[llvm-bugs] Issue 65548 in oss-fuzz: llvm:llvm-opt-fuzzer--x86_64-simplifycfg: ASSERT: Ty->isSized() && "Cannot getTypeInfo() on a type that is unsized!"
ClusterFuzz-External via monorail via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Jan 4 20:58:23 PST 2024
Status: New
Owner: ----
CC: kcc at google.com, mascasa at google.com, igm... at gmail.com, sammccall at google.com, da... at adalogics.com, davg at google.com, mitchp at google.com, bigch... at gmail.com, eneyman at google.com, llvm-... at lists.llvm.org, jo... at devlieghere.com, jfb at chromium.org, v... at apple.com, mitch... at outlook.com, xpl... at gmail.com, akils... at apple.com
Labels: ClusterFuzz Stability-Memory-AddressSanitizer Unreproducible Engine-libfuzzer OS-Linux Proj-llvm Reported-2024-01-05
Type: Bug
New issue 65548 by ClusterFuzz-External: llvm:llvm-opt-fuzzer--x86_64-simplifycfg: ASSERT: Ty->isSized() && "Cannot getTypeInfo() on a type that is unsized!"
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65548
Detailed Report: https://oss-fuzz.com/testcase?key=5604708454563840
Project: llvm
Fuzzing Engine: libFuzzer
Fuzz Target: llvm-opt-fuzzer--x86_64-simplifycfg
Job Type: libfuzzer_asan_llvm
Platform Id: linux
Crash Type: ASSERT
Crash Address:
Crash State:
Ty->isSized() && "Cannot getTypeInfo() on a type that is unsized!"
llvm::DataLayout::getAlignment
llvm::LoadInst::LoadInst
Sanitizer: address (ASAN)
Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&revision=202401030605
Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5604708454563840
Issue filed automatically.
See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.
************************* UNREPRODUCIBLE *************************
Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days, we've been seeing this crash frequently.
It may be possible to reproduce by trying the following options:
- Run testcase multiple times for a longer duration.
- Run fuzzing without testcase argument to hit the same crash signature.
If it still does not reproduce, try a speculative fix based on the crash stacktrace and verify if it works by looking at the crash statistics in the report. We will auto-close the bug if the crash is not seen for 14 days.
******************************************************************
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any stable releases.
* add any other useful information.
This information can help downstream consumers.
If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Reply to this email to add a comment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20240104/c0ac75ff/attachment-0001.html>
More information about the llvm-bugs
mailing list