This is mine. I'll take a look.

 Issue 714674  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/54818a635faba6ddc91122b8a73d02aabe243871

commit 54818a635faba6ddc91122b8a73d02aabe243871
Author: Michael Starzinger <mstarzinger@chromium.org>
Date: Tue Apr 25 12:58:26 2017

[asm.js] Fix failure propagation of heap access validation.

This fixes propagation of validation failures that happen during the
validation of a heap access expression in {ValidateHeapAccess}.

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-crbug-714971
BUG= chromium:714971 

Change-Id: I8f91ac1da34ae50fdde2938f61b6468cdac92b6e
Reviewed-on: https://chromium-review.googlesource.com/486801
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44851}
[modify] https://crrev.com/54818a635faba6ddc91122b8a73d02aabe243871/src/asmjs/asm-parser.cc
[add] https://crrev.com/54818a635faba6ddc91122b8a73d02aabe243871/test/mjsunit/regress/regress-crbug-714971.js

ClusterFuzz has detected this issue as fixed in range 44850:44851.

Detailed report: https://clusterfuzz.com/testcase?key=4826975832375296

Fuzzer: mbarbella_js_mutation
Job Type: linux_asan_d8_v8_arm64_dbg
Platform Id: linux

Crash Type: Unreachable code
Crash Address: 
Crash State:
  asm-types.cc
  
Sanitizer: address (ASAN)

Regressed: V8: 44083:44084
Fixed: V8: 44850:44851

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4826975832375296


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.