This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Assigning to the V8 clusterfuzz sheriff.

ClusterFuzz has detected this issue as fixed in range 427634:427669.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4647833220415488

Fuzzer: afl_v8_wasm_asmjs_fuzzer
Job Type: afl_chrome_asan
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 1
Crash Address: 0x608000000bf6
Crash State:
  v8::internal::wasm::WasmDecoder::OpcodeLength
  v8::internal::wasm::WasmFullDecoder::AnalyzeLoopAssignment
  v8::internal::wasm::WasmFullDecoder::PrepareForLoop
  
Recommended Security Severity: Medium

Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=426487:426550
Fixed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=427634:427669

Minimized Testcase (0.05 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96iwPH0CSHGZHwJWuj08UoC0donQ1pLeZja4_HVvQsW5h6FUfGKRPuvlkCECIh9RusBn_r40sHXqaqjM_pokzAxlnUHY4xHn0gjeocEzpxqzVMGINVvcIVRh_oWprOyomnjUhELlWaOoW4Bgl8ArIWj1s4QwQ?testcase_id=4647833220415488

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot