Validate type references by index by zherczeg · Pull Request #2584 · WebAssembly/wabt

zherczeg · 2025-04-16T10:30:50Z

This patch is another bugfix.

zherczeg · 2025-04-16T10:39:14Z

 }

+Result SharedValidator::EndTypeSection() {
+  Result result = Result::Ok;


This is a new event in SharedValidator. This check could be done in OnFuncType, but then we needed the OnTypeCount event, which is also not used by the validator.

Since the Google v8 engine has separate reference types for array/struct, we might need to check the reference type in the future as well, and we cannot do that before reading all types.

zherczeg · 2025-04-16T10:40:43Z

+
+  for (auto func_type : func_types_) {
+    for (auto type : func_type.second.params) {
+      result |= CheckReferenceType(Location(), type, "params");


We don't have the locations at this point.

zherczeg · 2025-04-16T10:49:18Z

The parser also validates the references to provide nice error locations, which is a double check when the validator is used. However the check in the parser has an advantage: implicit function type indicies are not accepted, which I think is a user friendly thing.

zherczeg · 2025-04-17T04:49:31Z

Btw, I agree that the current max: error message is not the best, but we should improve it everywhere for consistency. Perhaps the value - 1 for max: could be better with a special string when the value is zero. Please decide it, and I will update the code.

zherczeg · 2025-04-17T06:59:59Z

Thank you for the review, I have updated the patch.

sbc100 · 2025-04-17T16:11:45Z

Btw, I agree that the current max: error message is not the best, but we should improve it everywhere for consistency. Perhaps the value - 1 for max: could be better with a special string when the value is zero. Please decide it, and I will update the code.

Leaving as is, for consistency, seems fine to me.

zherczeg · 2025-04-22T20:14:31Z

Is there anything I need to do?

sbc100 · 2025-04-22T21:40:06Z

    if (type.is_index()) {
-      // TODO: Incorrect values can be misinterpreted by the parser.
-      if (type.index() >= static_cast<Index>(Type::Void)) {
+      if (IsIndexLikelyType(type.index())) {


From the code that follows it looks like we are trying to distinguish reference types from function types? Is that right? How about something like IsReferenceType? I'm not really sure what IsIndexLikelyType means here... perhaps I'm misunderstanding?

It is not just reference type, it is currently any type. The ParseValueType encodes the value type as index.

For example: the binary code of (func $f (param i64 (ref 0xfffffffe))) is

; func type 0 000000b: 60 ; func 000000c: 02 ; num params 000000d: 7e ; i64 000000e: 7e ; i64 000000f: 00 ; num results

The i64 is encoded as 0xfffffffe, which is stored in the index. Also, the (ref 0xfffffffe) is converted to i64, because currently it is impossible to tell the difference (at the moment). The function_ref patch will fix this issue.

zherczeg · 2025-04-25T05:34:39Z

Rebased this patch (no change). Can you land it? Thank you!

Also fix a reference parsing bug when named locals are used.

zherczeg · 2025-04-27T14:14:45Z

@sbc100 could you land this approved patch? Thank you!

zherczeg commented Apr 16, 2025

View reviewed changes

zherczeg force-pushed the ref_index_fix branch from bb004d9 to 55df53a Compare April 16, 2025 10:46

sbc100 reviewed Apr 16, 2025

View reviewed changes

Comment thread test/gen-wasm.py

Comment thread test/parse/bad-references.txt

Comment thread src/wast-parser.cc Outdated

Comment thread src/wast-parser.cc

Comment thread src/shared-validator.cc Outdated

zherczeg force-pushed the ref_index_fix branch 3 times, most recently from 547b2db to 5f9d5a3 Compare April 17, 2025 06:41

sbc100 approved these changes Apr 22, 2025

View reviewed changes

zherczeg force-pushed the ref_index_fix branch from 5f9d5a3 to 6bb5f3d Compare April 25, 2025 05:08

Validate type references by index

2da4449

Also fix a reference parsing bug when named locals are used.

zherczeg force-pushed the ref_index_fix branch from 6bb5f3d to 2da4449 Compare April 27, 2025 11:20

sbc100 merged commit 96dfd60 into WebAssembly:main Apr 27, 2025

zherczeg deleted the ref_index_fix branch April 28, 2025 04:19

Conversation

zherczeg commented Apr 16, 2025

Uh oh!

zherczeg Apr 16, 2025

Choose a reason for hiding this comment

Uh oh!

zherczeg Apr 16, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

zherczeg commented Apr 16, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

zherczeg commented Apr 17, 2025

Uh oh!

zherczeg commented Apr 17, 2025

Uh oh!

sbc100 commented Apr 17, 2025

Uh oh!

zherczeg commented Apr 22, 2025

Uh oh!

sbc100 Apr 22, 2025

Choose a reason for hiding this comment

Uh oh!

zherczeg Apr 23, 2025

Choose a reason for hiding this comment

Uh oh!

sbc100 Apr 23, 2025

Choose a reason for hiding this comment

Uh oh!

zherczeg commented Apr 25, 2025

Uh oh!

zherczeg commented Apr 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants