Backed out 4 changesets (bug 1728934) for causing Mochitest failures. CLOSED TREE

Backed out changeset 5e64ae0a8b00 (bug 1728934)
Backed out changeset 3538237090bf (bug 1728934)
Backed out changeset a240e5a52df4 (bug 1728934)
Backed out changeset a932fbd95f01 (bug 1728934)

config/external/rlbox_wasm2c_sandbox/moz.yaml

@@ -9,8 +9,8 @@ origin:
   description: rlbox integration for the wasm2c sandboxed code
   url: https://github.com/PLSysSec/rlbox_wasm2c_sandbox
 
-  release: commit 95b0e954c9d140a22dfe1755e747ddc132ae82ac (2021-09-29T22:50:14Z).
-  revision: 95b0e954c9d140a22dfe1755e747ddc132ae82ac
+  release: commit a7b7233cf1845bc2548ffc7ea06f27e8a024b851 (2021-08-24T08:37:28Z).
+  revision: a7b7233cf1845bc2548ffc7ea06f27e8a024b851
 
   license: MIT
   license-file: LICENSE

config/external/wasm2c_sandbox_compiler/moz.yaml

@@ -9,8 +9,8 @@ origin:
   description: wasm2c fork used for rlbox sandboxing
   url: https://github.com/PLSysSec/wasm2c_sandbox_compiler
 
-  release: commit 32a8ad683fe2390200cc3b7c8e5ffb55b071e781 (2021-09-29T22:48:37Z).
-  revision: 32a8ad683fe2390200cc3b7c8e5ffb55b071e781
+  release: commit 551fd0e7d8f0349562d4402bc626a689e7ecde4f (2021-09-09T00:19:32Z).
+  revision: 551fd0e7d8f0349562d4402bc626a689e7ecde4f
 
   license: Apache-2.0
   license-file: LICENSE

dom/media/ogg/OggDemuxer.cpp

@@ -66,45 +66,35 @@ static const int64_t OGG_SEEK_OPUS_PREROLL = 80 * USECS_PER_MS;
 
 static Atomic<uint32_t> sStreamSourceID(0u);
 
-OggDemuxer::nsAutoOggSyncState::nsAutoOggSyncState(rlbox_sandbox_ogg* aSandbox)
+OggDemuxer::nsAutoOggSyncState::nsAutoOggSyncState(rlbox_sandbox_ogg& aSandbox)
     : mSandbox(aSandbox) {
-  if (mSandbox) {
-    tainted_ogg<ogg_sync_state*> state =
-        mSandbox->malloc_in_sandbox<ogg_sync_state>();
-    MOZ_RELEASE_ASSERT(state != nullptr);
-    mState = state.to_opaque();
-    sandbox_invoke(*mSandbox, ogg_sync_init, mState);
-  }
+  tainted_ogg<ogg_sync_state*> state =
+      mSandbox.malloc_in_sandbox<ogg_sync_state>();
+  MOZ_RELEASE_ASSERT(state != nullptr);
+  mState = state.to_opaque();
+  sandbox_invoke(mSandbox, ogg_sync_init, mState);
 }
 OggDemuxer::nsAutoOggSyncState::~nsAutoOggSyncState() {
-  if (mSandbox) {
-    sandbox_invoke(*mSandbox, ogg_sync_clear, mState);
-    mSandbox->free_in_sandbox(rlbox::from_opaque(mState));
-    tainted_ogg<ogg_sync_state*> null = nullptr;
-    mState = null.to_opaque();
-  }
+  sandbox_invoke(mSandbox, ogg_sync_clear, mState);
+  mSandbox.free_in_sandbox(rlbox::from_opaque(mState));
+  tainted_ogg<ogg_sync_state*> null = nullptr;
+  mState = null.to_opaque();
 }
 
 /* static */
 rlbox_sandbox_ogg* OggDemuxer::CreateSandbox() {
   rlbox_sandbox_ogg* sandbox = new rlbox_sandbox_ogg();
 #ifdef MOZ_WASM_SANDBOXING_OGG
-  bool success = sandbox->create_sandbox(mozilla::ipc::GetSandboxedRLBoxPath().get(), false /* infallible */);
+  sandbox->create_sandbox(mozilla::ipc::GetSandboxedRLBoxPath().get());
 #else
-  bool success = sandbox->create_sandbox();
+  sandbox->create_sandbox();
 #endif
-  if (!success) {
-    delete sandbox;
-    sandbox = nullptr;
-  }
   return sandbox;
 }
 
 void OggDemuxer::SandboxDestroy::operator()(rlbox_sandbox_ogg* sandbox) {
-  if (sandbox) {
-    sandbox->destroy_sandbox();
-    delete sandbox;
-  }
+  sandbox->destroy_sandbox();
+  delete sandbox;
 }
 
 // Return the corresponding category in aKind based on the following specs.
@@ -159,8 +149,8 @@ OggDemuxer::OggDemuxer(MediaResource* aResource)
       mFlacState(nullptr),
       mOpusEnabled(MediaDecoder::IsOpusEnabled()),
       mSkeletonState(nullptr),
-      mAudioOggState(aResource, mSandbox.get()),
-      mVideoOggState(aResource, mSandbox.get()),
+      mAudioOggState(aResource, *mSandbox),
+      mVideoOggState(aResource, *mSandbox),
       mIsChained(false),
       mTimedMetadataEvent(nullptr),
       mOnSeekableEvent(nullptr) {
@@ -200,9 +190,6 @@ int64_t OggDemuxer::StartTime(TrackInfo::TrackType aType) {
 }
 
 RefPtr<OggDemuxer::InitPromise> OggDemuxer::Init() {
-  if (!mSandbox) {
-    return InitPromise::CreateAndReject(NS_ERROR_OUT_OF_MEMORY, __func__);
-  }
   const char RLBOX_OGG_RETURN_CODE_SAFE[] =
       "Return codes only control whether to early exit. Incorrect return codes "
       "will not lead to memory safety issues in the renderer.";
@@ -302,9 +289,7 @@ already_AddRefed<MediaTrackDemuxer> OggDemuxer::GetTrackDemuxer(
 
 nsresult OggDemuxer::Reset(TrackInfo::TrackType aType) {
   // Discard any previously buffered packets/pages.
-  if (mSandbox) {
-    sandbox_invoke(*mSandbox, ogg_sync_reset, OggSyncState(aType));
-  }
+  sandbox_invoke(*mSandbox, ogg_sync_reset, OggSyncState(aType));
   OggCodecState* trackState = GetTrackCodecState(aType);
   if (trackState) {
     return trackState->Reset();
@@ -922,7 +907,7 @@ TimeIntervals OggDemuxer::GetBuffered(TrackInfo::TrackType aType) {
   // offset is after the end of the media resource, or there's no more cached
   // data after the offset. This loop will run until we've checked every
   // buffered range in the media, in increasing order of offset.
-  nsAutoOggSyncState sync(mSandbox.get());
+  nsAutoOggSyncState sync(*mSandbox);
   for (uint32_t index = 0; index < ranges.Length(); index++) {
     // Ensure the offsets are after the header pages.
     int64_t startOffset = ranges[index].mStart;

dom/media/ogg/OggDemuxer.h

@@ -48,9 +48,9 @@ class OggDemuxer : public MediaDataDemuxer,
                                     size_t aTrackNumber) const;
 
   struct nsAutoOggSyncState {
-    explicit nsAutoOggSyncState(rlbox_sandbox_ogg* aSandbox);
+    explicit nsAutoOggSyncState(rlbox_sandbox_ogg& aSandbox);
     ~nsAutoOggSyncState();
-    rlbox_sandbox_ogg* mSandbox;
+    rlbox_sandbox_ogg& mSandbox;
     tainted_opaque_ogg<ogg_sync_state*> mState;
   };
   media::TimeIntervals GetBuffered(TrackInfo::TrackType aType);
@@ -274,7 +274,7 @@ class OggDemuxer : public MediaDataDemuxer,
   // Ogg decoding state.
   struct OggStateContext {
     explicit OggStateContext(MediaResource* aResource,
-                             rlbox_sandbox_ogg* aSandbox)
+                             rlbox_sandbox_ogg& aSandbox)
         : mOggState(aSandbox), mResource(aResource), mNeedKeyframe(true) {}
     nsAutoOggSyncState mOggState;
     MediaResourceIndex mResource;

third_party/rlbox/README-mozilla

@@ -1,7 +1,7 @@
 This directory contains the rlbox source from the upstream repo:
 https://github.com/PLSysSec/rlbox_sandboxing_api/
 
-Current version: [commit e1cb323a00a680c8b29001e485a99252130a6e32]
+Current version: [commit fc796e549b3a48e89b9a8db28011dcad06494ba3]
 
 UPDATING:
 

third_party/rlbox/include/rlbox_sandbox.hpp

@@ -334,11 +334,6 @@ private:
     return nullptr;
   }
 
-  template<typename... T_Args>
-  static auto impl_create_sandbox_helper(rlbox_sandbox<T_Sbx>* this_ptr, T_Args... args) {
-    return this_ptr->impl_create_sandbox(std::forward<T_Args>(args)...);
-  }
-
 public:
   /**
    * @brief Unused member that allows the calling code to save data in a
@@ -367,7 +362,7 @@ public:
    * implementation. For the null sandbox, no arguments are necessary.
    */
   template<typename... T_Args>
-  inline bool create_sandbox(T_Args... args)
+  inline auto create_sandbox(T_Args... args)
   {
 #ifdef RLBOX_MEASURE_TRANSITION_TIMES
     // Warm up the timer. The first call is always slow (at least on the test
@@ -385,27 +380,15 @@ public:
       "create_sandbox called when sandbox already created/is being "
       "created concurrently");
 
-    using T_Result = rlbox::detail::polyfill::invoke_result_t<decltype(impl_create_sandbox_helper<T_Args...>), decltype(this), T_Args...>;
-
-    bool created = true;
-    if constexpr (std::is_same_v<T_Result, void>) {
-      this->impl_create_sandbox(std::forward<T_Args>(args)...);
-    } else if constexpr (std::is_same_v<T_Result, bool>) {
-      created = this->impl_create_sandbox(std::forward<T_Args>(args)...);
-    } else {
-      rlbox_detail_static_fail_because(
-        (!std::is_same_v<T_Result, void> && !std::is_same_v<T_Result, bool>),
-        "Expected impl_create_sandbox to return void or a boolean"
-      );
-    }
-
-    if (created) {
-      sandbox_created.store(Sandbox_Status::CREATED);
-      RLBOX_ACQUIRE_UNIQUE_GUARD(lock, sandbox_list_lock);
-      sandbox_list.push_back(this);
-    }
-
-    return created;
+    return detail::return_first_result(
+      [&]() {
+        return this->impl_create_sandbox(std::forward<T_Args>(args)...);
+      },
+      [&]() {
+        sandbox_created.store(Sandbox_Status::CREATED);
+        RLBOX_ACQUIRE_UNIQUE_GUARD(lock, sandbox_list_lock);
+        sandbox_list.push_back(this);
+      });
   }
 
   /**

third_party/rlbox/update.sh

@@ -5,7 +5,7 @@
 
 MY_TEMP_DIR=`mktemp -d -t rlbox_update.XXXXXX` || exit 1
 
-git clone https://github.com/PLSysSec/rlbox_sandboxing_api -b fallible_create ${MY_TEMP_DIR}/rlbox
+git clone https://github.com/PLSysSec/rlbox_sandboxing_api ${MY_TEMP_DIR}/rlbox
 
 COMMIT=$(git -C ${MY_TEMP_DIR}/rlbox rev-parse HEAD)
 perl -p -i -e "s/\[commit [0-9a-f]{40}\]/[commit ${COMMIT}]/" README-mozilla;

third_party/rlbox_wasm2c_sandbox/include/rlbox_wasm2c_sandbox.hpp

@@ -408,28 +408,9 @@ protected:
   using path_buf = const char*;
   #endif
 
-#define CREATE_SANDBOX_CHECK_ERR(infallible, cond, msg) \
-  if (!(cond)) {                                        \
-    if (infallible) {                                   \
-      detail::dynamic_check(cond, msg);                 \
-    } else {                                            \
-      impl_destroy_sandbox();                           \
-      return false;                                     \
-    }                                                   \
-  }
-
-  /**
-   * @brief creates the Wasm sandbox from the given shared library
-   *
-   * @param wasm2c_module_path path to shared library compiled with wasm2c
-   * @param infallible if set to true, the sandbox aborts on failure. If false, the sandbox returns creation status as a return value
-   * @param wasm_module_name optional module name used when compiling with wasm2c
-   * @return true when sandbox is successfully created
-   * @return false when infallible if set to false and sandbox was not successfully created. If infallible is set to true, this function will never return false.
-   */
-  inline bool impl_create_sandbox(path_buf wasm2c_module_path, bool infallible = true, const char* wasm_module_name = "")
+  inline void impl_create_sandbox(path_buf wasm2c_module_path, const char* wasm_module_name = "")
   {
-    CREATE_SANDBOX_CHECK_ERR(infallible, sandbox == nullptr, "Sandbox already initialized");
+    detail::dynamic_check(sandbox == nullptr, "Sandbox already initialized");
 
     #if defined(_WIN32)
     library = (void*) LoadLibraryW(wasm2c_module_path);
@@ -454,13 +435,13 @@ protected:
       #else
         error_msg += dlerror();
       #endif
-      CREATE_SANDBOX_CHECK_ERR(infallible, false, error_msg.c_str());
+      detail::dynamic_check(false, error_msg.c_str());
     }
 
     std::string info_func_name = wasm_module_name;
     info_func_name += "get_wasm2c_sandbox_info";
     auto get_info_func = reinterpret_cast<wasm2c_sandbox_funcs_t(*)()>(symbol_lookup(info_func_name));
-    CREATE_SANDBOX_CHECK_ERR(infallible, get_info_func != nullptr, "wasm2c could not find <MODULE_NAME>get_wasm2c_sandbox_info");
+    detail::dynamic_check(get_info_func != nullptr, "wasm2c could not find <MODULE_NAME>get_wasm2c_sandbox_info");
     sandbox_info = get_info_func();
 
     std::call_once(wasm2c_runtime_initialized, [&](){
@@ -468,10 +449,10 @@ protected:
     });
 
     sandbox = sandbox_info.create_wasm2c_sandbox();
-    CREATE_SANDBOX_CHECK_ERR(infallible, sandbox != nullptr, "Sandbox could not be created");
+    detail::dynamic_check(sandbox != nullptr, "Sandbox could not be created");
 
     sandbox_memory_info = (wasm_rt_memory_t*) sandbox_info.lookup_wasm2c_nonfunc_export(sandbox, "w2c_memory");
-    CREATE_SANDBOX_CHECK_ERR(infallible, sandbox_memory_info != nullptr, "Could not get wasm2c sandbox memory info");
+    detail::dynamic_check(sandbox_memory_info != nullptr, "Could not get wasm2c sandbox memory info");
 
     heap_base = reinterpret_cast<uintptr_t>(impl_get_memory_location());
 
@@ -481,7 +462,7 @@ protected:
       // impl_get_unsandboxed_pointer_no_ctx and impl_get_sandboxed_pointer_no_ctx
       // below rely on this.
       uintptr_t heap_offset_mask = std::numeric_limits<T_PointerType>::max();
-      CREATE_SANDBOX_CHECK_ERR(infallible, (heap_base & heap_offset_mask) == 0,
+      detail::dynamic_check((heap_base & heap_offset_mask) == 0,
                             "Sandbox heap not aligned to 4GB");
     }
 
@@ -489,30 +470,22 @@ protected:
     exec_env = sandbox;
     malloc_index = impl_lookup_symbol("malloc");
     free_index = impl_lookup_symbol("free");
-    return true;
   }
 
-#undef CREATE_SANDBOX_CHECK_ERR
-
   inline void impl_destroy_sandbox()
   {
     if (return_slot_size) {
       impl_free_in_sandbox(return_slot);
     }
+    sandbox_info.destroy_wasm2c_sandbox(sandbox);
+    sandbox = nullptr;
 
-    if (sandbox != nullptr) {
-      sandbox_info.destroy_wasm2c_sandbox(sandbox);
-      sandbox = nullptr;
-    }
-
-    if (library != nullptr) {
-      #if defined(_WIN32)
-        FreeLibrary((HMODULE) library);
-      #else
-        dlclose(library);
-      #endif
-      library = nullptr;
-    }
+    #if defined(_WIN32)
+      FreeLibrary((HMODULE) library);
+    #else
+      dlclose(library);
+    #endif
+    library = nullptr;
   }
 
   template<typename T>

third_party/wasm2c/src/c-writer.cc

@@ -237,6 +237,7 @@ class CWriter {
   void WriteDataInitializers();
   void WriteElemInitializers();
   void WriteExportLookup();
+  void WriteFuncIndexLookup();
   void WriteCallbackAddRemove();
   void WriteInit();
   void WriteFuncs();
@@ -1215,13 +1216,12 @@ void CWriter::WriteDataInitializers() {
     memory = module_->memories[0];
   }
 
-  Write(Newline(), "static bool init_memory(wasm2c_sandbox_t* const sbx) ", OpenBrace());
+  Write(Newline(), "static void init_memory(wasm2c_sandbox_t* const sbx) ", OpenBrace());
   if (memory && module_->num_memory_imports == 0) {
     uint32_t max =
         memory->page_limits.has_max ? memory->page_limits.max : 65536;
-      Write("bool success = wasm_rt_allocate_memory(&(sbx->", ExternalRef(memory->name), "), ",
+      Write("wasm_rt_allocate_memory(&(sbx->", ExternalRef(memory->name), "), ",
             memory->page_limits.initial, ", ", max, ");", Newline());
-      Write("if (!success) { return false; }", Newline());
   }
   data_segment_index = 0;
   for (const DataSegment* data_segment : module_->data_segments) {
@@ -1233,7 +1233,6 @@ void CWriter::WriteDataInitializers() {
   }
 
   Write("sbx->wasi_data.heap_memory = &(sbx->", ExternalRef(memory->name), ");", Newline());
-  Write("return true;", Newline());
   Write(CloseBrace(), Newline());
 
   Write(Newline(), "static void cleanup_memory(wasm2c_sandbox_t* const sbx) ", OpenBrace());
@@ -1299,23 +1298,93 @@ void CWriter::WriteExportLookup() {
   Write(CloseBrace(), Newline());
 }
 
+void CWriter::WriteFuncIndexLookup() {
+  Write(Newline(), "static u32 lookup_wasm2c_func_index(void* sbx_ptr, u32 param_count, u32 result_count, wasm_rt_type_t* types) ", OpenBrace());
+  Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;", Newline());
+  Write("return wasm_rt_register_func_type(&sbx->func_type_structs, &sbx->func_type_count, param_count, result_count, types);", Newline());
+  Write(CloseBrace(), Newline());
+}
+
 void CWriter::WriteCallbackAddRemove() {
   const Table* table = module_->tables.empty() ? nullptr : module_->tables[0];
 
-  Write(Newline(), "static wasm_rt_table_t* get_wasm2c_callback_table(void* sbx_ptr)", OpenBrace());
-  Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;", Newline());
-  Write("return &(sbx->", ExternalRef(table->name), ");", Newline());
+  Write(Newline(), "static u32 add_wasm2c_callback(void* sbx_ptr, u32 func_type_idx, void* func_ptr, wasm_rt_elem_target_class_t func_class) ", OpenBrace());
+  {
+    Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;", Newline());
+
+    if (table->elem_limits.max == 0) {
+      Writef("for (u32 i = 1; i != 0; i++) ");
+    } else {
+      Writef("for (u32 i = 1; i < %" PRIu64 "; i++) ", table->elem_limits.max);
+    }
+    Write(OpenBrace());
+    {
+      assert(module_->tables.size() == 1);
+      const Table* table = module_->tables[0];
+      Write("if (i >= sbx->", ExternalRef(table->name), ".size) ", OpenBrace());
+      {
+        Write("wasm_rt_expand_table(&(sbx->", ExternalRef(table->name), "));", Newline());
+      }
+      Write(CloseBrace(), Newline());
+
+      Write("if (sbx->", ExternalRef(table->name), ".data[i].func == 0) ", OpenBrace());
+      {
+        Write("sbx->",ExternalRef(table->name), ".data[i]",
+          " = (wasm_rt_elem_t){ func_class, func_type_idx, ",
+          "(wasm_rt_anyfunc_t) func_ptr };", Newline());
+        Write("return i;", Newline());
+      }
+      Write(CloseBrace(), Newline());
+    }
+    Write(CloseBrace(), Newline());
+    Write("(void) TRAP(CALL_INDIRECT);", Newline());
+  }
+  Write(CloseBrace(), Newline());
+
+  Write(Newline(), "static void remove_wasm2c_callback(void* sbx_ptr, u32 callback_idx) ", OpenBrace());
+  {
+    Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;", Newline());
+    Write("sbx->", ExternalRef(table->name), ".data[callback_idx].func = 0;", Newline());
+  }
   Write(CloseBrace(), Newline());
 }
 
 void CWriter::WriteInit() {
-  Write(Newline(), "static void init_module_starts(void) ", OpenBrace());
+  Write(Newline(), "static void* create_wasm2c_sandbox(void) ", OpenBrace());
+  Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) calloc(sizeof(wasm2c_sandbox_t), 1);", Newline());
+  Write("init_memory(sbx);", Newline());
+  Write("init_func_types(sbx);", Newline());
+  Write("init_globals(sbx);", Newline());
+  Write("init_table(sbx);", Newline());
+  Write("wasm_rt_init_wasi(&(sbx->wasi_data));", Newline());
   for (Var* var : module_->starts) {
     Write(ExternalRef(module_->GetFunc(*var)->name), "();", Newline());
   }
-  Write(CloseBrace(), Newline());
+  Write("return sbx;", Newline());
+  Write(CloseBrace(), Newline(), Newline());
 
-  Write(s_source_sandboxapis);
+  Write("static void destroy_wasm2c_sandbox(void* aSbx) ", OpenBrace());
+  Write("wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) aSbx;", Newline());
+  Write("cleanup_memory(sbx);", Newline());
+  Write("cleanup_func_types(sbx);", Newline());
+  Write("cleanup_table(sbx);", Newline());
+  Write("wasm_rt_cleanup_wasi(&(sbx->wasi_data));", Newline());
+  Write("free(sbx);", Newline());
+  Write(CloseBrace(), Newline(), Newline());
+
+  Write("FUNC_EXPORT wasm2c_sandbox_funcs_t WASM_CURR_ADD_PREFIX(get_wasm2c_sandbox_info)() ", OpenBrace());
+  {
+    Write("wasm2c_sandbox_funcs_t ret;", Newline());
+    Write("ret.wasm_rt_sys_init = &wasm_rt_sys_init;", Newline());
+    Write("ret.create_wasm2c_sandbox = &create_wasm2c_sandbox;", Newline());
+    Write("ret.destroy_wasm2c_sandbox = &destroy_wasm2c_sandbox;", Newline());
+    Write("ret.lookup_wasm2c_nonfunc_export = &lookup_wasm2c_nonfunc_export;", Newline());
+    Write("ret.lookup_wasm2c_func_index = &lookup_wasm2c_func_index;", Newline());
+    Write("ret.add_wasm2c_callback = &add_wasm2c_callback;", Newline());
+    Write("ret.remove_wasm2c_callback = &remove_wasm2c_callback;", Newline());
+    Write("return ret;", Newline());
+  }
+  Write(CloseBrace(), Newline());
 }
 
 void CWriter::WriteFuncs() {
@@ -2415,6 +2484,7 @@ void CWriter::WriteCSource() {
   WriteDataInitializers();
   WriteElemInitializers();
   WriteExportLookup();
+  WriteFuncIndexLookup();
   WriteCallbackAddRemove();
   WriteInit();
 }

third_party/wasm2c/src/prebuilt/wasm2c.include.c

@@ -332,67 +332,5 @@ const char SECTION_NAME(declarations)[] =
 "DEFINE_REINTERPRET(i32_reinterpret_f32, f32, u32)\n"
 "DEFINE_REINTERPRET(f64_reinterpret_i64, u64, f64)\n"
 "DEFINE_REINTERPRET(i64_reinterpret_f64, f64, u64)\n"
-;
-
-const char SECTION_NAME(sandboxapis)[] =
-"//test\n"
-"\n"
-"static u32 add_wasm2c_callback(void* sbx_ptr, u32 func_type_idx, void* func_ptr, wasm_rt_elem_target_class_t func_class) {\n"
-"  wasm_rt_table_t* table = get_wasm2c_callback_table(sbx_ptr);\n"
-"  for (u32 i = 1; i < table->max_size; i++) {\n"
-"    if (i >= table->size) {\n"
-"      wasm_rt_expand_table(table);\n"
-"    }\n"
-"    if (table->data[i].func == 0) {\n"
-"      table->data[i] = (wasm_rt_elem_t){ func_class, func_type_idx, (wasm_rt_anyfunc_t) func_ptr };\n"
-"      return i;\n"
-"    }\n"
-"  }\n"
-"  (void) TRAP(CALL_INDIRECT);\n"
-"}\n"
-"\n"
-"static void remove_wasm2c_callback(void* sbx_ptr, u32 callback_idx) {\n"
-"  wasm_rt_table_t* table = get_wasm2c_callback_table(sbx_ptr);\n"
-"  table->data[callback_idx].func = 0;\n"
-"}\n"
-"\n"
-"static u32 lookup_wasm2c_func_index(void* sbx_ptr, u32 param_count, u32 result_count, wasm_rt_type_t* types) {\n"
-"  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;\n"
-"  return wasm_rt_register_func_type(&sbx->func_type_structs, &sbx->func_type_count, param_count, result_count, types);\n"
-"}\n"
-"\n"
-"static void* create_wasm2c_sandbox(void) {\n"
-"  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) calloc(sizeof(wasm2c_sandbox_t), 1);\n"
-"  if (!init_memory(sbx)) {\n"
-"    free(sbx);\n"
-"    return 0;\n"
-"  }\n"
-"  init_func_types(sbx);\n"
-"  init_globals(sbx);\n"
-"  init_table(sbx);\n"
-"  wasm_rt_init_wasi(&(sbx->wasi_data));\n"
-"  init_module_starts();\n"
-"  return sbx;\n"
-"}\n"
-"\n"
-"static void destroy_wasm2c_sandbox(void* aSbx) {\n"
-"  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) aSbx;\n"
-"  cleanup_memory(sbx);\n"
-"  cleanup_func_types(sbx);\n"
-"  cleanup_table(sbx);\n"
-"  wasm_rt_cleanup_wasi(&(sbx->wasi_data));\n"
-"  free(sbx);\n"
-"}\n"
-"\n"
-"FUNC_EXPORT wasm2c_sandbox_funcs_t WASM_CURR_ADD_PREFIX(get_wasm2c_sandbox_info)() {\n"
-"  wasm2c_sandbox_funcs_t ret;\n"
-"  ret.wasm_rt_sys_init = &wasm_rt_sys_init;\n"
-"  ret.create_wasm2c_sandbox = &create_wasm2c_sandbox;\n"
-"  ret.destroy_wasm2c_sandbox = &destroy_wasm2c_sandbox;\n"
-"  ret.lookup_wasm2c_nonfunc_export = &lookup_wasm2c_nonfunc_export;\n"
-"  ret.lookup_wasm2c_func_index = &lookup_wasm2c_func_index;\n"
-"  ret.add_wasm2c_callback = &add_wasm2c_callback;\n"
-"  ret.remove_wasm2c_callback = &remove_wasm2c_callback;\n"
-"  return ret;\n"
-"}\n"
+"\n"
 ;

third_party/wasm2c/src/wasm2c.c.tmpl

@@ -329,64 +329,4 @@ DEFINE_REINTERPRET(f32_reinterpret_i32, u32, f32)
 DEFINE_REINTERPRET(i32_reinterpret_f32, f32, u32)
 DEFINE_REINTERPRET(f64_reinterpret_i64, u64, f64)
 DEFINE_REINTERPRET(i64_reinterpret_f64, f64, u64)
-%%sandboxapis
-//test
 
-static u32 add_wasm2c_callback(void* sbx_ptr, u32 func_type_idx, void* func_ptr, wasm_rt_elem_target_class_t func_class) {
-  wasm_rt_table_t* table = get_wasm2c_callback_table(sbx_ptr);
-  for (u32 i = 1; i < table->max_size; i++) {
-    if (i >= table->size) {
-      wasm_rt_expand_table(table);
-    }
-    if (table->data[i].func == 0) {
-      table->data[i] = (wasm_rt_elem_t){ func_class, func_type_idx, (wasm_rt_anyfunc_t) func_ptr };
-      return i;
-    }
-  }
-  (void) TRAP(CALL_INDIRECT);
-}
-
-static void remove_wasm2c_callback(void* sbx_ptr, u32 callback_idx) {
-  wasm_rt_table_t* table = get_wasm2c_callback_table(sbx_ptr);
-  table->data[callback_idx].func = 0;
-}
-
-static u32 lookup_wasm2c_func_index(void* sbx_ptr, u32 param_count, u32 result_count, wasm_rt_type_t* types) {
-  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) sbx_ptr;
-  return wasm_rt_register_func_type(&sbx->func_type_structs, &sbx->func_type_count, param_count, result_count, types);
-}
-
-static void* create_wasm2c_sandbox(void) {
-  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) calloc(sizeof(wasm2c_sandbox_t), 1);
-  if (!init_memory(sbx)) {
-    free(sbx);
-    return 0;
-  }
-  init_func_types(sbx);
-  init_globals(sbx);
-  init_table(sbx);
-  wasm_rt_init_wasi(&(sbx->wasi_data));
-  init_module_starts();
-  return sbx;
-}
-
-static void destroy_wasm2c_sandbox(void* aSbx) {
-  wasm2c_sandbox_t* const sbx = (wasm2c_sandbox_t* const) aSbx;
-  cleanup_memory(sbx);
-  cleanup_func_types(sbx);
-  cleanup_table(sbx);
-  wasm_rt_cleanup_wasi(&(sbx->wasi_data));
-  free(sbx);
-}
-
-FUNC_EXPORT wasm2c_sandbox_funcs_t WASM_CURR_ADD_PREFIX(get_wasm2c_sandbox_info)() {
-  wasm2c_sandbox_funcs_t ret;
-  ret.wasm_rt_sys_init = &wasm_rt_sys_init;
-  ret.create_wasm2c_sandbox = &create_wasm2c_sandbox;
-  ret.destroy_wasm2c_sandbox = &destroy_wasm2c_sandbox;
-  ret.lookup_wasm2c_nonfunc_export = &lookup_wasm2c_nonfunc_export;
-  ret.lookup_wasm2c_func_index = &lookup_wasm2c_func_index;
-  ret.add_wasm2c_callback = &add_wasm2c_callback;
-  ret.remove_wasm2c_callback = &remove_wasm2c_callback;
-  return ret;
-}

third_party/wasm2c/wasm2c/wasm-rt-impl.c

@@ -52,10 +52,8 @@ uint32_t wasm_rt_register_func_type(wasm_func_type_t** p_func_type_structs,
   wasm_func_type_t func_type;
   func_type.param_count = param_count;
   func_type.params = malloc(param_count * sizeof(wasm_rt_type_t));
-  assert(func_type.params != 0);
   func_type.result_count = result_count;
   func_type.results = malloc(result_count * sizeof(wasm_rt_type_t));
-  assert(func_type.results != 0);
 
   uint32_t i;
   for (i = 0; i < param_count; ++i)
@@ -104,19 +102,19 @@ void wasm_rt_cleanup_func_types(wasm_func_type_t** p_func_type_structs, uint32_t
 # define WASM_HEAP_RESERVE_SIZE 0x200000000ull
 # define WASM_HEAP_MAX_ALLOWED_PAGES 65536
 #elif UINTPTR_MAX == 0xffffffff
-// Reserve 16MB, unaligned, max heap is 16MB
-# define WASM_HEAP_GUARD_PAGE_ALIGNMENT 0
+// Reserve 16MB, aligned to 8MB, max heap is 8MB
+# define WASM_HEAP_GUARD_PAGE_ALIGNMENT 0x800000ul
 # define WASM_HEAP_RESERVE_SIZE 0x1000000ul
 # ifdef WASM_USE_INCREMENTAL_MOVEABLE_MEMORY_ALLOC
 #   define WASM_HEAP_MAX_ALLOWED_PAGES 65536
 # else
-#   define WASM_HEAP_MAX_ALLOWED_PAGES 256
+#   define WASM_HEAP_MAX_ALLOWED_PAGES 128
 # endif
 #else
 # error "Unknown pointer size"
 #endif
 
-bool wasm_rt_allocate_memory(wasm_rt_memory_t* memory,
+void wasm_rt_allocate_memory(wasm_rt_memory_t* memory,
                              uint32_t initial_pages,
                              uint32_t max_pages) {
   const uint32_t byte_length = initial_pages * WASM_PAGE_SIZE;
@@ -137,11 +135,11 @@ bool wasm_rt_allocate_memory(wasm_rt_memory_t* memory,
 
   if (!addr) {
     os_print_last_error("os_mmap failed.");
-    return false;
+    abort();
   }
   int ret = os_mmap_commit(addr, byte_length, MMAP_PROT_READ | MMAP_PROT_WRITE);
   if (ret != 0) {
-    return false;
+    abort();
   }
   // This is a valid way to initialize a constant field that is not undefined behavior
   // https://stackoverflow.com/questions/9691404/how-to-initialize-const-in-a-struct-in-c-with-malloc
@@ -165,7 +163,6 @@ bool wasm_rt_allocate_memory(wasm_rt_memory_t* memory,
 #if defined(WASM_CHECK_SHADOW_MEMORY)
   wasm2c_shadow_memory_create(memory);
 #endif
-  return true;
 }
 
 void wasm_rt_deallocate_memory(wasm_rt_memory_t* memory) {

third_party/wasm2c/wasm2c/wasm-rt-os-unix.c

@@ -127,9 +127,8 @@ void* os_mmap_aligned(void* addr,
   }
 
   // Round up the next address that has addr % alignment = 0
-  const size_t alignment_corrected = alignment == 0? 1 : alignment;
   uintptr_t aligned_nonoffset =
-      (unaligned + (alignment_corrected - 1)) & ~(alignment_corrected - 1);
+      (unaligned + (alignment - 1)) & ~(alignment - 1);
 
   // Currently offset 0 is aligned according to alignment
   // Alignment needs to be enforced at the given offset
@@ -143,7 +142,7 @@ void* os_mmap_aligned(void* addr,
   // Sanity check
   if (aligned < unaligned ||
       (aligned + (requested_length - 1)) > (unaligned + (padded_length - 1)) ||
-      (aligned + alignment_offset) % alignment_corrected != 0) {
+      (aligned + alignment_offset) % alignment != 0) {
     VERBOSE_LOG("os_mmap_aligned: sanity check fail. aligned: %p\n", (void*) aligned);
     os_munmap((void*)unaligned, padded_length);
     return NULL;

third_party/wasm2c/wasm2c/wasm-rt.h

@@ -17,7 +17,6 @@
 #ifndef WASM_RT_H_
 #define WASM_RT_H_
 
-#include <stdbool.h>
 #include <stdint.h>
 #include <stddef.h>
 #include <setjmp.h>
@@ -232,7 +231,7 @@ void wasm_rt_cleanup_func_types(wasm_func_type_t** p_func_type_structs,
  *    // 1 initial page (65536 bytes), and a maximum of 2 pages.
  *    wasm_rt_allocate_memory(&my_memory, 1, 2);
  *  ``` */
-extern bool wasm_rt_allocate_memory(wasm_rt_memory_t*,
+extern void wasm_rt_allocate_memory(wasm_rt_memory_t*,
                                     uint32_t initial_pages,
                                     uint32_t max_pages);
 

toolkit/moz.configure

@@ -2112,9 +2112,11 @@ def wasm_sandboxing_libraries():
     )
 
 
-@depends(dependable(wasm_sandboxing_libraries), "MOZ_AUTOMATION")
-def default_wasm_sandboxing_libraries(libraries, automation):
+@depends(dependable(wasm_sandboxing_libraries), target, "MOZ_AUTOMATION")
+def default_wasm_sandboxing_libraries(libraries, target, automation):
     non_default_libs = set()
+    if target.bitness == 32:
+        non_default_libs.add("ogg")
 
     if automation:
         return tuple(l for l in libraries if l not in non_default_libs)