Issue metadata
Sign in to add a comment
|
Unreachable code in instruction-selector.cc |
||||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6314220908707840 Fuzzer: binaryen_wasm_fuzzer Job Type: linux_asan_d8_v8_arm_dbg Platform Id: linux Crash Type: Unreachable code Crash Address: Crash State: instruction-selector.cc v8::internal::compiler::InstructionSelector::VisitWord64AtomicLoad v8::internal::compiler::InstructionSelector::VisitNode v8::internal::compiler::InstructionSelector::VisitBlock Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=52252:52253 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6314220908707840 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Jun 16 2018
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Jun 16 2018
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/8d29d92f4de952228af5a37b4603640b248bd576 ([wasm] Add I64Atomic Load/Store ops). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Jun 17 2018
The binaryen fuzzer enables atomic opcodes by default, which is behind a flag in Chrome. Updating this issue with the tracking bug for Atomics in V8.
,
Jun 22 2018
After triage, please leave a comment on if the bug can have security implications.
,
Jun 22 2018
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by infe...@chromium.org
, Jun 16 2018Components: Blink>JavaScript>WebAssembly