V8 correctness failure in configs: x64,ignition:x64,ignition_turbo_opt |
||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5811946327900160 Fuzzer: foozzie_js_mutation Job Type: foozzie_ignition_turbo_opt Platform Id: linux Crash Type: V8 correctness failure Crash Address: Crash State: configs: x64,ignition:x64,ignition_turbo_opt sources: cdd Sanitizer: address (ASAN) Minimized Testcase (0.37 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv94WOqdDZWurZ9tj3pJHX_g_KpvaJQsWPz0GSJOlUSzkRrhkWnnxwQfQ84Gbo-rg2uxuIt35W3Mth6gt9smRNKE0OXYy9ZlV12nm6lRwT3Wqof5myfPYneSboXat-n6qhThyjbd9PIumw-mkZDJrGhVMZgSAethMtymIpSeVKgug6uTgxTu-vguhZBoF_QrjbKU6gmHzbFFUeemWI50eLjjPjMhehYJAxg090sWYz3PzQtspHUhnciNV_seaNs9g0KdO1Gu4qQNyQHajvv6ZNqCcLtpfPQL9ksSF8wmcNVKq6TDx5BsuAhnnEcKixdgE3ZbQEfbmgG2S2E_BHg7J4LX_Skt-SGGAgcYaxjjYc6X41E0IHsU?testcase_id=5811946327900160 __PrettyPrint = function __PrettyPrint() { switch (typeof value) { } } assertEquals = function assertEquals(expected, found) { print(found); }; print("v8-foozzie source: /v8/test/mjsunit/bugs/bug-941049.js"); function __f_5() { return __f_4.arguments; } function __f_4(x, y) { x = 2; var __v_2 = __f_5(); return __v_2; } __v_0 = __f_4(0, 1); assertEquals(6, __v_0[0]); Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jan 25 2017
Added to internal blacklist. Will close this as soon as new fuzzer is up.
,
Jan 31 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by machenb...@chromium.org
, Jan 24 2017Owner: machenb...@chromium.org
Status: Assigned (was: Untriaged)