Closed
Bug 1423952
Opened 6 years ago
Closed 6 years ago
Wasm: Misinterpretation of limit on local variables during verification?
Categories
(Core :: JavaScript Engine: JIT, enhancement, P3)
Core
JavaScript Engine: JIT
Tracking
()
RESOLVED
INVALID
People
(Reporter: lth, Unassigned)
References
Details
If I read the webkit source correctly, they account separately for the number of parameters and the number of locals: https://github.com/WebKit/webkit/blob/bcea987544319783957bfaa1a05728a67edd4ce3/Source/JavaScriptCore/wasm/WasmModuleParser.cpp#L108 et seq https://github.com/WebKit/webkit/blob/a24ff92ae29eaa04aa37cf99ad810a0b47dd336a/Source/JavaScriptCore/wasm/WasmFunctionParser.h#L109 et seq So, they can accomodate 50000 locals *and* 1000 parameters. We, on the other hand, account for those together, so we can accomodate 1000 parameters per function, and then up to 50000 locals *including* the parameters. As usual I can't find the part of the wasm spec (if any) that contains the canonical numbers or their interpretation, the closest I've come is here: https://github.com/WebAssembly/design/issues/1138.
Comment 1•6 years ago
|
||
For what it's worth, v8 uses and interprets the limits as webkit: https://github.com/v8/v8/blob/master/src/wasm/wasm-limits.h#L33-L34
Comment 2•6 years ago
|
||
Per analysis from Lars (lost in the depths of irc, alas) it is believed that (1) our implemention is actually correct, (2) the spec has now caught up, and that (3) the testcases due to land in bug 1467071 verify this. So this bug can now be closed.
Comment 3•6 years ago
|
||
Closing. It seems our implementation was correct all along.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•