[webkit-reviews] review granted: [Bug 214067] Add a way to return early from detected infinite loops to aid the fuzzer : [Attachment 403753] patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 7 20:44:51 PDT 2020
Yusuke Suzuki <ysuzuki at apple.com> has granted Saam Barati <sbarati at apple.com>'s
request for review:
Bug 214067: Add a way to return early from detected infinite loops to aid the
fuzzer
https://bugs.webkit.org/show_bug.cgi?id=214067
Attachment 403753: patch
https://bugs.webkit.org/attachment.cgi?id=403753&action=review
--- Comment #2 from Yusuke Suzuki <ysuzuki at apple.com> ---
Comment on attachment 403753
--> https://bugs.webkit.org/attachment.cgi?id=403753
patch
View in context: https://bugs.webkit.org/attachment.cgi?id=403753&action=review
r=me
> Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:14718
> + patchpoint->effects.writesLocalState = true;
patchpoint->clobber(RegisterSet::macroScratchRegisters()); is required.
> Source/JavaScriptCore/runtime/VM.cpp:1562
> + uint64_t* ptr =
static_cast<uint64_t*>(fastMalloc(sizeof(uint64_t)));
> + *ptr = 0;
> + addResult.iterator->value.second = ptr;
How about using `std::unique_ptr<uint64_t>` & `makeUnique<uint64_t>()`?
> Source/JavaScriptCore/runtime/VM.cpp:1582
> + fastFree(iter->value.second);
Then, we can remove this.
More information about the webkit-reviews
mailing list