Changeset 251264 in webkit


Ignore:
Timestamp:
Oct 17, 2019, 3:45:35 PM (6 years ago)
Author:
mark.lam@apple.com
Message:

Harden capacity checks in DFG::LocalCSEPhase::SmallMap.
https://bugs.webkit.org/show_bug.cgi?id=203123
<rdar://problem/56339943>

Change addPure() and addImpure() to use RELEASE_ASSERT in their capacity checks.

Reviewed by Keith Miller.

  • dfg/DFGCSEPhase.cpp:
Location:
trunk/Source/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ChangeLog

    r251263 r251264  
     12019-10-17  Mark Lam  <mark.lam@apple.com>
     2
     3        Harden capacity checks in DFG::LocalCSEPhase::SmallMap.
     4        https://bugs.webkit.org/show_bug.cgi?id=203123
     5        <rdar://problem/56339943>
     6
     7        Change addPure() and addImpure() to use RELEASE_ASSERT in their capacity checks.
     8
     9        Reviewed by Keith Miller.
     10
     11        * dfg/DFGCSEPhase.cpp:
     12
    1132019-10-17  Mark Lam  <mark.lam@apple.com>
    214

  • trunk/Source/JavaScriptCore/dfg/DFGCSEPhase.cpp

    r250005 r251264  
    386386            }
    387387       
    388             ASSERT(m_pureLength < capacity);
     388            RELEASE_ASSERT(m_pureLength < capacity);
    389389            m_pureMap[m_pureLength++] = WTF::KeyValuePair<PureValue, Node*>(value, node);
    390390            return nullptr;
     
    408408            if (LazyNode result = findReplacement(location))
    409409                return result;
    410             ASSERT(m_impureLength < capacity);
     410            RELEASE_ASSERT(m_impureLength < capacity);
    411411            m_impureMap[m_impureLength++] = WTF::KeyValuePair<HeapLocation, LazyNode>(location, node);
    412412            return nullptr;
Note: See TracChangeset for help on using the changeset viewer.