New issue
Advanced search Search tips

Issue 919306 link

Starred by 1 user
Status: Assigned
Owner:
peria@chromium.org
Cc:
kkaluri@chromium.org
lfg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Mac
Pri: 2
Type: Bug



Sign in to add a comment

CHECK failure: get_interface_object in v8_object_constructor.cc

Project Member Reported by ClusterFuzz, Jan 5 
Detailed report: https://clusterfuzz.com/testcase?key=5067968727482368

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_msan_content_shell_drt
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  get_interface_object in v8_object_constructor.cc
  blink::V8ObjectConstructor::CreateInterfaceObject
  blink::V8PerContextData::ConstructorForTypeSlowCase
  
Sanitizer: memory (MSAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5067968727482368

Issue filed automatically.

See https://www.chromium.org/developers/testing/memorysanitizer#TOC-Reproducing-ClusterFuzz-Bugs for instructions to reproduce this bug locally.
Project Member

Comment 1 by ClusterFuzz, Jan 5

Labels: OS-Mac

Comment 2 by kkaluri@chromium.org, Jan 7

Components: Blink>JavaScript

Comment 3 by mstarzinger@chromium.org, Jan 14

Components: -Blink>JavaScript Blink>Bindings
Not caused by V8. Seems to fire a CHECK in third_party/blink/renderer/platform/bindings/v8_object_constructor.cc#85, comment indicates that a failure could happen here, seems to be the handling of such failures is missing.

Comment 4 by kkaluri@chromium.org, Jan 17 (6 days ago)

Cc: kkaluri@chromium.org
Labels: M-72 Test-Predator-Wrong CF-NeedsTriage
Unable to provide possible suspect using Predator, CL and Code Search.
Could someone please look into the issue.

Thank You...

Comment 5 by peria@chromium.org, Yesterday (45 hours ago)

Owner: peria@chromium.org
Status: Assigned (was: Untriaged)

Comment 6 by peria@chromium.org, Today (4 hours ago)

Labels: -Pri-1 Pri-2

Sign in to add a comment