Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4833244394815488

Fuzzer: decoder_langfuzz
Job Type: linux_asan_d8_ignition_dbg
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  args[0]->IsJSFunction() in runtime-test.cc
  
Regressed: V8: r37703:37704

Minimized Testcase (9.98 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97aWgNVDFHtjMHnjrGtoDo444nXf0H-rqPoI5YGFqKO7wW_K-kGAidHOi9Ubk4eCRXX7DbwkCrD1rZyIoiPibq2CKkbL0SgBVWAyUFBmydkl0SgUd5Ge1cX1W6-0TNxtA5ynTXDFNDOsq4ABY-q9tEBNHG2mA?testcase_id=4833244394815488

Filer: mstarzinger

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Just %GetOptimizationStatus being fuzzed indirectly through "assertOptimized" and "assertUnoptimized". Fix is on the way. Not a real bug.

ClusterFuzz has detected this issue as fixed in range 37721:37722.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4833244394815488

Fuzzer: decoder_langfuzz
Job Type: linux_asan_d8_ignition_dbg
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  args[0]->IsJSFunction() in runtime-test.cc
  
Regressed: V8: r37703:37704
Fixed: V8: r37721:37722

Minimized Testcase (9.98 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97aWgNVDFHtjMHnjrGtoDo444nXf0H-rqPoI5YGFqKO7wW_K-kGAidHOi9Ubk4eCRXX7DbwkCrD1rZyIoiPibq2CKkbL0SgBVWAyUFBmydkl0SgUd5Ge1cX1W6-0TNxtA5ynTXDFNDOsq4ABY-q9tEBNHG2mA?testcase_id=4833244394815488

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz has detected this issue as fixed in range 37721:37722.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5738664504328192

Fuzzer: decoder_langfuzz
Job Type: linux_asan_d8_dbg
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  args[1]->IsString() in runtime-test.cc
  
Regressed: V8: r37703:37704
Fixed: V8: r37721:37722

Minimized Testcase (8.15 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95VGAoK_ThipW7GJBGP0PFtM5XkP_Fv4OkbqSbmyY0fVV6t-O-L70s0uce6jAlkGR9NmxYouGBLi4aaOIc5UZFE6akZqBqG_2RiPfTCjX0LkMlfGEAWkqdZre6X-21RGKIgrNSq3ojG2w43eZUDDfQdGVjYmg?testcase_id=5738664504328192

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Fixed by: https://crrev.com/06b233c96385fd5752cbb01f4ef0e0fb9c8b3820

 Issue 628349  has been merged into this issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot