The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/e2bf6191272b21c519eede5f3c174ca2707c1aad

commit e2bf6191272b21c519eede5f3c174ca2707c1aad
Author: Igor Sheludko <ishell@chromium.org>
Date: Tue Jul 11 07:33:33 2017

[parser] Fix spread properties parsing.

Bug:  chromium:734395 
Change-Id: Ieb45948f6efd2ccecd3d1ed761eb9e4614903480
Reviewed-on: https://chromium-review.googlesource.com/563661
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46546}
[modify] https://crrev.com/e2bf6191272b21c519eede5f3c174ca2707c1aad/src/parsing/parser-base.h
[modify] https://crrev.com/e2bf6191272b21c519eede5f3c174ca2707c1aad/test/cctest/test-parsing.cc

ClusterFuzz has detected this issue as fixed in range 485579:485627.

Detailed report: https://clusterfuzz.com/testcase?key=5688921332908032

Fuzzer: libFuzzer_v8_script_parser_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  !is_get && !is_set && !is_generator && !is_async && !*is_computed_name in parser
  v8::internal::ParserBase<v8::internal::PreParser>::ParseObjectPropertyDefinition
  v8::internal::ParserBase<v8::internal::PreParser>::ParseObjectLiteral
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=466885:466900
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=485579:485627

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5688921332908032


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.