Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6162948021288960 Fuzzer: libfuzzer_v8_wasm_call_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: v8_wasm_call_fuzzer Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=428610:428611 Minimized Testcase (0.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95Ew9mkJtXFg1Rnf_7DoNJ5l__qcZqNvMXMQjNF5Xx2TlplDqXOOqf0E81ZRlm4QXeSGjHu2uLMvPy02y2iFEn9nj6l5-Eg4yw2DrOfqOKkohptZ0pKXWXrLJlOK4jWk5da9x0l_fkna9E9FvnAOF7D-axPahV4GJFr5il8rmcYv_Sy9rRPYIT3e8lynJHLmPejN9zg8f1V49p7jAuMdt9mhNdL_VxpaQW0KPnVpXYhaGQ54jRp9xM_Z70deoeLZh6Y0iaIwiJ11hHIKAiGgTsKEDNpmmhypj96gFyB70Iq2K9W4r02PCBSMxn6sxCE9VhRbaOxIn72GKDRttC6NeJtxh0X73sStOV2kWv8bfyidlqLDr0?testcase_id=6162948021288960 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
Find it did not provide any possible suspects. From CL assigning the issue to concern owner -- https://chromium.googlesource.com/chromium/src/+log/83ae56bab030686ec47692edf2243dfcd680e7a7..255ac214e64d62812ca7e65492de844ace019fb4?pretty=fuller @ahaas -- Could you please look into the issue, kindly re-assign if this is not related to your changes. Thank You.
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/57c20f0b72145c849c6880b5aa04b729f0fa55de commit 57c20f0b72145c849c6880b5aa04b729f0fa55de Author: ahaas <ahaas@chromium.org> Date: Wed Jan 11 17:24:00 2017 [wasm] The interpreter should not grow memory beyond module->mem_max_pages. R=titzer@chromium.org BUG= chromium:679352 TEST=cctest/test-run-wasm-interpreter/GrowMemory Review-Url: https://codereview.chromium.org/2627943002 Cr-Commit-Position: refs/heads/master@{#42240} [modify] https://crrev.com/57c20f0b72145c849c6880b5aa04b729f0fa55de/src/wasm/wasm-interpreter.cc [modify] https://crrev.com/57c20f0b72145c849c6880b5aa04b729f0fa55de/test/cctest/wasm/test-run-wasm-interpreter.cc [modify] https://crrev.com/57c20f0b72145c849c6880b5aa04b729f0fa55de/test/cctest/wasm/wasm-run-utils.h
ClusterFuzz has detected this issue as fixed in range 443239:443320. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6162948021288960 Fuzzer: libfuzzer_v8_wasm_call_fuzzer Job Type: libfuzzer_chrome_asan Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: v8_wasm_call_fuzzer Sanitizer: address (ASAN) Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=428610:428611 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=443239:443320 Minimized Testcase (0.06 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95Ew9mkJtXFg1Rnf_7DoNJ5l__qcZqNvMXMQjNF5Xx2TlplDqXOOqf0E81ZRlm4QXeSGjHu2uLMvPy02y2iFEn9nj6l5-Eg4yw2DrOfqOKkohptZ0pKXWXrLJlOK4jWk5da9x0l_fkna9E9FvnAOF7D-axPahV4GJFr5il8rmcYv_Sy9rRPYIT3e8lynJHLmPejN9zg8f1V49p7jAuMdt9mhNdL_VxpaQW0KPnVpXYhaGQ54jRp9xM_Z70deoeLZh6Y0iaIwiJ11hHIKAiGgTsKEDNpmmhypj96gFyB70Iq2K9W4r02PCBSMxn6sxCE9VhRbaOxIn72GKDRttC6NeJtxh0X73sStOV2kWv8bfyidlqLDr0?testcase_id=6162948021288960 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
ClusterFuzz testcase 6162948021288960 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
Comment 1 by mummare...@chromium.org
, Jan 10 2017Labels: M-57