Fix ordering of visit() in MemoryGrow interpretation (#5108)

This is a pretty subtle point that was missed in #4811 - we need to first visit the
child, then compute the size, as the child may alter that size.

Found by the fuzzer.

1 files changed, 4 insertions, 4 deletions

diff --git a/src/wasm-interpreter.h b/src/wasm-interpreter.h
index 56336b237..69434a297 100644
--- a/src/wasm-interpreter.h
+++ b/src/wasm-interpreter.h
@@ -3322,15 +3322,15 @@ public:
   }
   Flow visitMemoryGrow(MemoryGrow* curr) {
     NOTE_ENTER("MemoryGrow");
+    Flow flow = self()->visit(curr->delta);
+    if (flow.breaking()) {
+      return flow;
+    }
     auto info = getMemoryInstanceInfo(curr->memory);
     auto memorySize = info.instance->getMemorySize(info.name);
     auto* memory = info.instance->wasm.getMemory(info.name);
     auto indexType = memory->indexType;
     auto fail = Literal::makeFromInt64(-1, memory->indexType);
-    Flow flow = self()->visit(curr->delta);
-    if (flow.breaking()) {
-      return flow;
-    }
     Flow ret = Literal::makeFromInt64(memorySize, indexType);
     uint64_t delta = flow.getSingleValue().getUnsigned();
     if (delta > uint32_t(-1) / Memory::kPageSize && indexType == Type::i32) {