Commit Graph

2 Commits

Author SHA1 Message Date
Georg Neis
aff70262f1 [test] Crash on invalid intrinsic use unless --fuzzing is on
For example, when --fuzzing is off, %OptimizeFunctionOnNextCall now
crashes when given a non-function argument.

The following behaviors remain unchanged for now:
- %DeoptimizeFunction continues to do nothing if the function is not
  optimized.
- %DeoptimizeNow continues to do nothing if the top-most JS function
  is not optimized.
- %OptimizeOSR continues to do nothing if the function already has
  optimized code.

Bug: v8:10249
Change-Id: I35d2f3d50ce3f94c8ffccabe50fb4df2b70ce028
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137406
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67121}
2020-04-14 15:01:49 +00:00
Jakob Kummerow
89e5792d60 [tests] Make %NeverOptimizeFunction ClusterFuzz safe
It expected its argument to be a JSFunction, but fuzzer tests can
pass anything. Non-JSFunction arguments should just silently be
ignored, just like similar CF-whitelisted runtime functions do.

Bug: chromium:754177
Change-Id: I41b29528bbe72f24b3d84f021b22602160769d26
Reviewed-on: https://chromium-review.googlesource.com/610706
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47316}
2017-08-11 14:56:45 +00:00