Issue 637923004: Never call MacroAssembler::Allocate() with incorrect size.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 637923004: Never call MacroAssembler::Allocate() with incorrect size. (Closed)

Created:
6 years, 2 months ago by Igor Sheludko

Modified:
6 years, 2 months ago

Reviewers:
Jakob Kummerow

CC:
v8-dev

Base URL:
https://v8.googlecode.com/svn/branches/bleeding_edge

Project:
v8

Visibility:
Public.

More Reviews

Description

Never call MacroAssembler::Allocate() with incorrect size. BUG=chromium:412206 LOG=n

Patch Set 1 #

Patch Set 2 : Test updated #

Created: 6 years, 2 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+19 lines, -12 lines)			Patch
M	src/arm/lithium-codegen-arm.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/arm64/lithium-codegen-arm64.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/ia32/lithium-codegen-ia32.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/mips/lithium-codegen-mips.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/mips64/lithium-codegen-mips64.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/x64/lithium-codegen-x64.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	src/x87/lithium-codegen-x87.cc	View		1 chunk	+2 lines, -1 line	0 comments	Download
A +	test/mjsunit/regress/regress-412206-1.js	View	1	1 chunk	+5 lines, -5 lines	0 comments	Download

Messages

Total messages: 3 (1 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

Jakob Kummerow

6 years, 2 months ago (2014-10-10 10:41:30 UTC) #3

LGTM.

I'm not too happy with this, because:
(1) I'm not convinced %_RegexpConstructResult needs to be fuzzer-proof.
(2) There's a much deeper issue at play here, namely widespread use of signed
int types for size values that should be size_t. But since this local fix is
several orders of magnitude more feasible than a proper cleanup, I guess that's
fine for now...

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages