DCHECK failure in (pointer_) != nullptr in utils.h |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5858856354447360 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8_dbg Platform Id: windows Crash Type: DCHECK failure Crash Address: Crash State: (pointer_) != nullptr in utils.h v8::platform::PrintStackTrace v8::internal::compiler::SimplifiedLowering::ToNumericCode Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=windows_asan_d8_dbg&range=55529:55530 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5858856354447360 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for more information.
,
Aug 31
,
Aug 31
,
Aug 31
,
Aug 31
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/b1bd6beb4e6cb8f1cc8fb8f4fc6e32a9382561ac commit b1bd6beb4e6cb8f1cc8fb8f4fc6e32a9382561ac Author: Benedikt Meurer <bmeurer@chromium.org> Date: Fri Aug 31 14:58:25 2018 [turbofan] Fix typo flushed out by recent CL. Bug: chromium:879560 Change-Id: Ia2d2699851358641d50f9997875810f8cb1100ff Reviewed-on: https://chromium-review.googlesource.com/1199742 Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55553} [modify] https://crrev.com/b1bd6beb4e6cb8f1cc8fb8f4fc6e32a9382561ac/src/compiler/simplified-lowering.cc [add] https://crrev.com/b1bd6beb4e6cb8f1cc8fb8f4fc6e32a9382561ac/test/mjsunit/regress/regress-crbug-879560.js
,
Aug 31
bmeurer - For completeness, what happens on a release build where there is no DCHECK()? Do we hit some other memory issue later on, or is it just an incorrect DCHECK()? If its the later, we can move this out of the security bug category.
,
Aug 31
It'll just crash due to dereferencing a nullptr.
,
Sep 1
ClusterFuzz has detected this issue as fixed in range 55552:55553. Detailed report: https://clusterfuzz.com/testcase?key=5858856354447360 Fuzzer: mbarbella_js_mutation Job Type: windows_asan_d8_dbg Platform Id: windows Crash Type: DCHECK failure Crash Address: Crash State: (pointer_) != nullptr in utils.h v8::platform::PrintStackTrace v8::internal::compiler::SimplifiedLowering::ToNumericCode Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=windows_asan_d8_dbg&range=55529:55530 Fixed: https://clusterfuzz.com/revisions?job=windows_asan_d8_dbg&range=55552:55553 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5858856354447360 See https://github.com/google/clusterfuzz-tools for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Sep 1
ClusterFuzz testcase 5858856354447360 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Aug 31Owner: bmeu...@chromium.org
Status: Assigned (was: Untriaged)