Bug 990787, part 5 - When allocating a small object in Ion fails, explicitly crash rather than returning nullptr and then crashing near null when initializing the object. This is for the convenience of OOM testing machinery. r=njn.

--HG-- extra : rebase_source : 4108a6543428cd4823fea8c2f1525d612cc58aae
2024-09-13 09:24:08 -07:00 · 2014-04-08 12:35:18 -05:00 · 2014-04-08 12:35:18 -05:00 · e9541a4f84
commit e9541a4f84
parent a586c356ac
2 changed files with 9 additions and 23 deletions
--- a/js/src/ds/LifoAlloc.h
+++ b/js/src/ds/LifoAlloc.h
@ -141,12 +141,6 @@ class BumpChunk
        return aligned;
    }

-    void *allocInfallible(size_t n) {
-        void *result = tryAlloc(n);
-        JS_ASSERT(result);
-        return result;
-    }
-
    void *peek(size_t n) {
        if (bumpBase() - bump < ptrdiff_t(n))
            return nullptr;
@ -275,19 +269,10 @@ class LifoAlloc
        if (!getOrCreateChunk(n))
            return nullptr;

-        return latest->allocInfallible(n);
-    }
-
-    MOZ_ALWAYS_INLINE
-    void *allocInfallible(size_t n) {
-        void *result;
-        if (latest && (result = latest->tryAlloc(n)))
-            return result;
-
-        mozilla::DebugOnly<BumpChunk *> chunk = getOrCreateChunk(n);
-        JS_ASSERT(chunk);
-
-        return latest->allocInfallible(n);
+        // Since we just created a large enough chunk, this can't fail.
+        result = latest->tryAlloc(n);
+        MOZ_ASSERT(result);
+        return result;
    }

    // Ensures that enough space exists to satisfy N bytes worth of
--- a/js/src/jit/IonAllocPolicy.h
+++ b/js/src/jit/IonAllocPolicy.h
@ -32,10 +32,11 @@ class TempAllocator
        rootList_(nullptr)
    { }

-    void *allocateInfallible(size_t bytes)
+    void *allocateOrCrash(size_t bytes)
    {
-        void *p = lifoScope_.alloc().allocInfallible(bytes);
-        JS_ASSERT(p);
+        void *p = lifoScope_.alloc().alloc(bytes);
+        if (!p)
+            js::CrashAtUnhandlableOOM("LifoAlloc::allocOrCrash");
        return p;
    }

@ -177,7 +178,7 @@ class AutoIonContextAlloc
 struct TempObject
 {
    inline void *operator new(size_t nbytes, TempAllocator &alloc) {
-        return alloc.allocateInfallible(nbytes);
+        return alloc.allocateOrCrash(nbytes);
    }
    template <class T>
    inline void *operator new(size_t nbytes, T *pos) {