[webkit-changes] [269090] branches/safari-610-branch/Source/WTF

[repstein]

Title: [269090] branches/safari-610-branch/Source/WTF

Revision

269090

Author

repst...@apple.com

Date

2020-10-27 18:42:59 -0700 (Tue, 27 Oct 2020)

Log Message

Cherry-pick r269019. rdar://problem/70733412

    Add extra validation to MetaAllocator::findAndRemoveFreeSpace
    https://bugs.webkit.org/show_bug.cgi?id=217792
    <rdar://problem/69433015>

    Reviewed Saam Barati.

    * wtf/MetaAllocator.cpp:
    (WTF::MetaAllocator::findAndRemoveFreeSpace):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@269019 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

• branches/safari-610-branch/Source/WTF/ChangeLog
• branches/safari-610-branch/Source/WTF/wtf/MetaAllocator.cpp

Diff

Modified: branches/safari-610-branch/Source/WTF/ChangeLog (269089 => 269090)

--- branches/safari-610-branch/Source/WTF/ChangeLog	2020-10-28 01:42:57 UTC (rev 269089)
+++ branches/safari-610-branch/Source/WTF/ChangeLog	2020-10-28 01:42:59 UTC (rev 269090)
@@ -1,5 +1,31 @@
 2020-10-27  Russell Epstein  <repst...@apple.com>
 
+        Cherry-pick r269019. rdar://problem/70733412
+
+    Add extra validation to MetaAllocator::findAndRemoveFreeSpace
+    https://bugs.webkit.org/show_bug.cgi?id=217792
+    <rdar://problem/69433015>
+    
+    Reviewed Saam Barati.
+    
+    * wtf/MetaAllocator.cpp:
+    (WTF::MetaAllocator::findAndRemoveFreeSpace):
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@269019 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2020-10-15  Tadeu Zagallo  <tzaga...@apple.com>
+
+            Add extra validation to MetaAllocator::findAndRemoveFreeSpace
+            https://bugs.webkit.org/show_bug.cgi?id=217792
+            <rdar://problem/69433015>
+
+            Reviewed Saam Barati.
+
+            * wtf/MetaAllocator.cpp:
+            (WTF::MetaAllocator::findAndRemoveFreeSpace):
+
+2020-10-27  Russell Epstein  <repst...@apple.com>
+
         Cherry-pick r269017. rdar://problem/70733371
 
     Assert that WTF::HashTable does not visit the same bucket twice

Modified: branches/safari-610-branch/Source/WTF/wtf/MetaAllocator.cpp (269089 => 269090)

--- branches/safari-610-branch/Source/WTF/wtf/MetaAllocator.cpp	2020-10-28 01:42:57 UTC (rev 269089)
+++ branches/safari-610-branch/Source/WTF/wtf/MetaAllocator.cpp	2020-10-28 01:42:59 UTC (rev 269090)
@@ -211,7 +211,7 @@
         return nullptr;
     
     size_t nodeSizeInBytes = node->sizeInBytes();
-    ASSERT(nodeSizeInBytes >= sizeInBytes);
+    RELEASE_ASSERT(nodeSizeInBytes >= sizeInBytes);
 
     m_freeSpaceSizeMap.remove(node);
 
@@ -246,6 +246,7 @@
             m_freeSpaceStartAddressMap.remove(node->m_start);
 
             node->m_start += sizeInBytes;
+            RELEASE_ASSERT(nodeStartAsInt < node->m_start.untaggedPtr<uintptr_t>() && node->m_start.untaggedPtr<uintptr_t>() < node->m_end.untaggedPtr<uintptr_t>());
 
             m_freeSpaceSizeMap.insert(node);
             m_freeSpaceStartAddressMap.add(node->m_start, node);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes