summaryrefslogtreecommitdiffstats
path: root/third_party/rust/wasm-smith/src
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/rust/wasm-smith/src')
-rw-r--r--third_party/rust/wasm-smith/src/component.rs17
-rw-r--r--third_party/rust/wasm-smith/src/config.rs9
-rw-r--r--third_party/rust/wasm-smith/src/core.rs202
-rw-r--r--third_party/rust/wasm-smith/src/core/code_builder.rs77
-rw-r--r--third_party/rust/wasm-smith/src/core/code_builder/no_traps.rs10
-rw-r--r--third_party/rust/wasm-smith/src/core/terminate.rs1
-rw-r--r--third_party/rust/wasm-smith/src/lib.rs6
7 files changed, 262 insertions, 60 deletions
diff --git a/third_party/rust/wasm-smith/src/component.rs b/third_party/rust/wasm-smith/src/component.rs
index 7a85b2bf10..35bf93231b 100644
--- a/third_party/rust/wasm-smith/src/component.rs
+++ b/third_party/rust/wasm-smith/src/component.rs
@@ -952,6 +952,7 @@ impl ComponentBuilder {
Ok(crate::core::GlobalType {
val_type: self.arbitrary_core_valtype(u)?,
mutable: u.arbitrary()?,
+ shared: false,
})
}
@@ -1308,8 +1309,8 @@ impl ComponentBuilder {
6 => Ok(PrimitiveValType::U32),
7 => Ok(PrimitiveValType::S64),
8 => Ok(PrimitiveValType::U64),
- 9 => Ok(PrimitiveValType::Float32),
- 10 => Ok(PrimitiveValType::Float64),
+ 9 => Ok(PrimitiveValType::F32),
+ 10 => Ok(PrimitiveValType::F64),
11 => Ok(PrimitiveValType::Char),
12 => Ok(PrimitiveValType::String),
_ => unreachable!(),
@@ -1773,8 +1774,8 @@ fn canonical_abi_for(func_ty: &FuncType) -> Rc<crate::core::FuncType> {
| PrimitiveValType::S32
| PrimitiveValType::U32 => ValType::I32,
PrimitiveValType::S64 | PrimitiveValType::U64 => ValType::I64,
- PrimitiveValType::Float32 => ValType::F32,
- PrimitiveValType::Float64 => ValType::F64,
+ PrimitiveValType::F32 => ValType::F32,
+ PrimitiveValType::F64 => ValType::F64,
PrimitiveValType::String => {
unimplemented!("non-scalar types are not supported yet")
}
@@ -1819,8 +1820,8 @@ fn inverse_scalar_canonical_abi_for(
ComponentValType::Primitive(PrimitiveValType::U64),
])
.cloned(),
- ValType::F32 => Ok(ComponentValType::Primitive(PrimitiveValType::Float32)),
- ValType::F64 => Ok(ComponentValType::Primitive(PrimitiveValType::Float64)),
+ ValType::F32 => Ok(ComponentValType::Primitive(PrimitiveValType::F32)),
+ ValType::F64 => Ok(ComponentValType::Primitive(PrimitiveValType::F64)),
ValType::V128 | ValType::Ref(_) => {
unreachable!("not used in canonical ABI")
}
@@ -2055,8 +2056,8 @@ fn is_scalar(ty: &ComponentValType) -> bool {
| PrimitiveValType::U32
| PrimitiveValType::S64
| PrimitiveValType::U64
- | PrimitiveValType::Float32
- | PrimitiveValType::Float64
+ | PrimitiveValType::F32
+ | PrimitiveValType::F64
| PrimitiveValType::Char => true,
PrimitiveValType::String => false,
},
diff --git a/third_party/rust/wasm-smith/src/config.rs b/third_party/rust/wasm-smith/src/config.rs
index 43dbecceb8..57bd25be24 100644
--- a/third_party/rust/wasm-smith/src/config.rs
+++ b/third_party/rust/wasm-smith/src/config.rs
@@ -313,6 +313,12 @@ define_config! {
/// Defaults to `false`.
pub gc_enabled: bool = false,
+ /// Determines whether the custom-page-sizes proposal is enabled when
+ /// generating a Wasm module.
+ ///
+ /// Defaults to `false`.
+ pub custom_page_sizes_enabled: bool = false,
+
/// Returns whether we should generate custom sections or not. Defaults
/// to false.
pub generate_custom_sections: bool = false,
@@ -681,6 +687,7 @@ impl<'a> Arbitrary<'a> for Config {
},
table_max_size_required: u.arbitrary()?,
max_table_elements: u.int_in_range(0..=1_000_000)?,
+ disallow_traps: u.arbitrary()?,
// These fields, unlike the ones above, are less useful to set.
// They either make weird inputs or are for features not widely
@@ -712,9 +719,9 @@ impl<'a> Arbitrary<'a> for Config {
exports: None,
threads_enabled: false,
export_everything: false,
- disallow_traps: false,
tail_call_enabled: false,
gc_enabled: false,
+ custom_page_sizes_enabled: false,
generate_custom_sections: false,
allow_invalid_funcs: false,
})
diff --git a/third_party/rust/wasm-smith/src/core.rs b/third_party/rust/wasm-smith/src/core.rs
index 194d2101ae..db9bb2e546 100644
--- a/third_party/rust/wasm-smith/src/core.rs
+++ b/third_party/rust/wasm-smith/src/core.rs
@@ -146,6 +146,11 @@ pub struct Module {
/// What the maximum type index that can be referenced is.
max_type_limit: MaxTypeLimit,
+
+ /// Some known-interesting values, such as powers of two, values just before
+ /// or just after a memory size, etc...
+ interesting_values32: Vec<u32>,
+ interesting_values64: Vec<u64>,
}
impl<'a> Arbitrary<'a> for Module {
@@ -232,16 +237,13 @@ impl Module {
export_names: HashSet::new(),
const_expr_choices: Vec::new(),
max_type_limit: MaxTypeLimit::ModuleTypes,
+ interesting_values32: Vec::new(),
+ interesting_values64: Vec::new(),
}
}
}
#[derive(Clone, Debug, PartialEq, Eq, Hash)]
-pub(crate) struct RecGroup {
- pub(crate) types: Vec<SubType>,
-}
-
-#[derive(Clone, Debug, PartialEq, Eq, Hash)]
pub(crate) struct SubType {
pub(crate) is_final: bool,
pub(crate) supertype: Option<u32>,
@@ -494,6 +496,8 @@ impl Module {
matches!(self.ty(b).composite_type, CompositeType::Func(_))
}
+ (HT::NoExn, HT::Exn) => true,
+
// Nothing else matches. (Avoid full wildcard matches so that
// adding/modifying variants is easier in the future.)
(HT::Concrete(_), _)
@@ -506,11 +510,9 @@ impl Module {
| (HT::Eq, _)
| (HT::Struct, _)
| (HT::Array, _)
- | (HT::I31, _) => false,
-
- // TODO: `exn` probably will be its own type hierarchy and will
- // probably get `noexn` as well.
- (HT::Exn, _) => false,
+ | (HT::I31, _)
+ | (HT::Exn, _)
+ | (HT::NoExn, _) => false,
}
}
@@ -779,7 +781,7 @@ impl Module {
HT::Extern => {
choices.push(HT::NoExtern);
}
- HT::Exn | HT::None | HT::NoExtern | HT::NoFunc => {}
+ HT::Exn | HT::NoExn | HT::None | HT::NoExtern | HT::NoFunc => {}
}
Ok(*u.choose(&choices)?)
}
@@ -858,6 +860,9 @@ impl Module {
choices.extend(self.func_types.iter().copied().map(HT::Concrete));
choices.push(HT::Func);
}
+ HT::NoExn => {
+ choices.push(HT::Exn);
+ }
HT::Concrete(mut idx) => {
match &self
.types
@@ -1422,6 +1427,7 @@ impl Module {
Ok(GlobalType {
val_type: self.arbitrary_valtype(u)?,
mutable: u.arbitrary()?,
+ shared: false,
})
}
@@ -1645,6 +1651,7 @@ impl Module {
wasmparser::HeapType::Array => HeapType::Array,
wasmparser::HeapType::I31 => HeapType::I31,
wasmparser::HeapType::Exn => HeapType::Exn,
+ wasmparser::HeapType::NoExn => HeapType::NoExn,
}
}
@@ -1754,6 +1761,7 @@ impl Module {
GlobalType {
val_type: convert_val_type(&global_type.content_type),
mutable: global_type.mutable,
+ shared: global_type.shared,
},
u,
)?,
@@ -2039,6 +2047,8 @@ impl Module {
}
fn arbitrary_code(&mut self, u: &mut Unstructured) -> Result<()> {
+ self.compute_interesting_values();
+
self.code.reserve(self.num_defined_funcs);
let mut allocs = CodeBuilderAllocations::new(self, self.config.exports.is_some());
for (_, ty) in self.funcs[self.funcs.len() - self.num_defined_funcs..].iter() {
@@ -2224,6 +2234,170 @@ impl Module {
}
})
}
+
+ fn compute_interesting_values(&mut self) {
+ debug_assert!(self.interesting_values32.is_empty());
+ debug_assert!(self.interesting_values64.is_empty());
+
+ let mut interesting_values32 = HashSet::new();
+ let mut interesting_values64 = HashSet::new();
+
+ let mut interesting = |val: u64| {
+ interesting_values32.insert(val as u32);
+ interesting_values64.insert(val);
+ };
+
+ // Zero is always interesting.
+ interesting(0);
+
+ // Max values are always interesting.
+ interesting(u8::MAX as _);
+ interesting(u16::MAX as _);
+ interesting(u32::MAX as _);
+ interesting(u64::MAX);
+
+ // Min values are always interesting.
+ interesting(i8::MIN as _);
+ interesting(i16::MIN as _);
+ interesting(i32::MIN as _);
+ interesting(i64::MIN as _);
+
+ for i in 0..64 {
+ // Powers of two.
+ interesting(1 << i);
+
+ // Inverted powers of two.
+ interesting(!(1 << i));
+
+ // Powers of two minus one, AKA high bits unset and low bits set.
+ interesting((1 << i) - 1);
+
+ // Negative powers of two, AKA high bits set and low bits unset.
+ interesting(((1_i64 << 63) >> i) as _);
+ }
+
+ // Some repeating bit patterns.
+ for pattern in [0b01010101, 0b00010001, 0b00010001, 0b00000001] {
+ for b in [pattern, !pattern] {
+ interesting(u64::from_ne_bytes([b, b, b, b, b, b, b, b]));
+ }
+ }
+
+ // Interesting float values.
+ let mut interesting_f64 = |x: f64| interesting(x.to_bits());
+ interesting_f64(0.0);
+ interesting_f64(-0.0);
+ interesting_f64(f64::INFINITY);
+ interesting_f64(f64::NEG_INFINITY);
+ interesting_f64(f64::EPSILON);
+ interesting_f64(-f64::EPSILON);
+ interesting_f64(f64::MIN);
+ interesting_f64(f64::MIN_POSITIVE);
+ interesting_f64(f64::MAX);
+ interesting_f64(f64::NAN);
+ let mut interesting_f32 = |x: f32| interesting(x.to_bits() as _);
+ interesting_f32(0.0);
+ interesting_f32(-0.0);
+ interesting_f32(f32::INFINITY);
+ interesting_f32(f32::NEG_INFINITY);
+ interesting_f32(f32::EPSILON);
+ interesting_f32(-f32::EPSILON);
+ interesting_f32(f32::MIN);
+ interesting_f32(f32::MIN_POSITIVE);
+ interesting_f32(f32::MAX);
+ interesting_f32(f32::NAN);
+
+ // Interesting values related to table bounds.
+ for t in self.tables.iter() {
+ interesting(t.minimum as _);
+ if let Some(x) = t.minimum.checked_add(1) {
+ interesting(x as _);
+ }
+
+ if let Some(x) = t.maximum {
+ interesting(x as _);
+ if let Some(y) = x.checked_add(1) {
+ interesting(y as _);
+ }
+ }
+ }
+
+ // Interesting values related to memory bounds.
+ for m in self.memories.iter() {
+ let min = m.minimum.saturating_mul(crate::page_size(m).into());
+ interesting(min);
+ for i in 0..5 {
+ if let Some(x) = min.checked_add(1 << i) {
+ interesting(x);
+ }
+ if let Some(x) = min.checked_sub(1 << i) {
+ interesting(x);
+ }
+ }
+
+ if let Some(max) = m.maximum {
+ let max = max.saturating_mul(crate::page_size(m).into());
+ interesting(max);
+ for i in 0..5 {
+ if let Some(x) = max.checked_add(1 << i) {
+ interesting(x);
+ }
+ if let Some(x) = max.checked_sub(1 << i) {
+ interesting(x);
+ }
+ }
+ }
+ }
+
+ self.interesting_values32.extend(interesting_values32);
+ self.interesting_values64.extend(interesting_values64);
+
+ // Sort for determinism.
+ self.interesting_values32.sort();
+ self.interesting_values64.sort();
+ }
+
+ fn arbitrary_const_instruction(
+ &self,
+ ty: ValType,
+ u: &mut Unstructured<'_>,
+ ) -> Result<Instruction> {
+ debug_assert!(self.interesting_values32.len() > 0);
+ debug_assert!(self.interesting_values64.len() > 0);
+ match ty {
+ ValType::I32 => Ok(Instruction::I32Const(if u.arbitrary()? {
+ *u.choose(&self.interesting_values32)? as i32
+ } else {
+ u.arbitrary()?
+ })),
+ ValType::I64 => Ok(Instruction::I64Const(if u.arbitrary()? {
+ *u.choose(&self.interesting_values64)? as i64
+ } else {
+ u.arbitrary()?
+ })),
+ ValType::F32 => Ok(Instruction::F32Const(if u.arbitrary()? {
+ f32::from_bits(*u.choose(&self.interesting_values32)?)
+ } else {
+ u.arbitrary()?
+ })),
+ ValType::F64 => Ok(Instruction::F64Const(if u.arbitrary()? {
+ f64::from_bits(*u.choose(&self.interesting_values64)?)
+ } else {
+ u.arbitrary()?
+ })),
+ ValType::V128 => Ok(Instruction::V128Const(if u.arbitrary()? {
+ let upper = (*u.choose(&self.interesting_values64)? as i128) << 64;
+ let lower = *u.choose(&self.interesting_values64)? as i128;
+ upper | lower
+ } else {
+ u.arbitrary()?
+ })),
+ ValType::Ref(ty) => {
+ assert!(ty.nullable);
+ Ok(Instruction::RefNull(ty.heap_type))
+ }
+ }
+ }
}
pub(crate) fn arbitrary_limits32(
@@ -2344,6 +2518,11 @@ pub(crate) fn arbitrary_memtype(u: &mut Unstructured, config: &Config) -> Result
// We want to favor memories <= 1gb in size, allocate at most 16k pages,
// depending on the maximum number of memories.
let memory64 = config.memory64_enabled && u.arbitrary()?;
+ let page_size = if config.custom_page_sizes_enabled && u.arbitrary()? {
+ Some(1 << u.int_in_range(0..=16)?)
+ } else {
+ None
+ };
let max_inbounds = 16 * 1024 / u64::try_from(config.max_memories).unwrap();
let min_pages = if config.disallow_traps { Some(1) } else { None };
let max_pages = min_pages.unwrap_or(0).max(if memory64 {
@@ -2363,6 +2542,7 @@ pub(crate) fn arbitrary_memtype(u: &mut Unstructured, config: &Config) -> Result
maximum,
memory64,
shared,
+ page_size_log2: page_size,
})
}
diff --git a/third_party/rust/wasm-smith/src/core/code_builder.rs b/third_party/rust/wasm-smith/src/core/code_builder.rs
index a55c5aafda..150572d930 100644
--- a/third_party/rust/wasm-smith/src/core/code_builder.rs
+++ b/third_party/rust/wasm-smith/src/core/code_builder.rs
@@ -870,6 +870,7 @@ impl CodeBuilderAllocations {
module.globals.push(GlobalType {
val_type: ty,
mutable: true,
+ shared: false,
});
module.defined_globals.push((global_idx, init));
@@ -1435,7 +1436,7 @@ impl CodeBuilder<'_> {
}
operands = &[];
}
- instructions.push(arbitrary_val(*expected, u));
+ instructions.push(module.arbitrary_const_instruction(*expected, u)?);
}
Ok(())
}
@@ -1544,20 +1545,6 @@ impl CodeBuilder<'_> {
}
}
-fn arbitrary_val(ty: ValType, u: &mut Unstructured<'_>) -> Instruction {
- match ty {
- ValType::I32 => Instruction::I32Const(u.arbitrary().unwrap_or(0)),
- ValType::I64 => Instruction::I64Const(u.arbitrary().unwrap_or(0)),
- ValType::F32 => Instruction::F32Const(u.arbitrary().unwrap_or(0.0)),
- ValType::F64 => Instruction::F64Const(u.arbitrary().unwrap_or(0.0)),
- ValType::V128 => Instruction::V128Const(u.arbitrary().unwrap_or(0)),
- ValType::Ref(ty) => {
- assert!(ty.nullable);
- Instruction::RefNull(ty.heap_type)
- }
- }
-}
-
#[inline]
fn unreachable_valid(module: &Module, _: &mut CodeBuilder) -> bool {
!module.config.disallow_traps
@@ -1617,13 +1604,24 @@ fn try_table(
let i = i as u32;
let label_types = ctrl.label_types();
+
+ // Empty labels are candidates for a `catch_all` since nothing is
+ // pushed in that case.
if label_types.is_empty() {
catch_options.push(Box::new(move |_, _| Ok(Catch::All { label: i })));
}
+
+ // Labels with just an `externref` are suitable for `catch_all_refs`,
+ // which first pushes nothing since there's no tag and then pushes
+ // the caught exception value.
if label_types == [ValType::EXNREF] {
catch_options.push(Box::new(move |_, _| Ok(Catch::AllRef { label: i })));
}
+ // If there is a tag which exactly matches the types of the label we're
+ // looking at then that tag can be used as part of a `catch` branch.
+ // That tag's parameters, which are the except values, are pushed
+ // for the label.
if builder.allocs.tags.contains_key(label_types) {
let label_types = label_types.to_vec();
catch_options.push(Box::new(move |u, builder| {
@@ -1634,15 +1632,20 @@ fn try_table(
}));
}
- let mut label_types_with_exnref = label_types.to_vec();
- label_types_with_exnref.push(ValType::EXNREF);
- if builder.allocs.tags.contains_key(&label_types_with_exnref) {
- catch_options.push(Box::new(move |u, builder| {
- Ok(Catch::OneRef {
- tag: *u.choose(&builder.allocs.tags[&label_types_with_exnref])?,
- label: i,
- })
- }));
+ // And finally the last type of catch label, `catch_ref`. If the label
+ // ends with `exnref`, then use everything except the last `exnref` to
+ // see if there's a matching tag. If so then `catch_ref` can be used
+ // with that tag when branching to this label.
+ if let Some((&ValType::EXNREF, rest)) = label_types.split_last() {
+ if builder.allocs.tags.contains_key(rest) {
+ let rest = rest.to_vec();
+ catch_options.push(Box::new(move |u, builder| {
+ Ok(Catch::OneRef {
+ tag: *u.choose(&builder.allocs.tags[&rest])?,
+ label: i,
+ })
+ }));
+ }
}
}
@@ -3403,49 +3406,45 @@ fn data_drop(
fn i32_const(
u: &mut Unstructured,
- _module: &Module,
+ module: &Module,
builder: &mut CodeBuilder,
instructions: &mut Vec<Instruction>,
) -> Result<()> {
- let x = u.arbitrary()?;
builder.push_operands(&[ValType::I32]);
- instructions.push(Instruction::I32Const(x));
+ instructions.push(module.arbitrary_const_instruction(ValType::I32, u)?);
Ok(())
}
fn i64_const(
u: &mut Unstructured,
- _module: &Module,
+ module: &Module,
builder: &mut CodeBuilder,
instructions: &mut Vec<Instruction>,
) -> Result<()> {
- let x = u.arbitrary()?;
builder.push_operands(&[ValType::I64]);
- instructions.push(Instruction::I64Const(x));
+ instructions.push(module.arbitrary_const_instruction(ValType::I64, u)?);
Ok(())
}
fn f32_const(
u: &mut Unstructured,
- _module: &Module,
+ module: &Module,
builder: &mut CodeBuilder,
instructions: &mut Vec<Instruction>,
) -> Result<()> {
- let x = u.arbitrary()?;
builder.push_operands(&[ValType::F32]);
- instructions.push(Instruction::F32Const(x));
+ instructions.push(module.arbitrary_const_instruction(ValType::F32, u)?);
Ok(())
}
fn f64_const(
u: &mut Unstructured,
- _module: &Module,
+ module: &Module,
builder: &mut CodeBuilder,
instructions: &mut Vec<Instruction>,
) -> Result<()> {
- let x = u.arbitrary()?;
builder.push_operands(&[ValType::F64]);
- instructions.push(Instruction::F64Const(x));
+ instructions.push(module.arbitrary_const_instruction(ValType::F64, u)?);
Ok(())
}
@@ -5204,10 +5203,12 @@ fn memory_offset(u: &mut Unstructured, module: &Module, memory_index: u32) -> Re
assert!(a + b + c != 0);
let memory_type = &module.memories[memory_index as usize];
- let min = memory_type.minimum.saturating_mul(65536);
+ let min = memory_type
+ .minimum
+ .saturating_mul(crate::page_size(memory_type).into());
let max = memory_type
.maximum
- .map(|max| max.saturating_mul(65536))
+ .map(|max| max.saturating_mul(crate::page_size(memory_type).into()))
.unwrap_or(u64::MAX);
let (min, max, true_max) = match (memory_type.memory64, module.config.disallow_traps) {
diff --git a/third_party/rust/wasm-smith/src/core/code_builder/no_traps.rs b/third_party/rust/wasm-smith/src/core/code_builder/no_traps.rs
index 4f8b31ca9f..5ced1fa391 100644
--- a/third_party/rust/wasm-smith/src/core/code_builder/no_traps.rs
+++ b/third_party/rust/wasm-smith/src/core/code_builder/no_traps.rs
@@ -37,7 +37,10 @@ pub(crate) fn load<'a>(
// []
insts.push(Instruction::MemorySize(memarg.memory_index));
// [mem_size_in_pages:address_type]
- insts.push(int_const_inst(address_type, 65_536));
+ insts.push(int_const_inst(
+ address_type,
+ crate::page_size(memory).into(),
+ ));
// [mem_size_in_pages:address_type wasm_page_size:address_type]
insts.push(int_mul_inst(address_type));
// [mem_size_in_bytes:address_type]
@@ -116,7 +119,10 @@ pub(crate) fn store<'a>(
// []
insts.push(Instruction::MemorySize(memarg.memory_index));
// [mem_size_in_pages:address_type]
- insts.push(int_const_inst(address_type, 65_536));
+ insts.push(int_const_inst(
+ address_type,
+ crate::page_size(memory).into(),
+ ));
// [mem_size_in_pages:address_type wasm_page_size:address_type]
insts.push(int_mul_inst(address_type));
// [mem_size_in_bytes:address_type]
diff --git a/third_party/rust/wasm-smith/src/core/terminate.rs b/third_party/rust/wasm-smith/src/core/terminate.rs
index 7983c35be6..33aff2639c 100644
--- a/third_party/rust/wasm-smith/src/core/terminate.rs
+++ b/third_party/rust/wasm-smith/src/core/terminate.rs
@@ -23,6 +23,7 @@ impl Module {
self.globals.push(GlobalType {
val_type: ValType::I32,
mutable: true,
+ shared: false,
});
self.defined_globals
.push((fuel_global, ConstExpr::i32_const(default_fuel as i32)));
diff --git a/third_party/rust/wasm-smith/src/lib.rs b/third_party/rust/wasm-smith/src/lib.rs
index b985791aae..59d4ddb640 100644
--- a/third_party/rust/wasm-smith/src/lib.rs
+++ b/third_party/rust/wasm-smith/src/lib.rs
@@ -63,10 +63,16 @@ use arbitrary::{Result, Unstructured};
pub use component::Component;
pub use config::{Config, MemoryOffsetChoices};
use std::{collections::HashSet, fmt::Write, str};
+use wasm_encoder::MemoryType;
#[cfg(feature = "_internal_cli")]
pub use config::InternalOptionalConfig;
+pub(crate) fn page_size(mem: &MemoryType) -> u32 {
+ const DEFAULT_WASM_PAGE_SIZE: u32 = 65_536;
+ mem.page_size_log2.unwrap_or(DEFAULT_WASM_PAGE_SIZE)
+}
+
/// Do something an arbitrary number of times.
///
/// The callback can return `false` to exit the loop early.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-23 00:06:24 +0000