From 415bbbd5c04733d81a1463060c40e8f3e43c5254 Mon Sep 17 00:00:00 2001 From: Alon Zakai Date: Thu, 22 Feb 2024 09:47:59 -0800 Subject: [PATCH 1/2] fix --- src/wasm/wasm-validator.cpp | 35 ++++++++++++++++--- .../validation/call-indirect-subtyping.wast | 22 ++++++++++++ 2 files changed, 52 insertions(+), 5 deletions(-) create mode 100644 test/lit/validation/call-indirect-subtyping.wast diff --git a/src/wasm/wasm-validator.cpp b/src/wasm/wasm-validator.cpp index 3fbcb0bfb74..fd780651659 100644 --- a/src/wasm/wasm-validator.cpp +++ b/src/wasm/wasm-validator.cpp @@ -209,6 +209,19 @@ struct ValidationInfo { fail(text, curr, func); return false; } + + // HeapType 'left' should be a subtype of 'right'. + bool shouldBeSubType(HeapType left, + HeapType right, + Expression* curr, + const char* text, + Function* func = nullptr) { + if (HeapType::isSubType(left, right)) { + return true; + } + fail(text, curr, func); + return false; + } }; struct FunctionValidator : public WalkerPass> { @@ -530,6 +543,14 @@ struct FunctionValidator : public WalkerPass> { return info.shouldBeSubType(left, right, curr, text, getFunction()); } + bool + shouldBeSubType(HeapType left, + HeapType right, + Expression* curr, + const char* text) { + return info.shouldBeSubType(left, right, curr, text, getFunction()); + } + void validateAlignment( size_t align, Type type, Index bytes, bool isAtomic, Expression* curr); void validateMemBytes(uint8_t bytes, Type type, Expression* curr); @@ -958,11 +979,15 @@ void FunctionValidator::visitCallIndirect(CallIndirect* curr) { if (curr->target->type != Type::unreachable) { auto* table = getModule()->getTableOrNull(curr->table); - shouldBeTrue(!!table, curr, "call-indirect table must exist"); - if (table) { - shouldBeTrue(table->type.isFunction(), - curr, - "call-indirect table must be of function type."); + if (shouldBeTrue(!!table, curr, "call-indirect table must exist")) { + if (shouldBeTrue(table->type.isFunction(), + curr, + "call-indirect table must be of function type.")) { + shouldBeSubType(curr->heapType, + table->type.getHeapType(), + curr, + "call-indirect cast type must be a subtype of table"); + } } } diff --git a/test/lit/validation/call-indirect-subtyping.wast b/test/lit/validation/call-indirect-subtyping.wast new file mode 100644 index 00000000000..09fb3c4186d --- /dev/null +++ b/test/lit/validation/call-indirect-subtyping.wast @@ -0,0 +1,22 @@ +;; Check that we fail to validate a call_indirect whose cast type is not a +;; subtype of the table type. + +;; RUN: not wasm-opt -all %s -o - -S 2>&1 | filecheck %s + +;; CHECK: call-indirect cast type must be a subtype of table + +(module + (rec + (type $type-A (sub (func))) + (type $type-B (sub (func))) + ) + + (table $table-A 1 1 (ref null $type-A)) + + (func $test + (call_indirect $table-A (type $type-B) + (i32.const 0) + ) + ) +) + From 04fc865e5cfa0d43ad41d1b2b92b7159f228c540 Mon Sep 17 00:00:00 2001 From: Alon Zakai Date: Thu, 22 Feb 2024 09:48:18 -0800 Subject: [PATCH 2/2] format --- src/wasm/wasm-validator.cpp | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/wasm/wasm-validator.cpp b/src/wasm/wasm-validator.cpp index fd780651659..859a2f92e38 100644 --- a/src/wasm/wasm-validator.cpp +++ b/src/wasm/wasm-validator.cpp @@ -543,11 +543,10 @@ struct FunctionValidator : public WalkerPass> { return info.shouldBeSubType(left, right, curr, text, getFunction()); } - bool - shouldBeSubType(HeapType left, - HeapType right, - Expression* curr, - const char* text) { + bool shouldBeSubType(HeapType left, + HeapType right, + Expression* curr, + const char* text) { return info.shouldBeSubType(left, right, curr, text, getFunction()); }