- Ensure the stack trace limit is not negative.

- Enable fuzzing of the CollectStackTrace runtime call. Review URL: http://codereview.chromium.org/491005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

- Ensure the stack trace limit is not negative.
- Enable fuzzing of the CollectStackTrace runtime call. Review URL: http://codereview.chromium.org/491005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
fe952d72 · iposva@chromium.org · e32fdc02 · fe952d72 · fe952d72
Commit fe952d72 authored Dec 10, 2009 by iposva@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

runtime.cc src/runtime.cc +2 -1

fuzz-natives.js test/mjsunit/fuzz-natives.js +0 -1

No files found.
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -7884,7 +7884,8 @@ static Object* Runtime_CollectStackTrace(Arguments args) {
  HandleScope scope;
-  int initial_size = limit < 10 ? limit : 10;
+  limit = Max(limit, 0);  // Ensure that limit is not negative.
+  int initial_size = Min(limit, 10);
  Handle<JSArray> result = Factory::NewJSArray(initial_size * 3);
  StackFrameIterator iter;

--- a/test/mjsunit/fuzz-natives.js
+++ b/test/mjsunit/fuzz-natives.js
@@ -129,7 +129,6 @@ var knownProblems = {
  "Log": true,
  "DeclareGlobals": true,
-  "CollectStackTrace": true,
  "PromoteScheduledException": true,
  "DeleteHandleScopeExtensions": true
 };