Bug 1598377 - Only allow function types with one result when CL is enabled. r=lth
☠☠ backed out by 7c75c3077b22 ☠ ☠
authorRyan Hunt <rhunt@eqrion.net>
Fri, 06 Dec 2019 01:52:38 +0000
changeset 567940 f0865dabd55a549de7cad0dcdede430ec3c83fd5
parent 567939 87ee29f02a8844be5123fa7f26f885b27d33f6e7
child 567941 774ad330f4f6eab85644f083607158115f8cfa38
push id12493
push userffxbld-merge
push dateMon, 06 Jan 2020 15:38:57 +0000
treeherdermozilla-beta@63ae456b848d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerslth
bugs1598377
milestone73.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1598377 - Only allow function types with one result when CL is enabled. r=lth Differential Revision: https://phabricator.services.mozilla.com/D55029
js/src/wasm/WasmConstants.h
js/src/wasm/WasmValidate.cpp
js/src/wasm/WasmValidate.h
--- a/js/src/wasm/WasmConstants.h
+++ b/js/src/wasm/WasmConstants.h
@@ -573,21 +573,19 @@ static const unsigned MaxTables =
 static const unsigned MaxImports = 100000;
 static const unsigned MaxExports = 100000;
 static const unsigned MaxGlobals = 1000000;
 static const unsigned MaxDataSegments = 100000;
 static const unsigned MaxElemSegments = 10000000;
 static const unsigned MaxTableLength = 10000000;
 static const unsigned MaxLocals = 50000;
 static const unsigned MaxParams = 1000;
-#ifdef ENABLE_WASM_MULTI_VALUE
+// The actual maximum results may be `1` if multi-value is not enabled. Check
+// `env->funcMaxResults()` to get the correct value for a module.
 static const unsigned MaxResults = 1000;
-#else
-static const unsigned MaxResults = 1;
-#endif
 static const unsigned MaxStructFields = 1000;
 static const unsigned MaxMemoryMaximumPages = 65536;
 static const unsigned MaxStringBytes = 100000;
 static const unsigned MaxModuleBytes = 1024 * 1024 * 1024;
 static const unsigned MaxFunctionBytes = 7654321;
 
 // These limits pertain to our WebAssembly implementation only.
 
--- a/js/src/wasm/WasmValidate.cpp
+++ b/js/src/wasm/WasmValidate.cpp
@@ -1323,17 +1323,17 @@ static bool DecodeFuncType(Decoder& d, M
   if (!DecodeTypeVector(d, env, typeState, numArgs, &args)) {
     return false;
   }
 
   uint32_t numResults;
   if (!d.readVarU32(&numResults)) {
     return d.fail("bad number of function returns");
   }
-  if (numResults > MaxResults) {
+  if (numResults > env->funcMaxResults()) {
     return d.fail("too many returns in signature");
   }
   ValTypeVector results;
   if (!DecodeTypeVector(d, env, typeState, numResults, &results)) {
     return false;
   }
 
   if ((*typeState)[typeIndex] != TypeState::None) {
--- a/js/src/wasm/WasmValidate.h
+++ b/js/src/wasm/WasmValidate.h
@@ -226,16 +226,19 @@ struct ModuleEnvironment {
   bool usesSharedMemory() const { return memoryUsage == MemoryUsage::Shared; }
   bool isAsmJS() const { return kind == ModuleKind::AsmJS; }
   bool debugEnabled() const {
     return compilerEnv->debug() == DebugEnabled::True;
   }
   bool hugeMemoryEnabled() const {
     return !isAsmJS() && compilerEnv->hugeMemory();
   }
+  uint32_t funcMaxResults() const {
+    return multiValuesEnabled() ? MaxResults : 1;
+  }
   bool funcIsImport(uint32_t funcIndex) const {
     return funcIndex < funcImportGlobalDataOffsets.length();
   }
   bool isRefSubtypeOf(ValType one, ValType two) const {
     MOZ_ASSERT(one.isReference());
     MOZ_ASSERT(two.isReference());
 #if defined(ENABLE_WASM_REFTYPES)
 #  if defined(ENABLE_WASM_GC)