src/runtime/runtime-typedarray.cc - Issue 1174753002: Fix cluster-fuzz bug introduced in refs/heads/master@{#28796}.

Side by Side Diff: src/runtime/runtime-typedarray.cc

Issue 1174753002: Fix cluster-fuzz bug introduced in refs/heads/master@{#28796}. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master

Patch Set: nicer test Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-498142.js » ('j') | no next file with comments »

OLD	NEW
1 // Copyright 2014 the V8 project authors. All rights reserved.	1 // Copyright 2014 the V8 project authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "src/v8.h"	5 #include "src/v8.h"

6	6

7 #include "src/arguments.h"	7 #include "src/arguments.h"

8 #include "src/messages.h"	8 #include "src/messages.h"

9 #include "src/runtime/runtime.h"	9 #include "src/runtime/runtime.h"

10 #include "src/runtime/runtime-utils.h"	10 #include "src/runtime/runtime-utils.h"

(...skipping 126 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
137	137

138 RUNTIME_FUNCTION(Runtime_ArrayBufferNeuter) {	138 RUNTIME_FUNCTION(Runtime_ArrayBufferNeuter) {

139 HandleScope scope(isolate);	139 HandleScope scope(isolate);

140 DCHECK(args.length() == 1);	140 DCHECK(args.length() == 1);

141 CONVERT_ARG_HANDLE_CHECKED(JSArrayBuffer, array_buffer, 0);	141 CONVERT_ARG_HANDLE_CHECKED(JSArrayBuffer, array_buffer, 0);

142 if (array_buffer->backing_store() == NULL) {	142 if (array_buffer->backing_store() == NULL) {

143 CHECK(Smi::FromInt(0) == array_buffer->byte_length());	143 CHECK(Smi::FromInt(0) == array_buffer->byte_length());

144 return isolate->heap()->undefined_value();	144 return isolate->heap()->undefined_value();

145 }	145 }

146 // Shared array buffers should never be neutered.	146 // Shared array buffers should never be neutered.

147 DCHECK(!array_buffer->is_shared());	147 RUNTIME_ASSERT(!array_buffer->is_shared());

148 DCHECK(!array_buffer->is_external());	148 DCHECK(!array_buffer->is_external());

149 void* backing_store = array_buffer->backing_store();	149 void* backing_store = array_buffer->backing_store();

150 size_t byte_length = NumberToSize(isolate, array_buffer->byte_length());	150 size_t byte_length = NumberToSize(isolate, array_buffer->byte_length());

151 array_buffer->set_is_external(true);	151 array_buffer->set_is_external(true);

152 Runtime::NeuterArrayBuffer(array_buffer);	152 Runtime::NeuterArrayBuffer(array_buffer);

153 isolate->heap()->UnregisterArrayBuffer(backing_store);	153 isolate->heap()->UnregisterArrayBuffer(backing_store);

154 isolate->array_buffer_allocator()->Free(backing_store, byte_length);	154 isolate->array_buffer_allocator()->Free(backing_store, byte_length);

155 return isolate->heap()->undefined_value();	155 return isolate->heap()->undefined_value();

156 }	156 }

157	157

(...skipping 589 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
747 DATA_VIEW_SETTER(Uint16, uint16_t)	747 DATA_VIEW_SETTER(Uint16, uint16_t)

748 DATA_VIEW_SETTER(Int16, int16_t)	748 DATA_VIEW_SETTER(Int16, int16_t)

749 DATA_VIEW_SETTER(Uint32, uint32_t)	749 DATA_VIEW_SETTER(Uint32, uint32_t)

750 DATA_VIEW_SETTER(Int32, int32_t)	750 DATA_VIEW_SETTER(Int32, int32_t)

751 DATA_VIEW_SETTER(Float32, float)	751 DATA_VIEW_SETTER(Float32, float)

752 DATA_VIEW_SETTER(Float64, double)	752 DATA_VIEW_SETTER(Float64, double)

753	753

754 #undef DATA_VIEW_SETTER	754 #undef DATA_VIEW_SETTER

755 } // namespace internal	755 } // namespace internal

756 } // namespace v8	756 } // namespace v8

OLD	NEW