Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(102)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 150563007: Fix crash bug in free list when allocating write protected memory. (Closed)

Created:
6 years, 10 months ago by Florian Schneider
Modified:
6 years, 10 months ago
Reviewers:
srdjan, siva, Ivan Posva
CC:
reviews_dartlang.org, vm-dev_dartlang.org, siva
Visibility:
Public.

Description

Fix crash bug in free list when allocating write protected memory. Re-enable write protection of code pages. I added cc tests that cover two corner conditions that caused the old code to crash. TEST=vm/FreeList R=asiva@google.com Committed: https://code.google.com/p/dart/source/detail?r=32647

Patch Set 1 #

Patch Set 2 : strengthen assertions in test #

Patch Set 3 : Fix gcc compiler warnings #

Total comments: 3

Patch Set 4 : addressed commment #

Unified diffs Side-by-side diffs Delta from patch set Stats (+182 lines, -35 lines) Patch
M runtime/vm/code_patcher.cc View 1 chunk +1 line, -1 line 0 comments Download
M runtime/vm/freelist.h View 2 chunks +2 lines, -3 lines 0 comments Download
M runtime/vm/freelist.cc View 1 2 3 6 chunks +17 lines, -11 lines 0 comments Download
M runtime/vm/freelist_test.cc View 1 2 1 chunk +162 lines, -20 lines 0 comments Download

Messages

Total messages: 5 (0 generated)
Florian Schneider
6 years, 10 months ago (2014-02-11 17:20:38 UTC) #1
srdjan
https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc File runtime/vm/freelist.cc (right): https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc#newcode47 runtime/vm/freelist.cc:47: return ((size > RawObject::SizeTag::kMaxSizeTag) ? 3 : 2) * ...
6 years, 10 months ago (2014-02-11 21:45:40 UTC) #2
siva
lgtm https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc File runtime/vm/freelist.cc (right): https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc#newcode47 runtime/vm/freelist.cc:47: return ((size > RawObject::SizeTag::kMaxSizeTag) ? 3 : 2) ...
6 years, 10 months ago (2014-02-11 23:36:43 UTC) #3
Florian Schneider
https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc File runtime/vm/freelist.cc (right): https://codereview.chromium.org/150563007/diff/80001/runtime/vm/freelist.cc#newcode47 runtime/vm/freelist.cc:47: return ((size > RawObject::SizeTag::kMaxSizeTag) ? 3 : 2) * ...
6 years, 10 months ago (2014-02-12 11:32:34 UTC) #4
Florian Schneider
6 years, 10 months ago (2014-02-13 11:59:40 UTC) #5
Message was sent while issue was closed. 
Committed patchset #4 manually as r32647 (presubmit successful).

Powered by Google App Engine
This is Rietveld 408576698