Bug 638627 - Properly handle failures to patch guards due to non-32-bit offsets (NJ-specific part). r=dvander.

--HG-- extra : convert_revision : b3948560bcbc91ed1e7416d2f9ad495e1c8daca1
2024-09-13 09:24:08 -07:00 · 2011-03-10 16:16:42 -08:00 · 2011-03-10 16:16:42 -08:00 · ec0be2faaa
commit ec0be2faaa
parent a372a8f059
1 changed files with 6 additions and 5 deletions
--- a/js/src/nanojit/NativeX64.cpp
+++ b/js/src/nanojit/NativeX64.cpp
@ -221,10 +221,8 @@ namespace nanojit
        // but from the following instruction.  Eg. 'jmp $0' will jump to the
        // next instruction.
        int64_t offset = target ? target - _nIns : 0;
-        if (!isS32(offset)) {
+        if (!isS32(offset))
            setError(BranchTooFar);
-            NanoAssert(0);  // assert because we'd like to know if this ever happens
-        }
        emit(op | uint64_t(uint32_t(offset))<<32);
    }

@ -2014,7 +2012,7 @@ namespace nanojit
        // that the old value is poison.
        if (!isS32(target - next)) {
            setError(BranchTooFar);
-            NanoAssert(0);  // assert because we'd like to know if this ever happens
+            return;         // don't patch
        }
        ((int32_t*)next)[-1] = int32_t(target - next);
        if (next[0] == 0x0F && next[1] == 0x8A) {
@ -2022,7 +2020,10 @@ namespace nanojit
            // we just patched the jne, now patch the jp.
            next += 6;
            NanoAssert(((int32_t*)next)[-1] == 0);
-            NanoAssert(isS32(target - next));
+            if (!isS32(target - next)) {
+                setError(BranchTooFar);
+                return;     // don't patch
+            }
            ((int32_t*)next)[-1] = int32_t(target - next);
        }
    }