Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2410953003:
[wasm] Fix decoding of shared global index space (Closed)
|
Created:
4 years, 2 months ago by Derek Schuff Modified:
4 years, 2 months ago CC:
v8-reviews_googlegroups.com Target Ref:
refs/pending/heads/master Project:
v8 Visibility:
Public. |
DescriptionImported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals.
BUG=none
Committed: https://crrev.com/9b55c0769857d15c722f5d599bdc1c5828bfed99
Cr-Commit-Position: refs/heads/master@{#40230}
Patch Set 1 #Patch Set 2 : with test #
Total comments: 2
Patch Set 3 : review comment #
Total comments: 1
Patch Set 4 : Increase allocation limit #
Messages
Total messages: 27 (17 generated)
Description was changed from ========== Just the code BUG= ========== to ========== Imported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals. BUG=none ==========
dschuff@chromium.org changed reviewers: + bradnelson@chromium.org, titzer@chromium.org
lgtm with nit https://codereview.chromium.org/2410953003/diff/20001/src/wasm/wasm-module.cc File src/wasm/wasm-module.cc (right): https://codereview.chromium.org/2410953003/diff/20001/src/wasm/wasm-module.cc... src/wasm/wasm-module.cc:1549: // TODO: These should be runtime errors and not CHECKs if dest_addr You can make these TODO(titzer)
https://codereview.chromium.org/2410953003/diff/20001/src/wasm/wasm-module.cc File src/wasm/wasm-module.cc (right): https://codereview.chromium.org/2410953003/diff/20001/src/wasm/wasm-module.cc... src/wasm/wasm-module.cc:1549: // TODO: These should be runtime errors and not CHECKs if dest_addr On 2016/10/12 04:56:29, titzer wrote: > You can make these TODO(titzer) Done.
The CQ bit was checked by dschuff@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from titzer@chromium.org Link to the patchset: https://codereview.chromium.org/2410953003/#ps40001 (title: "review comment")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: v8_linux64_gyp_rel_ng on master.tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_linux64_gyp_rel_ng/build...) v8_linux64_gyp_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_linux64_gyp_rel_ng_trigg...)
https://codereview.chromium.org/2410953003/diff/40001/src/wasm/module-decoder.cc File src/wasm/module-decoder.cc (right): https://codereview.chromium.org/2410953003/diff/40001/src/wasm/module-decoder... src/wasm/module-decoder.cc:401: if (!IsWithinLimit(kMaxReserve, globals_count, imported_globals)) { OK, so I was afraid this would be a problem; I was trying to worry about the sum of the imported + defined globals overflowing some nebulous limit, but obviously kMaxReserve is too small (it's causing the test failure). So, any suggestions? INT_MAX? Just cast to int64 and do UINT_MAX? Something in between?
The CQ bit was checked by dschuff@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
On 2016/10/12 05:35:20, Derek Schuff wrote: > https://codereview.chromium.org/2410953003/diff/40001/src/wasm/module-decoder.cc > File src/wasm/module-decoder.cc (right): > > https://codereview.chromium.org/2410953003/diff/40001/src/wasm/module-decoder... > src/wasm/module-decoder.cc:401: if (!IsWithinLimit(kMaxReserve, globals_count, > imported_globals)) { > OK, so I was afraid this would be a problem; I was trying to worry about the sum > of the imported + defined globals overflowing some nebulous limit, but obviously > kMaxReserve is too small (it's causing the test failure). So, any suggestions? > INT_MAX? Just cast to int64 and do UINT_MAX? Something in between? went with INT_MAX for now. That's probably too large to be useful as an anti-OOM heuristic like SafeReserve but maybe will at least keep from nasty overflow or security bugs.
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: v8_linux64_sanitizer_coverage_rel on master.tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_linux64_sanitizer_covera...)
The CQ bit was checked by dschuff@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
The CQ bit was checked by dschuff@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from titzer@chromium.org Link to the patchset: https://codereview.chromium.org/2410953003/#ps60001 (title: "Increase allocation limit")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Imported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals. BUG=none ========== to ========== Imported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals. BUG=none ==========
Message was sent while issue was closed.
Committed patchset #4 (id:60001)
Message was sent while issue was closed.
Description was changed from ========== Imported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals. BUG=none ========== to ========== Imported and defined globals share an index space, but previously the decoder clobbered the imported global indices with the defined globals. BUG=none Committed: https://crrev.com/9b55c0769857d15c722f5d599bdc1c5828bfed99 Cr-Commit-Position: refs/heads/master@{#40230} ==========
Message was sent while issue was closed.
Patchset 4 (id:??) landed as https://crrev.com/9b55c0769857d15c722f5d599bdc1c5828bfed99 Cr-Commit-Position: refs/heads/master@{#40230} |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
