CHECK failure: VerifySubRange<T>(buffer.get(), byte_offset, length) in typed_array_base.h |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5761755163394048 Fuzzer: inferno_twister Job Type: mac_asan_content_shell Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: VerifySubRange<T>(buffer.get(), byte_offset, length) in typed_array_base.h scoped_refptr<WTF::Int32Array> WTF::TypedArrayBase<int>::Create<WTF::Int32Array> blink::DOMTypedArray<WTF::Int32Array, v8::Int32Array>::Create Sanitizer: address (ASAN) Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5761755163394048 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Sep 11
,
Oct 18
It's still happening on Latest M70 Beta/Stable #70.0.3538.67. Could someone from blink team can take a look? Thank you!
,
Oct 25
I don't think this is DOM related, and the test seems to be invalid (creating a very large array)
,
Dec 13
ClusterFuzz has detected this issue as fixed in range 615880:615887. Detailed report: https://clusterfuzz.com/testcase?key=5761755163394048 Fuzzer: inferno_twister Job Type: mac_asan_content_shell Platform Id: mac Crash Type: CHECK failure Crash Address: Crash State: VerifySubRange<T>(buffer.get(), byte_offset, length) in typed_array_base.h scoped_refptr<WTF::Int32Array> WTF::TypedArrayBase<int>::Create<WTF::Int32Array> blink::DOMTypedArray<WTF::Int32Array, v8::Int32Array>::Create Sanitizer: address (ASAN) Fixed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=615880:615887 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5761755163394048 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
||||
►
Sign in to add a comment |
||||
Comment 1 by pnangunoori@chromium.org
, Aug 27Labels: M-69 Test-Predator-Wrong CF-NeedsTriage