Issue metadata
Sign in to add a comment
|
Stack-use-after-return in v8::internal::HandleBase::IsDereferenceAllowed |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4815341431816192 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_v8_mipsel_dbg Platform Id: linux Crash Type: Stack-use-after-return READ 4 Crash Address: 0xd4b83278 Crash State: v8::internal::HandleBase::IsDereferenceAllowed v8::internal::__RT_impl_Runtime_LoadIC_Miss v8::internal::Runtime_LoadIC_Miss Regressed: V8: r37179:37180 Minimized Testcase (6.48 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94jh66feLHeqO75l_eqoP2XNX0NcgLyW-izPDwpiad8c3OVmHSFna0lD4k0SpKGcezxnay0Y8EOMwSVw_Ot_A42l4KacIBZGWdx6JbGW-n5_Gwi1gaqM_UDNDUA_w-BSmJz1GLVNdev-I101YZjXlX9p4nn1g?testcase_id=4815341431816192 Filer: tanin See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 23 2016
,
Jun 23 2016
,
Jun 23 2016
,
Jun 24 2016
,
Jun 25 2016
ClusterFuzz has detected this issue as fixed in range 37253:37254. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5752227209936896 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: Stack-use-after-return READ 8 Crash Address: 0x7f23e8939d10 Crash State: v8::internal::HandleBase::IsDereferenceAllowed v8::internal::__RT_impl_Runtime_LoadIC_Miss v8::internal::Runtime_LoadIC_Miss Regressed: V8: r37179:37180 Fixed: V8: r37253:37254 Minimized Testcase (7.15 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95kHjQnlnmJCHqc_rAQ8JNM93DNDY1sukO-K9oc2oqrt_efQiye8QrF2rkx8ymTgy0VVee5WcanL5_VCTPk3nuHIrwmngbnh-VHy9UVYRSqWfczD3cI8JuJDUSf2SBuCSmraBBjAwKjD4wISF6fMm16xYnn1A?testcase_id=5752227209936896 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 25 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4815341431816192 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_v8_mipsel_dbg Platform Id: linux Crash Type: Stack-use-after-return READ 4 Crash Address: 0xd4b83278 Crash State: v8::internal::HandleBase::IsDereferenceAllowed v8::internal::__RT_impl_Runtime_LoadIC_Miss v8::internal::Runtime_LoadIC_Miss Regressed: V8: r37179:37180 Minimized Testcase (6.48 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94jh66feLHeqO75l_eqoP2XNX0NcgLyW-izPDwpiad8c3OVmHSFna0lD4k0SpKGcezxnay0Y8EOMwSVw_Ot_A42l4KacIBZGWdx6JbGW-n5_Gwi1gaqM_UDNDUA_w-BSmJz1GLVNdev-I101YZjXlX9p4nn1g?testcase_id=4815341431816192 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by ClusterFuzz
, Jun 22 2016