Bug 1537908 part 4 - Replace overflow check with a static_assert. r=tcampbell
authorJan de Mooij <jdemooij@mozilla.com>
Wed, 01 May 2019 15:40:11 +0000
changeset 531076 3ce407a093087045f4eab069aecc55c0bbb972b9
parent 531075 8dce6a746f7b8dd6df44c82af6eeaca18fc99a22
child 531077 3e3bc1430b8284c8fe7e0a30b5f6702d5a48e041
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstcampbell
bugs1537908
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1537908 part 4 - Replace overflow check with a static_assert. r=tcampbell Differential Revision: https://phabricator.services.mozilla.com/D29470
js/src/frontend/BytecodeEmitter.cpp
--- a/js/src/frontend/BytecodeEmitter.cpp
+++ b/js/src/frontend/BytecodeEmitter.cpp
@@ -245,23 +245,20 @@ bool BytecodeEmitter::emitCheck(JSOp op,
 
   // If op is JOF_TYPESET (see the type barriers comment in TypeInference.h),
   // reserve a type set to store its result.
   if (CodeSpec[op].format & JOF_TYPESET) {
     bytecodeSection().incrementNumTypeSets();
   }
 
   if (BytecodeOpHasIC(op)) {
-    // Because numICEntries also includes entries for formal arguments, we have
-    // to check for overflow here.
-    if (MOZ_UNLIKELY(bytecodeSection().numICEntries() == UINT32_MAX)) {
-      reportError(nullptr, JSMSG_NEED_DIET, js_script_str);
-      return false;
-    }
-
+    // Even if every bytecode op is a JOF_IC op and the function has ARGC_LIMIT
+    // arguments, numICEntries cannot overflow.
+    static_assert(MaxBytecodeLength + 1 /* this */ + ARGC_LIMIT <= UINT32_MAX,
+                  "numICEntries must not overflow");
     bytecodeSection().incrementNumICEntries();
   }
 
   return true;
 }
 
 void BytecodeEmitter::BytecodeSection::updateDepth(ptrdiff_t target) {
   jsbytecode* pc = code(target);