Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(803)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/objects.h

Issue 275016: Fix overflow in failure "requested size" field. (Closed)
Patch Set: Created 11 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | src/objects.cc » ('j') | src/string-stream.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/objects.h
diff --git a/src/objects.h b/src/objects.h
index fe8363a87673e5a8dd644842af8aff5ea3e794e9..deb0971b7c5f396a61e36212628e6461c503d8ca 100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -948,10 +948,10 @@ class Smi: public Object {
//
// Failures are a single word, encoded as follows:
// +-------------------------+---+--+--+
-// |rrrrrrrrrrrrrrrrrrrrrrrrr|sss|tt|11|
+// |...rrrrrrrrrrrrrrrrrrrrrr|sss|tt|11|
// +-------------------------+---+--+--+
-// 3 7 6 4 32 10
-// 1
+// 7 6 4 32 10
+//
//
// The low two bits, 0-1, are the failure tag, 11. The next two bits,
// 2-3, are a failure type tag 'tt' with possible values:
@@ -1013,8 +1013,8 @@ class Failure: public Object {
#endif
private:
- inline int value() const;
- static inline Failure* Construct(Type type, int value = 0);
+ inline intptr_t value() const;
+ static inline Failure* Construct(Type type, intptr_t value = 0);
DISALLOW_IMPLICIT_CONSTRUCTORS(Failure);
};
« no previous file with comments | « no previous file | src/objects.cc » ('j') | src/string-stream.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698