RESOLVED FIXED 156780
bmalloc: fix up overflow checks 
https://bugs.webkit.org/show_bug.cgi?id=156780
Summary bmalloc: fix up overflow checks
Geoffrey Garen
Reported 2016-04-19 20:09:49 PDT
bmalloc: fix up overflow checks
Attachments
Patch (7.00 KB, patch)
2016-04-19 20:12 PDT, Geoffrey Garen 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Geoffrey Garen
Comment 1 2016-04-19 20:12:50 PDT
Created attachment 276795 [details] Patch
Mark Lam
Comment 2 2016-04-19 20:56:11 PDT
Comment on attachment 276795 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=276795&action=review r=me > Source/bmalloc/ChangeLog:11 > + we were missing smoe cases. typo: /smoe/some/.
Mark Lam
Comment 3 2016-04-19 20:57:04 PDT
Comment on attachment 276795 [details] Patch Is it possible to add some tests that exercise the overflow cases?
Geoffrey Garen
Comment 4 2016-04-19 21:12:50 PDT
> Is it possible to add some tests that exercise the overflow cases? Good question. This requires some changes to the MallocBench infrastructure to allow for failure. I'll tackle this in a follow-up patch.
Geoffrey Garen
Comment 5 2016-04-19 21:13:43 PDT
Committed r199759: <http://trac.webkit.org/changeset/199759>
Oliver Hunt
Comment 6 2016-04-20 10:34:56 PDT
Comment on attachment 276795 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=276795&action=review > Source/bmalloc/bmalloc/Heap.cpp:347 > + size_t roundedSize = size ? roundUpToMultipleOf(largeAlignment, size) : largeAlignment; I wonder if we should make an override for roundUp... to take Checked<T> - then switch to Checked<> for bmalloc internal arithmetic?
Geoffrey Garen
Comment 7 2016-04-20 11:04:37 PDT
> > Source/bmalloc/bmalloc/Heap.cpp:347 > > + size_t roundedSize = size ? roundUpToMultipleOf(largeAlignment, size) : largeAlignment; > > I wonder if we should make an override for roundUp... to take Checked<T> - > then switch to Checked<> for bmalloc internal arithmetic? I'd like to come up with a good idiom, maybe using builtin checked arithmetic. Not sure what the best option is.
Note You need to log in before you can comment on or make changes to this bug.