corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1968209 - wasm: correctly handle OOMs related to BaseCompiler::patchHotnessCheck. a=RyanVM.

Browse Source 
In BaseCompiler::emitEnd, for LabelKind::Loop, don't try to patch the
loop-head hotness check if we are in an OOM state.

Original Revision: https://phabricator.services.mozilla.com/D251467

Differential Revision: https://phabricator.services.mozilla.com/D252187
This commit is contained in:
Julian Seward
2025-06-03 02:53:33 +00:00
committed by rvandermeulen@mozilla.com
parent 43782ec4ba
commit 2b681a7411
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
js/src/wasm/WasmBaselineCompile.cpp
View File

@@ -1189,6 +1189,7 @@ void BaseCompiler::patchHotnessCheck(CodeOffset offset, uint32_t step) {
// Zero makes the hotness check pointless. Above 127 is not representable in // Zero makes the hotness check pointless. Above 127 is not representable in
// the short-form Intel encoding. // the short-form Intel encoding.
MOZ_RELEASE_ASSERT(step > 0 && step <= 127); MOZ_RELEASE_ASSERT(step > 0 && step <= 127);
MOZ_ASSERT(!masm.oom());
masm.patchSub32FromMemAndBranchIfNegative(offset, Imm32(step)); masm.patchSub32FromMemAndBranchIfNegative(offset, Imm32(step));
} }
@@ -4186,6 +4187,11 @@ bool BaseCompiler::emitEnd() {
size_t loopBytecodeSize = size_t loopBytecodeSize =
iter_.lastOpcodeOffset() - controlItem().loopBytecodeStart; iter_.lastOpcodeOffset() - controlItem().loopBytecodeStart;
uint32_t step = BlockSizeToDownwardsStep(loopBytecodeSize); uint32_t step = BlockSizeToDownwardsStep(loopBytecodeSize);
// Don't try to patch the check if we've OOM'd, since the check might
// not actually exist.
if (masm.oom()) {
return false;
}
patchHotnessCheck(controlItem().offsetOfCtrDec, step); patchHotnessCheck(controlItem().offsetOfCtrDec, step);
} }
} }