New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 784991 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 784990
Owner:
Closed: Nov 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac , Fuchsia
Pri: 1
Type: Bug-Security



Sign in to add a comment

DCHECK failure in nod == removed_holes_index in objects.cc

Project Member Reported by ClusterFuzz, Nov 14 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=6041647363391488

Fuzzer: ochang_js_fuzzer
Job Type: linux_asan_d8_v8_mipsel_dbg
Platform Id: linux

Crash Type: DCHECK failure
Crash Address: 
Crash State:
  nod == removed_holes_index in objects.cc
  V8_Dcheck
  v8::internal::OrderedHashTable<v8::internal::OrderedHashSet, 1>::Rehash
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_mipsel_dbg&range=49342:49343

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6041647363391488

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
 
Project Member

Comment 1 by ClusterFuzz, Nov 14 2017

Labels: Test-Predator-Auto-Owner
Owner: peter.wm...@gmail.com
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/c5c50e18600db409d13efff6a33ae65062de4fe1 ([builtins] Port WeakMap/WeakSet constructor to CSA).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.
Project Member

Comment 2 by sheriffbot@chromium.org, Nov 15 2017

Labels: Pri-1

Comment 4 by mmoroz@chromium.org, Nov 15 2017

Labels: Security_Impact-Head M-64

Comment 5 by palmer@chromium.org, Nov 16 2017

Cc: titzer@chromium.org hpayer@chromium.org jgruber@chromium.org
Labels: OS-Android OS-Chrome OS-Fuchsia OS-Mac OS-Windows
Mergedinto: 784990
Status: Duplicate (was: Assigned)
Project Member

Comment 7 by ClusterFuzz, Nov 16 2017

ClusterFuzz has detected this issue as fixed in range 49396:49397.

Detailed report: https://clusterfuzz.com/testcase?key=6041647363391488

Fuzzer: ochang_js_fuzzer
Job Type: linux_asan_d8_v8_mipsel_dbg
Platform Id: linux

Crash Type: DCHECK failure
Crash Address: 
Crash State:
  nod == removed_holes_index in objects.cc
  V8_Dcheck
  v8::internal::OrderedHashTable<v8::internal::OrderedHashSet, 1>::Rehash
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_mipsel_dbg&range=49342:49343
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_mipsel_dbg&range=49396:49397

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6041647363391488

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
Project Member

Comment 8 by sheriffbot@chromium.org, Feb 24 2018

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment