Reviewers: Kasper Lund, Description: - Ensure the stack trace limit is not negative. - Enable fuzzing of the CollectStackTrace runtime call.
Please review this at http://codereview.chromium.org/491005 SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/ Affected files: M src/runtime.cc M test/mjsunit/fuzz-natives.js Index: src/runtime.cc =================================================================== --- src/runtime.cc (revision 3449) +++ src/runtime.cc (working copy) @@ -7884,7 +7884,8 @@ HandleScope scope; - int initial_size = limit < 10 ? limit : 10; + limit = Max(limit, 0); // Ensure that limit is not negative. + int initial_size = Min(limit, 10); Handle<JSArray> result = Factory::NewJSArray(initial_size * 3); StackFrameIterator iter; Index: test/mjsunit/fuzz-natives.js =================================================================== --- test/mjsunit/fuzz-natives.js (revision 3449) +++ test/mjsunit/fuzz-natives.js (working copy) @@ -129,7 +129,6 @@ "Log": true, "DeclareGlobals": true, - "CollectStackTrace": true, "PromoteScheduledException": true, "DeleteHandleScopeExtensions": true }; -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
