[webkit-changes] [295091] trunk

Wed, 01 Jun 2022 09:55:40 -0700

Title: [295091] trunk
Revision
295091
Author
commit-qu...@webkit.org
Date
2022-06-01 09:55:02 -0700 (Wed, 01 Jun 2022)

Log Message

Fix Wasm referenced function calculation for globals
https://bugs.webkit.org/show_bug.cgi?id=239588

Patch by Asumu Takikawa <as...@igalia.com> on 2022-06-01
Reviewed by Keith Miller.

JSTests:

* wasm/regress/239588.js: Added.
(module):

Source/_javascript_Core:

* wasm/WasmSectionParser.cpp:
(JSC::Wasm::SectionParser::parseInitExpr):

Canonical link: https://commits.webkit.org/251186@main

Modified Paths

Added Paths

Diff

Added: trunk/JSTests/wasm/regress/239588.js (0 => 295091)


--- trunk/JSTests/wasm/regress/239588.js	                        (rev 0)
+++ trunk/JSTests/wasm/regress/239588.js	2022-06-01 16:55:02 UTC (rev 295091)
@@ -0,0 +1,16 @@
+function module(bytes, valid = true) {
+  let buffer = new ArrayBuffer(bytes.length);
+  let view = new Uint8Array(buffer);
+  for (let i = 0; i < bytes.length; ++i) {
+    view[i] = bytes.charCodeAt(i);
+  }
+  return new WebAssembly.Module(buffer);
+}
+
+/*
+ *  (module
+ *    (type (func))
+ *    (global funcref (ref.func 0))
+ *    (func (type 0)))
+ */
+new WebAssembly.Instance(module("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x06\x06\x01\x70\x00\xd2\x00\x0b\x0a\x04\x01\x02\x00\x0b"));

Modified: trunk/Source/_javascript_Core/wasm/WasmSectionParser.cpp (295090 => 295091)


--- trunk/Source/_javascript_Core/wasm/WasmSectionParser.cpp	2022-06-01 16:20:48 UTC (rev 295090)
+++ trunk/Source/_javascript_Core/wasm/WasmSectionParser.cpp	2022-06-01 16:55:02 UTC (rev 295091)
@@ -628,6 +628,7 @@
         uint32_t index;
         WASM_PARSER_FAIL_IF(!parseVarUInt32(index), "can't get ref.func index");
         WASM_PARSER_FAIL_IF(index >= m_info->functions.size(), "ref.func index", index, " exceeds the number of functions ", m_info->functions.size());
+        m_info->addReferencedFunction(index);
 
         if (Options::useWebAssemblyTypedFunctionReferences()) {
             TypeIndex typeIndex = m_info->typeIndexFromFunctionIndexSpace(index);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to