Loading...

XML

Word

Printable

Type: Sub-task
Resolution: Fixed
Priority: P3
Fix Version/s: 8u60
Affects Version/s: 8u60
Component/s: core-libs
Labels:
None

Subcomponent:
jdk.nashorn
Resolved In Build:
b20
CPU:

generic
OS:

generic

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8081786	9	Hannes Wallnoefer	P3	Resolved	Fixed	b68
JDK-8085683	emb-9	Hannes Wallnoefer	P3	Resolved	Fixed	team
JDK-8129199	8u65	Hannes Wallnoefer	P3	Resolved	Fixed	b02
JDK-8138544	emb-8u65	Unassigned	P3	Resolved	Fixed	b02
JDK-8129724	emb-8u60	Hannes Wallnoefer	P3	Resolved	Fixed	b20

Needs warmup to manifest itself

function tryItOut(c) {
var f = tryCompiling(c);
if (f !== null && c.indexOf('infloop') === -1) {
   tryRunning(f);
}
}

function tryCompiling(c) {
try { return Function(c); } catch(e) { return null; }
}

function tryRunning(f) {
try {
   return f();
} catch (e) {
   if (e instanceof java.lang.Throwable) e.printStackTrace();
}
}

tryItOut("x = 1e-81;");
tryItOut("y = x;");
tryItOut("for(x in (((new Function).call)(true))){}");
tryItOut("(x.constructor = new (new Function)(y));");

java.lang.IllegalArgumentException: target and combiner types must match: (Object,Object)Object != (boolean)Object
   at java.lang.invoke.MethodHandleStatics.newIllegalArgumentException(MethodHandleStatics.java:109)
   at java.lang.invoke.MethodHandles.misMatchedTypes(MethodHandles.java:2775)
   at java.lang.invoke.MethodHandles.foldArguments(MethodHandles.java:2714)
   at jdk.nashorn.internal.lookup.MethodHandleFactory$StandardMethodHandleFunctionality.foldArguments(MethodHandleFactory.java:430)
   at jdk.nashorn.internal.runtime.CompiledFunction.createConstructorFromInvoker(CompiledFunction.java:265)
   at jdk.nashorn.internal.runtime.CompiledFunction.getConstructor(CompiledFunction.java:224)
   at jdk.nashorn.internal.runtime.CompiledFunction.access$300(CompiledFunction.java:61)
   at jdk.nashorn.internal.runtime.CompiledFunction$3.get(CompiledFunction.java:680)
   at jdk.nashorn.internal.runtime.CompiledFunction$3.get(CompiledFunction.java:677)
   at jdk.nashorn.internal.runtime.CompiledFunction.getValidOptimisticInvocation(CompiledFunction.java:606)
   ...

backported by

JDK-8081786 Fuzzing bug: MethodHandle bug (Object,Object) != (boolean)Object

Resolved

JDK-8085683 Fuzzing bug: MethodHandle bug (Object,Object) != (boolean)Object

Resolved

JDK-8129199 Fuzzing bug: MethodHandle bug (Object,Object) != (boolean)Object

Resolved

JDK-8129724 Fuzzing bug: MethodHandle bug (Object,Object) != (boolean)Object

Resolved

JDK-8138544 Fuzzing bug: MethodHandle bug (Object,Object) != (boolean)Object

Resolved

duplicates

JDK-8066219 Fuzzing bug: Cast bug Undefined->Number, requires warmup

Closed

is cloned by

JDK-8066221 Fuzzing bug: Assertion error related to bytecode slots

Resolved

(1 duplicates, 1 is cloned by)

Assignee:: Hannes Wallnoefer

Reporter:: Marcus Lagergren

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2014-12-01 00:27

Updated:: 2015-09-29 06:49

Resolved:: 2015-06-03 01:49

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates