Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (140583 => 140584)
--- trunk/Source/_javascript_Core/ChangeLog 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-01-23 21:44:29 UTC (rev 140584)
@@ -1,3 +1,61 @@
+2013-01-23 Oliver Hunt <[email protected]>
+
+ Replace numerous manual CRASH's in JSC with RELEASE_ASSERT
+ https://bugs.webkit.org/show_bug.cgi?id=107726
+
+ Reviewed by Filip Pizlo.
+
+ Fairly manual change from if (foo) CRASH(); to RELEASE_ASSERT(!foo);
+
+ * assembler/MacroAssembler.h:
+ (JSC::MacroAssembler::branchAdd32):
+ (JSC::MacroAssembler::branchMul32):
+ * bytecode/CodeBlockHash.cpp:
+ (JSC::CodeBlockHash::CodeBlockHash):
+ * heap/BlockAllocator.h:
+ (JSC::Region::create):
+ (JSC::Region::createCustomSize):
+ * heap/GCAssertions.h:
+ * heap/HandleSet.cpp:
+ (JSC::HandleSet::visitStrongHandles):
+ (JSC::HandleSet::writeBarrier):
+ * heap/HandleSet.h:
+ (JSC::HandleSet::allocate):
+ * heap/Heap.cpp:
+ (JSC::Heap::collect):
+ * heap/SlotVisitor.cpp:
+ (JSC::SlotVisitor::validate):
+ * interpreter/Interpreter.cpp:
+ (JSC::Interpreter::execute):
+ * jit/ExecutableAllocator.cpp:
+ (JSC::DemandExecutableAllocator::allocateNewSpace):
+ (JSC::ExecutableAllocator::allocate):
+ * jit/ExecutableAllocator.h:
+ (JSC::roundUpAllocationSize):
+ * jit/ExecutableAllocatorFixedVMPool.cpp:
+ (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
+ (JSC::ExecutableAllocator::allocate):
+ * runtime/ButterflyInlines.h:
+ (JSC::Butterfly::createUninitialized):
+ * runtime/Completion.cpp:
+ (JSC::evaluate):
+ * runtime/JSArray.h:
+ (JSC::constructArray):
+ * runtime/JSGlobalObject.cpp:
+ (JSC::slowValidateCell):
+ * runtime/JSObject.cpp:
+ (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
+ (JSC::JSObject::createArrayStorage):
+ * tools/TieredMMapArray.h:
+ (JSC::TieredMMapArray::append):
+ * yarr/YarrInterpreter.cpp:
+ (JSC::Yarr::Interpreter::allocDisjunctionContext):
+ (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
+ (JSC::Yarr::Interpreter::InputStream::readChecked):
+ (JSC::Yarr::Interpreter::InputStream::uncheckInput):
+ (JSC::Yarr::Interpreter::InputStream::atEnd):
+ (JSC::Yarr::Interpreter::interpret):
+
2013-01-22 Filip Pizlo <[email protected]>
Convert CSE phase to not rely too much on NodeIndex
Modified: trunk/Source/_javascript_Core/assembler/MacroAssembler.h (140583 => 140584)
--- trunk/Source/_javascript_Core/assembler/MacroAssembler.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/assembler/MacroAssembler.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -1350,12 +1350,9 @@
Jump branchAdd32(ResultCondition cond, RegisterID src, Imm32 imm, RegisterID dest)
{
- if (src == dest) {
- if (!scratchRegisterForBlinding()) {
- // Release mode ASSERT, if this fails we will perform incorrect codegen.
- CRASH();
- }
- }
+ if (src == dest)
+ RELEASE_ASSERT(scratchRegisterForBlinding());
+
if (shouldBlind(imm)) {
if (src == dest) {
if (RegisterID scratchRegister = (RegisterID)scratchRegisterForBlinding()) {
@@ -1371,12 +1368,9 @@
Jump branchMul32(ResultCondition cond, Imm32 imm, RegisterID src, RegisterID dest)
{
- if (src == dest) {
- if (!scratchRegisterForBlinding()) {
- // Release mode ASSERT, if this fails we will perform incorrect codegen.
- CRASH();
- }
- }
+ if (src == dest)
+ RELEASE_ASSERT(scratchRegisterForBlinding());
+
if (shouldBlind(imm)) {
if (src == dest) {
if (RegisterID scratchRegister = (RegisterID)scratchRegisterForBlinding()) {
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlockHash.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/bytecode/CodeBlockHash.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlockHash.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -36,8 +36,7 @@
CodeBlockHash::CodeBlockHash(const char* string)
: m_hash(0)
{
- if (strlen(string) != 6)
- CRASH();
+ RELEASE_ASSERT(strlen(string) == 6);
for (unsigned i = 0; i < 6; ++i) {
m_hash *= 62;
Modified: trunk/Source/_javascript_Core/heap/BlockAllocator.h (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/BlockAllocator.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/BlockAllocator.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -93,16 +93,14 @@
ASSERT(blockSize <= s_regionSize);
ASSERT(!(s_regionSize % blockSize));
PageAllocationAligned allocation = PageAllocationAligned::allocate(s_regionSize, s_regionSize, OSAllocator::JSGCHeapPages);
- if (!static_cast<bool>(allocation))
- CRASH();
+ RELEASE_ASSERT(static_cast<bool>(allocation));
return new Region(allocation, blockSize, s_regionSize / blockSize);
}
inline Region* Region::createCustomSize(size_t blockSize, size_t blockAlignment)
{
PageAllocationAligned allocation = PageAllocationAligned::allocate(blockSize, blockAlignment, OSAllocator::JSGCHeapPages);
- if (!static_cast<bool>(allocation))
- CRASH();
+ RELEASE_ASSERT(static_cast<bool>(allocation));
Region* region = new Region(allocation, blockSize, 1);
region->m_isCustomSize = true;
return region;
Modified: trunk/Source/_javascript_Core/heap/GCAssertions.h (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/GCAssertions.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/GCAssertions.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -30,16 +30,13 @@
#if ENABLE(GC_VALIDATION)
#define ASSERT_GC_OBJECT_LOOKS_VALID(cell) do { \
- if (!(cell))\
- CRASH();\
- if (cell->unvalidatedStructure()->unvalidatedStructure() != cell->unvalidatedStructure()->unvalidatedStructure()->unvalidatedStructure())\
- CRASH();\
+ RELEASE_ASSERT(cell);\
+ RELEASE_ASSERT(cell->unvalidatedStructure()->unvalidatedStructure() == cell->unvalidatedStructure()->unvalidatedStructure()->unvalidatedStructure()); \
} while (0)
#define ASSERT_GC_OBJECT_INHERITS(object, classInfo) do {\
ASSERT_GC_OBJECT_LOOKS_VALID(object); \
- if (!object->inherits(classInfo)) \
- CRASH();\
+ RELEASE_ASSERT(object->inherits(classInfo)); \
} while (0)
#else
Modified: trunk/Source/_javascript_Core/heap/HandleSet.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/HandleSet.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/HandleSet.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -54,8 +54,7 @@
Node* end = m_strongList.end();
for (Node* node = m_strongList.begin(); node != end; node = node->next()) {
#if ENABLE(GC_VALIDATION)
- if (!isLiveNode(node))
- CRASH();
+ RELEASE_ASSERT(isLiveNode(node));
#endif
heapRootVisitor.visit(node->slot());
}
@@ -65,16 +64,14 @@
{
// Forbid assignment to handles during the finalization phase, since it would violate many GC invariants.
// File a bug with stack trace if you hit this.
- if (m_nextToFinalize)
- CRASH();
+ RELEASE_ASSERT(!m_nextToFinalize);
if (!value == !*slot && slot->isCell() == value.isCell())
return;
Node* node = toNode(slot);
#if ENABLE(GC_VALIDATION)
- if (!isLiveNode(node))
- CRASH();
+ RELEASE_ASSERT(isLiveNode(node));
#endif
SentinelLinkedList<Node>::remove(node);
if (!value || !value.isCell()) {
@@ -84,8 +81,7 @@
m_strongList.push(node);
#if ENABLE(GC_VALIDATION)
- if (!isLiveNode(node))
- CRASH();
+ RELEASE_ASSERT(isLiveNode(node));
#endif
}
Modified: trunk/Source/_javascript_Core/heap/HandleSet.h (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/HandleSet.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/HandleSet.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -123,8 +123,8 @@
{
// Forbid assignment to handles during the finalization phase, since it would violate many GC invariants.
// File a bug with stack trace if you hit this.
- if (m_nextToFinalize)
- CRASH();
+ RELEASE_ASSERT(!m_nextToFinalize);
+
if (m_freeList.isEmpty())
grow();
Modified: trunk/Source/_javascript_Core/heap/Heap.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/Heap.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/Heap.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -721,8 +721,7 @@
ASSERT(globalData()->identifierTable == wtfThreadData().currentIdentifierTable());
ASSERT(m_isSafeToCollect);
_javascript_CORE_GC_BEGIN();
- if (m_operationInProgress != NoOperation)
- CRASH();
+ RELEASE_ASSERT(m_operationInProgress == NoOperation);
m_operationInProgress = Collection;
m_activityCallback->willCollect();
@@ -811,8 +810,8 @@
if (Options::recordGCPauseTimes())
HeapStatistics::recordGCPauseTime(lastGCStartTime, lastGCEndTime);
- if (m_operationInProgress != Collection)
- CRASH();
+ RELEASE_ASSERT(m_operationInProgress == Collection);
+
m_operationInProgress = NoOperation;
_javascript_CORE_GC_END();
Modified: trunk/Source/_javascript_Core/heap/SlotVisitor.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/heap/SlotVisitor.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/heap/SlotVisitor.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -336,10 +336,7 @@
#if ENABLE(GC_VALIDATION)
void SlotVisitor::validate(JSCell* cell)
{
- if (!cell) {
- dataLogF("cell is NULL\n");
- CRASH();
- }
+ RELEASE_ASSERT(cell);
if (!cell->structure()) {
dataLogF("cell at %p has a null structure\n" , cell);
Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -835,9 +835,7 @@
ASSERT(isValidThisObject(thisObj, callFrame));
ASSERT(!globalData.exception);
- ASSERT(!globalData.isCollectorBusy());
- if (globalData.isCollectorBusy())
- CRASH();
+ RELEASE_ASSERT(!globalData.isCollectorBusy());
StackStats::CheckPoint stackCheckPoint;
const StackBounds& nativeStack = wtfThreadData().stack();
Modified: trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -114,8 +114,7 @@
#endif
PageReservation reservation = PageReservation::reserve(numPages * pageSize(), OSAllocator::JSJITCodePages, EXECUTABLE_POOL_WRITABLE, true);
- if (!reservation)
- CRASH();
+ RELEASE_ASSERT(reservation);
reservations.append(reservation);
@@ -216,8 +215,7 @@
PassRefPtr<ExecutableMemoryHandle> ExecutableAllocator::allocate(JSGlobalData&, size_t sizeInBytes, void* ownerUID, JITCompilationEffort effort)
{
RefPtr<ExecutableMemoryHandle> result = allocator()->allocate(sizeInBytes, ownerUID);
- if (!result && effort == JITCompilationMustSucceed)
- CRASH();
+ RELEASE_ASSERT(result || effort != JITCompilationMustSucceed);
return result.release();
}
Modified: trunk/Source/_javascript_Core/jit/ExecutableAllocator.h (140583 => 140584)
--- trunk/Source/_javascript_Core/jit/ExecutableAllocator.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/jit/ExecutableAllocator.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -81,8 +81,7 @@
inline size_t roundUpAllocationSize(size_t request, size_t granularity)
{
- if ((std::numeric_limits<size_t>::max() - granularity) <= request)
- CRASH(); // Allocation is too large
+ RELEASE_ASSERT((std::numeric_limits<size_t>::max() - granularity) > request);
// Round up to next page boundary
size_t size = request + (granularity - 1);
Modified: trunk/Source/_javascript_Core/jit/ExecutableAllocatorFixedVMPool.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/jit/ExecutableAllocatorFixedVMPool.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/jit/ExecutableAllocatorFixedVMPool.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -63,8 +63,7 @@
{
m_reservation = PageReservation::reserveWithGuardPages(fixedExecutableMemoryPoolSize, OSAllocator::JSJITCodePages, EXECUTABLE_POOL_WRITABLE, true);
#if !ENABLE(LLINT)
- if (!m_reservation)
- CRASH();
+ RELEASE_ASSERT(m_reservation);
#endif
if (m_reservation) {
ASSERT(m_reservation.size() == fixedExecutableMemoryPoolSize);
@@ -165,8 +164,7 @@
return result;
releaseExecutableMemory(globalData);
result = allocator->allocate(sizeInBytes, ownerUID);
- if (!result)
- CRASH();
+ RELEASE_ASSERT(result);
}
return result.release();
}
Modified: trunk/Source/_javascript_Core/runtime/ButterflyInlines.h (140583 => 140584)
--- trunk/Source/_javascript_Core/runtime/ButterflyInlines.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/runtime/ButterflyInlines.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -39,8 +39,7 @@
{
void* temp;
size_t size = totalSize(preCapacity, propertyCapacity, hasIndexingHeader, indexingPayloadSizeInBytes);
- if (!globalData.heap.tryAllocateStorage(size, &temp))
- CRASH();
+ RELEASE_ASSERT(globalData.heap.tryAllocateStorage(size, &temp));
Butterfly* result = fromBase(temp, preCapacity, propertyCapacity);
return result;
}
Modified: trunk/Source/_javascript_Core/runtime/Completion.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/runtime/Completion.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/runtime/Completion.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -55,9 +55,8 @@
JSValue evaluate(ExecState* exec, const SourceCode& source, JSValue thisValue, JSValue* returnedException)
{
JSLockHolder lock(exec);
- ASSERT(exec->globalData().identifierTable == wtfThreadData().currentIdentifierTable());
- if (exec->globalData().isCollectorBusy())
- CRASH();
+ RELEASE_ASSERT(exec->globalData().identifierTable == wtfThreadData().currentIdentifierTable());
+ RELEASE_ASSERT(!exec->globalData().isCollectorBusy());
CodeProfiling profile(source);
Modified: trunk/Source/_javascript_Core/runtime/JSArray.h (140583 => 140584)
--- trunk/Source/_javascript_Core/runtime/JSArray.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/runtime/JSArray.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -291,8 +291,7 @@
// FIXME: we should probably throw an out of memory error here, but
// when making this change we should check that all clients of this
// function will correctly handle an exception being thrown from here.
- if (!array)
- CRASH();
+ RELEASE_ASSERT(array);
for (unsigned i = 0; i < length; ++i)
array->initializeIndex(globalData, i, values.at(i));
@@ -307,8 +306,7 @@
// FIXME: we should probably throw an out of memory error here, but
// when making this change we should check that all clients of this
// function will correctly handle an exception being thrown from here.
- if (!array)
- CRASH();
+ RELEASE_ASSERT(array);
for (unsigned i = 0; i < length; ++i)
array->initializeIndex(globalData, i, values[i]);
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -593,8 +593,7 @@
void slowValidateCell(JSGlobalObject* globalObject)
{
- if (!globalObject->isGlobalObject())
- CRASH();
+ RELEASE_ASSERT(globalObject->isGlobalObject());
ASSERT_GC_OBJECT_INHERITS(globalObject, &JSGlobalObject::s_info);
}
Modified: trunk/Source/_javascript_Core/runtime/JSObject.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/runtime/JSObject.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/runtime/JSObject.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -558,8 +558,7 @@
}
Butterfly* newButterfly = storage->butterfly()->resizeArray(globalData, structure(), 0, ArrayStorage::sizeFor(0));
- if (!newButterfly)
- CRASH();
+ RELEASE_ASSERT(newButterfly);
m_butterfly = newButterfly;
newButterfly->arrayStorage()->m_indexBias = 0;
@@ -659,8 +658,8 @@
Butterfly* newButterfly = Butterfly::createOrGrowArrayRight(m_butterfly,
globalData, structure(), structure()->outOfLineCapacity(), false, 0,
ArrayStorage::sizeFor(vectorLength));
- if (!newButterfly)
- CRASH();
+ RELEASE_ASSERT(newButterfly);
+
ArrayStorage* result = newButterfly->arrayStorage();
result->setLength(length);
result->setVectorLength(vectorLength);
Modified: trunk/Source/_javascript_Core/tools/TieredMMapArray.h (140583 => 140584)
--- trunk/Source/_javascript_Core/tools/TieredMMapArray.h 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/tools/TieredMMapArray.h 2013-01-23 21:44:29 UTC (rev 140584)
@@ -78,8 +78,7 @@
// Reallocate the directory.
size_t oldDirectorySize = m_directoryCount * sizeof(T*);
size_t newDirectorySize = oldDirectorySize * 2;
- if (newDirectorySize < oldDirectorySize)
- CRASH();
+ RELEASE_ASSERT(newDirectorySize < oldDirectorySize);
m_directory = OSAllocator::reallocateCommitted(m_directory, oldDirectorySize, newDirectorySize);
//
Modified: trunk/Source/_javascript_Core/yarr/YarrInterpreter.cpp (140583 => 140584)
--- trunk/Source/_javascript_Core/yarr/YarrInterpreter.cpp 2013-01-23 21:36:53 UTC (rev 140583)
+++ trunk/Source/_javascript_Core/yarr/YarrInterpreter.cpp 2013-01-23 21:44:29 UTC (rev 140584)
@@ -111,8 +111,7 @@
{
size_t size = sizeof(DisjunctionContext) - sizeof(uintptr_t) + disjunction->m_frameSize * sizeof(uintptr_t);
allocatorPool = allocatorPool->ensureCapacity(size);
- if (!allocatorPool)
- CRASH();
+ RELEASE_ASSERT(allocatorPool);
return new (allocatorPool->alloc(size)) DisjunctionContext();
}
@@ -161,8 +160,7 @@
{
size_t size = sizeof(ParenthesesDisjunctionContext) - sizeof(unsigned) + (term.atom.parenthesesDisjunction->m_numSubpatterns << 1) * sizeof(unsigned) + sizeof(DisjunctionContext) - sizeof(uintptr_t) + disjunction->m_frameSize * sizeof(uintptr_t);
allocatorPool = allocatorPool->ensureCapacity(size);
- if (!allocatorPool)
- CRASH();
+ RELEASE_ASSERT(allocatorPool);
return new (allocatorPool->alloc(size)) ParenthesesDisjunctionContext(output, term);
}
@@ -207,8 +205,7 @@
int readChecked(unsigned negativePositionOffest)
{
- if (pos < negativePositionOffest)
- CRASH();
+ RELEASE_ASSERT(pos >= negativePositionOffest);
unsigned p = pos - negativePositionOffest;
ASSERT(p < length);
return input[p];
@@ -264,8 +261,7 @@
void uncheckInput(unsigned count)
{
- if (pos < count)
- CRASH();
+ RELEASE_ASSERT(pos >= count);
pos -= count;
}
@@ -276,8 +272,7 @@
bool atEnd(unsigned negativePositionOffest)
{
- if (pos < negativePositionOffest)
- CRASH();
+ RELEASE_ASSERT(pos >= negativePositionOffest);
return (pos - negativePositionOffest) == length;
}
@@ -1425,8 +1420,7 @@
output[i << 1] = offsetNoMatch;
allocatorPool = pattern->m_allocator->startAllocator();
- if (!allocatorPool)
- CRASH();
+ RELEASE_ASSERT(allocatorPool);
DisjunctionContext* context = allocDisjunctionContext(pattern->m_body.get());
