Issue 22815033: Fix crash due RegExpAtom method called on RegExpCharacterClass object.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 22815033: Fix crash due RegExpAtom method called on RegExpCharacterClass object. (Closed)

Created:
7 years, 4 months ago by Benedikt Meurer

Modified:
7 years, 4 months ago

Reviewers:
titzer, Sven Panne, danno, Jakob Kummerow

CC:
v8-dev

Base URL:
https://v8.googlecode.com/svn/branches/bleeding_edge

Visibility:
Public.

More Reviews

Description

Fix crash due RegExpAtom method called on RegExpCharacterClass object. In the RegExpUnparser::VisitText(RegExpText* that, void* data) function always RegExpUnparser::VisitAtom function called via that->elements()->at(i).data.u_atom->Accept(this, data); even if the type of the object is RegExpCharacterClass. The problem shows using g++ 4.7(.2, .3) since r16232, since GCC optimizes virtual method calls to direct calls based on __final/final hints. Tested on MIPS and x64: Program received signal SIGSEGV, Segmentation fault. 0x0000000000588928 in v8::internal::RegExpUnparser::VisitAtom(v8::internal::RegExpAtom*, void*) () This cleans up the TextElement class to avoid the unsafe+unchecked union access, that caused the crash. TEST=cctest/test-regexp/ParserRegression R=jkummerow@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=16289

Patch Set 1 #

Created: 7 years, 4 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+79 lines, -72 lines)			Patch
M	src/ast.cc	View	1 chunk	+2 lines, -2 lines	0 comments	Download
M	src/jsregexp.h	View	1 chunk	+32 lines, -11 lines	0 comments	Download
M	src/jsregexp.cc	View	16 chunks	+45 lines, -59 lines	0 comments	Download

Messages

Total messages: 3 (0 generated)

Expand Messages | Collapse Messages

Message was sent while issue was closed.

Committed patchset #1 manually as r16289.

Expand Messages | Collapse Messages