Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[JSC] Improve Wasm binary test coverage 
https://bugs.webkit.org/show_bug.cgi?id=204843

Reviewed by Darin Adler.

JSTests:

* wasm/function-tests/grow-memory.js:
(binaryShouldNotParse):
* wasm/spec-tests/binary-leb128.wast.js:
* wasm/spec-tests/binary.wast.js:
* wasm/wasm.json:

Source/JavaScriptCore:

This patch fixes some of bugs in wasm parser so that we validate malformed wasm modules more strictly.

1. current_memory / grow_memory should have uint8 flag, not varuint32 flag.
2. global section should have uint8 mutability information, not varuint32.
3. memory section should have varuint32 memory count.

* wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseExpression):
(JSC::Wasm::FunctionParser<Context>::parseUnreachableExpression):
* wasm/WasmSectionParser.cpp:
(JSC::Wasm::SectionParser::parseResizableLimits):
(JSC::Wasm::SectionParser::parseMemory):
(JSC::Wasm::SectionParser::parseGlobalType):
* wasm/wasm.json:

Source/WTF:

LEBDecoder should have more strict validation. One thing is that, we should reject pattern that includes ignored bits.
For example, in uint32_t, we can represent UINT32_MAX in 5 bytes like this.

    0xff, 0xff, 0xff, 0xff, 0x0f
    0b1111111_1111111_1111111_1111111_1111

Leading bytes has 0x80 trailing marker. And they includes each 7 bit slice. And the last byte includes 0b1111 part.
But we can also make it in the following form

    0xff, 0xff, 0xff, 0xff, 0xff
    0b1111111_1111111_1111111_1111111_1111

In the above case, the last byte's upper 4 bits are ignored in the result, and this is wrong in LEB128 encoding.
We should reject this input since the last byte includes overflown bits.
This patch adds this validation to WTF.

* wtf/LEBDecoder.h:
(WTF::LEBDecoder::maxByteLength):
(WTF::LEBDecoder::lastByteMask):
(WTF::LEBDecoder::decodeUInt):
(WTF::LEBDecoder::decodeInt):

Tools:

We add more tests for LEBDecoder. In particular, the added tests focus on the case which overflow bits.

* TestWebKitAPI/Tests/WTF/LEBDecoder.cpp:
(TestWebKitAPI::toString):
(TestWebKitAPI::testUInt32LEBDecode):
(TestWebKitAPI::TEST):
(TestWebKitAPI::testUInt64LEBDecode):
(TestWebKitAPI::testInt32LEBDecode):
(TestWebKitAPI::testInt64LEBDecode):

Canonical link: https://commits.webkit.org/231741@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@269998 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
@Constellation
Constellation committed Nov 18, 2020
1 parent 71ab041 commit 25be2dc
Show file tree
Hide file tree
Showing 16 changed files with 266 additions and 229 deletions.
13 changes: 13 additions & 0 deletions JSTests/ChangeLog
View file
@@ -1,3 +1,16 @@
2020-11-17 Yusuke Suzuki <ysuzuki@apple.com>

[JSC] Improve Wasm binary test coverage
https://bugs.webkit.org/show_bug.cgi?id=204843

Reviewed by Darin Adler.

* wasm/function-tests/grow-memory.js:
(binaryShouldNotParse):
* wasm/spec-tests/binary-leb128.wast.js:
* wasm/spec-tests/binary.wast.js:
* wasm/wasm.json:

2020-11-18 Ross Kirsling <ross.kirsling@sony.com>

Update test262 (2020.11.18)
Expand Down
4 changes: 2 additions & 2 deletions JSTests/wasm/Builder_WebAssemblyBinary.js
View file
Expand Up @@ -38,7 +38,7 @@ const putResizableLimits = (bin, initial, maximum) => {
assert.truthy(typeof maximum === "undefined", "We expect 'maximum' to be an integer if it's defined");
}

put(bin, "varuint1", hasMaximum);
put(bin, "uint8", hasMaximum);
put(bin, "varuint32", initial);
if (hasMaximum)
put(bin, "varuint32", maximum);
Expand All @@ -55,7 +55,7 @@ const valueType = WASM.description.type.i32.type

const putGlobalType = (bin, global) => {
put(bin, valueType, WASM.typeValue[global.type]);
put(bin, "varuint1", global.mutability);
put(bin, "uint8", global.mutability);
};

const putOp = (bin, op) => {
Expand Down
12 changes: 6 additions & 6 deletions JSTests/wasm/function-tests/grow-memory.js
View file
Expand Up @@ -66,7 +66,7 @@ function binaryShouldNotParse(builder, msg = "") {
.End()
.End();

binaryShouldNotParse(builder, "reserved varUint1 for grow_memory must be zero");
binaryShouldNotParse(builder, "reserved byte for grow_memory must be zero");
}

{
Expand All @@ -83,7 +83,7 @@ function binaryShouldNotParse(builder, msg = "") {
.End()
.End();

binaryShouldNotParse(builder, "reserved varUint1 for current_memory must be zero");
binaryShouldNotParse(builder, "reserved byte for current_memory must be zero");
}

{
Expand All @@ -95,12 +95,12 @@ function binaryShouldNotParse(builder, msg = "") {
.Code()
.Function({ret: "void", params: []})
.I32Const(25)
.CurrentMemory(0xffffff00)
.CurrentMemory(0xff)
.Drop()
.End()
.End();

binaryShouldNotParse(builder, "can't parse reserved varUint1 for current_memory");
binaryShouldNotParse(builder, "reserved byte for current_memory must be zero");
}

{
Expand All @@ -112,12 +112,12 @@ function binaryShouldNotParse(builder, msg = "") {
.Code()
.Function({ret: "void", params: []})
.I32Const(25)
.GrowMemory(0xffffff00)
.GrowMemory(0xff)
.Drop()
.End()
.End();

binaryShouldNotParse(builder, "can't parse reserved varUint1 for grow_memory");
binaryShouldNotParse(builder, "reserved byte for grow_memory must be zero");
}

{
Expand Down
136 changes: 36 additions & 100 deletions JSTests/wasm/spec-tests/binary-leb128.wast.js
View file
Expand Up @@ -15,8 +15,8 @@ let $4 = instance("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x09\x01\x01\x82\x00\x82\
let $5 = instance("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x03\x01\x00\x00\x0b\x07\x01\x80\x00\x41\x00\x0b\x00");

// binary-leb128.wast:32
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// This is skipped because this module becomes invalid if wasm-reference is enabled. And we are supporting it.
// https://webassembly.github.io/reference-types/core/binary/modules.html#element-section
// let $6 = instance("\x00\x61\x73\x6d\x01\x00\x00\x00\x04\x04\x01\x70\x00\x00\x09\x07\x01\x80\x00\x41\x00\x0b\x00");

// binary-leb128.wast:40
Expand Down Expand Up @@ -146,171 +146,107 @@ assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x10\x01\x7e\x00\x42\x80\x
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x10\x01\x7e\x00\x42\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x7f\x0b");

// binary-leb128.wast:524
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x07\x01\x00\x82\x80\x80\x80\x70");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x07\x01\x00\x82\x80\x80\x80\x70");

// binary-leb128.wast:532
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x07\x01\x00\x82\x80\x80\x80\x40");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x07\x01\x00\x82\x80\x80\x80\x40");

// binary-leb128.wast:540
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x09\x01\x01\x82\x00\x82\x80\x80\x80\x10");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x09\x01\x01\x82\x00\x82\x80\x80\x80\x10");

// binary-leb128.wast:549
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x09\x01\x01\x82\x00\x82\x80\x80\x80\x40");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x09\x01\x01\x82\x00\x82\x80\x80\x80\x40");

// binary-leb128.wast:558
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x03\x01\x00\x00\x0b\x0a\x01\x80\x80\x80\x80\x10\x41\x00\x0b\x00");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x05\x03\x01\x00\x00\x0b\x0a\x01\x80\x80\x80\x80\x10\x41\x00\x0b\x00");

// binary-leb128.wast:569
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x04\x04\x01\x70\x00\x00\x09\x0a\x01\x80\x80\x80\x80\x10\x41\x00\x0b\x00");

// binary-leb128.wast:580
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x00\x83\x80\x80\x80\x10\x01\x31\x32");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x00\x83\x80\x80\x80\x10\x01\x31\x32");

// binary-leb128.wast:591
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x00\x09\x83\x80\x80\x80\x40\x31\x32\x33\x34");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x00\x09\x83\x80\x80\x80\x40\x31\x32\x33\x34");

// binary-leb128.wast:602
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x0b\x01\x60\x82\x80\x80\x80\x10\x7f\x7e\x01\x7f");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x0b\x01\x60\x82\x80\x80\x80\x10\x7f\x7e\x01\x7f");

// binary-leb128.wast:614
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x0b\x01\x60\x02\x7f\x7e\x81\x80\x80\x80\x40\x7f");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x0b\x01\x60\x02\x7f\x7e\x81\x80\x80\x80\x40\x7f");

// binary-leb128.wast:626
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x88\x80\x80\x80\x10\x73\x70\x65\x63\x74\x65\x73\x74\x09\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x00");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x88\x80\x80\x80\x10\x73\x70\x65\x63\x74\x65\x73\x74\x09\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x00");

// binary-leb128.wast:641
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x08\x73\x70\x65\x63\x74\x65\x73\x74\x89\x80\x80\x80\x40\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x00");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x08\x73\x70\x65\x63\x74\x65\x73\x74\x89\x80\x80\x80\x40\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x00");

// binary-leb128.wast:656
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x08\x73\x70\x65\x63\x74\x65\x73\x74\x09\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x80\x80\x80\x80\x10");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x05\x01\x60\x01\x7f\x00\x02\x1a\x01\x08\x73\x70\x65\x63\x74\x65\x73\x74\x09\x70\x72\x69\x6e\x74\x5f\x69\x33\x32\x00\x80\x80\x80\x80\x10");

// binary-leb128.wast:671
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x06\x01\x80\x80\x80\x80\x10\x0a\x04\x01\x02\x00\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x06\x01\x80\x80\x80\x80\x10\x0a\x04\x01\x02\x00\x0b");

// binary-leb128.wast:684
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x07\x0a\x01\x82\x80\x80\x80\x10\x66\x31\x00\x00\x0a\x04\x01\x02\x00\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x07\x0a\x01\x82\x80\x80\x80\x10\x66\x31\x00\x00\x0a\x04\x01\x02\x00\x0b");

// binary-leb128.wast:700
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x07\x0a\x01\x02\x66\x31\x00\x80\x80\x80\x80\x10\x0a\x04\x01\x02\x00\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x07\x0a\x01\x02\x66\x31\x00\x80\x80\x80\x80\x10\x0a\x04\x01\x02\x00\x0b");

// binary-leb128.wast:716
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x0a\x08\x81\x80\x80\x80\x10\x02\x00\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x0a\x08\x81\x80\x80\x80\x10\x02\x00\x0b");

// binary-leb128.wast:729
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x02\x82\x80\x80\x80\x10\x1a\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x02\x82\x80\x80\x80\x10\x1a\x0b");

// binary-leb128.wast:748
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x02\x82\x80\x80\x80\x40\x1a\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x02\x82\x80\x80\x80\x40\x1a\x0b");

// binary-leb128.wast:767
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x82\x80\x80\x80\x10\x00\x1a\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x82\x80\x80\x80\x10\x00\x1a\x0b");

// binary-leb128.wast:785
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x82\x80\x80\x80\x40\x00\x1a\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x10\x01\x0e\x01\x01\x7f\x41\x00\x28\x82\x80\x80\x80\x40\x00\x1a\x0b");

// binary-leb128.wast:804
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x82\x80\x80\x80\x10\x03\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x82\x80\x80\x80\x10\x03\x0b");

// binary-leb128.wast:823
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x82\x80\x80\x80\x40\x03\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x82\x80\x80\x80\x40\x03\x0b");

// binary-leb128.wast:842
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x02\x82\x80\x80\x80\x10\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x02\x82\x80\x80\x80\x10\x0b");

// binary-leb128.wast:861
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x02\x82\x80\x80\x80\x40\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x05\x03\x01\x00\x01\x0a\x11\x01\x0f\x01\x01\x7f\x41\x00\x41\x03\x36\x02\x82\x80\x80\x80\x40\x0b");

// binary-leb128.wast:883
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\x80\x80\x80\x80\x70\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\x80\x80\x80\x80\x70\x0b");

// binary-leb128.wast:893
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\xff\xff\xff\xff\x0f\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\xff\xff\xff\xff\x0f\x0b");

// binary-leb128.wast:903
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\x80\x80\x80\x80\x1f\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\x80\x80\x80\x80\x1f\x0b");

// binary-leb128.wast:913
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\xff\xff\xff\xff\x4f\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0a\x01\x7f\x00\x41\xff\xff\xff\xff\x4f\x0b");

// binary-leb128.wast:924
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\x80\x80\x80\x80\x80\x80\x80\x80\x80\x7e\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\x80\x80\x80\x80\x80\x80\x80\x80\x80\x7e\x0b");

// binary-leb128.wast:934
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x0b");

// binary-leb128.wast:944
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\x80\x80\x80\x80\x80\x80\x80\x80\x80\x02\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\x80\x80\x80\x80\x80\x80\x80\x80\x80\x02\x0b");

// binary-leb128.wast:954
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\xff\xff\xff\xff\xff\xff\xff\xff\xff\x41\x0b");
assert_malformed("\x00\x61\x73\x6d\x01\x00\x00\x00\x06\x0f\x01\x7e\x00\x42\xff\xff\xff\xff\xff\xff\xff\xff\xff\x41\x0b");

// binary-leb128.wast:966
// FIXME: Improve wasm binary test coverage.
// https://bugs.webkit.org/show_bug.cgi?id=204843
// https://bugs.webkit.org/show_bug.cgi?id=173471
// FIXME: Implement non-trapping float to int conversions.
// let $26 = instance("\x00\x61\x73\x6d\x01\x00\x00\x00\x01\x04\x01\x60\x00\x00\x03\x02\x01\x00\x0a\x1b\x01\x19\x00\x00\xfc\x80\x00\x00\xfc\x81\x80\x00\x00\xfc\x86\x80\x80\x00\x00\xfc\x87\x80\x80\x80\x00\x00\x0b");

// binary-leb128.wast:986
Expand Down

0 comments on commit 25be2dc

Please sign in to comment.