New issue
Advanced search Search tips

Issue 627766 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Nov 2016
Cc:
ajha@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug



Sign in to add a comment

Crash in v8::internal::Deoptimizer::GetDeoptimizationEntry

Project Member Reported by ClusterFuzz, Jul 13 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6074952692531200

Fuzzer: therealholden_worker
Job Type: windows_syzyasan_chrome
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x0000000b
Crash State:
  v8::internal::Deoptimizer::GetDeoptimizationEntry
  v8::internal::ExternalReferenceTable::ExternalReferenceTable
  v8::internal::ExternalReferenceTable::instance
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_chrome&range=404552:404561

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv947QXtlsoe2rVcK3qqo7OAboJySfTymXMPGVNvHUw2YzxDIrmgrIy3xvsvH002nuggu2x8KVpnaTmVYM5YortXAG4PxkMseBbEJp_vEPzCxukBHNB6YgSM3eEodbycJTAI_ZvdLV7Z5S54-C3wGqPIxLzqFzQ?testcase_id=6074952692531200


Additional requirements: Requires Gestures

Additional requirements: Requires HTTP

Filer: ajha

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by ajha@chromium.org, Jul 13 2016

Cc: ajha@chromium.org
Components: Blink>JavaScript
Labels: M-54 Te-Logged
Find it result:
===============
Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: danno@chromium.org
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/c31454ac3724a59b69bfa46b0c8c7e9793ed62f8
Time: Tue Jan 29 09:09:55 2013
The CL last changed line 609 of file deoptimizer.cc, which is stack frame 0.

Author: ahaas
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/88309de15811967dcb2a9ea190fccf47eac859d9
Time: Thu Mar 17 13:14:11 2016
The CL last changed line 389 of file external-reference-table.cc, which is stack frame 1.

Author: ahaas
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/88309de15811967dcb2a9ea190fccf47eac859d9
Time: Thu Mar 17 13:14:11 2016
The CL last changed line 21 of file external-reference-table.cc, which is stack frame 2.

Author: yangguo
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/6f17848caa6eb2658bf0e9eb262b060713d32878
Time: Tue Mar 01 14:42:57 2016
The CL last changed line 67 of file deserializer.cc, which is stack frame 3.

Author: yangguo
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/6f17848caa6eb2658bf0e9eb262b060713d32878
Time: Tue Mar 01 14:42:57 2016
The CL last changed line 73 of file deserializer.cc, which is stack frame 4.

Author: ulan@chromium.org
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/20f2c9b645aee8c771c0ce4ea626ea0b82b2734f
Time: Tue Feb 28 18:26:04 2012
The CL last changed line 2319 of file isolate.cc, which is stack frame 5.

Author: yangguo
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/7cff32a9bd461a9270ba01502ff9a1c3d8c98f05
Time: Wed Dec 10 11:46:27 2014
The CL last changed line 57 of file snapshot-common.cc, which is stack frame 6.

Suspected Project: chromium-v8
Suspected Component: Blink>JavaScript

Requesting v8 team for further investigation.
Project Member

Comment 2 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 3 by mstarzinger@chromium.org, Nov 28 2016

Status: Archived (was: Available)
Not actionable and has been abandoned for a while. Closing.

Sign in to add a comment