Issue metadata
Sign in to add a comment
|
CHECK failure: (owning_instance) != nullptr in runtime-wasm.cc |
||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5838357262499840 Fuzzer: inferno_js_fuzzer Job Type: linux_ubsan_vptr_d8 Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: (owning_instance) != nullptr in runtime-wasm.cc Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=485247:485265 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5838357262499840 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jul 25 2017
This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it. If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 25 2017
,
Jul 25 2017
,
Jul 25 2017
Local bisect points to 17001a05c8ca848b75f3c667192bcf99bdcd42fd ([wasm] Introduce instance types for WebAssembly.* objects). But it seems to be fixed since 57b9a3b142f221aa5454bb6a30361c2caf68a4c5 ([wasm] Fix user properties for exported wasm functions and add extensive tests). Keeping this open until ClusterFuzz confirms the fix. Probably delayed due to branch cut and closed roller.
,
Jul 25 2017
Just seeing: "Last run with revision 488740", which is the version from last Friday. Should be confirmed as fixed tomorrow.
,
Jul 26 2017
,
Jul 26 2017
ClusterFuzz has detected this issue as fixed in range 488740:489609. Detailed report: https://clusterfuzz.com/testcase?key=5838357262499840 Fuzzer: inferno_js_fuzzer Job Type: linux_ubsan_vptr_d8 Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: (owning_instance) != nullptr in runtime-wasm.cc Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=485247:485265 Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_d8&range=488740:489609 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5838357262499840 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 26 2017
ClusterFuzz testcase 5838357262499840 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Aug 1 2017
Hi clemensh@ - looks like the fix range is in 62, is there anything identified we could merge to 61?
,
Aug 2 2017
,
Aug 8 2017
,
Nov 1 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sheriffbot@chromium.org
, Jul 25 2017