Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix memory.grow bounds and overflow checks for mem64 #7112

Merged
merged 3 commits into from
Nov 25, 2024
Merged

Fix memory.grow bounds and overflow checks for mem64 #7112

merged 3 commits into from
Nov 25, 2024

Conversation

tlively
Copy link
Member

@tlively tlively commented Nov 25, 2024

Previously the interpreter only executed overflow and bounds checks for
memory.grow on 32-bit memories. Run the checks on 64-bit memories as well.

@tlively
Fix memory.grow bounds and overflow checks for mem64
640a101 
Previously the interpreter only executed overflow and bounds checks for
memory.grow on 32-bit memories. Run the checks on 64-bit memories as well.
sbc100
sbc100 reviewed Nov 25, 2024
View reviewed changes
src/wasm-interpreter.h Outdated
@@ -3836,10 +3836,14 @@ class ModuleRunnerBase : public ExpressionRunner<SubType> {
auto fail = Literal::makeFromInt64(-1, memory->addressType);
Flow ret = Literal::makeFromInt64(memorySize, addressType);
uint64_t delta = flow.getSingleValue().getUnsigned();
if (delta > uint32_t(-1) / Memory::kPageSize && addressType == Type::i32) {
uint64_t maxAddr =
addressType == Type::i32 ? uint64_t(uint32_t(-1)) : uint64_t(-1);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use UINT64_MAX and UINT32_MAX here?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use std::numeric_limits<int32_t>::min() etc. in other places.

Copy link
Member

@sbc100 sbc100 Nov 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yuck, that is so much harder to read than UINT32_MAX, no?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Heh, I don't feel strongly. I guess it is more C++ey and can support all types and all bounds. But I wouldn't object to switching.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I get that binaryen is fully in on all the C++ things :) So lgtm either way, I just wish C++ wasn't so verbose sometimes.

sbc100
sbc100 reviewed Nov 25, 2024
View reviewed changes
src/wasm-interpreter.h
@@ -3836,10 +3836,14 @@ class ModuleRunnerBase : public ExpressionRunner<SubType> {
auto fail = Literal::makeFromInt64(-1, memory->addressType);
Flow ret = Literal::makeFromInt64(memorySize, addressType);
uint64_t delta = flow.getSingleValue().getUnsigned();
if (delta > uint32_t(-1) / Memory::kPageSize && addressType == Type::i32) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Strange there wan't event a TODO here!

kripken
kripken approved these changes Nov 25, 2024
View reviewed changes
Copy link
Member

@kripken kripken left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm % open discussions

src/wasm-interpreter.h Outdated
@@ -3836,10 +3836,14 @@ class ModuleRunnerBase : public ExpressionRunner<SubType> {
auto fail = Literal::makeFromInt64(-1, memory->addressType);
Flow ret = Literal::makeFromInt64(memorySize, addressType);
uint64_t delta = flow.getSingleValue().getUnsigned();
if (delta > uint32_t(-1) / Memory::kPageSize && addressType == Type::i32) {
uint64_t maxAddr =
addressType == Type::i32 ? uint64_t(uint32_t(-1)) : uint64_t(-1);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use std::numeric_limits<int32_t>::min() etc. in other places.

@tlively tlively enabled auto-merge (squash) November 25, 2024 20:24
@tlively tlively merged commit 7cee025 into main Nov 25, 2024
13 checks passed
@tlively tlively deleted the mem-grow-i64-checks branch November 25, 2024 20:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbc100 sbc100 sbc100 left review comments

@kripken kripken kripken approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tlively @kripken @sbc100