Closed jkukucka closed 3 years ago
lauraharker
commented
3 years ago Simplified examples:
(() => JSCompiler_inline_anon_param_0 *= 19)
(this);or
(() => JSCompiler_inline_anon_param_1 *= 19)
(1, this);It looks like the issue is passing in a variable named JSCompiler_inline_anon_param_[0-9]* to the compiler, which collides with a synthetic variable generated by whatever pass inlines parameters.
lauraharker
commented
3 years ago Another example:
var JSCompiler_inline_anon_param_0 = 0;
(() => JSCompiler_inline_anon_param_0)(1); // evaluates to '0'is compiled to
1This may be a low priority if only reproducible by passing in a variable named JSCompiler_inline_anon_param_
lauraharker
commented
3 years ago From today's triage meeting: we're closing this since the solution is for user code to not name variables JSCompiler_inline_anon_param_[0-9]
This was found during fuzzing research.
Input for
$SIMPLE_OPTIMIZATIONSStracktrace:
Reproduce URL:
https://closure-compiler-debugger.appspot.com/#input0%3Dthrow%2520((z_0%252C%2520a_55)%2520%253D%253E%2520(new%2520(()%2520%253D%253E%2520(null))((c_ara)%252C(((234)%2520%252B%2520((948)%2520*%2520((()%2520%253D%253E%2520(!%2520((JSCompiler_inline_anon_param_3)%2520*%253D%2520(19))))(((()%2520%253D%253E%2520%257B%2520switch((~%2520(evae)))%2520%257Bcase%2520(goog%2524dom%2524TagName%2524aaazkpckd)%253A%2520%257B%2520%2520%257D%2520case%2520((declare)%2520%253D%2520(q_53))%253A%2520%257B%2520while%2520((z_0))%257B%2520%2520%257D%2520%257D%2520case%2520((-10).s_76)%253A%2520%257B%2520var%2520w_58%2520%257D%257D%253Bvar%2520q_53%2520%257D)%255B(function(goog%2524dom%2524TagName%2524s_30%252C%2520goog%2524dom%2524TagName%2524s_12t_08)%257B%2520var%2520goog%2524dom%2524TagName%2524%2524superpmmespaceaa%2520%257D)%255D)%252C(false)%252C(__32)%252C(this)))))%2520!%253D%2520(a_77)))))%250A%26input1%26conformanceConfig%26externs%26refasterjs-template%26CHECK_TYPES%3Dtrue%26REWRITE_MODULES_BEFORE_TYPECHECKING%3Dtrue%26ALIAS_ALL_STRINGS%3Dtrue%26AMBIGUATE_PROPERTIES%3Dtrue%26COALESCE_VARIABLE_NAMES%3Dtrue%26COLLAPSE_VARIABLE_DECLARATIONS%3Dtrue%26COLLAPSE_ANONYMOUS_FUNCTIONS%3Dtrue%26COLLAPSE_PROPERTIES%3Dtrue%26COLLAPSE_OBJECT_LITERALS%3Dtrue%26COMPUTE_FUNCTION_SIDE_EFFECTS%3Dtrue%26CONVERT_TO_DOTTED_PROPERTIES%3Dtrue%26CROSS_CHUNK_CODE_MOTION%3Dtrue%26CROSS_CHUNK_METHOD_MOTION%3Dtrue%26DEAD_ASSIGNMENT_ELIMINATION%3Dtrue%26DEVIRTUALIZE_METHODS%3Dtrue%26DISAMBIGUATE_PROPERTIES%3Dtrue%26EXTRACT_PROTOTYPE_MEMBER_DECLARATIONS%3Dtrue%26FOLD_CONSTANTS%3Dtrue%26INLINE_CONSTANTS%3Dtrue%26INLINE_FUNCTIONS%3Dtrue%26INLINE_PROPERTIES%3Dtrue%26INLINE_VARIABLES%3Dtrue%26LABEL_RENAMING%3Dtrue%26OPTIMIZE_CALLS%3Dtrue%26OPTIMIZE_CONSTRUCTORS%3Dtrue%26OPTIMIZE_ARGUMENTS_ARRAY%3Dtrue%26REMOVE_ABSTRACT_METHODS%3Dtrue%26REMOVE_DEAD_CODE%3Dtrue%26REMOVE_UNUSED_CLASS_PROPERTIES%3Dtrue%26REMOVE_UNUSED_PROTOTYPE_PROPERTIES%3Dtrue%26REMOVE_UNUSED_VARIABLES%3Dtrue%26REWRITE_FUNCTION_EXPRESSIONS%3Dtrue%26SMART_NAME_REMOVAL%3Dtrue%26USE_TYPES_FOR_LOCAL_OPTIMIZATION%3Dtrue%26VARIABLE_RENAMING%3Dtrue%26PROPERTY_RENAMING%3Dtrue%26MOVE_FUNCTION_DECLARATIONS%3Dtrue%26SYNTHETIC_BLOCK_MARKER%3Dtrue%26CLOSURE_PASS%3Dtrue%26PRESERVE_TYPE_ANNOTATIONS%3Dtrue%26PRETTY_PRINT%3Dtrue