tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

ion-bug1641973.js (445B)

      1 // |jit-test| skip-if: !wasmSimdEnabled()
      2 
      3 // Fuzz test case.  The initial unreachable will result in the subsequent
      4 // i8x16.shuffle popping null pointers off the value stack.  Due to a missing
      5 // isDeadCode() check in WasmIonCompile.cpp the compiler would dereference those
      6 // null pointers.
      7 new WebAssembly.Module(wasmTextToBinary(`
      8 (module
      9  (func (result v128)
     10    (unreachable)
     11    (i8x16.shuffle 0 0 23 0 4 4 4 4 4 16 1 0 4 4 4 4)))
     12 `))