CHECK failure: VerifySubRange<T>(buffer.get(), byte_offset, length) in TypedArrayBase.h |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5739191607230464 Fuzzer: inferno_twister Job Type: windows_asan_chrome_no_sandbox Platform Id: windows Crash Type: CHECK failure Crash Address: Crash State: VerifySubRange<T>(buffer.get(), byte_offset, length) in TypedArrayBase.h blink::DOMTypedArray<WTF::Int32Array,v8::Int32Array>::Create blink::V8Int32Array::ToImpl Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5739191607230464 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Mar 6 2018
Unable to find actual suspect trough code search and observing no regression range under fixed revision range. This issue looks similar to bug 715380 , hence cc'ing to yutak@ for more updates on this issue. Thanks!
,
Mar 6 2018
This should have very limited impact on ordinary environments.
,
Mar 11 2018
,
Nov 3
ClusterFuzz testcase 5739191607230464 appears to be flaky, updating reproducibility label.
,
Nov 3
ClusterFuzz testcase 5739191607230464 is flaky and no longer crashes, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by dtapu...@chromium.org
, Mar 5 2018