Bug 1320226: Report OOM when going through all the wasm instances and when copying the wasm buffer source fails; r=luke
authorBenjamin Bouvier <benj@benj.me>
Fri, 25 Nov 2016 11:32:18 +0100
changeset 324613 fd4aacce0b0083b14ba143890b85e6629b4a8aa1
parent 324612 749e21617b58de3feb9c91921cf1060a2b81b37f
child 324614 c54418718a5a6f41f60992a896e301cf1664270d
push id31009
push usercbook@mozilla.com
push dateTue, 29 Nov 2016 15:47:31 +0000
treeherdermozilla-central@8d8846f63b74 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersluke
bugs1320226
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1320226: Report OOM when going through all the wasm instances and when copying the wasm buffer source fails; r=luke MozReview-Commit-ID: I3kBfJpCRIb
js/src/vm/Debugger.cpp
js/src/wasm/WasmJS.cpp
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@@ -4305,18 +4305,23 @@ class MOZ_STACK_CLASS Debugger::ScriptQu
                     return false;
                 }
             }
         }
 
         // TODOshu: Until such time that wasm modules are real ES6 modules,
         // unconditionally consider all wasm toplevel instance scripts.
         for (WeakGlobalObjectSet::Range r = debugger->allDebuggees(); !r.empty(); r.popFront()) {
-            for (wasm::Instance* instance : r.front()->compartment()->wasm.instances())
+            for (wasm::Instance* instance : r.front()->compartment()->wasm.instances()) {
                 consider(instance->object());
+                if (oom) {
+                    ReportOutOfMemory(cx);
+                    return false;
+                }
+            }
         }
 
         return true;
     }
 
     Handle<ScriptVector> foundScripts() const {
         return vector;
     }
--- a/js/src/wasm/WasmJS.cpp
+++ b/js/src/wasm/WasmJS.cpp
@@ -706,28 +706,37 @@ static bool
 GetBufferSource(JSContext* cx, JSObject* obj, unsigned errorNumber, MutableBytes* bytecode)
 {
     *bytecode = cx->new_<ShareableBytes>();
     if (!*bytecode)
         return false;
 
     JSObject* unwrapped = CheckedUnwrap(obj);
 
+    size_t byteLength = 0;
+    uint8_t* ptr = nullptr;
     if (unwrapped && unwrapped->is<TypedArrayObject>()) {
         TypedArrayObject& view = unwrapped->as<TypedArrayObject>();
-        return (*bytecode)->append((uint8_t*)view.viewDataEither().unwrap(), view.byteLength());
+        byteLength = view.byteLength();
+        ptr = (uint8_t*)view.viewDataEither().unwrap();
+    } else if (unwrapped && unwrapped->is<ArrayBufferObject>()) {
+        ArrayBufferObject& buffer = unwrapped->as<ArrayBufferObject>();
+        byteLength = buffer.byteLength();
+        ptr = buffer.dataPointer();
+    } else {
+        JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNumber);
+        return false;
     }
 
-    if (unwrapped && unwrapped->is<ArrayBufferObject>()) {
-        ArrayBufferObject& buffer = unwrapped->as<ArrayBufferObject>();
-        return (*bytecode)->append(buffer.dataPointer(), buffer.byteLength());
+    if (!(*bytecode)->append(ptr, byteLength)) {
+        ReportOutOfMemory(cx);
+        return false;
     }
 
-    JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNumber);
-    return false;
+    return true;
 }
 
 static bool
 InitCompileArgs(JSContext* cx, CompileArgs* compileArgs)
 {
     ScriptedCaller scriptedCaller;
     if (!DescribeScriptedCaller(cx, &scriptedCaller))
         return false;