Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(334)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1216853003: Fix cluster-fuzz found regression in d8 Workers (Closed)

Created:
5 years, 5 months ago by binji
Modified:
5 years, 5 months ago
Reviewers:
Michael Starzinger
CC:
v8-dev
Base URL:
https://chromium.googlesource.com/v8/v8.git@master
Target Ref:
refs/pending/heads/master
Project:
v8
Visibility:
Public.

Description

Fix cluster-fuzz found regression in d8 Workers v8::Internal::List will DCHECK when indexing out of the array, even if just to get the address, and the value is never used. So this construct will fail: memcpy(p, &data[0], length); When data is empty and length is 0. BUG=chromium:505778 R=mstarzinger@chromium.org LOG=n Committed: https://crrev.com/abaa094a2b1d9e2d49bf1a704d5ebd4675160ff8 Cr-Commit-Position: refs/heads/master@{#29388}

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+9 lines, -6 lines) Patch
M src/d8.cc View 1 chunk +4 lines, -2 lines 0 comments Download
A + test/mjsunit/regress/regress-crbug-505778.js View 1 chunk +5 lines, -4 lines 0 comments Download

Messages

Total messages: 5 (1 generated)
Michael Starzinger
LGTM.
5 years, 5 months ago (2015-06-30 16:46:08 UTC) #1
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1216853003/1
5 years, 5 months ago (2015-06-30 16:47:18 UTC) #3
commit-bot: I haz the power
Committed patchset #1 (id:1)
5 years, 5 months ago (2015-06-30 16:49:02 UTC) #4
commit-bot: I haz the power
5 years, 5 months ago (2015-06-30 16:49:17 UTC) #5
Message was sent while issue was closed. 
Patchset 1 (id:??) landed as
https://crrev.com/abaa094a2b1d9e2d49bf1a704d5ebd4675160ff8
Cr-Commit-Position: refs/heads/master@{#29388}

Powered by Google App Engine
This is Rietveld 408576698