[webkit-reviews] review granted: [Bug 203936] Add a stack overflow check in Yarr::ByteCompiler::emitDisjunction(). : [Attachment 383097] proposed patch.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Nov 7 18:14:19 PST 2019
Saam Barati <sbarati at apple.com> has granted Mark Lam <mark.lam at apple.com>'s
request for review:
Bug 203936: Add a stack overflow check in
Yarr::ByteCompiler::emitDisjunction().
https://bugs.webkit.org/show_bug.cgi?id=203936
Attachment 383097: proposed patch.
https://bugs.webkit.org/attachment.cgi?id=383097&action=review
--- Comment #9 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 383097
--> https://bugs.webkit.org/attachment.cgi?id=383097
proposed patch.
View in context: https://bugs.webkit.org/attachment.cgi?id=383097&action=review
> JSTests/stress/stack-overflow-in-yarr-byteCompile.js:1
> +//@ requireOptions(""--disableOptionsFreezingForTesting"")
should be one quote
> Source/JavaScriptCore/tools/JSDollarVM.cpp:2046
> + JSFunction* function =
bitwise_cast<JSFunction*>(arg0.toObject(globalObject));
jsCast
> Source/JavaScriptCore/tools/JSDollarVM.cpp:2047
> + size_t desiredStackSize = arg1.toNumber(globalObject);
this should be calling .asNumber()
More information about the webkit-reviews
mailing list