test · 72d5f3848ec1ad0ae07b9bf7b049b1a1f2e7f81d · Linshizhi / V8

Terminate the decoding loop more gracefully. · 72d5f384

Andreas Haas authored Apr 10, 2017

The decoder has the assumption that it always holds that pc <= end.
However, in the FunctionBodyDecoder, end was set to start to terminate
the decoding loop. Thereby the assumption was violated, which caused a
crash. I set end to pc now to end the decoding loop, which preserves
the assumption and terminates the loop.

BUG=chromium:709741
TEST=unittests/FunctionBodyDecoderTest.Regression709741
R=clemensh@chromium.org

Change-Id: I5bfd61bdc4809fc16f12ca8611876c66a79aaa36
Reviewed-on: https://chromium-review.googlesource.com/472723
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44524}

72d5f384

Name	Last commit	Last update
..
benchmarks		Loading commit data...
cctest		Loading commit data...
common		Loading commit data...
debugger		Loading commit data...
fuzzer		Loading commit data...
inspector		Loading commit data...
intl		Loading commit data...
js-perf-test		Loading commit data...
memory		Loading commit data...
message		Loading commit data...
mjsunit		Loading commit data...
mozilla		Loading commit data...
preparser		Loading commit data...
promises-aplus		Loading commit data...
simdjs		Loading commit data...
test262		Loading commit data...
unittests		Loading commit data...
webkit		Loading commit data...
BUILD.gn		Loading commit data...
bot_default.gyp		Loading commit data...
bot_default.isolate		Loading commit data...
default.gyp		Loading commit data...
default.isolate		Loading commit data...
optimize_for_size.gyp		Loading commit data...
optimize_for_size.isolate		Loading commit data...
perf.gyp		Loading commit data...
perf.isolate		Loading commit data...