Issue metadata
Sign in to add a comment
|
Crash in v8::internal::JSArrayBuffer::cast |
||||||||||||||||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4578556157100032 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_v8_mipsel_dbg Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0beefdb6 Crash State: v8::internal::JSArrayBuffer::cast v8::internal::__RT_impl_Runtime_TypedArrayGetLength v8::internal::Runtime_TypedArrayGetLength Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: V8: 43517:43518 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97qjn5vf4ZUoHqTed77i1h8-UourQFxijP3hBcu3_i0wtG1L8XqjQitwWex5C43S102dbDnXT_T3ScN0Dpmm8KR7zW5BSlBv03eQSufFN24z51JTsSTa-yqfxnennsUUtfpbGdQc-2GnJF64IIr_YGvVDJcukkyp66JtWvZc4P9gKzbX5oGgzMYYd1D9L2pWlHR06JC9F9VWiSiYG5kLM_yBior1kKeG4F5MCszEfuAaMnftR299Zz0BVsueOmv9FUIzlpi-IB15y0Jd8_HUZBdXZUEGdYSjSyG9i5Ouu6M2_2xz3G02aSRz_sH9BoaLCPc1q9uohvN6mQaDMQpCADlFe9xNnOguLMg9UkEzPBrJh7sBy8?testcase_id=4578556157100032 Issue filed automatically. See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Mar 1 2017
,
Mar 1 2017
Regression range points to https://chromium-review.googlesource.com/c/445717/
,
Mar 2 2017
ClusterFuzz has detected this issue as fixed in range 43519:43520. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4578556157100032 Fuzzer: mbarbella_js_mutation Job Type: linux_asan_d8_v8_mipsel_dbg Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0beefdb6 Crash State: v8::internal::JSArrayBuffer::cast v8::internal::__RT_impl_Runtime_TypedArrayGetLength v8::internal::Runtime_TypedArrayGetLength Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: V8: 43517:43518 Fixed: V8: 43519:43520 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97qjn5vf4ZUoHqTed77i1h8-UourQFxijP3hBcu3_i0wtG1L8XqjQitwWex5C43S102dbDnXT_T3ScN0Dpmm8KR7zW5BSlBv03eQSufFN24z51JTsSTa-yqfxnennsUUtfpbGdQc-2GnJF64IIr_YGvVDJcukkyp66JtWvZc4P9gKzbX5oGgzMYYd1D9L2pWlHR06JC9F9VWiSiYG5kLM_yBior1kKeG4F5MCszEfuAaMnftR299Zz0BVsueOmv9FUIzlpi-IB15y0Jd8_HUZBdXZUEGdYSjSyG9i5Ouu6M2_2xz3G02aSRz_sH9BoaLCPc1q9uohvN6mQaDMQpCADlFe9xNnOguLMg9UkEzPBrJh7sBy8?testcase_id=4578556157100032 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Mar 2 2017
ClusterFuzz testcase 4578556157100032 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Mar 2 2017
,
Jun 8 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 28
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by vakh@chromium.org
, Mar 1 2017Owner: binji@chromium.org