Issue metadata
Sign in to add a comment
|
Ill in v8::internal::compiler::Verifier::Visitor::Check |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4711625400254464 Fuzzer: binaryen_wasm_fuzzer Job Type: linux_asan_d8_v8_arm_dbg Platform Id: linux Crash Type: Ill Crash Address: 0xf2d9809c Crash State: v8::internal::compiler::Verifier::Visitor::Check v8::internal::compiler::Verifier::Run void v8::internal::compiler::PipelineImpl::Run<v8::internal::compiler::VerifyGra Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=51789:51790 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4711625400254464 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jun 16 2018
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Jun 16 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/41ceccc5dba1526deaf670da765de69d73495879 ([wasm] Add I64{Exchange, CompareExchange} ops for x64). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jun 22 2018
After triage, please leave a comment on if the bug can have security implications.
,
Jun 22 2018
This bug hits unimplemented code on ARM, and is behind a flag (--experimental-wasm-threads), this issue should resolve itself once the implementation of I64Atomics on Arm32 is complete - no security risk as the feature is gated by a flag.
,
Jun 26 2018
Issue 853547 has been merged into this issue.
,
Jul 20
This crash occurs very frequently on linux platform and is likely preventing the fuzzer binaryen_wasm_fuzzer from making much progress. Fixing this will allow more bugs to be found. Marking this bug as a blocker for next Beta release. If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.
,
Jul 20
Nah, release block is too much. Increasing priority though.
,
Sep 20
,
Sep 28
ClusterFuzz has detected this issue as fixed in range 56253:56254. Detailed report: https://clusterfuzz.com/testcase?key=4711625400254464 Fuzzer: binaryen_wasm_fuzzer Job Type: linux_asan_d8_v8_arm_dbg Platform Id: linux Crash Type: Ill Crash Address: 0xf2d9809c Crash State: v8::internal::compiler::Verifier::Visitor::Check v8::internal::compiler::Verifier::Run void v8::internal::compiler::PipelineImpl::Run<v8::internal::compiler::VerifyGra Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=51789:51790 Fixed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=56253:56254 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4711625400254464 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by infe...@chromium.org
, Jun 16 2018Components: Blink>JavaScript>WebAssembly