Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/v8/v8/+/22932d6b43e9df81c29116f9e4ff1c1e36a0aaa3 (Reland "[runtime] Slightly optimize creation of class literals.").

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

ClusterFuzz has detected this issue as fixed in range 49302:49303.

Detailed report: https://clusterfuzz.com/testcase?key=6183950031781888

Fuzzer: mbarbella_js_mutation
Job Type: linux_asan_d8_dbg
Platform Id: linux

Crash Type: DCHECK failure
Crash Address: 
Crash State:
  kSmi == type() in ast.cc
  v8::internal::Literal::AsArrayIndex
  v8::internal::ClassBoilerplate::BuildClassBoilerplate
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_d8_dbg&range=49290:49291
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_d8_dbg&range=49302:49303

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6183950031781888

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6183950031781888 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Re-opening since this likely needs to be fixed as part of relanding.

I already addressed this and other two CF issues in the reland: https://chromium-review.googlesource.com/c/v8/v8/+/764067

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/cc9e77abe8497578a967259f643dcfb12e134fdb

commit cc9e77abe8497578a967259f643dcfb12e134fdb
Author: Igor Sheludko <ishell@chromium.org>
Date: Fri Nov 17 18:15:34 2017

Reland^2 "[runtime] Slightly optimize creation of class literals."

This CL also includes fixes for CF issues found while the previous
reland was active.

Bug:  v8:5799 ,  chromium:783902 ,  chromium:783926 ,  chromium:783822 
Change-Id: I1f7d9b037d90838469c45f5d72771a77444c662e
Reviewed-on: https://chromium-review.googlesource.com/764067
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49457}
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/BUILD.gn
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/ast/ast.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/ast/ast.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/compiler/code-assembler.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/factory.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/heap/heap.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/interpreter/bytecode-generator.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/interpreter/bytecode-generator.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects-inl.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects-printer.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects/dictionary.h
[add] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects/literal-objects-inl.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects/literal-objects.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects/literal-objects.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/objects/shared-function-info.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/runtime/runtime-classes.cc
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/runtime/runtime.h
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/src/v8.gyp
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/cctest/interpreter/bytecode_expectations/ClassDeclarations.golden
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/cctest/interpreter/bytecode_expectations/Modules.golden
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/cctest/interpreter/bytecode_expectations/NewAndSpread.golden
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/mjsunit/es6/class-computed-property-names-super.js
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/mjsunit/es6/classes.js
[add] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/test/mjsunit/regress/regress-crbug-783902.js
[modify] https://crrev.com/cc9e77abe8497578a967259f643dcfb12e134fdb/tools/v8heapconst.py

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot