Issue metadata
Sign in to add a comment
|
scope->ContextLocalCount() == context_local_count in scopeinfo.cc |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4591225095323648 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: scope->ContextLocalCount() == context_local_count in scopeinfo.cc Regressed: V8: r39724:39725 Minimized Testcase (6.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94o70Ko3WY7PEfIN0v-G3chSE2Wz5NdMpPKWBBaloUgkYARugztRJyrM8UBMFOwHDDYxskYretioqkNangDz-QEya5J--jyHBF23e3mFhfHPuAr6K7nQ63uBcP7Ja6M_CKkIaumvNW-y1zNb1EgX5ojFlVyjw?testcase_id=4591225095323648 Issue manually filed by: mstarzinger See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Sep 27 2016
ClusterFuzz has detected this issue as fixed in range 39728:39729. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4591225095323648 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: scope->ContextLocalCount() == context_local_count in scopeinfo.cc Regressed: V8: r39724:39725 Fixed: V8: r39728:39729 Minimized Testcase (6.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94o70Ko3WY7PEfIN0v-G3chSE2Wz5NdMpPKWBBaloUgkYARugztRJyrM8UBMFOwHDDYxskYretioqkNangDz-QEya5J--jyHBF23e3mFhfHPuAr6K7nQ63uBcP7Ja6M_CKkIaumvNW-y1zNb1EgX5ojFlVyjw?testcase_id=4591225095323648 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Sep 27 2016
ClusterFuzz testcase is verified as fixed, closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Sep 27 2016
If we believe the regression range, it's this one: https://codereview.chromium.org/2370713003
,
Sep 27 2016
Re #4: Yes, that is the same one I referenced in comment #1 and ClusterFuzz is pretty accurate with its bisections these days. So I for one believe the regression range. :)
,
Sep 27 2016
This has been relanded in 47f303b66b6333a89f2608585c9dbe0e60d9f674. Hence re-opening.
,
Sep 27 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4795973501190144 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_v8_arm64_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: scope->ContextLocalCount() == context_local_count in scopeinfo.cc Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv94ldRVIe59ShVW_-DIKSZVWWKolD8TxT8zwHMrrUbbkYmbZ8cToN83sGrJ7pX1-R82XJmPuHF9GcBA3slYqMBpw_KGXHo1xJgMxndX0Jd0RXtCANSWW-6pdZIXOVvDqZNxnkKpzXV4BzT8TmYgpltL-zVc7P3d1iKAVvdUSDEDlN43JJP8?testcase_id=4795973501190144 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Sep 28 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5911616690585600 Fuzzer: mbarbella_js_mutation Job Type: linux_v8_d8_be Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000007 Crash State: v8::internal::Invoke v8::internal::Execution::Call v8::Script::Run Regressed: V8: r39752:39767 Minimized Testcase (3.93 Kb): https://cluster-fuzz.appspot.com/download/AMIfv944Z0GrMksRSF0o1Xy7f29NWwDMK3nD47BuIJLJLMZGCMWPYCZ5amJJYdnBoYiKb-ZfMCv5YPdOckXehliSYAH69nthuq8l08HrAoJ6tELj__rYwtjzm73Z3OBA4AH_o6o326WwvlKYySGFGv4hS5p4MAQjjQ?testcase_id=5911616690585600 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Sep 29 2016
,
Sep 30 2016
ClusterFuzz has detected this issue as fixed in range 39863:39864. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4795973501190144 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_v8_arm64_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: scope->ContextLocalCount() == context_local_count in scopeinfo.cc Regressed: V8: r39755:39756 Fixed: V8: r39863:39864 Minimized Testcase (4.65 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96ICBYdm_PQpMqocxo8n2a457gUrXa5TGnRTE-p0M8Sh2S9GvEku_TWFKMsznhq5KWD2AbpUquFDW6Ik7bO_Pc2mStiKcuoVChfsRlp2xa4GueKmGyvQuSIJPKNjBIlA_Z2TPYoJMtRnqgJJBWeRQV5ybfESA?testcase_id=4795973501190144 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Sep 30 2016
ClusterFuzz has detected this issue as fixed in range 39862:39889. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5911616690585600 Fuzzer: mbarbella_js_mutation Job Type: linux_v8_d8_be Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000000007 Crash State: v8::internal::Invoke v8::internal::Execution::Call v8::Script::Run Regressed: V8: r39752:39767 Fixed: V8: r39862:39889 Minimized Testcase (3.93 Kb): https://cluster-fuzz.appspot.com/download/AMIfv944Z0GrMksRSF0o1Xy7f29NWwDMK3nD47BuIJLJLMZGCMWPYCZ5amJJYdnBoYiKb-ZfMCv5YPdOckXehliSYAH69nthuq8l08HrAoJ6tELj__rYwtjzm73Z3OBA4AH_o6o326WwvlKYySGFGv4hS5p4MAQjjQ?testcase_id=5911616690585600 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 18 2017
We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by mstarzinger@chromium.org
, Sep 27 2016Owner: verwa...@chromium.org
Status: Assigned (was: Untriaged)