RepresentationChangerError: node #96:Int64Constant of kRepWord64 (Internal) cann |
|||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5048595316736000 Fuzzer: mbarbella_js_mutation Job Type: linux_ubsan_vptr_d8 Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: RepresentationChangerError: node #96:Int64Constant of kRepWord64 (Internal) cann Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_vptr_d8&range=387407:387538 Minimized Testcase (0.38 Kb): Download: https://cluster-fuzz.appspot.com/download/AMIfv97-XeU4iceZI5LKb955GNK600c_Fc3iXJY_NU3oIjj7ArUQ2nbLCD3gyFLdZhNpfmvenyE7qGClEZPPShUKkvskj0c7N8NNFjl0Kne1nv7HbPgVwMzu_KIXv0AEi1jk5sLZ-Z1af0C6mrcx5Y2yDS4U5Auv3w var __v_12 = {}; (function __f_13() { })(); (function __f_3() { var __v_6 = 0; function __f_4() { } function __f_5(__v_2) { var __v_8 = __v_2 + 23 try { let __v_5 = __v_12 + 42; function __f_2() { return __v_8 + __v_7 } __f_4(); } catch(e) { __v_6 = __v_8; } return __v_8; } __f_5(); %OptimizeFunctionOnNextCall(__f_5); __f_5(); })(); Filer: pbommana See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 12 2016
Another --turbo-escape crasher. Still reproduces with --experimental-turbo-escape.
,
May 13 2016
Yup, I'll take that.
,
May 13 2016
This no longer reproduces after recent changes. But there are other such CF reports for such cases that still reproduce. My theory is that this one is about the code entry point in JSFunction objects that get escape analyzed. This is on my radar. Closing this one as per offline discussion with bmeurer@.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by pbomm...@chromium.org
, May 11 2016Components: Blink>JavaScript
Labels: M-52