| Summary: | bmalloc: fix up overflow checks | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Geoffrey Garen <ggaren> | ||||
| Component: | bmalloc | Assignee: | Geoffrey Garen <ggaren> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | ggaren, mark.lam | ||||
| Priority: | P2 | ||||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
|
Description
Geoffrey Garen
2016-04-19 20:09:49 PDT
Created attachment 276795 [details]
Patch
Comment on attachment 276795 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=276795&action=review r=me > Source/bmalloc/ChangeLog:11 > + we were missing smoe cases. typo: /smoe/some/. Comment on attachment 276795 [details]
Patch
Is it possible to add some tests that exercise the overflow cases?
> Is it possible to add some tests that exercise the overflow cases?
Good question. This requires some changes to the MallocBench infrastructure to allow for failure. I'll tackle this in a follow-up patch.
Committed r199759: <http://trac.webkit.org/changeset/199759> Comment on attachment 276795 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=276795&action=review > Source/bmalloc/bmalloc/Heap.cpp:347 > + size_t roundedSize = size ? roundUpToMultipleOf(largeAlignment, size) : largeAlignment; I wonder if we should make an override for roundUp... to take Checked<T> - then switch to Checked<> for bmalloc internal arithmetic? > > Source/bmalloc/bmalloc/Heap.cpp:347
> > + size_t roundedSize = size ? roundUpToMultipleOf(largeAlignment, size) : largeAlignment;
>
> I wonder if we should make an override for roundUp... to take Checked<T> -
> then switch to Checked<> for bmalloc internal arithmetic?
I'd like to come up with a good idiom, maybe using builtin checked arithmetic. Not sure what the best option is.
|