Summary: | Correctness issue in FTL JIT when handing access to arguments object | ||
---|---|---|---|
Product: | WebKit | Reporter: | Samuel Groß <saelo> |
Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
Status: | NEW --- | ||
Severity: | Normal | CC: | fpizlo, lukas.bernhard, mark.lam, saam, webkit-bug-importer, ysuzuki |
Priority: | P2 | Keywords: | InRadar |
Version: | WebKit Nightly Build | ||
Hardware: | Unspecified | ||
OS: | Unspecified |
Description
Samuel Groß
2020-05-14 08:59:32 PDT
Thanks for this report. Similar to https://bugs.webkit.org/show_bug.cgi?id=233682#c2 I regularly encounter this issue during differential fuzzing. Similar to 233682, could the engine emit some warning that a known correctness issue was exercised? Otherwise deduplicating this (known) issue from other, more relevant issues, becomes too time consuming. |