72d5f3848e
The decoder has the assumption that it always holds that pc <= end. However, in the FunctionBodyDecoder, end was set to start to terminate the decoding loop. Thereby the assumption was violated, which caused a crash. I set end to pc now to end the decoding loop, which preserves the assumption and terminates the loop. BUG=chromium:709741 TEST=unittests/FunctionBodyDecoderTest.Regression709741 R=clemensh@chromium.org Change-Id: I5bfd61bdc4809fc16f12ca8611876c66a79aaa36 Reviewed-on: https://chromium-review.googlesource.com/472723 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44524} |
||
|---|---|---|
| .. | ||
| asm-types-unittest.cc | ||
| control-transfer-unittest.cc | ||
| decoder-unittest.cc | ||
| function-body-decoder-unittest.cc | ||
| leb-helper-unittest.cc | ||
| loop-assignment-analysis-unittest.cc | ||
| module-decoder-unittest.cc | ||
| OWNERS | ||
| switch-logic-unittest.cc | ||
| wasm-macro-gen-unittest.cc | ||
| wasm-module-builder-unittest.cc | ||
| wasm-opcodes-unittest.cc | ||