Bug 247383

Summary: [WASM-Function-References] Fix block signature parsing for reftypes
Product: WebKit Reporter: Asumu Takikawa <asumu>
Component: WebAssemblyAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 251295, 260123    
Bug Blocks: 247393    

Asumu Takikawa
Reported 2022-11-02 15:23:05 PDT
Parsing of block signatures currently does not correctly account for ref types with type indices. Here is an example that illustrates the problem: ``` // Run this in JSTests/wasm/gc import * as assert from "../assert.js"; import { compile, instantiate } from "./wast-wrapper.js"; instantiate(` (module (type (func)) (func (export "run") (block (result (ref null func)) (ref.null 0)) ;; (ref null 0) <: (ref null func) (br 0) ) ) `).exports.run(); ``` This program should validate (and does in the reference interpreter) but currently doesn't in JSC. The problem is that `(ref null func)` in the block signature is not parsed correctly; it gets turned into a ref type with an invalid 0 index. This can be fixed by adding a special case to `parseBlockSignature` for ref types.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-11-09 14:24:19 PST
<rdar://problem/102159543>
Asumu Takikawa
Comment 2 2023-01-24 15:49:27 PST
Pull request: https://github.com/WebKit/WebKit/pull/9081
EWS
Comment 3 2023-01-26 06:31:03 PST
Committed 259421@main (3e28bdb07aa2): <https://commits.webkit.org/259421@main> Reviewed commits have been landed. Closing PR #9081 and removing active labels.
WebKit Commit Bot
Comment 4 2023-01-27 14:36:27 PST
Re-opened since this is blocked by bug 251295
Asumu Takikawa
Comment 5 2023-08-09 17:08:18 PDT
Pull request: https://github.com/WebKit/WebKit/pull/16542
EWS
Comment 6 2023-08-12 11:42:24 PDT
Committed 266847@main (5ff67f8945d7): <https://commits.webkit.org/266847@main> Reviewed commits have been landed. Closing PR #16542 and removing active labels.
WebKit Commit Bot
Comment 7 2023-08-12 22:24:55 PDT
Re-opened since this is blocked by bug 260123
Asumu Takikawa
Comment 8 2023-08-28 14:42:29 PDT
Pull request: https://github.com/WebKit/WebKit/pull/17146
EWS
Comment 9 2023-11-28 22:48:00 PST
Committed 271262@main (9a518a553026): <https://commits.webkit.org/271262@main> Reviewed commits have been landed. Closing PR #17146 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.