Out-of-memory in v8_wasm_function_sigs_section_fuzzer |
|||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=6079824026402816 Fuzzer: libfuzzer_v8_wasm_function_sigs_section_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Out-of-memory Crash Address: Crash State: v8_wasm_function_sigs_section_fuzzer Minimized Testcase (0.00 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95z7GFp_ji9XczOmbhwVIfvXcCowE3ryQT6wU9jaMC6rt2KTEwSARuTroxjiCLxIFl3VnEeuQFvc0dl_VvXJdve_NxrXMknHFi8Gh0vFRO5HjdwZAMvdIYpWniqfEBs6OhdJA2weXv_HodxRC8ej9OeWoqUSw?testcase_id=6079824026402816 Issue manually filed by: mmoroz See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Sep 20 2016
,
Sep 21 2016
,
Sep 21 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/99b773c28ae764eaf53db675ac0e481a75c1a18a commit 99b773c28ae764eaf53db675ac0e481a75c1a18a Author: ahaas <ahaas@chromium.org> Date: Wed Sep 21 16:18:00 2016 [wasm] Break a decoder loop if there is a failure. TEST=unittests/WasmModuleVerifyTest.Regression_648070 BUG= chromium:648070 R=titzer@chromium.org Review-Url: https://codereview.chromium.org/2356253002 Cr-Commit-Position: refs/heads/master@{#39602} [modify] https://crrev.com/99b773c28ae764eaf53db675ac0e481a75c1a18a/src/wasm/module-decoder.cc [modify] https://crrev.com/99b773c28ae764eaf53db675ac0e481a75c1a18a/test/unittests/wasm/module-decoder-unittest.cc
,
Oct 18 2016
I think this issue is fixed.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by mmoroz@chromium.org
, Sep 18 2016Components: Blink>JavaScript>WebAssembly
Owner: ahaas@chromium.org