V8 correctness failure in configs: x64,ignition:x64,slow_path |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5650236345942016 Fuzzer: foozzie_js_mutation Job Type: v8_foozzie Platform Id: linux Crash Type: V8 correctness failure Crash Address: Crash State: configs: x64,ignition:x64,slow_path sources: 980 Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=v8_foozzie&range=53480:53481 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5650236345942016 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jun 4 2018
Issue 849334 has been merged into this issue.
,
Jun 4 2018
PTAL Simon. Formally assigning to Jakob.
,
Jun 5 2018
ClusterFuzz testcase 4649568021774336 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Jun 5 2018
What, why? The issue is not even detected as fixed and still valid. Will file a separate bug for this.
,
Jun 5 2018
,
Jun 5 2018
Filed https://crbug.com/849580 for that problem.
,
Jun 5 2018
Hmm, alright. I saw the CL was reverted and the duplicate bug is also set to fixed. The one associated with this one is not yet detected as fixed, but I assume it will so soon.
,
Jun 5 2018
ClusterFuzz has detected this issue as fixed in range 53493:53494. Detailed report: https://clusterfuzz.com/testcase?key=5650236345942016 Fuzzer: foozzie_js_mutation Job Type: v8_foozzie Platform Id: linux Crash Type: V8 correctness failure Crash Address: Crash State: configs: x64,ignition:x64,slow_path sources: 980 Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=v8_foozzie&range=53480:53481 Fixed: https://clusterfuzz.com/revisions?job=v8_foozzie&range=53493:53494 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5650236345942016 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 5 2018
Seems to have detected it now. Please consider this bug when relanding.
,
Jun 5 2018
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/aff803454745935ba7843257fcf10dce41dc33b1 commit aff803454745935ba7843257fcf10dce41dc33b1 Author: Simon Zünd <szuend@google.com> Date: Tue Jun 05 08:33:18 2018 Reland "[array] Implement Array.p.sort in Torque" This is a reland of df1676e61619d053e232413e917328cd994dd516 Original change's description: > [array] Implement Array.p.sort in Torque > > This CL implements a generic baseline version and 3 fastpaths, for > various elements kinds, of Array.p.sort in Torque. Details can be found > in the Design Doc: https://goo.gl/Ge321G. > > Performance impact on micro benchmarks depends on the element kind > and whether the user provides a comparison function. > For HoleySmi/HoleyElement we have a speedup between 1.5-1.8 across > the board. For Dictionary we are slower in all micro benchmarks (0.7). > For PackedSmi it depends on the call site and whether or not a > comparison function is used. > > Detailed numbers: https://goo.gl/mTyPSb > > Bug: v8:7382 > Change-Id: I50acabd2032af0bc01d36b0de0f555d66be56a7e > Reviewed-on: https://chromium-review.googlesource.com/1061523 > Commit-Queue: Simon Zünd <szuend@google.com> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#53481} Bug: v8:7382, v8:7806 , chromium:849293 Change-Id: I176cb660d92eb174bd91685cb0a39f50c4cbaa69 Reviewed-on: https://chromium-review.googlesource.com/1086827 Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#53511} [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/bootstrapper.cc [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/builtins/array.tq [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/builtins/base.tq [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/builtins/builtins-typed-array-gen.cc [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/builtins/builtins-typed-array-gen.h [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/builtins/typed-array.tq [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/code-stub-assembler.cc [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/code-stub-assembler.h [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/debug/debug-evaluate.cc [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/src/js/array.js [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/test/cctest/test-serialize.cc [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/test/message/fail/non-alphanum.out [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/test/mjsunit/mjsunit.status [modify] https://crrev.com/aff803454745935ba7843257fcf10dce41dc33b1/test/mjsunit/stack-traces-2.js
,
Jun 7 2018
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/8fcd3f8f4d8524991c2f8f3ed685d035bf54df89 commit 8fcd3f8f4d8524991c2f8f3ed685d035bf54df89 Author: Junliang Yan <jyan@ca.ibm.com> Date: Thu Jun 07 14:48:34 2018 PPC/s390: skip regress-2185 on ppc and s390 R=szuend@google.com, cbruni@chromium.org, jgruber@chromium.org Bug: v8:7382, v8:7806 , chromium:849293 Change-Id: I95874713038d14fa6ae294a23679dfaff70c65ba Reviewed-on: https://chromium-review.googlesource.com/1089141 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#53585} [modify] https://crrev.com/8fcd3f8f4d8524991c2f8f3ed685d035bf54df89/test/mjsunit/mjsunit.status |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Jun 4 2018Labels: Test-Predator-Auto-CC