Fix table idx resolving in op call_indirect/return_call_indirect (#3726)

The table index in the call_indirect/return_call_indirect opcode should be one byte 0x00 when ref-types/GC isn't enabled, and should be treated as leb u32 when ref-types/GC is enabled. And make aot compiler bail out if ref-types/GC is disabled by command line argument while ref-types instructions are used.
2024-08-19 10:57:36 +08:00
parent 88caa0c53a
commit 97c95a2e2f
4 changed files with 30 additions and 8 deletions
--- a/core/iwasm/compilation/aot_llvm.c
+++ b/core/iwasm/compilation/aot_llvm.c
@ -3108,6 +3108,16 @@ aot_create_comp_context(const AOTCompData *comp_data, aot_comp_option_t option)
        goto fail;
    }

+    /* Return error if ref-types and GC are disabled by command line but
+       ref-types instructions are used */
+    if (!option->enable_ref_types && !option->enable_gc
+        && wasm_module->is_ref_types_used) {
+        aot_set_last_error("ref-types instruction was found, "
+                           "try removing --disable-ref-types option "
+                           "or adding --enable-gc option.");
+        goto fail;
+    }
+
    /* Disable features when they are not actually used */
    if (!wasm_module->is_simd_used) {
        option->enable_simd = comp_ctx->enable_simd = false;
--- a/core/iwasm/interpreter/wasm_interp_classic.c
+++ b/core/iwasm/interpreter/wasm_interp_classic.c
@ -2281,8 +2281,15 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
                bh_assert(tidx < module->module->type_count);
                cur_type = wasm_types[tidx];

+                /* clang-format off */
+#if WASM_ENABLE_REF_TYPES != 0 || WASM_ENABLE_GC != 0
                read_leb_uint32(frame_ip, frame_ip_end, tbl_idx);
+#else
+                frame_ip++;
+                tbl_idx = 0;
+#endif
                bh_assert(tbl_idx < module->table_count);
+                /* clang-format on */

                tbl_inst = wasm_get_table_inst(module, tbl_idx);

--- a/core/iwasm/interpreter/wasm_loader.c
+++ b/core/iwasm/interpreter/wasm_loader.c
@ -7149,10 +7149,10 @@ wasm_loader_find_block_addr(WASMExecEnv *exec_env, BlockAddr *block_addr_cache,
            case WASM_OP_RETURN_CALL_INDIRECT:
 #endif
                skip_leb_uint32(p, p_end); /* typeidx */
-#if WASM_ENABLE_REF_TYPES == 0 && WASM_ENABLE_GC == 0
-                u8 = read_uint8(p); /* 0x00 */
-#else
+#if WASM_ENABLE_REF_TYPES != 0 || WASM_ENABLE_GC != 0
                skip_leb_uint32(p, p_end); /* tableidx */
+#else
+                u8 = read_uint8(p); /* 0x00 */
 #endif
                break;

@ -12005,10 +12005,12 @@ re_scan:
                read_leb_uint32(p, p_end, type_idx);
 #if WASM_ENABLE_REF_TYPES != 0 || WASM_ENABLE_GC != 0
 #if WASM_ENABLE_WAMR_COMPILER != 0
-                if (*p != 0x00) {
-                    // Any non-0x00 byte requires the ref types proposal.
-                    // This is different from checking the table_idx value
-                    // since `0x80 0x00` etc. are all valid encodings of zero.
+                if (p + 1 < p_end && *p != 0x00) {
+                    /*
+                     * Any non-0x00 byte requires the ref types proposal.
+                     * This is different from checking the table_idx value
+                     * since `0x80 0x00` etc. are all valid encodings of zero.
+                     */
                    module->is_ref_types_used = true;
                }
 #endif
--- a/core/iwasm/interpreter/wasm_mini_loader.c
+++ b/core/iwasm/interpreter/wasm_mini_loader.c
@ -3501,8 +3501,11 @@ wasm_loader_find_block_addr(WASMExecEnv *exec_env, BlockAddr *block_addr_cache,
            case WASM_OP_RETURN_CALL_INDIRECT:
 #endif
                skip_leb_uint32(p, p_end); /* typeidx */
-                CHECK_BUF(p, p_end, 1);
+#if WASM_ENABLE_REF_TYPES != 0
+                skip_leb_uint32(p, p_end); /* tableidx */
+#else
                u8 = read_uint8(p); /* 0x00 */
+#endif
                break;

 #if WASM_ENABLE_EXCE_HANDLING != 0