Bug 234971 - JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED()
Summary: JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED()
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on: 234932
Blocks:
  Show dependency treegraph
 
Reported: 2022-01-07 11:13 PST by David Kilzer (:ddkilzer)
Modified: 2022-01-07 11:14 PST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Kilzer (:ddkilzer) 2022-01-07 11:13:57 PST 
JSC::JSWebAssemblyModule::createStub() falls through ASSERT_NOT_REACHED().

These fall-throughs should either use RELEASE_ASSERT_NOT_REACHED(), or add a `return nullptr;` statement after ASSERT_NOT_REACHED().

Presumably the switch statement will never fall through unless there is memory corruption, so a RELEASE_ASSERT_NOT_REACHED() would catch such corruption much earlier.

JSWebAssemblyModule* JSWebAssemblyModule::createStub(VM& vm, JSGlobalObject* globalObject, Structure* structure, Wasm::Module::ValidationResult&& result)
{
    [...]
    auto error = module->generateWasmToJSStubs(vm);
    if (UNLIKELY(!error)) {
        switch (error.error()) {
        case Wasm::BindingFailure::OutOfMemory:
            throwException(globalObject, scope, createJSWebAssemblyLinkError(globalObject, vm, "Out of executable memory"_s));
            return nullptr;
        }
        ASSERT_NOT_REACHED();
    }
    return module;
}

See Source/JavaScriptCore/wasm/js/JSWebAssemblyModule.cpp.
Comment 1 Radar WebKit Bug Importer 2022-01-07 11:14:34 PST 
<rdar://problem/87262829>