Bug 1754305 - Make assertions in Maybe MOZ_RELEASE_ASSERT, r=glandium a=RyanVM

mystor · mystor · commit da2183ce94c8 · 2022-02-11T16:28:01.000Z
These assertions are already diagnostic asserts, and this will make failures to check Maybe into safe crashes rather than security bugs on all branches. A failure to check Maybe is more dangerous than a null pointer dereference, as the generated code will produce a valid reference to uninitialized data rather than a null reference which should safely segfault. Differential Revision: https://phabricator.services.mozilla.com/D138208
diff --git a/mfbt/Maybe.h b/mfbt/Maybe.h
@@ -455,7 +455,7 @@ class MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS Maybe
    * avoid multiple calls. Unsafe unless |isSome()|.
    */
   T extract() {
-    MOZ_DIAGNOSTIC_ASSERT(isSome());
+    MOZ_RELEASE_ASSERT(isSome());
     T v = std::move(mStorage.val);
     reset();
     return v;
@@ -683,7 +683,7 @@ class Maybe<T&> {
   constexpr bool isNothing() const { return !mValue; }
 
   T& ref() const {
-    MOZ_DIAGNOSTIC_ASSERT(isSome());
+    MOZ_RELEASE_ASSERT(isSome());
     return *mValue;
   }
 
@@ -743,98 +743,98 @@ class Maybe<T&> {
 
 template <typename T>
 constexpr T Maybe<T>::value() const& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return ref();
 }
 
 template <typename T>
 constexpr T Maybe<T>::value() && {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(ref());
 }
 
 template <typename T>
 constexpr T Maybe<T>::value() const&& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(ref());
 }
 
 template <typename T>
 T* Maybe<T>::ptr() {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return &ref();
 }
 
 template <typename T>
 constexpr const T* Maybe<T>::ptr() const {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return &ref();
 }
 
 template <typename T>
 constexpr T* Maybe<T>::operator->() {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return ptr();
 }
 
 template <typename T>
 constexpr const T* Maybe<T>::operator->() const {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return ptr();
 }
 
 template <typename T>
 constexpr T& Maybe<T>::ref() & {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return mStorage.val;
 }
 
 template <typename T>
 constexpr const T& Maybe<T>::ref() const& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return mStorage.val;
 }
 
 template <typename T>
 constexpr T&& Maybe<T>::ref() && {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(mStorage.val);
 }
 
 template <typename T>
 constexpr const T&& Maybe<T>::ref() const&& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(mStorage.val);
 }
 
 template <typename T>
 constexpr T& Maybe<T>::operator*() & {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return ref();
 }
 
 template <typename T>
 constexpr const T& Maybe<T>::operator*() const& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return ref();
 }
 
 template <typename T>
 constexpr T&& Maybe<T>::operator*() && {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(ref());
 }
 
 template <typename T>
 constexpr const T&& Maybe<T>::operator*() const&& {
-  MOZ_DIAGNOSTIC_ASSERT(isSome());
+  MOZ_RELEASE_ASSERT(isSome());
   return std::move(ref());
 }
 
 template <typename T>
 template <typename... Args>
 constexpr void Maybe<T>::emplace(Args&&... aArgs) {
-  MOZ_DIAGNOSTIC_ASSERT(!isSome());
+  MOZ_RELEASE_ASSERT(!isSome());
   ::new (KnownNotNull, &mStorage.val) T(std::forward<Args>(aArgs)...);
   mIsSome = true;
 }
