Bug 234971

Summary: JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED()
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=234965
Bug Depends on: 234932    
Bug Blocks:    

Description David Kilzer (:ddkilzer) 2022-01-07 11:13:57 PST
JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED().

These fall-throughs should either use RELEASE_ASSERT_NOT_REACHED(), or add a `return nullptr;` statement after ASSERT_NOT_REACHED().

Presumably the switch statement will never fall through unless there is memory corruption, so a RELEASE_ASSERT_NOT_REACHED() would catch such corruption much earlier.

JSWebAssemblyModule* JSWebAssemblyModule::createStub(VM& vm, JSGlobalObject* globalObject, Structure* structure, Wasm::Module::ValidationResult&& result)
{
    [...]
    auto error = module->generateWasmToJSStubs(vm);
    if (UNLIKELY(!error)) {
        switch (error.error()) {
        case Wasm::BindingFailure::OutOfMemory:
            throwException(globalObject, scope, createJSWebAssemblyLinkError(globalObject, vm, "Out of executable memory"_s));
            return nullptr;
        }
        ASSERT_NOT_REACHED();
    }
    return module;
}

See Source/JavaScriptCore/wasm/js/JSWebAssemblyModule.cpp.
Comment 1 Radar WebKit Bug Importer 2022-01-07 11:14:34 PST
<rdar://problem/87262829>