Bug 1300504 - prevent null pointer dereference in MWasmCall::NewBuiltinInstanceMethodCall. r?jandem
MozReview-Commit-ID: 1oQVjnyJAMm
--- a/js/src/jit/MIR.cpp
+++ b/js/src/jit/MIR.cpp
@@ -5426,16 +5426,18 @@ MWasmCall::NewBuiltinInstanceMethodCall(
const Args& args,
MIRType resultType,
uint32_t spIncrement)
{
auto callee = wasm::CalleeDesc::builtinInstanceMethod(builtin);
MWasmCall* call = MWasmCall::New(alloc, desc, callee, args, resultType, spIncrement,
MWasmCall::DontSaveTls, nullptr);
+ if (!call)
+ return nullptr;
MOZ_ASSERT(instanceArg != ABIArg()); // instanceArg must be initialized.
call->instanceArg_ = instanceArg;
return call;
}
void
MSqrt::trySpecializeFloat32(TempAllocator& alloc) {
if (!input()->canProduceFloat32() || !CheckUsesAreFloat32Consumers(this)) {