Assigning to the concern owner from Predator results
The result is a list of CLs that change the crashed files. 

Author: Clemens Hammacher
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/6a36b2a040eed8fc934753d463af41f14b48e356
Time: Fri Jun 09 18:37:54 2017
Lines 39-40 of file wasm.cc which potentially caused crash are changed in this cl (frame #4, "LLVMFuzzerTestOneInput"). 

Lines 84-102 of file wasm-module-runner.cc which potentially caused crash are changed in this cl (frame #3, "v8::internal::wasm::testing::CompileAndRunWasmModule"). 

Lines 819 of file wasm-module.cc which potentially caused crash are changed in this cl (frame #2, "v8::internal::wasm::SyncCompileAndInstantiate").
Minimum distance from crash line to modified line: 0. (file: wasm.cc, crashed on: 39, modified: 39).

@clemensh: Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

https://chromium-review.googlesource.com/c/548641

This is a fuzzer-only error, lowering priority.

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d6aed4435f022da1827d7198e4f5b3c1606b8e9f

commit d6aed4435f022da1827d7198e4f5b3c1606b8e9f
Author: Clemens Hammacher <clemensh@chromium.org>
Date: Thu Jun 29 10:23:45 2017

[wasm] Use pending exceptions consistently

In our internal code, we should only use pending exceptions. They will
be converted to scheduled exceptions on the API boundary.
Hence, the ErrorThrower just sets a pending exception; it should never
have to think about scheduled exceptions. The new
ScheduledErrorThrower inherits from ErrorThrower and reschedules any
pending exceptions in its destructor (turning them into scheduled
exceptions).
In some situations, there might already be a scheduled exception, e.g.
when calling other API methods (v8::Value::Get). In this case, the
ErrorThrower should also not set another pending exception. For the
reasons mentioned above, this can only be handled in the
ScheduledErrorThrower, which is used the API methods.

This fixes one DCHECK failure and one TODO about scheduled exceptions
if no instance can be created, because the start function throws.

R=mtrofin@chromium.org, mstarzinger@chromium.org
BUG= v8:6232 , chromium:736256 

Change-Id: I4905be04c565df9495de18fb26adbb5c05d193d2
Reviewed-on: https://chromium-review.googlesource.com/548641
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46314}
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/src/wasm/module-compiler.cc
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/src/wasm/wasm-js.cc
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/src/wasm/wasm-module.cc
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/src/wasm/wasm-result.cc
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/src/wasm/wasm-result.h
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/test/common/wasm/wasm-module-runner.cc
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/test/common/wasm/wasm-module-runner.h
[modify] https://crrev.com/d6aed4435f022da1827d7198e4f5b3c1606b8e9f/test/mjsunit/wasm/start-function.js

ClusterFuzz has detected this issue as fixed in range 483373:483549.

Detailed report: https://clusterfuzz.com/testcase?key=5422350588968960

Fuzzer: libFuzzer_v8_wasm_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  thrower->error() == instance.is_null() in wasm-module.cc
  v8::internal::wasm::SyncCompileAndInstantiate
  v8::internal::wasm::testing::CompileAndRunWasmModule
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=478667:478736
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=483373:483549

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5422350588968960


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/570b9f374c3088326ea7b48b28d3c1576839245b

commit 570b9f374c3088326ea7b48b28d3c1576839245b
Author: Dirk Pranke <dpranke@chromium.org>
Date: Wed Oct 04 16:53:26 2017

Stop expecting 10.9 builds for the layout tests.

We are dropping layout test support on 10.9; the first step is to
stop expecting the bots to be running and generating baselines.

R=qyearsley@chromium.org
BUG= 736256 

Change-Id: I2d5c647cfb2d68df3bf2d078332c504cfccfa8d7
Reviewed-on: https://chromium-review.googlesource.com/699559
Reviewed-by: Quinten Yearsley <qyearsley@chromium.org>
Commit-Queue: Dirk Pranke <dpranke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#506417}
[modify] https://crrev.com/570b9f374c3088326ea7b48b28d3c1576839245b/third_party/WebKit/Tools/Scripts/webkitpy/common/config/builders.json

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6e964e4156ff376a04c399113cf07d340c2e4e0e

commit 6e964e4156ff376a04c399113cf07d340c2e4e0e
Author: Dirk Pranke <dpranke@chromium.org>
Date: Thu Oct 05 21:06:13 2017

Revert "Stop expecting 10.9 builds for the layout tests."

This reverts commit 570b9f374c3088326ea7b48b28d3c1576839245b.

Reason for revert: Turns out we weren't ready for this yet.

Original change's description:
> Stop expecting 10.9 builds for the layout tests.
> 
> We are dropping layout test support on 10.9; the first step is to
> stop expecting the bots to be running and generating baselines.
> 
> R=​qyearsley@chromium.org
> BUG= 736256 
> 
> Change-Id: I2d5c647cfb2d68df3bf2d078332c504cfccfa8d7
> Reviewed-on: https://chromium-review.googlesource.com/699559
> Reviewed-by: Quinten Yearsley <qyearsley@chromium.org>
> Commit-Queue: Dirk Pranke <dpranke@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#506417}

TBR=qyearsley@chromium.org,dpranke@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug:  736256 
Change-Id: I9633bbe19af74e9a7ba54cfa52f89baa82fcde47
Reviewed-on: https://chromium-review.googlesource.com/703375
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Commit-Queue: Dirk Pranke <dpranke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#506856}
[modify] https://crrev.com/6e964e4156ff376a04c399113cf07d340c2e4e0e/third_party/WebKit/Tools/Scripts/webkitpy/common/config/builders.json