-
Andreas Haas authored
The fuzzer found a crash when we want to execute the {valueOf} function of an imported value for an i64-global. The problem is that we cannot execute JavaScript at that moment (I did not check why, I guess we open some scope at some point). I checked the WebAssembly spec now, and it defines that only numbers are valid values for imported globals. I adjust our bigint implementation accordingly with this CL, i.e. that only bigint values are valid as imported i64-globalsl. I also created github issues to discuss this problem. R=jkummerow@chromium.org Bug: chromium:1001804 Change-Id: I47f0b31fab53163346f341ad290fd3c58e7707bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792167 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63621}
f87505ca
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| benchmarks | ||
| cctest | ||
| common | ||
| debugger | ||
| fuzzer | ||
| inspector | ||
| intl | ||
| js-perf-test | ||
| memory | ||
| message | ||
| mjsunit | ||
| mkgrokdump | ||
| mozilla | ||
| preparser | ||
| test262 | ||
| torque | ||
| unittests | ||
| wasm-api-tests | ||
| wasm-js | ||
| wasm-spec-tests | ||
| webkit | ||
| BUILD.gn | ||
| OWNERS |