Issue 700284 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Merged:	issue 698607
Owner:	----
Closed:	Mar 2017
Cc:	bmeu...@chromium.org tebbi@chromium.org mstarzinger@chromium.org
Components:	Blink>JavaScript
EstimatedDays:	----
NextAction:	----
OS:	Windows
Pri:	1
Type:	Bug
Stability-Crash Reproducible Clusterfuzz

Encountered unaccounted use by #123 (ObjectIsNaN) in escape-analysis.cc

Project Member Reported by ClusterFuzz, Mar 10 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=6481047387897856

Fuzzer: mbarbella_js_mutation
Job Type: windows_asan_d8
Platform Id: windows

Crash Type: CHECK failure
Crash Address: 
Crash State:
  Encountered unaccounted use by #123 (ObjectIsNaN) in escape-analysis.cc
  v8::internal::compiler::EscapeStatusAnalysis::CheckUsesForEscape
  v8::internal::compiler::EscapeStatusAnalysis::Process
  v8::internal::compiler::EscapeStatusAnalysis::RunStatusAnalysis
  
Sanitizer: address (ASAN)

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv97xgRk_0Woh774Toozj84aRZT5S5lDuVhHFZiq-BY4KlquM9IUSP-JLjQYZmM1pDvaU5ptgtuKUKjFCQBxaJKyt6JvB6BXHkTKrtoOanIyJQU5Nou7jzdFCcIaU0KqtMcUrlB9Q8NlAsU72sE1AKwS8n-5WTVowX-Wmf_6Llz-wp6BOil43M_ghR6dmiaP14st3rwKtSoWJRsmLVSYU7cm7KPV9sL7vjJ0X9Gv110vqdM7DuuQiE5YRrxUu_6P6QeiHY2WuNKOt3TP3PHF3b6v0igqN0RZJkE1j26lzH02XdA8cGRB6QMUOZEpK5oXC6tur8UI5u4iiAaDIMVxuAzDTlVaaktsIS7liyIq6lYDBi7NXZ9A?testcase_id=6481047387897856


Issue manually filed by: machenbach

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by machenb...@chromium.org, Mar 10 2017

Cc: bmeu...@chromium.org tebbi@chromium.org mstarzinger@chromium.org

PTAL

Comment 2 by bmeu...@chromium.org, Mar 10 2017

Mergedinto: 698607
Status: Duplicate (was: Untriaged)

Project Member

Comment 3 by ClusterFuzz, Apr 16 2017

ClusterFuzz has detected this issue as fixed in range 455056:455060.

Detailed report: https://clusterfuzz.com/testcase?key=6481047387897856

Fuzzer: mbarbella_js_mutation
Job Type: windows_asan_d8
Platform Id: windows

Crash Type: CHECK failure
Crash Address: 
Crash State:
  Encountered unaccounted use by #123 (ObjectIsNaN) in escape-analysis.cc
  v8::internal::compiler::EscapeStatusAnalysis::CheckUsesForEscape
  v8::internal::compiler::EscapeStatusAnalysis::Process
  
Sanitizer: address (ASAN)

Fixed: https://clusterfuzz.com/revisions?job=windows_asan_d8&range=455056:455060

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95cN_jXP6w1MFh-uv8nQwv5XaclLOhzdPqNNIM4VxVYQXiNn0GZW9aoJwJTLOObqe8EWLmhCSKsiwi1wUfeF5GjcAMq82mhGXfforZ_AKg2qpJhlJ4xBWfFdD-IhjLoxlv_A1IFuil0JbLTr6dpGuTMIfoVMwPofNEU33w_SPSR1CmOonwFJ1FOKOgjTcoQffopUBldYsXRFqJ0HiioLV-K7Uy4ZdzDUosSh65FlUTLgmEbwZlC4TBYpbuZOvU4vKNyXPStP0LZGOndSeZlIK6Pf4g4tR3_wQRit8t_jFKxnLhqsYmoZovUxQydwM77jzwT5hWp4sjc_cVQlFq-ZxVQB1A4f181TsSk_KBzj50TN1fAJlFIplhn1k41MS1Ce1Ael3mi827drVhpcHtJ831pOdPsXg?testcase_id=6481047387897856


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

►

Issue 700284 link

Issue metadata

Encountered unaccounted use by #123 (ObjectIsNaN) in escape-analysis.cc

Issue description

Comment 1 by machenb...@chromium.org, Mar 10 2017

Comment 1 Deleted

Comment 2 by bmeu...@chromium.org, Mar 10 2017

Comment 2 Deleted

Comment 3 by ClusterFuzz, Apr 16 2017

Comment 3 Deleted

Sign in to add a comment