v8: fix --max_old_space_size=4096 integer overflow

bnoordhuis · bnoordhuis · commit 22793da48551 · 2015-03-17T01:55:50.000+01:00
See https://code.google.com/p/v8/issues/detail?id=3857 for the bug report and https://codereview.chromium.org/897543002 for the CL. PR-URL: #1166 Reviewed-By: Fedor Indutny <fedor@indutny.com>
diff --git a/deps/v8/src/heap/heap.cc b/deps/v8/src/heap/heap.cc
@@ -5082,21 +5082,22 @@ bool Heap::ConfigureHeap(int max_semi_space_size, int max_old_space_size,
     max_semi_space_size_ = max_semi_space_size * MB;
   }
   if (max_old_space_size > 0) {
-    max_old_generation_size_ = max_old_space_size * MB;
+    max_old_generation_size_ = static_cast<intptr_t>(max_old_space_size) * MB;
   }
   if (max_executable_size > 0) {
-    max_executable_size_ = max_executable_size * MB;
+    max_executable_size_ = static_cast<intptr_t>(max_executable_size) * MB;
   }
 
   // If max space size flags are specified overwrite the configuration.
   if (FLAG_max_semi_space_size > 0) {
     max_semi_space_size_ = FLAG_max_semi_space_size * MB;
   }
   if (FLAG_max_old_space_size > 0) {
-    max_old_generation_size_ = FLAG_max_old_space_size * MB;
+    max_old_generation_size_ =
+        static_cast<intptr_t>(FLAG_max_old_space_size) * MB;
   }
   if (FLAG_max_executable_size > 0) {
-    max_executable_size_ = FLAG_max_executable_size * MB;
+    max_executable_size_ = static_cast<intptr_t>(FLAG_max_executable_size) * MB;
   }
 
   if (FLAG_stress_compaction) {

Original file line number	Diff line number	Diff line change
`@@ -5082,21 +5082,22 @@ bool Heap::ConfigureHeap(int max_semi_space_size, int max_old_space_size,`
`5082`	`5082`	`max_semi_space_size_ = max_semi_space_size * MB;`
`5083`	`5083`	`}`
`5084`	`5084`	`if (max_old_space_size > 0) {`
`5085`		`- max_old_generation_size_ = max_old_space_size * MB;`
	`5085`	`+ max_old_generation_size_ = static_cast<intptr_t>(max_old_space_size) * MB;`
`5086`	`5086`	`}`
`5087`	`5087`	`if (max_executable_size > 0) {`
`5088`		`- max_executable_size_ = max_executable_size * MB;`
	`5088`	`+ max_executable_size_ = static_cast<intptr_t>(max_executable_size) * MB;`
`5089`	`5089`	`}`
`5090`	`5090`
`5091`	`5091`	`// If max space size flags are specified overwrite the configuration.`
`5092`	`5092`	`if (FLAG_max_semi_space_size > 0) {`
`5093`	`5093`	`max_semi_space_size_ = FLAG_max_semi_space_size * MB;`
`5094`	`5094`	`}`
`5095`	`5095`	`if (FLAG_max_old_space_size > 0) {`
`5096`		`- max_old_generation_size_ = FLAG_max_old_space_size * MB;`
	`5096`	`+ max_old_generation_size_ =`
	`5097`	`+ static_cast<intptr_t>(FLAG_max_old_space_size) * MB;`
`5097`	`5098`	`}`
`5098`	`5099`	`if (FLAG_max_executable_size > 0) {`
`5099`		`- max_executable_size_ = FLAG_max_executable_size * MB;`
	`5100`	`+ max_executable_size_ = static_cast<intptr_t>(FLAG_max_executable_size) * MB;`
`5100`	`5101`	`}`
`5101`	`5102`
`5102`	`5103`	`if (FLAG_stress_compaction) {`