Issue 916926 link

Starred by 1 user

Issue metadata

Status:	Verified
Owner:	clemensh@chromium.org
Closed:	Dec 22
Cc:	george.w...@arm.com adamk@chromium.org titzer@chromium.org dschuff@chromium.org
Components:	Blink>JavaScript>WebAssembly
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	1
Type:	Bug
Reproducible Stability-Memory-AddressSanitizer Clusterfuzz ClusterFuzz-Verified Test-Predator-Auto-CC

DCHECK failure in *available != 0 in assembler-arm.cc

Project Member Reported by ClusterFuzz, Dec 20

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=6223062737092608

Fuzzer: binaryen_wasm_fuzzer
Job Type: linux_asan_d8_v8_arm_dbg
Platform Id: linux

Crash Type: DCHECK failure
Crash Address: 
Crash State:
  *available != 0 in assembler-arm.cc
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=57901:57902

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6223062737092608

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

Project Member

Comment 1 by ClusterFuzz, Dec 20

Cc: george.w...@arm.com
Labels: Test-Predator-Auto-CC

Automatically adding ccs based on suspected regression changelists:

[liftoff][arm] Support the use of f32 values by george.wort@arm.com - https://chromium.googlesource.com/v8/v8/+/df10611432d2438aed8f8a36150a69aece235133

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.

Comment 2 by clemensh@chromium.org, Dec 20

Components: -Blink>JavaScript Blink>JavaScript>WebAssembly
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam -Security_Severity-High Pri-1 Type-Bug
Owner: clemensh@chromium.org
Status: Assigned (was: Untriaged)

No security implications, since Liftoff is disable on arm.

Project Member

Comment 3 by ClusterFuzz, Dec 22

ClusterFuzz has detected this issue as fixed in range 58441:58442.

Detailed report: https://clusterfuzz.com/testcase?key=6223062737092608

Fuzzer: binaryen_wasm_fuzzer
Job Type: linux_asan_d8_v8_arm_dbg
Platform Id: linux

Crash Type: DCHECK failure
Crash Address: 
Crash State:
  *available != 0 in assembler-arm.cc
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=57901:57902
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_d8_v8_arm_dbg&range=58441:58442

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6223062737092608

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Project Member

Comment 4 by ClusterFuzz, Dec 22

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)

ClusterFuzz testcase 6223062737092608 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

►

Issue 916926 link

Issue metadata

DCHECK failure in *available != 0 in assembler-arm.cc

Issue description

Comment 1 by ClusterFuzz, Dec 20

Comment 1 Deleted

Comment 2 by clemensh@chromium.org, Dec 20

Comment 2 Deleted

Comment 3 by ClusterFuzz, Dec 22

Comment 3 Deleted

Comment 4 by ClusterFuzz, Dec 22

Comment 4 Deleted

Sign in to add a comment