diff options
| author | Alon Zakai <azakai@google.com> | 2024-11-07 09:04:36 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-11-07 09:04:36 -0800 |
| commit | e409660a5b4dff9891ddb7d4786cc510a5761d3e (patch) | |
| tree | 7a6c907f6aaca91f72c0a4e0642c57ad3dd1cd29 /test/lit/exec | |
| parent | 0af8f1f2d7ff304837ee0698265c84985420fcae (diff) | |
| download | binaryen-e409660a5b4dff9891ddb7d4786cc510a5761d3e.tar.gz binaryen-e409660a5b4dff9891ddb7d4786cc510a5761d3e.tar.bz2 binaryen-e409660a5b4dff9891ddb7d4786cc510a5761d3e.zip | |
[wasm64] Make interpreter table methods operate on Address, not Index (#7062)
This allows 64-bit bounds checking to work properly.
Diffstat (limited to 'test/lit/exec')
| -rw-r--r-- | test/lit/exec/table64.wast | 55 |
1 files changed, 45 insertions, 10 deletions
diff --git a/test/lit/exec/table64.wast b/test/lit/exec/table64.wast index e24741838..646634c0e 100644 --- a/test/lit/exec/table64.wast +++ b/test/lit/exec/table64.wast @@ -6,21 +6,34 @@ (type $i32 (func (result i32))) (table $table i64 10 funcref) - (elem (i64.const 0) $i32) + (elem (i64.const 0) $i32-a $i32-b) - (func $i32 (result i32) + (func $i32-a (result i32) (i32.const 42) ) - ;; CHECK: [fuzz-exec] calling call - ;; CHECK-NEXT: [fuzz-exec] note result: call => 42 - (func $call (export "call") (result i32) - ;; This call succeeds, and calls $i32 which returns 42. + (func $i32-b (result i32) + (i32.const 1337) + ) + + ;; CHECK: [fuzz-exec] calling call-a + ;; CHECK-NEXT: [fuzz-exec] note result: call-a => 42 + (func $call-a (export "call-a") (result i32) + ;; This call succeeds, and calls $i32-a which returns 42. (call_indirect (type $i32) (i64.const 0) ) ) + ;; CHECK: [fuzz-exec] calling call-b + ;; CHECK-NEXT: [fuzz-exec] note result: call-b => 1337 + (func $call-b (export "call-b") (result i32) + ;; This call succeeds, and calls $i32-b which returns 1337. + (call_indirect (type $i32) + (i64.const 1) + ) + ) + ;; CHECK: [fuzz-exec] calling oob ;; CHECK-NEXT: [trap callTable overflow] (func $oob (export "oob") (result i32) @@ -30,24 +43,46 @@ ) ) + ;; CHECK: [fuzz-exec] calling oob-huge + ;; CHECK-NEXT: [trap callTable overflow] + (func $oob-huge (export "oob-huge") (result i32) + ;; This call traps on oob with a value over 32 bits, 2**32 + 1, which if we + ;; truncated to 32 bits, would seem in bounds, and end up calling a valid + ;; function. + (call_indirect (type $i32) + (i64.add + (i64.const 0x100000000) + (i64.const 1) + ) + ) + ) + ;; CHECK: [fuzz-exec] calling null ;; CHECK-NEXT: [trap uninitialized table element] (func $null (export "null") (result i32) ;; This call traps on null (call_indirect (type $i32) - (i64.const 1) + (i64.const 2) ) ) ) -;; CHECK: [fuzz-exec] calling call -;; CHECK-NEXT: [fuzz-exec] note result: call => 42 +;; CHECK: [fuzz-exec] calling call-a +;; CHECK-NEXT: [fuzz-exec] note result: call-a => 42 + +;; CHECK: [fuzz-exec] calling call-b +;; CHECK-NEXT: [fuzz-exec] note result: call-b => 1337 ;; CHECK: [fuzz-exec] calling oob ;; CHECK-NEXT: [trap callTable overflow] +;; CHECK: [fuzz-exec] calling oob-huge +;; CHECK-NEXT: [trap callTable overflow] + ;; CHECK: [fuzz-exec] calling null ;; CHECK-NEXT: [trap uninitialized table element] -;; CHECK-NEXT: [fuzz-exec] comparing call +;; CHECK-NEXT: [fuzz-exec] comparing call-a +;; CHECK-NEXT: [fuzz-exec] comparing call-b ;; CHECK-NEXT: [fuzz-exec] comparing null ;; CHECK-NEXT: [fuzz-exec] comparing oob +;; CHECK-NEXT: [fuzz-exec] comparing oob-huge |