New issue
Advanced search Search tips

Issue 794360 link

Starred by 2 users
Status: Available
Owner: ----
Cc:
machenb...@chromium.org
mstarzinger@chromium.org
clemensh@chromium.org
bmeu...@chromium.org
jarin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

V8 correctness failure in configs: x64,ignition:x64,ignition_turbo

Project Member Reported by ClusterFuzz, Dec 12 2017 
Detailed report: https://clusterfuzz.com/testcase?key=5109413739495424

Fuzzer: foozzie_js_mutation
Job Type: v8_foozzie
Platform Id: linux

Crash Type: V8 correctness failure
Crash Address: 
Crash State:
  configs: x64,ignition:x64,ignition_turbo
  sources: a1d
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=v8_foozzie&range=43348:43349

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5109413739495424

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
Project Member

Comment 1 by ClusterFuzz, Dec 13 2017

Labels: Test-Predator-Auto-Owner
Owner: machenb...@chromium.org
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/a49ff6abb76370114106ca3516850496c96e9c73 ([foozzie] Add better default configs for correctness fuzzing).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

Comment 2 by machenb...@chromium.org, Dec 13 2017

Components: -Blink>JavaScript Blink>JavaScript>Compiler
Labels: -Pri-1 Test-Predator-Wrong-CLs Pri-2
Owner: ----
Status: Available (was: Assigned)
Error message difference between turbo and ignition. Goes back too far in time... dropping this on compiler triage queue.

Comment 3 by bmeu...@chromium.org, Dec 13 2017

Cc: mstarzinger@chromium.org
This is

  Caught: __v_2.apply is not a function

versus

  Caught: Function.prototype.apply was called on #<Object>, which is a object and not a function

This seems to be the CallWithArrayLike vs. CallForwardVarargs problem. The latter we also use for spread calls, so it's not as easy as just having a different exception there.

Comment 4 by clemensh@chromium.org, Mar 21 2018 

 Issue 799116  has been merged into this issue.

Comment 5 by clemensh@chromium.org, Apr 5 2018

Cc: clemensh@chromium.org
 Issue 829202  has been merged into this issue.

Comment 6 by machenb...@chromium.org, May 15 2018

Cc: machenb...@chromium.org
 Issue 841155  has been merged into this issue.

Comment 7 by clemensh@chromium.org, May 15 2018

Cc: -clemensh@chromium.org

Comment 8 by clemensh@chromium.org, Jul 18

Cc: clemensh@chromium.org
 Issue 864899  has been merged into this issue.
Project Member

Comment 9 by ClusterFuzz, Jul 20

Labels: ClusterFuzz-Verified
Status: Verified (was: Available)
ClusterFuzz testcase 5072932293050368 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Comment 10 by clemensh@chromium.org, Jul 20

Labels: -ClusterFuzz-Verified ClusterFuzz-Wrong
Status: Available (was: Verified)
Nah, not fixed, just the foozzie config changed. Reopening.

Sign in to add a comment