Bug 1349871: Check for masm OOM at the end of baseline codegen; r?lth
MozReview-Commit-ID: 8BEsRLsDCwS
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/wasm/regress/oom-masm-baseline.js
@@ -0,0 +1,31 @@
+if (typeof oomTest === 'undefined')
+ quit();
+
+try {
+ oomTest(Function(`
+ new WebAssembly.Module(wasmTextToBinary(\`
+ (module (func (result i32) (param f64) (param f32)
+ i64.const 0
+ get_local 0
+ drop
+ i32.wrap/i64
+ f64.const 0
+ f64.const 0
+ i32.const 0
+ select
+ f32.const 0
+ f32.const 0
+ f32.const 0
+ i32.const 0
+ select
+ i32.const 0
+ i32.const 0
+ i32.const 0
+ select
+ select
+ drop
+ drop
+ ))
+ \`))
+ `));
+} catch(e) { }
--- a/js/src/wasm/WasmBaselineCompile.cpp
+++ b/js/src/wasm/WasmBaselineCompile.cpp
@@ -2410,17 +2410,17 @@ class BaseCompiler
offsets_.end = masm.currentOffset();
// A frame greater than 256KB is implausible, probably an attack,
// so fail the compilation.
if (maxFramePushed_ > 256 * 1024)
return false;
- return true;
+ return !masm.oom();
}
//////////////////////////////////////////////////////////////////////
//
// Calls.
struct FunctionCall
{