Issue metadata
Sign in to add a comment
|
Breakpoint in v8::internal::Invoke |
||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4996426806591488 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8_dbg Platform Id: windows Crash Type: Breakpoint Crash Address: 0xb39f53c0 Crash State: v8::internal::Invoke v8::internal::CallInternal v8::internal::Execution::Call Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4996426806591488 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Nov 27 2017
,
Nov 29 2017
ClusterFuzz has detected this issue as fixed in range 49666:49667. Detailed report: https://clusterfuzz.com/testcase?key=4996426806591488 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8_dbg Platform Id: windows Crash Type: Breakpoint Crash Address: 0xb39f53c0 Crash State: v8::internal::Invoke v8::internal::CallInternal v8::internal::Execution::Call Sanitizer: address (ASAN) Fixed: https://clusterfuzz.com/revisions?job=windows_asan_d8_dbg&range=49666:49667 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4996426806591488 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by titzer@chromium.org
, Nov 22 2017Status: Assigned (was: Untriaged)
This looks like a TurboFan issue. The testcase is this: var __v_1 = ""; __v_5 = 0x1000000; for (var __v_3 = 0; __v_3 <= __v_5; __v_3++) { -__v_1 / -13; } And the crash does not occur with --turbo-filter=x. Assigning jarin@ to take a look.