From a1187630835e747ba7609296ab0ecb85df0b07b2 Mon Sep 17 00:00:00 2001 From: Alon Zakai Date: Tue, 9 Mar 2021 12:30:36 -0800 Subject: [Wasm GC] Properly handle "typeindex" in the binary format (#3663) We handled them as S63 instead of U32. That should be fine, as all U32 values fit in S63. But it is not strictly correct. The signed encoding may use an additional byte which is unnecessary, and there is an actual correctness issue where a U32 may be interpreted as a large negative S63 (because it sign extends a final bit that happens to be 1). May help #3656 but that testcase still does not pass even with this. --- src/wasm/wasm-binary.cpp | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-) (limited to 'src/wasm/wasm-binary.cpp') diff --git a/src/wasm/wasm-binary.cpp b/src/wasm/wasm-binary.cpp index dacb6edbb..2eb8bdcde 100644 --- a/src/wasm/wasm-binary.cpp +++ b/src/wasm/wasm-binary.cpp @@ -1185,7 +1185,7 @@ void WasmBinaryWriter::writeType(Type type) { } else { o << S32LEB(BinaryConsts::EncodedType::rtt); } - writeHeapType(rtt.heapType); + writeIndexedHeapType(rtt.heapType); return; } int ret = 0; @@ -1267,6 +1267,10 @@ void WasmBinaryWriter::writeHeapType(HeapType type) { o << S64LEB(ret); // TODO: Actually s33 } +void WasmBinaryWriter::writeIndexedHeapType(HeapType type) { + o << U32LEB(getTypeIndex(type)); +} + void WasmBinaryWriter::writeField(const Field& field) { if (field.type == Type::i32 && field.packedType != Field::not_packed) { if (field.packedType == Field::i8) { @@ -1676,6 +1680,14 @@ HeapType WasmBinaryBuilder::getHeapType() { WASM_UNREACHABLE("unexpected type"); } +HeapType WasmBinaryBuilder::getIndexedHeapType() { + auto index = getU32LEB(); + if (index >= types.size()) { + throwError("invalid heap type index: " + std::to_string(index)); + } + return types[index]; +} + Type WasmBinaryBuilder::getConcreteType() { auto type = getType(); if (!type.isConcrete()) { @@ -1789,11 +1801,7 @@ void WasmBinaryBuilder::readTypes() { case BinaryConsts::EncodedType::rtt: { auto depth = typeCode == BinaryConsts::EncodedType::rtt ? Rtt::NoDepth : getU32LEB(); - int64_t htCode = getS64LEB(); // TODO: Actually s33 - HeapType ht; - if (getBasicHeapType(htCode, ht)) { - return Type(Rtt(depth, ht)); - } + auto htCode = getU32LEB(); if (size_t(htCode) >= numTypes) { throwError("invalid type index: " + std::to_string(htCode)); } @@ -6359,7 +6367,7 @@ bool WasmBinaryBuilder::maybeVisitRttCanon(Expression*& out, uint32_t code) { if (code != BinaryConsts::RttCanon) { return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); out = Builder(wasm).makeRttCanon(heapType); return true; } @@ -6368,7 +6376,7 @@ bool WasmBinaryBuilder::maybeVisitRttSub(Expression*& out, uint32_t code) { if (code != BinaryConsts::RttSub) { return false; } - auto targetHeapType = getHeapType(); + auto targetHeapType = getIndexedHeapType(); auto* parent = popNonVoidExpression(); out = Builder(wasm).makeRttSub(targetHeapType, parent); return true; @@ -6379,7 +6387,7 @@ bool WasmBinaryBuilder::maybeVisitStructNew(Expression*& out, uint32_t code) { code != BinaryConsts::StructNewDefaultWithRtt) { return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); auto* rtt = popNonVoidExpression(); validateHeapTypeUsingChild(rtt, heapType); std::vector operands; @@ -6411,7 +6419,7 @@ bool WasmBinaryBuilder::maybeVisitStructGet(Expression*& out, uint32_t code) { default: return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); curr->index = getU32LEB(); curr->ref = popNonVoidExpression(); validateHeapTypeUsingChild(curr->ref, heapType); @@ -6425,7 +6433,7 @@ bool WasmBinaryBuilder::maybeVisitStructSet(Expression*& out, uint32_t code) { return false; } auto* curr = allocator.alloc(); - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); curr->index = getU32LEB(); curr->value = popNonVoidExpression(); curr->ref = popNonVoidExpression(); @@ -6440,7 +6448,7 @@ bool WasmBinaryBuilder::maybeVisitArrayNew(Expression*& out, uint32_t code) { code != BinaryConsts::ArrayNewDefaultWithRtt) { return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); auto* rtt = popNonVoidExpression(); validateHeapTypeUsingChild(rtt, heapType); auto* size = popNonVoidExpression(); @@ -6464,7 +6472,7 @@ bool WasmBinaryBuilder::maybeVisitArrayGet(Expression*& out, uint32_t code) { default: return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); auto* index = popNonVoidExpression(); auto* ref = popNonVoidExpression(); validateHeapTypeUsingChild(ref, heapType); @@ -6476,7 +6484,7 @@ bool WasmBinaryBuilder::maybeVisitArraySet(Expression*& out, uint32_t code) { if (code != BinaryConsts::ArraySet) { return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); auto* value = popNonVoidExpression(); auto* index = popNonVoidExpression(); auto* ref = popNonVoidExpression(); @@ -6489,7 +6497,7 @@ bool WasmBinaryBuilder::maybeVisitArrayLen(Expression*& out, uint32_t code) { if (code != BinaryConsts::ArrayLen) { return false; } - auto heapType = getHeapType(); + auto heapType = getIndexedHeapType(); auto* ref = popNonVoidExpression(); validateHeapTypeUsingChild(ref, heapType); out = Builder(wasm).makeArrayLen(ref); -- cgit v1.2.3