Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't affect memory on partial out-of-bounds stores #439

Merged
merged 2 commits into from
Mar 10, 2017
Merged

Don't affect memory on partial out-of-bounds stores #439

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bf47fd3
Don't affect memory on partial out-of-bounds stores
rossberg Mar 2, 2017
1836a65
Test float stores
rossberg Mar 7, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions interpreter/spec/memory.ml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,17 +76,18 @@ let loadn mem n ea =
assert (n > 0 && n <= 8);
let rec loop mem n i =
if n = 0 then 0L else
let rest = Int64.(shift_left (loop mem (n - 1) (add i 1L)) 8) in
let byte = Int64.of_int (Array1_64.get mem.content i) in
Int64.(logor byte (shift_left (loop mem (n - 1) (add i 1L)) 8))
Int64.logor byte rest
in
try loop mem n ea with Invalid_argument _ -> raise Bounds

let storen mem n ea v =
assert (n > 0 && n <= 8);
let rec loop mem n i v =
if n > 0 then begin
Array1_64.set mem.content i (Int64.to_int v land 255);
Int64.(loop mem (n - 1) (add i 1L) (shift_right v 8))
Int64.(loop mem (n - 1) (add i 1L) (shift_right v 8));
Array1_64.set mem.content i (Int64.to_int v land 255)
end
in
try loop mem n ea v with Invalid_argument _ -> raise Bounds
Expand Down
90 changes: 90 additions & 0 deletions test/core/memory_trap.wast
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,93 @@
(assert_trap (invoke "store" (i32.const 0x80000000) (i32.const 13)) "out of bounds memory access")
(assert_trap (invoke "load" (i32.const 0x80000000)) "out of bounds memory access")
(assert_return (invoke "grow_memory" (i32.const 0x10001)) (i32.const -1))


(module
(memory 1)

(func (export "i32.store16") (param $a i32) (param $v i32)
(i32.store16 (get_local $a) (get_local $v))
)
(func (export "i32.store") (param $a i32) (param $v i32)
(i32.store (get_local $a) (get_local $v))
)
(func (export "i64.store16") (param $a i32) (param $v i64)
(i64.store16 (get_local $a) (get_local $v))
)
(func (export "i64.store32") (param $a i32) (param $v i64)
(i64.store32 (get_local $a) (get_local $v))
)
(func (export "i64.store") (param $a i32) (param $v i64)
(i64.store (get_local $a) (get_local $v))
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest testing f32 and f64 stores too, since it's not uncommon for JIT implementations to handle those separately from integer stores.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, done.


(func (export "i64.load") (param $a i32) (result i64)
(i64.load (get_local $a))
)
)

(assert_trap
(invoke "i32.store16" (i32.const 0xffff) (i32.const 0x01234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i32.store" (i32.const 0xffff) (i32.const 0x01234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i32.store" (i32.const 0xfffe) (i32.const 0x01234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i32.store" (i32.const 0xfffd) (i32.const 0x01234567))
"out of bounds memory access"
)

(assert_trap
(invoke "i64.store16" (i32.const 0xffff) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store32" (i32.const 0xffff) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store32" (i32.const 0xfffe) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store32" (i32.const 0xfffd) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xffff) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfffe) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfffd) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfffc) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfffb) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfffa) (i64.const 0x0123456701234567))
"out of bounds memory access"
)
(assert_trap
(invoke "i64.store" (i32.const 0xfff9) (i64.const 0x0123456701234567))
"out of bounds memory access"
)

;; No memory was changed
(assert_return (invoke "i64.load" (i32.const 0xfff8)) (i64.const 0))