Bug 1573815 - Wasm: Report OOM correctly in 'ref.func' r=lth
authorRyan Hunt <rhunt@eqrion.net>
Thu, 15 Aug 2019 14:21:28 +0000
changeset 488236 893922ffdc3028ce282d8017503ebff4ce0bec7a
parent 488235 e8700fab7cb87b760e78b469ff48d7c731092adb
child 488237 04f03c56a77f2f5d2543937bb59d2bd6af136ae7
push id36437
push userncsoregi@mozilla.com
push dateThu, 15 Aug 2019 19:33:18 +0000
treeherdermozilla-central@44aac6fc3352 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerslth
bugs1573815
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1573815 - Wasm: Report OOM correctly in 'ref.func' r=lth WasmInstance::funcRef has 'FailureMode::FailOnInvalidRef' so it looks like we just need to report the OOM and return InvalidRef. Differential Revision: https://phabricator.services.mozilla.com/D42050
js/src/wasm/WasmInstance.cpp
--- a/js/src/wasm/WasmInstance.cpp
+++ b/js/src/wasm/WasmInstance.cpp
@@ -1012,22 +1012,25 @@ void Instance::initElems(uint32_t tableI
   // what we want.
   if (funcIndex < funcImports.length()) {
     FuncImportTls& import = instance->funcImportTls(funcImports[funcIndex]);
     return AnyRef::fromJSObject(import.fun).forCompiledCode();
   }
 
   RootedFunction fun(cx);
   RootedWasmInstanceObject instanceObj(cx, instance->object());
-  if (WasmInstanceObject::getExportedFunction(cx, instanceObj, funcIndex,
-                                              &fun)) {
-    return AnyRef::fromJSObject(fun).forCompiledCode();
+  if (!WasmInstanceObject::getExportedFunction(cx, instanceObj, funcIndex,
+                                               &fun)) {
+    // Validation ensures that we always have a valid funcIndex, so we must
+    // have OOM'ed
+    ReportOutOfMemory(cx);
+    return AnyRef::invalid().forCompiledCode();
   }
 
-  return AnyRef::invalid().forCompiledCode();
+  return AnyRef::fromJSObject(fun).forCompiledCode();
 }
 
 /* static */ void Instance::postBarrier(Instance* instance,
                                         gc::Cell** location) {
   MOZ_ASSERT(SASigPostBarrier.failureMode == FailureMode::Infallible);
   MOZ_ASSERT(location);
   TlsContext.get()->runtime()->gc.storeBuffer().putCell(
       reinterpret_cast<JSObject**>(location));