Bug 1320226: Report OOM when going through all the wasm instances and when copying the wasm buffer source fails; r=luke
authorBenjamin Bouvier <benj@benj.me>
Fri, 25 Nov 2016 11:32:18 +0100
changeset 324646 fd4aacce0b0083b14ba143890b85e6629b4a8aa1
parent 324645 749e21617b58de3feb9c91921cf1060a2b81b37f
child 324647 c54418718a5a6f41f60992a896e301cf1664270d
push id24
push usermaklebus@msu.edu
push dateTue, 20 Dec 2016 03:11:33 +0000
reviewersluke
bugs1320226
milestone53.0a1
Bug 1320226: Report OOM when going through all the wasm instances and when copying the wasm buffer source fails; r=luke MozReview-Commit-ID: I3kBfJpCRIb
js/src/vm/Debugger.cpp
js/src/wasm/WasmJS.cpp
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@@ -4305,18 +4305,23 @@ class MOZ_STACK_CLASS Debugger::ScriptQu
                     return false;
                 }
             }
         }
 
         // TODOshu: Until such time that wasm modules are real ES6 modules,
         // unconditionally consider all wasm toplevel instance scripts.
         for (WeakGlobalObjectSet::Range r = debugger->allDebuggees(); !r.empty(); r.popFront()) {
-            for (wasm::Instance* instance : r.front()->compartment()->wasm.instances())
+            for (wasm::Instance* instance : r.front()->compartment()->wasm.instances()) {
                 consider(instance->object());
+                if (oom) {
+                    ReportOutOfMemory(cx);
+                    return false;
+                }
+            }
         }
 
         return true;
     }
 
     Handle<ScriptVector> foundScripts() const {
         return vector;
     }
--- a/js/src/wasm/WasmJS.cpp
+++ b/js/src/wasm/WasmJS.cpp
@@ -706,28 +706,37 @@ static bool
 GetBufferSource(JSContext* cx, JSObject* obj, unsigned errorNumber, MutableBytes* bytecode)
 {
     *bytecode = cx->new_<ShareableBytes>();
     if (!*bytecode)
         return false;
 
     JSObject* unwrapped = CheckedUnwrap(obj);
 
+    size_t byteLength = 0;
+    uint8_t* ptr = nullptr;
     if (unwrapped && unwrapped->is<TypedArrayObject>()) {
         TypedArrayObject& view = unwrapped->as<TypedArrayObject>();
-        return (*bytecode)->append((uint8_t*)view.viewDataEither().unwrap(), view.byteLength());
+        byteLength = view.byteLength();
+        ptr = (uint8_t*)view.viewDataEither().unwrap();
+    } else if (unwrapped && unwrapped->is<ArrayBufferObject>()) {
+        ArrayBufferObject& buffer = unwrapped->as<ArrayBufferObject>();
+        byteLength = buffer.byteLength();
+        ptr = buffer.dataPointer();
+    } else {
+        JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNumber);
+        return false;
     }
 
-    if (unwrapped && unwrapped->is<ArrayBufferObject>()) {
-        ArrayBufferObject& buffer = unwrapped->as<ArrayBufferObject>();
-        return (*bytecode)->append(buffer.dataPointer(), buffer.byteLength());
+    if (!(*bytecode)->append(ptr, byteLength)) {
+        ReportOutOfMemory(cx);
+        return false;
     }
 
-    JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNumber);
-    return false;
+    return true;
 }
 
 static bool
 InitCompileArgs(JSContext* cx, CompileArgs* compileArgs)
 {
     ScriptedCaller scriptedCaller;
     if (!DescribeScriptedCaller(cx, &scriptedCaller))
         return false;