Bug 1533204 - Crash [@ js::jit::CompileRuntime::mainContextPtr] with asm.js. r=jandem.
authorJulian Seward <jseward@acm.org>
Mon, 11 Mar 2019 17:38:44 +0100
changeset 521361 0dd9653849e2
parent 521360 52b03bc34899
child 521362 f8f1b79cbc42
push id10866
push usernerli@mozilla.com
push dateTue, 12 Mar 2019 18:59:09 +0000
treeherdermozilla-beta@445c24a51727 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjandem
bugs1533204
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1533204 - Crash [@ js::jit::CompileRuntime::mainContextPtr] with asm.js. r=jandem. This patch ensures that resetOsiPointRegs will not be called on safepoints associated with Wasm code, in CodeGenerator::generateBody.
js/src/jit-test/tests/wasm/regress/bug1533204.js
js/src/jit/CodeGenerator.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/wasm/regress/bug1533204.js
@@ -0,0 +1,10 @@
+// |jit-test| skip-if: helperThreadCount() === 0
+enableOsiPointRegisterChecks();
+evalInWorker(`
+function DiagModule(stdlib, foreign) {
+    "use asm";
+    function diag() {
+        while(1) {}
+    }
+    return {};
+`);
--- a/js/src/jit/CodeGenerator.cpp
+++ b/js/src/jit/CodeGenerator.cpp
@@ -6337,17 +6337,17 @@ bool CodeGenerator::generateBody() {
       JitSpewFin(JitSpew_Codegen);
 #endif
 
       if (counts) {
         blockCounts->visitInstruction(*iter);
       }
 
 #ifdef CHECK_OSIPOINT_REGISTERS
-      if (iter->safepoint()) {
+      if (iter->safepoint() && !gen->compilingWasm()) {
         resetOsiPointRegs(iter->safepoint());
       }
 #endif
 
       if (iter->mirRaw()) {
         // Only add instructions that have a tracked inline script tree.
         if (iter->mirRaw()->trackedTree()) {
           if (!addNativeToBytecodeEntry(iter->mirRaw()->trackedSite())) {