Author: [EMAIL PROTECTED]
Date: Fri Oct 31 01:51:26 2008
New Revision: 663
Modified:
branches/bleeding_edge/src/runtime.cc
branches/bleeding_edge/test/mjsunit/fuzz-natives.js
Log:
Fix natives fuzzing: Let the StringIndexOf runtime function
deal with start indexes that are out of range.
Review URL: http://codereview.chromium.org/8762
Modified: branches/bleeding_edge/src/runtime.cc
==============================================================================
--- branches/bleeding_edge/src/runtime.cc (original)
+++ branches/bleeding_edge/src/runtime.cc Fri Oct 31 01:51:26 2008
@@ -1401,6 +1401,7 @@
uint32_t start_index;
if (!Array::IndexFromObject(index, &start_index)) return
Smi::FromInt(-1);
+ RUNTIME_ASSERT(start_index <= static_cast<uint32_t>(sub->length()));
int position = Runtime::StringMatch(sub, pat, start_index);
return Smi::FromInt(position);
}
Modified: branches/bleeding_edge/test/mjsunit/fuzz-natives.js
==============================================================================
--- branches/bleeding_edge/test/mjsunit/fuzz-natives.js (original)
+++ branches/bleeding_edge/test/mjsunit/fuzz-natives.js Fri Oct 31 01:51:26
2008
@@ -106,6 +106,11 @@
"SetScriptBreakPoint": true,
"ChangeBreakOnException": true,
"PrepareStep": true,
+
+ // Calling disable/enable access checks may interfere with the
+ // the rest of the tests.
+ "DisableAccessChecks": true,
+ "EnableAccessChecks": true,
// These functions should not be callable as runtime functions.
"NewContext": true,
--~--~---------~--~----~------------~-------~--~----~
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
-~----------~----~----~----~------~----~------~--~---
