Closed Bug 1213436 Opened 4 years ago Closed 4 years ago
Reject core dumps with node IDs that don't fit in an IEEE 754 double
Our IDs are derived from pointers (48 bits, which will fit) but some annoying person could purposely generate IDs that don't fit since we store them as unsigned 64 bit ints on disk / in protobuf. Depends on bug 1211006 because we would like to use the JS::Value::isRepresentableNumber function defined in that patch.
Comment on attachment 8672126 [details] [diff] [review] Reject core dumps with node IDs that don't fit in an IEEE 754 double That try push went pretty poorly. Will fix this patch up before re-requesting review.
Looks like it is only 32 bit platforms that are getting caught in this assertion. Suspect my conversions are bad or something.
Attachment #8672126 - Attachment is obsolete: true
Alright, the issue was that when we were doing uint64_t(ptr) the ptr was getting sign extended on 32 bit platforms. So now we do uint64_t(uintptr_t(ptr)) to avoid the sign extending. Try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=e0f68ff505f8
Woops, that try push didn't include the patch for bug 1211006. New try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=6c3f279c4ea3
Attachment #8673260 - Flags: review?(sphink) → review+
You need to log in before you can comment on or make changes to this bug.