diff options
Diffstat (limited to 'test/lit/exec/array.wast')
| -rw-r--r-- | test/lit/exec/array.wast | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/test/lit/exec/array.wast b/test/lit/exec/array.wast index fb6a8b346..ff10c555c 100644 --- a/test/lit/exec/array.wast +++ b/test/lit/exec/array.wast @@ -5,6 +5,14 @@ (module (type $array (array (mut i8))) + (type $array-func (array (mut funcref))) + + (table $table 10 10 funcref) + + (elem $active (i32.const 0) $func) + + (elem $passive $func) + ;; CHECK: [fuzz-exec] calling func ;; CHECK-NEXT: [fuzz-exec] note result: func => 1 (func $func (export "func") (result i32) @@ -14,7 +22,103 @@ (return (i32.const 2)) ) ) + + ;; CHECK: [fuzz-exec] calling new_active + ;; CHECK-NEXT: [trap out of bounds segment access in array.new_elem] + (func $new_active (export "new_active") + ;; Even though this is reading 0 items, offset 1 is out of bounds in that + ;; dropped element segment, and this traps. + (drop + (array.new_elem $array-func $active + (i32.const 1) + (i32.const 0) + ) + ) + ) + + ;; CHECK: [fuzz-exec] calling new_active_in_bounds + (func $new_active_in_bounds (export "new_active_in_bounds") + ;; Even though this is dropped, we read 0 from offset 0, which is ok. + (drop + (array.new_elem $array-func $active + (i32.const 0) + (i32.const 0) + ) + ) + ) + + ;; CHECK: [fuzz-exec] calling new_passive + (func $new_passive (export "new_passive") + ;; Using the passive segment here works. + (drop + (array.new_elem $array-func $passive + (i32.const 1) + (i32.const 0) + ) + ) + ) + + ;; CHECK: [fuzz-exec] calling init_active + ;; CHECK-NEXT: [trap out of bounds segment access in array.init_elem] + (func $init_active (export "init_active") + ;; Even though this is reading 0 items, offset 1 is out of bounds in that + ;; dropped element segment, and this traps. + (array.init_elem $array-func $active + (array.new_default $array-func + (i32.const 100) + ) + (i32.const 50) + (i32.const 1) + (i32.const 0) + ) + ) + + ;; CHECK: [fuzz-exec] calling init_active_in_bounds + (func $init_active_in_bounds (export "init_active_in_bounds") + ;; Even though this is dropped, we read 0 from offset 0, which is ok. + (array.init_elem $array-func $active + (array.new_default $array-func + (i32.const 100) + ) + (i32.const 50) + (i32.const 0) + (i32.const 0) + ) + ) + + ;; CHECK: [fuzz-exec] calling init_passive + (func $init_passive (export "init_passive") + ;; This works ok. + (array.init_elem $array-func $passive + (array.new_default $array-func + (i32.const 100) + ) + (i32.const 50) + (i32.const 1) + (i32.const 0) + ) + ) ) ;; CHECK: [fuzz-exec] calling func ;; CHECK-NEXT: [fuzz-exec] note result: func => 1 + +;; CHECK: [fuzz-exec] calling new_active +;; CHECK-NEXT: [trap out of bounds segment access in array.new_elem] + +;; CHECK: [fuzz-exec] calling new_active_in_bounds + +;; CHECK: [fuzz-exec] calling new_passive + +;; CHECK: [fuzz-exec] calling init_active +;; CHECK-NEXT: [trap out of bounds segment access in array.init_elem] + +;; CHECK: [fuzz-exec] calling init_active_in_bounds + +;; CHECK: [fuzz-exec] calling init_passive ;; CHECK-NEXT: [fuzz-exec] comparing func +;; CHECK-NEXT: [fuzz-exec] comparing init_active +;; CHECK-NEXT: [fuzz-exec] comparing init_active_in_bounds +;; CHECK-NEXT: [fuzz-exec] comparing init_passive +;; CHECK-NEXT: [fuzz-exec] comparing new_active +;; CHECK-NEXT: [fuzz-exec] comparing new_active_in_bounds +;; CHECK-NEXT: [fuzz-exec] comparing new_passive |