Update testsuite (#1275)

The two primary changes involved are:

1. Removal of `assert_return_canonical_nan`/`arithetic nan` in favor of
   special `nan:canonical`/`nan:arithmetic` constants that can only be
   used in test expectations.
   See: WebAssembly/spec#1104

2. New trapping behaviour for bulk memory operations.  Range checks are
   now performed up front for opterations such as memory.fill and
   memory.copy.
   See: WebAssembly/bulk-memory-operations#111
   And: WebAssembly/bulk-memory-operations#123
   The old behaviour is still kept around to support table.fill which
   is defined in reference-types proposal and has yet to be updated.

Author: sbc100

fuzz-in/wast.dict

@@ -225,7 +225,5 @@ op_assert_malformed="assert_malformed"
 op_assert_invalid="assert_invalid"
 op_assert_unlinkable="assert_unlinkable"
 op_assert_return="assert_return"
-op_assert_return_canonical_nan="assert_return_canonical_nan"
-op_assert_return_arithmetic_nan="assert_return_arithmetic_nan"
 op_assert_trap="assert_trap"
 op_assert_exhaustion="assert_exhaustion"

src/binary-writer-spec.cc

@@ -131,8 +131,6 @@ void BinaryWriterSpec::WriteCommandType(const Command& command) {
       "assert_uninstantiable",
       "assert_return",
       "assert_return_func",
-      "assert_return_canonical_nan",
-      "assert_return_arithmetic_nan",
       "assert_trap",
       "assert_exhaustion",
   };
@@ -189,7 +187,15 @@ void BinaryWriterSpec::WriteConst(const Const& const_) {
       WriteString("f32");
       WriteSeparator();
       WriteKey("value");
-      json_stream_->Writef("\"%u\"", const_.f32_bits);
+      if (const_.is_expected_nan) {
+        if (const_.expected == ExpectedNan::Arithmetic) {
+          WriteString("nan:arithmetic");
+        } else {
+          WriteString("nan:canonical");
+        }
+      } else {
+        json_stream_->Writef("\"%u\"", const_.f32_bits);
+      }
       break;
     }
 
@@ -198,7 +204,15 @@ void BinaryWriterSpec::WriteConst(const Const& const_) {
       WriteString("f64");
       WriteSeparator();
       WriteKey("value");
-      json_stream_->Writef("\"%" PRIu64 "\"", const_.f64_bits);
+      if (const_.is_expected_nan) {
+        if (const_.expected == ExpectedNan::Arithmetic) {
+          WriteString("nan:arithmetic");
+        } else {
+          WriteString("nan:canonical");
+        }
+      } else {
+        json_stream_->Writef("\"%" PRIu64 "\"", const_.f64_bits);
+      }
       break;
     }
 
@@ -490,30 +504,6 @@ void BinaryWriterSpec::WriteCommands() {
         break;
       }
 
-      case CommandType::AssertReturnCanonicalNan: {
-        auto* assert_return_canonical_nan_command =
-            cast<AssertReturnCanonicalNanCommand>(command);
-        WriteLocation(assert_return_canonical_nan_command->action->loc);
-        WriteSeparator();
-        WriteAction(*assert_return_canonical_nan_command->action);
-        WriteSeparator();
-        WriteKey("expected");
-        WriteActionResultType(*assert_return_canonical_nan_command->action);
-        break;
-      }
-
-      case CommandType::AssertReturnArithmeticNan: {
-        auto* assert_return_arithmetic_nan_command =
-            cast<AssertReturnArithmeticNanCommand>(command);
-        WriteLocation(assert_return_arithmetic_nan_command->action->loc);
-        WriteSeparator();
-        WriteAction(*assert_return_arithmetic_nan_command->action);
-        WriteSeparator();
-        WriteKey("expected");
-        WriteActionResultType(*assert_return_arithmetic_nan_command->action);
-        break;
-      }
-
       case CommandType::AssertTrap: {
         auto* assert_trap_command = cast<AssertTrapCommand>(command);
         WriteLocation(assert_trap_command->action->loc);

src/common.h

@@ -235,6 +235,12 @@ enum class SegmentKind {
   Declared,
 };
 
+// Used in test asserts for special expected values "nan:canonical" and "nan:arithmetic"
+enum class ExpectedNan {
+  Canonical,
+  Arithmetic,
+};
+
 // Matches binary format, do not change.
 enum SegmentFlags : uint8_t {
   SegFlagsNone = 0,

src/interp/binary-reader-interp.cc

@@ -1130,11 +1130,6 @@ wabt::Result BinaryReaderInterp::OnElemSegmentElemExprCount(Index index,
   if (segment_flags_ & SegPassive) {
     elem_segment_info_ = nullptr;
   } else {
-    // An active segment still is present in the segment index space, but
-    // cannot be used with `table.init` (it's as if it has already been
-    // dropped).
-    elem_segment_->dropped = true;
-
     assert(segment_table_index_ != kInvalidIndex);
     Table* table = GetTableByModuleIndex(segment_table_index_);
     module_->active_elem_segments_.emplace_back(table, table_offset_);
@@ -1146,7 +1141,11 @@ wabt::Result BinaryReaderInterp::OnElemSegmentElemExprCount(Index index,
 wabt::Result BinaryReaderInterp::OnElemSegmentElemExpr_RefNull(
     Index segment_index) {
   assert(segment_flags_ & SegUseElemExprs);
-  elem_segment_->elems.push_back({RefType::Null, kInvalidIndex});
+  if (segment_flags_ & SegPassive) {
+    elem_segment_->elems.push_back({RefType::Null, kInvalidIndex});
+  } else {
+    elem_segment_info_->src.push_back({RefType::Null, kInvalidIndex});
+  }
   return wabt::Result::Ok;
 }
 
@@ -1207,11 +1206,6 @@ wabt::Result BinaryReaderInterp::OnDataSegmentData(Index index,
       return wabt::Result::Error;
     }
 
-    // An active segment still is present in the segment index space, but
-    // cannot be used with `memory.init` (it's as if it has already been
-    // dropped).
-    segment->dropped = true;
-
     assert(module_->memory_index != kInvalidIndex);
     Memory* memory = env_->GetMemory(module_->memory_index);
     Address address = init_expr_value_.value.i32;

src/interp/interp.cc

@@ -1018,7 +1018,11 @@ Result Thread::AtomicRmwCmpxchg(const uint8_t** pc) {
   return Push<ResultValueType>(static_cast<ExtendedType>(read));
 }
 
-bool ClampToBounds(uint32_t start, uint32_t* length, uint32_t max) {
+// This function is used to clanp the bound for table.fill operations.  This
+// can be removed once the behaviour of table.fill is updated to match the
+// new bulk meory semantics, which is to trap early on OOB.
+// See: https://github.com/webassembly/bulk-memory-operations/issues/111
+static bool ClampToBounds(uint32_t start, uint32_t* length, uint32_t max) {
   if (start > max) {
     *length = 0;
     return false;
@@ -1031,6 +1035,14 @@ bool ClampToBounds(uint32_t start, uint32_t* length, uint32_t max) {
   return true;
 }
 
+static bool CheckBounds(uint32_t start, uint32_t length, uint32_t max) {
+  if (start > max) {
+    return false;
+  }
+  uint32_t avail = max - start;
+  return length <= avail;
+}
+
 Result Thread::MemoryInit(const uint8_t** pc) {
   Memory* memory = ReadMemory(pc);
   DataSegment* segment = ReadDataSegment(pc);
@@ -1039,22 +1051,20 @@ Result Thread::MemoryInit(const uint8_t** pc) {
   uint32_t size = Pop<uint32_t>();
   uint32_t src = Pop<uint32_t>();
   uint32_t dst = Pop<uint32_t>();
+  bool ok = CheckBounds(dst, size, memory_size);
+  ok &= CheckBounds(src, size, segment_size);
+  if (!ok) {
+    TRAP_MSG(MemoryAccessOutOfBounds, "memory.init out of bounds");
+  }
   if (size > 0) {
-    TRAP_IF(segment->dropped, DataSegmentDropped);
-    bool ok = ClampToBounds(dst, &size, memory_size);
-    ok &= ClampToBounds(src, &size, segment_size);
-    if (!ok) {
-      TRAP_MSG(MemoryAccessOutOfBounds, "memory.init out of bounds");
-    }
     memcpy(memory->data.data() + dst, segment->data.data() + src, size);
   }
   return ResultType::Ok;
 }
 
 Result Thread::DataDrop(const uint8_t** pc) {
   DataSegment* segment = ReadDataSegment(pc);
-  TRAP_IF(segment->dropped, DataSegmentDropped);
-  segment->dropped = true;
+  segment->data.clear();
   return ResultType::Ok;
 }
 
@@ -1064,12 +1074,12 @@ Result Thread::MemoryCopy(const uint8_t** pc) {
   uint32_t size = Pop<uint32_t>();
   uint32_t src = Pop<uint32_t>();
   uint32_t dst = Pop<uint32_t>();
+  bool ok = CheckBounds(dst, size, memory_size);
+  ok &= CheckBounds(src, size, memory_size);
+  if (!ok) {
+    TRAP_MSG(MemoryAccessOutOfBounds, "memory.copy out of bound");
+  }
   if (size > 0) {
-    bool ok = ClampToBounds(dst, &size, memory_size);
-    ok &= ClampToBounds(src, &size, memory_size);
-    if (!ok) {
-      TRAP_MSG(MemoryAccessOutOfBounds, "memory.copy out of bound");
-    }
     char* data = memory->data.data();
     memmove(data + dst, data + src, size);
   }
@@ -1082,11 +1092,10 @@ Result Thread::MemoryFill(const uint8_t** pc) {
   uint32_t size = Pop<uint32_t>();
   uint8_t value = static_cast<uint8_t>(Pop<uint32_t>());
   uint32_t dst = Pop<uint32_t>();
+  if (!CheckBounds(dst, size, memory_size)) {
+    TRAP_MSG(MemoryAccessOutOfBounds, "memory.fill out of bounds");
+  }
   if (size > 0) {
-    bool ok = ClampToBounds(dst, &size, memory_size);
-    if (!ok) {
-      TRAP_MSG(MemoryAccessOutOfBounds, "memory.fill out of bounds");
-    }
     memset(memory->data.data() + dst, value, size);
   }
   return ResultType::Ok;
@@ -1099,13 +1108,12 @@ Result Thread::TableInit(const uint8_t** pc) {
   uint32_t size = Pop<uint32_t>();
   uint32_t src = Pop<uint32_t>();
   uint32_t dst = Pop<uint32_t>();
+  bool ok = CheckBounds(dst, size, table->size());
+  ok &= CheckBounds(src, size, segment_size);
+  if (!ok) {
+    TRAP_MSG(TableAccessOutOfBounds, "table.init out of bounds");
+  }
   if (size > 0) {
-    TRAP_IF(segment->dropped, ElemSegmentDropped);
-    bool ok = ClampToBounds(dst, &size, table->size());
-    ok &= ClampToBounds(src, &size, segment_size);
-    if (!ok) {
-      TRAP_MSG(TableAccessOutOfBounds, "table.init out of bounds");
-    }
     memcpy(table->entries.data() + dst, segment->elems.data() + src,
            size * sizeof(table->entries[0]));
   }
@@ -1144,14 +1152,13 @@ Result Thread::TableFill(const uint8_t** pc) {
   for (uint32_t i = 0; i < size; i++) {
     table->entries[dst+i] = value;
   }
-  TRAP_IF(!ok, MemoryAccessOutOfBounds);
+  TRAP_IF(!ok, TableAccessOutOfBounds);
   return ResultType::Ok;
 }
 
 Result Thread::ElemDrop(const uint8_t** pc) {
   ElemSegment* segment = ReadElemSegment(pc);
-  TRAP_IF(segment->dropped, ElemSegmentDropped);
-  segment->dropped = true;
+  segment->elems.clear();
   return ResultType::Ok;
 }
 
@@ -1162,12 +1169,12 @@ Result Thread::TableCopy(const uint8_t** pc) {
   uint32_t size = Pop<uint32_t>();
   uint32_t src = Pop<uint32_t>();
   uint32_t dst = Pop<uint32_t>();
+  bool ok = CheckBounds(dst, size, dst_table->size());
+  ok &= CheckBounds(src, size, dst_table->size());
+  if (!ok) {
+    TRAP_MSG(TableAccessOutOfBounds, "table.copy out of bounds");
+  }
   if (size > 0) {
-    bool ok = ClampToBounds(dst, &size, dst_table->size());
-    ok &= ClampToBounds(src, &size, dst_table->size());
-    if (!ok) {
-      TRAP_MSG(TableAccessOutOfBounds, "table.copy out of bounds");
-    }
     Ref* data_src = src_table->entries.data();
     Ref* data_dst = dst_table->entries.data();
     memmove(data_dst + dst, data_src + src, size * sizeof(Ref));
@@ -3755,40 +3762,36 @@ Result Executor::InitializeSegments(DefinedModule* module) {
       uint32_t table_size = info.table->size();
       uint32_t segment_size = info.src.size();
       uint32_t copy_size = segment_size;
-      bool ok = ClampToBounds(info.dst, &copy_size, table_size);
-
-      if (pass == Init && copy_size > 0) {
-        std::copy(info.src.begin(), info.src.begin() + copy_size,
-                  info.table->entries.begin() + info.dst);
-      }
-
-      if (!ok) {
+      if (!CheckBounds(info.dst, copy_size, table_size)) {
         TRAP_MSG(TableAccessOutOfBounds,
                  "elem segment is out of bounds: [%u, %" PRIu64
                  ") >= max value %u",
                  info.dst, static_cast<uint64_t>(info.dst) + segment_size,
                  table_size);
       }
+
+      if (pass == Init && copy_size > 0) {
+        std::copy(info.src.begin(), info.src.begin() + copy_size,
+                  info.table->entries.begin() + info.dst);
+      }
     }
 
     for (const DataSegmentInfo& info : module->active_data_segments_) {
       uint32_t memory_size = info.memory->data.size();
       uint32_t segment_size = info.data.size();
       uint32_t copy_size = segment_size;
-      bool ok = ClampToBounds(info.dst, &copy_size, memory_size);
-
-      if (pass == Init && copy_size > 0) {
-        std::copy(info.data.begin(), info.data.begin() + copy_size,
-                  info.memory->data.begin() + info.dst);
-      }
-
-      if (!ok) {
+      if (!CheckBounds(info.dst, copy_size, memory_size)) {
         TRAP_MSG(MemoryAccessOutOfBounds,
                  "data segment is out of bounds: [%u, %" PRIu64
                  ") >= max value %u",
                  info.dst, static_cast<uint64_t>(info.dst) + segment_size,
                  memory_size);
       }
+
+      if (pass == Init && copy_size > 0) {
+        std::copy(info.data.begin(), info.data.begin() + copy_size,
+                  info.memory->data.begin() + info.dst);
+      }
     }
   }
 

src/interp/interp.h

@@ -66,10 +66,6 @@ namespace interp {
   V(TrapHostResultTypeMismatch, "host result type mismatch")                \
   /* we called an import function, but it didn't complete succesfully */    \
   V(TrapHostTrapped, "host function trapped")                               \
-  /* the data segment has been dropped. */                                  \
-  V(TrapDataSegmentDropped, "data segment dropped")                         \
-  /* the element segment has been dropped. */                               \
-  V(TrapElemSegmentDropped, "element segment dropped")                      \
   /* table access is out of bounds */                                       \
   V(TrapTableAccessOutOfBounds, "out of bounds table access")               \
   /* we attempted to call a function with the an argument list that doesn't \
@@ -150,14 +146,12 @@ struct DataSegment {
   DataSegment() = default;
 
   std::vector<char> data;
-  bool dropped = false;
 };
 
 struct ElemSegment {
   ElemSegment() = default;
 
   std::vector<Ref> elems;
-  bool dropped = false;
 };
 
 struct ElemSegmentInfo {
@@ -208,7 +202,7 @@ union Value {
 };
 
 struct TypedValue {
-  TypedValue() {}
+  TypedValue() = default;
   explicit TypedValue(Type type) : type(type) {}
   TypedValue(Type basetype, const Value& value) : type(basetype), value(value) {
     UpdateType();
@@ -780,8 +774,6 @@ std::string TypedValueToString(const TypedValue&);
 std::string ResultToString(Result);
 const char* ResultTypeToString(ResultType);
 
-bool ClampToBounds(uint32_t start, uint32_t* length, uint32_t max);
-
 void WriteTypedValue(Stream* stream, const TypedValue&);
 void WriteTypedValues(Stream* stream, const TypedValues&);
 void WriteResult(Stream* stream, const char* desc, Result);