a8aa4b4ef2
Smi::LexicographicCompare: signed integer overflow on negation. Drive-by improvement: reduce number of branches. RegExpQuantifier: signed integer overflow on multiplication. DateCache::DaylightSavingsOffsetInMs: signed integer overflow on addition. Bug: v8:3770,chromium:923466,chromium:923642,chromium:923626 Change-Id: If7d995a13893d1315449ee0bab8b5f2553e170f5 Reviewed-on: https://chromium-review.googlesource.com/c/1436229 Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#59143}
17 lines
464 B
JavaScript
17 lines
464 B
JavaScript
// Copyright 2019 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
// crbug.com/923466
|
|
__v_5 = [ -1073741825, -2147483648];
|
|
__v_5.sort();
|
|
|
|
// crbug.com/923642
|
|
new RegExp("(abcd){2148473648,}", "");
|
|
|
|
// crbug.com/923626
|
|
new Date(2146399200000).toString();
|
|
new Date(2146940400000).toString();
|
|
new Date(2147481600000).toString();
|
|
new Date(2148022800000).toString();
|