Bug 234971

Summary: JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED()
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=234965
Bug Depends on: 234932    
Bug Blocks:    

David Kilzer (:ddkilzer)
Reported 2022-01-07 11:13:57 PST
JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED(). These fall-throughs should either use RELEASE_ASSERT_NOT_REACHED(), or add a `return nullptr;` statement after ASSERT_NOT_REACHED(). Presumably the switch statement will never fall through unless there is memory corruption, so a RELEASE_ASSERT_NOT_REACHED() would catch such corruption much earlier. JSWebAssemblyModule* JSWebAssemblyModule::createStub(VM& vm, JSGlobalObject* globalObject, Structure* structure, Wasm::Module::ValidationResult&& result) { [...] auto error = module->generateWasmToJSStubs(vm); if (UNLIKELY(!error)) { switch (error.error()) { case Wasm::BindingFailure::OutOfMemory: throwException(globalObject, scope, createJSWebAssemblyLinkError(globalObject, vm, "Out of executable memory"_s)); return nullptr; } ASSERT_NOT_REACHED(); } return module; } See Source/JavaScriptCore/wasm/js/JSWebAssemblyModule.cpp.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-01-07 11:14:34 PST
<rdar://problem/87262829>
Note You need to log in before you can comment on or make changes to this bug.