aseemgarg@ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

Author: aseemgarg
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/cf9ee0ec6c3768bf7f47363056169ce0624348ef
Time: Thu Oct 20 00:19:33 2016
Lines 341-346 of file ast-decoder.cc which potentially caused crash are changed in this cl (frame #2, "v8::internal::wasm::WasmDecoder::OpcodeLength").
Minimum distance from crash line to modified line: 0. (file: ast-decoder.cc, crashed on: 341, modified: 341).

Suspected Project: chromium-v8
Suspected Component: Blink>JavaScript

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/1f6f345db29e96f6070ab8cef58e18ae7f879fe2

commit 1f6f345db29e96f6070ab8cef58e18ae7f879fe2
Author: aseemgarg <aseemgarg@chromium.org>
Date: Tue Oct 25 22:03:17 2016

[wasm] fix simd opcode read and error case for bad simd opcodes

BUG= chromium:658426 
R=ahaas@chromium.org,titzer@chromium.org,gdeepti@chromium.org

Review-Url: https://codereview.chromium.org/2447683004
Cr-Commit-Position: refs/heads/master@{#40572}

[modify] https://crrev.com/1f6f345db29e96f6070ab8cef58e18ae7f879fe2/src/wasm/ast-decoder.cc
[modify] https://crrev.com/1f6f345db29e96f6070ab8cef58e18ae7f879fe2/test/unittests/wasm/ast-decoder-unittest.cc

ClusterFuzz has detected this issue as fixed in range 427617:427664.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6078497295695872

Fuzzer: libfuzzer_v8_wasm_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x000001d391f8
Crash State:
  v8::internal::wasm::WasmDecoder::OpcodeLength
  v8::internal::wasm::WasmFullDecoder::AnalyzeLoopAssignment
  v8::internal::wasm::WasmFullDecoder::PrepareForLoop
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=426478:426526
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=427617:427664

Minimized Testcase (0.07 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96NbSI-_wq6vlzRuS1FRksCLZ0bgYARWcNbm4lg1AtkpBEL_zm_aIyCj0xpChFhnHWzDiwMkIcD6CHi1E2mrlHNNE_ZrHAc4xHfqM336wOK8BcfsJy1Jnijeyd3wqe_6sP7FDgxgt-RRREqnCaA9ZOMEfLP5w?testcase_id=6078497295695872

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot