Commit 77cbe276 authored by littledan's avatar littledan Committed by Commit bot

Narrowly address async function stack overflow parsing case

This patch just checks for a stack overflow and returns failure
from the cases which Clusterfuzz found. However, there may be
more locations in the parser which need similar treatment.

R=caitpotter88@gmail.com,neis
BUG=v8:4483,chromium:624300

Review-Url: https://codereview.chromium.org/2135503002
Cr-Commit-Position: refs/heads/master@{#37655}
parent 56d013d4
...@@ -1098,8 +1098,14 @@ FunctionLiteral* Parser::ParseLazy(Isolate* isolate, ParseInfo* info, ...@@ -1098,8 +1098,14 @@ FunctionLiteral* Parser::ParseLazy(Isolate* isolate, ParseInfo* info,
bool is_async = allow_harmony_async_await() && shared_info->is_async(); bool is_async = allow_harmony_async_await() && shared_info->is_async();
if (is_async) { if (is_async) {
DCHECK(!scanner()->HasAnyLineTerminatorAfterNext()); DCHECK(!scanner()->HasAnyLineTerminatorAfterNext());
Consume(Token::ASYNC); if (!Check(Token::ASYNC)) {
DCHECK(peek_any_identifier() || peek() == Token::LPAREN); CHECK(stack_overflow());
return nullptr;
}
if (!(peek_any_identifier() || peek() == Token::LPAREN)) {
CHECK(stack_overflow());
return nullptr;
}
} }
// TODO(adamk): We should construct this scope from the ScopeInfo. // TODO(adamk): We should construct this scope from the ScopeInfo.
......
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --harmony-async-await
(function f() {
try {
f();
} catch (e) {
(async() => await 1).length;
}
})();
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment