Merge branch 'master' into Basilisk-release

author: wolfbeast <mcwerewolf@gmail.com> 2018-05-14 10:50:01 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-05-14 10:50:01 +0200
commit: e9dd029f5d00590e1a53e63b0ab805110a10b54c (patch)
tree: 1126ca5dda925a62be3dc12c99c90e953d08afcf /js/src/jit/RematerializedFrame.cpp
parent: 9d6a7ae25d7f5da855a8f8df884de483b4e2a538 (diff)
parent: 36b8fd734f590eb726ca2e50f8d1ff9cc968b8e1 (diff)
download: UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar
UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.gz
UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.lz
UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.xz
UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.zip
1 files changed, 11 insertions, 3 deletions
diff --git a/js/src/jit/RematerializedFrame.cpp b/js/src/jit/RematerializedFrame.cpp
index cb324220c..32fad1267 100644
--- a/js/src/jit/RematerializedFrame.cpp
+++ b/js/src/jit/RematerializedFrame.cpp
@@ -61,9 +61,17 @@ RematerializedFrame::New(JSContext* cx, uint8_t* top, InlineFrameIterator& iter,
 {
     unsigned numFormals = iter.isFunctionFrame() ? iter.calleeTemplate()->nargs() : 0;
     unsigned argSlots = Max(numFormals, iter.numActualArgs());
-    size_t numBytes = sizeof(RematerializedFrame) +
-        (argSlots + iter.script()->nfixed()) * sizeof(Value) -
-        sizeof(Value); // 1 Value included in sizeof(RematerializedFrame)
+    unsigned extraSlots = argSlots + iter.script()->nfixed();
+
+    // One Value slot is included in sizeof(RematerializedFrame), so we can
+    // reduce the extra slot count by one.  However, if there are zero slot
+    // allocations total, then reducing the slots by one will lead to
+    // the memory allocation being smaller  than sizeof(RematerializedFrame).
+    if (extraSlots > 0)
+        extraSlots -= 1;
+
+    size_t numBytes = sizeof(RematerializedFrame) + (extraSlots * sizeof(Value));
+    MOZ_ASSERT(numBytes >= sizeof(RematerializedFrame));
 
     void* buf = cx->pod_calloc<uint8_t>(numBytes);
     if (!buf)
author	wolfbeast <mcwerewolf@gmail.com>	2018-05-14 10:50:01 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-05-14 10:50:01 +0200
commit	e9dd029f5d00590e1a53e63b0ab805110a10b54c (patch)
tree	1126ca5dda925a62be3dc12c99c90e953d08afcf /js/src/jit/RematerializedFrame.cpp
parent	9d6a7ae25d7f5da855a8f8df884de483b4e2a538 (diff)
parent	36b8fd734f590eb726ca2e50f8d1ff9cc968b8e1 (diff)
download	UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.gz UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.lz UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.tar.xz UXP-e9dd029f5d00590e1a53e63b0ab805110a10b54c.zip