Issue metadata
Sign in to add a comment
|
!v8::internal::FLAG_enable_slow_asserts || (object->IsHeapObject()) in objects-i |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4930895330148352 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !v8::internal::FLAG_enable_slow_asserts || (object->IsHeapObject()) in objects-i Regressed: V8: r41367:41368 Minimized Testcase (9.41 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96LCtLE2Gl60MOqLPMe61pJfepEYfOlDQTZ1wTFDFAD7r5RdeBIa2LYnmv_v3fKR-2M4j5hZvDVuj3QVraw-3-Ywd7WEmVUoHMJEF-tUUMJ1FpSxt1Ha2dwujVJQODUrtvbuZrYSnbJxqzEOssqU_HCve4SYg?testcase_id=4930895330148352 Issue manually filed by: titzer See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Dec 5 2016
,
Dec 21 2016
+gsathya since a recent clusterfuzz issue bisected to a CL owned by them.
,
Jan 3 2017
,
Jan 5 2017
ClusterFuzz has detected this issue as fixed in range 42063:42064. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4930895330148352 Fuzzer: decoder_langfuzz Job Type: linux_asan_d8_dbg Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: !v8::internal::FLAG_enable_slow_asserts || (object->IsHeapObject()) in objects-i Sanitizer: address (ASAN) Regressed: V8: r41367:41368 Fixed: V8: r42063:42064 Minimized Testcase (9.41 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96LCtLE2Gl60MOqLPMe61pJfepEYfOlDQTZ1wTFDFAD7r5RdeBIa2LYnmv_v3fKR-2M4j5hZvDVuj3QVraw-3-Ywd7WEmVUoHMJEF-tUUMJ1FpSxt1Ha2dwujVJQODUrtvbuZrYSnbJxqzEOssqU_HCve4SYg?testcase_id=4930895330148352 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by titzer@chromium.org
, Dec 5 2016