumably ClusterFuzz was using a broken build, or there are other infrastructure issues.
,
Jun 14 2016
This is due to --stack-size=46, I would be unhappy with such a small stack as well. :)
,
Jun 14 2016
mummareddy@, please have a look at https://github.com/v8/v8/wiki/Triaging%20issues for more information on assigning CF issues to V8. Can you please add this link to the playbook you are using for triaging those bugs? Thanks
,
Jun 14 2016
Thanks hablich@ for providing the document. follow the same in feature.
,
Jun 15 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/d21b50ad6a08b73c98ef0273076dafcb7fbb4cdc commit d21b50ad6a08b73c98ef0273076dafcb7fbb4cdc Author: mstarzinger <mstarzinger@chromium.org> Date: Wed Jun 15 11:18:55 2016 [test] Bump stack size of regression test. This is to make sure the test in question does not run out of stack space during bootstrapping on any configuration. Our fuzzers take the test an run it against a broad spectrum of configuration. The new size of 100 is used throughout our test suite as "the smallest" stack size. R=jkummerow@chromium.org TEST=mjsunit/regress/regress-1132 BUG= chromium:619744 Review-Url: https://codereview.chromium.org/2068993002 Cr-Commit-Position: refs/heads/master@{#36995} [modify] https://crrev.com/d21b50ad6a08b73c98ef0273076dafcb7fbb4cdc/test/mjsunit/regress/regress-1132.js
,
Jun 25 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5127255479287808 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8 Platform Id: windows Crash Type: UNKNOWN READ Crash Address: 0x00000000 Crash State: v8::Context::Enter v8::Shell::CreateEvaluationContext v8::Shell::RunMain Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_asan_d8&range=399234:399406 Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97Rfvw2KjPhSVZajZoiYtPVIl9-Id0o5I6Sat4Xj-mi3k6jmI2aL7hDqB2lUXyZaqKQQiJ1WxGyHH6IKbfWg_TDcQCOShQQP_W2tFT8WCGtyMj6kqZtaBWSLJC8qXXbPpJVu71Y2FDIPoFVTuxfodc7S3YgwA?testcase_id=5127255479287808 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||
►
Sign in to add a comment |
|||
Comment 1 by mummare...@chromium.org
, Jun 13 2016Labels: Te-Logged M-53 Cr-Blink-JavaScript