[Bug]: Out Of Memory Abort during asm.js module linking

[bendrissou]

ChakraCore Version

622c745

Steps to reproduce

Build ChakraCore with the default configuration:

./build.sh

Run ChakraCore with the provided input:

./out/Release/ch test.js

Proof of concept

function asmModule(global) {
    "use asm";
    var sin = global.sin;
    function foo() {
        return +sin(0.0);
    }
    function bar() {
        return +foo();
    }
    return bar;
}
var bar = asmModule(this);
var y = asmModule("pass");

Exception or Error

Console output:

Aborted (core dumped)

Exite code:

134


GDB output:

(gdb) run
Starting program: ./out/Release/ch test.js
warning: Error disabling address space randomization: Operation not permitted
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fb74068f700 (LWP 1019429)]
[New Thread 0x7fb73fe5f700 (LWP 1019432)]
[New Thread 0x7fb73f65e700 (LWP 1019433)]

Thread 1 "ch" received signal SIGILL, Illegal instruction.
0x00007fbf4141c511 in ReportFatalException () from /home/chakracore/program/out/Release/libChakraCore.so
(gdb) bt
#0  0x00007fbf4141c511 in ReportFatalException () from /home/chakracore/program/out/Release/libChakraCore.so
#1  0x00007fbf4141c619 in OutOfMemory_unrecoverable_error() () from /home/chakracore/program/out/Release/libChakraCore.so
#2  0x00007fbf4146eaec in Js::Exception::RaiseIfScriptActive(Js::ScriptContext*, unsigned int, void*) ()
   from /home/chakracore/program/out/Release/libChakraCore.so
#3  0x00007fbf4141c7b9 in Js::Throw::OutOfMemory() () from /home/chakracore/program/out/Release/libChakraCore.so
#4  0x00007fbf415c3ffb in Js::InterpreterStackFrame::ProcessLinkFailedAsmJsModule() () from /home/chakracore/program/out/Release/libChakraCore.so
#5  0x00007fbf415c36dd in Js::InterpreterStackFrame::ProcessAsmJsModule() () from /home/chakracore/program/out/Release/libChakraCore.so
#6  0x00007fbf415b8f66 in Js::InterpreterStackFrame::Process() () from /home/chakracore/program/out/Release/libChakraCore.so
#7  0x00007fbf415b8604 in Js::InterpreterStackFrame::InterpreterHelper(Js::ScriptFunction*, Js::ArgumentReader, void*, void*, Js::InterpreterStackFrame::AsmJsReturnStruct*) () from /home/chakracore/program/out/Release/libChakraCore.so
#8  0x00007fbf415b8195 in Js::InterpreterStackFrame::InterpreterThunk(Js::JavascriptCallStackLayout*) ()
   from /home/chakracore/program/out/Release/libChakraCore.so
#9  0x00007fb73edb0f9a in ?? ()
#10 0x00007ffdb2b24640 in ?? ()
#11 0x00007fbf4187d5ee in amd64_CallFunction () from /home/chakracore/program/out/Release/libChakraCore.so
Backtrace stopped: frame did not save the PC

Additional Context

No response

[rhuanjl]

This looks to me like there's a missing catchable stack over flow error perhaps in ProcessAsmJsModule - and hence we're hitting an unrecoverable out of memory.