New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 862092 link

Starred by 1 user
Status: WontFix
Owner:
littledan@chromium.org
Last visit > 30 days ago
Closed: Jul 10
Cc:
gsat...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug-Security



Sign in to add a comment

Leaked internal type in Object['__defineSetter__']

Project Member Reported by ClusterFuzz, Jul 10 
Detailed report: https://clusterfuzz.com/testcase?key=5368441142509568

Fuzzer: ochang_js_fuzzer
Job Type: linux_asan_d8_dbg
Platform Id: linux

Crash Type: Leaked internal type
Crash Address: 
Crash State:
  Object['__defineSetter__']
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_dbg&range=33132:33133

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5368441142509568

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
Project Member

Comment 1 by ClusterFuzz, Jul 10

Labels: Test-Predator-Auto-Owner
Owner: littledan@chromium.org
Status: Assigned (was: Untriaged)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/fcff8588a5a01587643d6c2507c7b882c78a2957 (Ship ES2015 sloppy-mode function hoisting, let, class).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Comment 2 by littledan@chromium.org, Jul 10

Cc: gsat...@chromium.org
I'm confused by this report. The crash report seems to be based on parsing an error message, but the test case directly throws this error. The test case consists of the following:

class Binary extends Array {
}
throw Error("Leaked instance of internal type via: Object['__defineSetter__']");

I'd guess that this is not an error, but instead an artifact of the infrastructure. cc'ing Sathya to confirm.

Comment 3 by gsat...@chromium.org, Jul 10 

I agree with your analysis, Dan. This is not an error.
Project Member

Comment 4 by sheriffbot@chromium.org, Jul 10

Labels: Pri-1

Comment 5 by infe...@chromium.org, Jul 10

Status: WontFix (was: Assigned)
Filed https://bugs.chromium.org/p/chromium/issues/detail?id=862218 for fixing our parsing logic.
Project Member

Comment 6 by ClusterFuzz, Jul 11

Labels: -Reproducible Unreproducible
ClusterFuzz testcase 5368441142509568 appears to be flaky, updating reproducibility label.
Project Member

Comment 7 by sheriffbot@chromium.org, Oct 17

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment