!array->HasFixedTypedArrayElements() in runtime-array.cc |
|||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6078519901945856 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_v8_mipsel_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !array->HasFixedTypedArrayElements() in runtime-array.cc Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_d8_v8_mipsel_dbg&range=36814:36815 Minimized Testcase (8.91 Kb): https://cluster-fuzz.appspot.com/download/AMIfv959RsJFffhOcEkHLSlBBJRgJjdzW-rzTcYDR82Oifucss_ceRYQbMD20Vxu9PGTxIGb1nLJtQrRAPV4iIkiXgg_46RBtGetvSr5FxGgGlW6-E1zcu2dhq8JP3Q6Q1EtkNR2aBH_UKJ8BTk_D_IcqctQ-cPAPw?testcase_id=6078519901945856 Filer: ishell See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 21 2016
Why is CF still trying to call runtime functions with random input? Is it because it used a seed source with such a call?
,
Jun 21 2016
Yeah, and we only have a way to prevent the calls in my fuzzer, not decoder's.
,
Jun 26 2016
After thinking about this more, I realized it's not that hard to fix in the wrapper scripts we already use to run it in CF. Started working on a fix, will land it on Monday.
,
Jul 12 2016
Fixed late last month, but forgot to close this out.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ishell@chromium.org
, Jun 20 2016