summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLars T Hansen <lhansen@mozilla.com>2019-05-25 15:41:06 +0200
committerwolfbeast <mcwerewolf@wolfbeast.com>2019-05-25 15:41:06 +0200
commita24d62130932b8104f931f925288d3abc9105684 (patch)
tree2f519e282a21e0484c98f17d5c2066b900c145a2
parent80eb8e08dd20fd18e841f8c813947cfb8cbbc4e5 (diff)
downloadUXP-a24d62130932b8104f931f925288d3abc9105684.tar
UXP-a24d62130932b8104f931f925288d3abc9105684.tar.gz
UXP-a24d62130932b8104f931f925288d3abc9105684.tar.lz
UXP-a24d62130932b8104f931f925288d3abc9105684.tar.xz
UXP-a24d62130932b8104f931f925288d3abc9105684.zip
[js, ARM] Always check error return from BufferOffset::diffB.
We were missing error checks at two points. In one case an error return is meaningful; in another case it is not, as the problem should have been guarded against at a higher level by emitting far jump islands soon enough during pasteup of compiled code.
-rw-r--r--js/src/jit/arm/Assembler-arm.cpp7
-rw-r--r--js/src/jit/arm/MacroAssembler-arm.cpp5
2 files changed, 10 insertions, 2 deletions
diff --git a/js/src/jit/arm/Assembler-arm.cpp b/js/src/jit/arm/Assembler-arm.cpp
index 2830f0695..1e20da1c8 100644
--- a/js/src/jit/arm/Assembler-arm.cpp
+++ b/js/src/jit/arm/Assembler-arm.cpp
@@ -2401,7 +2401,12 @@ Assembler::as_b(Label* l, Condition c)
if (oom())
return BufferOffset();
- as_b(BufferOffset(l).diffB<BOffImm>(ret), c, ret);
+ BOffImm off = BufferOffset(l).diffB<BOffImm>(ret);
+ if (off.isInvalid()) {
+ m_buffer.fail_bail();
+ return BufferOffset();
+ }
+ as_b(off, c, ret);
#ifdef JS_DISASM_ARM
spewBranch(m_buffer.getInstOrNull(ret), l);
#endif
diff --git a/js/src/jit/arm/MacroAssembler-arm.cpp b/js/src/jit/arm/MacroAssembler-arm.cpp
index d40578514..a4161ab00 100644
--- a/js/src/jit/arm/MacroAssembler-arm.cpp
+++ b/js/src/jit/arm/MacroAssembler-arm.cpp
@@ -5012,7 +5012,10 @@ void
MacroAssembler::patchCall(uint32_t callerOffset, uint32_t calleeOffset)
{
BufferOffset inst(callerOffset - 4);
- as_bl(BufferOffset(calleeOffset).diffB<BOffImm>(inst), Always, inst);
+ BOffImm off = BufferOffset(calleeOffset).diffB<BOffImm>(inst);
+ MOZ_RELEASE_ASSERT(!off.isInvalid(),
+ "Failed to insert necessary far jump islands");
+ as_bl(off, Always, inst);
}
CodeOffset