Fix cluster-fuzz regression with Workers when serializing empty string

BUG=chromium:503991 R=jochen@chromium.org LOG=n Review URL: https://codereview.chromium.org/1210623002 Cr-Commit-Position: refs/heads/master@{#29263}
2015-06-24 10:47:10 -07:00 · 2015-06-24 10:47:10 -07:00 · b3bd7289f7
commit b3bd7289f7
parent edcc242a44
2 changed files with 14 additions and 2 deletions
--- a/src/d8.cc
+++ b/src/d8.cc
@ -1538,8 +1538,10 @@ void SerializationData::WriteTag(SerializationTag tag) { data.Add(tag); }


 void SerializationData::WriteMemory(const void* p, int length) {
-  i::Vector<uint8_t> block = data.AddBlock(0, length);
-  memcpy(&block[0], p, length);
+  if (length > 0) {
+    i::Vector<uint8_t> block = data.AddBlock(0, length);
+    memcpy(&block[0], p, length);
+  }
 }


--- a/test/mjsunit/regress/regress-crbug-503991.js
+++ b/test/mjsunit/regress/regress-crbug-503991.js
@ -0,0 +1,10 @@
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+if (this.Worker) {
+  __v_3 = "";
+  function __f_1() {}
+  var __v_6 = new Worker(__f_1);
+  __v_6.postMessage(__v_3);
+}