254760 – [Wasm-GC] Enforce operand limit for `array.new_canon_fixed`

RESOLVED DUPLICATE of bug 256959 254760

[Wasm-GC] Enforce operand limit for `array.new_canon_fixed`

https://bugs.webkit.org/show_bug.cgi?id=254760

Summary [Wasm-GC] Enforce operand limit for `array.new_canon_fixed`

Tim Chevalier

Reported 2023-03-30 12:07:32 PDT

The spec, https://github.com/WebAssembly/gc/pull/360/files , was recently updated to specify that the maximum number of operands to `array.new_fixed` is 10000 and the implementation should throw a `RuntimeError` if that is exceeded. In the current implementation (about to land; see https://bugs.webkit.org/show_bug.cgi?id=252350 ), no limit is enforced. This should be easy to change in the parser, but unfortunately I'm out of time to work on this.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2023-04-06 12:08:16 PDT

<rdar://problem/107720913>

David Degazio

Comment 2 2024-07-24 15:07:17 PDT

Keith seems to have resolved this in https://bugs.webkit.org/show_bug.cgi?id=256959. *** This bug has been marked as a duplicate of bug 256959 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 256959

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Local Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebAssembly

Assignee

Nobody

Reported

2023-03-30 12:07 PDT

Modified

2024-07-24 15:07 PDT History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks

247394

Dependencies

tree graph