Bug 1111327 - Fix AsmJSModule::clone to duplicate profiling labels (r=dougc)

--HG-- extra : rebase_source : fce96207623d1bc9c480694bd311d25e827d35f6
2024-09-13 09:24:08 -07:00 · 2014-12-16 08:59:53 -06:00 · 2014-12-16 08:59:53 -06:00 · 4110d21005
commit 4110d21005
parent dffa5fa728
3 changed files with 27 additions and 1 deletions
--- a/js/src/asmjs/AsmJSModule.cpp
+++ b/js/src/asmjs/AsmJSModule.cpp
@ -1496,6 +1496,11 @@ AsmJSModule::serializedSize() const
 uint8_t *
 AsmJSModule::serialize(uint8_t *cursor) const
 {
+    MOZ_ASSERT(!dynamicallyLinked_);
+    MOZ_ASSERT(!loadedFromCache_);
+    MOZ_ASSERT(!profilingEnabled_);
+    MOZ_ASSERT(!interrupted_);
+
    cursor = WriteBytes(cursor, &pod, sizeof(pod));
    cursor = WriteBytes(cursor, code_, pod.codeBytes_);
    cursor = SerializeName(cursor, globalArgumentName_);
@ -1590,6 +1595,16 @@ AsmJSModule::clone(JSContext *cx, ScopedJSDeletePtr<AsmJSModule> *moduleOut) con
    out.loadedFromCache_ = loadedFromCache_;
    out.profilingEnabled_ = profilingEnabled_;

+    if (profilingEnabled_) {
+        if (!out.profilingLabels_.resize(profilingLabels_.length()))
+            return false;
+        for (size_t i = 0; i < profilingLabels_.length(); i++) {
+            out.profilingLabels_[i] = DuplicateString(cx, profilingLabels_[i].get());
+            if (!out.profilingLabels_[i])
+                return false;
+        }
+    }
+
    // We already know the exact extent of areas that need to be patched, just make sure we
    // flush all of them at once.
    out.setAutoFlushICacheRange();
--- a/js/src/asmjs/AsmJSModule.h
+++ b/js/src/asmjs/AsmJSModule.h
@ -645,7 +645,7 @@ class AsmJSModule
        bool clone(ExclusiveContext *cx, Name *out) const;
    };

-    typedef mozilla::UniquePtr<char, JS::FreePolicy> ProfilingLabel;
+    typedef mozilla::UniquePtr<char[], JS::FreePolicy> ProfilingLabel;

 #if defined(MOZ_VTUNE) || defined(JS_ION_PERF)
    // Function information to add to the VTune JIT profiler following linking.
--- a/js/src/jit-test/tests/asm.js/testBug1111327.js
+++ b/js/src/jit-test/tests/asm.js/testBug1111327.js
@ -0,0 +1,11 @@
+load(libdir + "asm.js");
+
+// Single-step profiling currently only works in the ARM simulator
+if (!getBuildConfiguration()["arm-simulator"])
+    quit();
+
+enableSPSProfiling();
+enableSingleStepProfiling();
+var m = asmCompile(USE_ASM + 'function f() {} return f');
+asmLink(m)();
+asmLink(m)();