New issue
Advanced search Search tips

Issue 826589 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner:
Closed: Apr 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Ill in v8::internal::Runtime_DeserializeWasmModule

Project Member Reported by ClusterFuzz, Mar 28 2018

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5095749327781888

Fuzzer: ochang_js_fuzzer
Job Type: linux_cfi_d8
Platform Id: linux

Crash Type: Ill
Crash Address: 0x562f49cc0aa2
Crash State:
  v8::internal::Runtime_DeserializeWasmModule
  
Sanitizer: cfi (CFI)

Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_d8&range=51276:51277

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5095749327781888

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
 
Project Member

Comment 1 by ClusterFuzz, Mar 28 2018

Labels: Test-Predator-Auto-Owner
Owner: cbruni@chromium.org
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/52b3b491a55f5f3233ca78e0c22c37384b92670e ([errors] Use FATAL macro where possible).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
Cc: cbruni@chromium.org
Owner: ahaas@chromium.org
PTAL: Reproduces nicely in debug build.

Comment 3 by ahaas@chromium.org, Apr 4 2018

Status: WontFix (was: Assigned)
The fuzzer managed to call a test runtime function from within an eval-string with the wrong parameters.
Project Member

Comment 4 by ClusterFuzz, Apr 11 2018

Labels: Needs-Feedback
ClusterFuzz testcase 5095749327781888 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Comment 5 by ahaas@chromium.org, Apr 11 2018

Labels: ClusterFuzz-Ignore
Project Member

Comment 6 by ClusterFuzz, May 17 2018

ClusterFuzz has detected this issue as fixed in range 53203:53204.

Detailed report: https://clusterfuzz.com/testcase?key=5095749327781888

Fuzzer: ochang_js_fuzzer
Job Type: linux_cfi_d8
Platform Id: linux

Crash Type: Ill
Crash Address: 0x562f49cc0aa2
Crash State:
  v8::internal::Runtime_DeserializeWasmModule
  
Sanitizer: cfi (CFI)

Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_d8&range=51276:51277
Fixed: https://clusterfuzz.com/revisions?job=linux_cfi_d8&range=53203:53204

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5095749327781888

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Sign in to add a comment