Validate local count in local.set/get/tee #363
Conversation
lib/fizzy/parser.cpp
Outdated
| uint64_t local_count = 0; | ||
| for (const auto& l : locals_vec) | ||
| { | ||
| local_count += l.count; | ||
| if (local_count > std::numeric_limits<uint32_t>::max()) | ||
| throw parser_error{"too many local variables"}; | ||
| } | ||
|
|
||
| auto [code, pos2] = parse_expr(pos1, end, static_cast<uint32_t>(local_count), func_idx, module); |
There was a problem hiding this comment.
First I tried to pass on locals_vec but realised it would need to do this counting again. We can refactor this when type checking is introduced, because then we'll need the types of locals.
lib/fizzy/parser_expr.cpp
Outdated
| @@ -564,6 +566,13 @@ parser_result<Code> parse_expr( | |||
| { | |||
| uint32_t imm; | |||
| std::tie(imm, pos) = leb128u_decode<uint32_t>(pos, end); | |||
|
|
|||
| if (instr == Instr::local_get || instr == Instr::local_set) | |||
There was a problem hiding this comment.
Need to add local_tee here. However it seems that doesn't change the number of successful validation tests, which suggests they are not covered upstream.
axic
force-pushed
the
validate-locals
branch
3 times, most recently
from
2320ef5 to
4d72375
Compare
Codecov Report
@@ Coverage Diff @@
## master #363 +/- ##
========================================
Coverage 99.32% 99.32%
========================================
Files 42 42
Lines 12692 12829 +137
========================================
+ Hits 12606 12743 +137
Misses 86 86 |
axic
force-pushed
the
validate-locals
branch
4 times, most recently
from
327178a to
62a933e
Compare
lib/fizzy/parser_expr.cpp
Outdated
| @@ -148,6 +150,12 @@ parser_result<Code> parse_expr( | |||
| // The function's implicit block. | |||
| control_stack.emplace(Instr::block, function_arity, 0); | |||
|
|
|||
| // This is needed for aiding validation. | |||
| assert((uint64_t{local_count} + module.typesec[func_type_idx].inputs.size()) <= | |||
There was a problem hiding this comment.
Probably should make this a proper parser error... or is this more like a missing case in the spec?!
axic
force-pushed
the
validate-locals
branch
2 times, most recently
from
d04fa37 to
cc6693e
Compare
| const uint8_t* input, const uint8_t* end, FuncIdx func_idx, const Module& module); | ||
| /// @param input The beginning of the expr binary input. | ||
| /// @param end The end of the binary input. | ||
| /// @param local_count The number of locals defined. |
There was a problem hiding this comment.
We are going to need types for type validation, maybe makes sense to pass const Locals& right away?
There was a problem hiding this comment.
This was discussed in the an earlier comment. I started out with std::vector<Locals> but then local counting and validation of it has to be moved into parse_expr, which I think isn't the nicest.
I'd defer this work once we implement type checking.
There was a problem hiding this comment.
Maybe create Code object in Module before parse_expr?
There was a problem hiding this comment.
Maybe create
Codeobject inModulebeforeparse_expr?
I would advice against this, because it would make code confusingly both input and output parameter
There was a problem hiding this comment.
It does not mean that parse_expr should return Code. Maybe it should return Expr. But is also bad to ask parse_expr to move the information about locals (here local_count, maybe type information later) from one place to another. That's unneeded and trivial responsibility.
lib/fizzy/parser_expr.cpp
Outdated
| // This is needed for aiding validation. | ||
| assert((uint64_t{local_count} + module.typesec[func_type_idx].inputs.size()) <= | ||
| std::numeric_limits<uint32_t>::max()); | ||
| const uint32_t max_local_index = |
There was a problem hiding this comment.
Well it's not max index, maybe total_local_arg_count or local_and_arg_count
There was a problem hiding this comment.
Why isn't it max index? The immediate it is compared against is called "local index".
axic
force-pushed
the
validate-locals
branch
2 times, most recently
from
b79d3dd to
0488136
Compare
|
Looks ok, needs a test fro validation failure. |
axic
force-pushed
the
validate-locals
branch
2 times, most recently
from
7ae75ca to
ddf45be
Compare
|
@gumb0 added tests. |
| // The function's implicit block. | ||
| control_stack.emplace(Instr::block, function_arity, 0); | ||
|
|
||
| // This is needed for aiding validation. | ||
| assert( | ||
| (uint64_t{local_count} + func_type.inputs.size()) <= std::numeric_limits<uint32_t>::max()); |
There was a problem hiding this comment.
I think this case is also missing from the spectests.
axic
force-pushed
the
validate-locals
branch
2 times, most recently
from
99a24b8 to
2813c84
Compare
No description provided.