[v8-dev] Issue 1877 in v8: NULL ptr in v8::Value::IsInt32

Status: Accepted
Owner: ----
Labels: Type-Bug Priority-Medium HW-All OS-All


New issue 1877 by [email protected]: NULL ptr in v8::Value::IsInt32
http://code.google.com/p/v8/issues/detail?id=1877

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=9489396

Crash Type: UNKNOWN
Crash Address: 0x000000000000
Crash State:
  - crash stack -
  v8::Value::IsInt32

v8::Handle<v8::Value> WebCore::setWebGLArrayHelper<WTF::Float64Array,WebCore::V8Float64Array>

  v8::internal::Builtin_HandleApiCall

Unminimized Testcase:https://cluster-fuzz.appspot.com/download/AMIfv94euM8U4c4pG8O2_PReK6OCS3jfYvzD_9MHalk4CMdVjeH5OPHXESIIYD_UykcZbzCKkMTMopYApsfFofq6v9snptEY_3Xqp8Ljl655iGyBUbmKsokWIftvSgpFkKnZVnyeGD49FX59uacv-VOyAaucoVw4zA

id: chrome.dll!v8::Value::IsInt32 ReadAV@NULL(6661ae8bdfad759f6e10d1cbe0980f72)


Repro:
<script>
  window.Uint8Array = 0;
  new Float64Array(function () {});
</script>


--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

[v8-dev] Issue 1877 in v8: NULL ptr in v8::Value::IsInt32

Reply via email to