| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The interpreter could overflow the stack without trapping properly in
`call_indirect` situations. While it would set the `out_trap` to the
trap reason, it would return `RunResult::Ok` and the interpreter code
would only check `RunResult::Ok` to decide whether or not to keep
running. In other words, while the stack overflow meant the interpreter
wouldn't push a frame onto the call stack, the interpreter loop would
continue advancing instructions, resulting in instructions after the
runaway `call_indirect` running.
If the offending `call_indirect` didn't have return values, it would be
as if the call returned normally. If it did have return values, nothing
would be pushed onto the value stack, yet the return types would be
pushed onto the type stack. With careful manipulation of the following
instructions, this could be used to cause all sorts of memory
corruption.
As it turns out, the function exit code, as well as a handful of other
instructions, do check the state of the value and type stacks and can
safely reproduce the bug without the memory corruption, so that's what
we made the test do.
The obvious fix was to make `call_indirect` propagate `RunResult::Trap`
properly. Additionally, we made it so `assert_exhaustion` checks both
the `RunResult` *and* the `out_trap`, and asserts if they don't match.
This should help catch similar bugs in the future.
Closes #2462
Fixes #2398
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
Fixes #2423
|
| |
|
|
|
| |
See https://github.com/WebAssembly/memory64/issues/51
Includes workaround for #2422
|
| | |
|
| |
|
|
|
|
|
| |
The main change here is because `comments.wast` was updated to include
a "quoted" module at the top level.
Previously quoted modules had only been used as part of invalid or
malformed assertion expressions.
|
| | |
|
| |
|
| |
See https://github.com/llvm/llvm-project/pull/81539
|
| | |
|
| | |
|
| |
|
|
| |
Previously: local[0..4294967295]
Current: local[]
|
| | |
|
| | |
|
| |
|
|
|
| |
Also adds an RLBox-like CI test where the embedder takes responsibility for signal handling
Co-authored-by: wrv <wrv@utexas.edu>
|
| |
|
|
|
| |
This makes the `then` block mandatory per the spec, and parses
multiple foldedinstrs in the `if` predicate (exercised by the new
if.wast test).
|
| |
|
|
|
| |
This matches the behaviour of i32 printing.
Ref: https://github.com/WebAssembly/wabt/pull/2342
|
| | |
|
| |
|
| |
See https://github.com/llvm/llvm-project/pull/67493
|
| | |
|
| |
|
|
|
|
|
| |
The tag name subsection currently has the speculative ID of 10.
However, the extended-name-section proposal has now been updated to
use an ID of 11 for the tag name section. This updates the
NameSectionSubsection enum accordingly, as well as adding a field
name section with the ID of 10.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, attempting to read from a pipe would result in an error:
'not a regular file', disallowing use of files like /dev/stdin or
/dev/fd/3, named fifos, sockets, etc.
The tools already understand how to (try to) read from non-regular
files, so this change attempts to do so when the input is not seek-able
(the "regular file" capability that's in use here).
Additionally, this adds a test for the new behavior using a bash
herestring and process substitution (the latter of which shows up in
argv as something like `/dev/fd/NN`). Since bash isn't commonly
installed on Windows, this change also introduces a new capability to
filter tests to specific platforms (sorry).
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
We are seeing some (spurious?) warning from gcc 12.2.
I've been seeing them locally, but they started to show up in CI
as part of #2292.
|
| |
|
|
|
|
| |
This continues the work from #1783 and reduces special handling of elem
exprs, by treating them the same as other const expressions (init
expressions).
|
| |
|
|
|
|
|
|
|
| |
Fixes #2283
Previously, the OnSelectExpr delegate would terminate validation if the
SharedValidator found an error in the expression, or if the Validator
had previously found an error at any point in validating the module.
This commit normalizes the behavior to match how the Validator handles
other expression types.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, in BinaryReaderObjdumpDisassemble::BeginFunctionBody,
we had:
local_index_ = objdump_state_->function_param_counts[index];
where index is the index of the function i.e. we treat the keys of
function_param_counts as function indices.
However, function_param_counts is populated in OnFuncType with:
objdump_state_->function_param_counts[index] = param_count;
where index is the index of the type i.e. we treat the keys of
function_param_counts as type indices.
This discrepancy would cause the locals to be incorrectly numbered
in the "Code Disassembly" section.
This fixes the discrepancy by adding a new field, function_types,
which maps from function indices to type indices, and is populated
in BinaryReaderObjdump::OnFunction. This field is used in
BinaryReaderObjdumpDisassemble::BeginFunctionBody to get the type
index for the given function, which is then used to get the
parameter count.
Fixes #2264.
|
| |
|
| |
With memory64, the offset becomes a u64.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* memory64: when enabled, offset range check is at validation-time
Before memory64, the "offset" in a load/store expression was
a u32, and we enforced this in the WastParser and BinaryReader.
After memory64, the "offset" becomes a u64 syntactically, and the
validator checks that it's <= UINT32_MAX for i32 memories.
We hadn't been correctly allowing these very large offsets
in the text format (even when memory64 was enabled and the memory
was i64).
(This change also eliminates the "memories" member in the
BinaryReader. The BinaryReader no longer needs to keep track
of the memories and their types to check well-formedness.)
|
| |
|
|
|
|
| |
Previously assert_malformed was treated the same as assert_invalid
Also fixes a bug where spectest-interp wasn't trying to validate
text modules (e.g. `(assert_invalid (module quote "...") "")`).
|
| | |
|
