Fix ExpressionRunner issues found by the fuzzer (#2790)

dcodeIO · web-flow · commit 420d0aea0b1e · 2020-04-23T12:44:36.000-07:00
Fixes #2788 found by the fuzzer, introduced in #2702, which turned out to be incorrect usage of std::move, by removing any std::moves introduced in that PR to be better safe than sorry. Also fixes problems with WASM_INTERPRETER_DEBUG spotted during debugging.
diff --git a/src/passes/Precompute.cpp b/src/passes/Precompute.cpp
@@ -79,7 +79,7 @@ class PrecomputingExpressionRunner
     if (iter != getValues.end()) {
       auto values = iter->second;
       if (values.isConcrete()) {
-        return Flow(std::move(values));
+        return Flow(values);
       }
     }
     return ExpressionRunner<PrecomputingExpressionRunner>::visitLocalGet(curr);
diff --git a/src/wasm-interpreter.h b/src/wasm-interpreter.h
@@ -1252,7 +1252,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {
     // Check if a constant value has been set in the context of this runner.
     auto iter = localValues.find(curr->index);
     if (iter != localValues.end()) {
-      return Flow(std::move(iter->second));
+      return Flow(iter->second);
     }
     return Flow(NONCONSTANT_FLOW);
   }
@@ -1288,7 +1288,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {
     // Check if a constant value has been set in the context of this runner.
     auto iter = globalValues.find(curr->name);
     if (iter != globalValues.end()) {
-      return Flow(std::move(iter->second));
+      return Flow(iter->second);
     }
     return Flow(NONCONSTANT_FLOW);
   }
@@ -1327,13 +1327,13 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {
             auto argFlow = visit(curr->operands[i]);
             if (!argFlow.breaking()) {
               assert(argFlow.values.isConcrete());
-              localValues[i] = std::move(argFlow.values);
+              localValues[i] = argFlow.values;
             }
           }
           auto retFlow = visit(func->body);
-          localValues = std::move(prevLocalValues);
+          localValues = prevLocalValues;
           if (retFlow.breakTo == RETURN_FLOW) {
-            return Flow(std::move(retFlow.values));
+            return Flow(retFlow.values);
           } else if (!retFlow.breaking()) {
             return retFlow;
           }
@@ -1343,7 +1343,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {
     return Flow(NONCONSTANT_FLOW);
   }
 
-  Flow visitCallIndirect(CallIndirect*) {
+  Flow visitCallIndirect(CallIndirect* curr) {
     NOTE_ENTER("CallIndirect");
     return Flow(NONCONSTANT_FLOW);
   }
@@ -1375,39 +1375,39 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {
     NOTE_ENTER("MemoryFill");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitAtomicRMW(AtomicRMW*) {
+  Flow visitAtomicRMW(AtomicRMW* curr) {
     NOTE_ENTER("AtomicRMW");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitAtomicCmpxchg(AtomicCmpxchg*) {
+  Flow visitAtomicCmpxchg(AtomicCmpxchg* curr) {
     NOTE_ENTER("AtomicCmpxchg");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitAtomicWait(AtomicWait*) {
+  Flow visitAtomicWait(AtomicWait* curr) {
     NOTE_ENTER("AtomicWait");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitAtomicNotify(AtomicNotify*) {
+  Flow visitAtomicNotify(AtomicNotify* curr) {
     NOTE_ENTER("AtomicNotify");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitSIMDLoad(SIMDLoad*) {
+  Flow visitSIMDLoad(SIMDLoad* curr) {
     NOTE_ENTER("SIMDLoad");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitSIMDLoadSplat(SIMDLoad*) {
+  Flow visitSIMDLoadSplat(SIMDLoad* curr) {
     NOTE_ENTER("SIMDLoadSplat");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitSIMDLoadExtend(SIMDLoad*) {
+  Flow visitSIMDLoadExtend(SIMDLoad* curr) {
     NOTE_ENTER("SIMDLoadExtend");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitPush(Push*) {
+  Flow visitPush(Push* curr) {
     NOTE_ENTER("Push");
     return Flow(NONCONSTANT_FLOW);
   }
-  Flow visitPop(Pop*) {
+  Flow visitPop(Pop* curr) {
     NOTE_ENTER("Pop");
     return Flow(NONCONSTANT_FLOW);
   }
@@ -2470,7 +2470,8 @@ template<typename GlobalManager, typename SubType> class ModuleInstanceBase {
       functionStack.pop_back();
     }
 #ifdef WASM_INTERPRETER_DEBUG
-    std::cout << "exiting " << function->name << " with " << ret << '\n';
+    std::cout << "exiting " << function->name << " with " << flow.values
+              << '\n';
 #endif
     return flow.values;
   }
diff --git a/src/wasm-printing.h b/src/wasm-printing.h
@@ -53,6 +53,10 @@ inline std::ostream& operator<<(std::ostream& o, wasm::Expression& expression) {
   return wasm::WasmPrinter::printExpression(&expression, o);
 }
 
+inline std::ostream& operator<<(std::ostream& o, wasm::Expression* expression) {
+  return wasm::WasmPrinter::printExpression(expression, o);
+}
+
 inline std::ostream& operator<<(std::ostream& o, wasm::StackInst& inst) {
   return wasm::WasmPrinter::printStackInst(&inst, o);
 }

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ class PrecomputingExpressionRunner`
`79`	`79`	`if (iter != getValues.end()) {`
`80`	`80`	`auto values = iter->second;`
`81`	`81`	`if (values.isConcrete()) {`
`82`		`- return Flow(std::move(values));`
	`82`	`+ return Flow(values);`
`83`	`83`	`}`
`84`	`84`	`}`
`85`	`85`	`return ExpressionRunner<PrecomputingExpressionRunner>::visitLocalGet(curr);`
Original file line number	Diff line number	Diff line change
`@@ -1252,7 +1252,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {`
`1252`	`1252`	`// Check if a constant value has been set in the context of this runner.`
`1253`	`1253`	`auto iter = localValues.find(curr->index);`
`1254`	`1254`	`if (iter != localValues.end()) {`
`1255`		`- return Flow(std::move(iter->second));`
	`1255`	`+ return Flow(iter->second);`
`1256`	`1256`	`}`
`1257`	`1257`	`return Flow(NONCONSTANT_FLOW);`
`1258`	`1258`	`}`
`@@ -1288,7 +1288,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {`
`1288`	`1288`	`// Check if a constant value has been set in the context of this runner.`
`1289`	`1289`	`auto iter = globalValues.find(curr->name);`
`1290`	`1290`	`if (iter != globalValues.end()) {`
`1291`		`- return Flow(std::move(iter->second));`
	`1291`	`+ return Flow(iter->second);`
`1292`	`1292`	`}`
`1293`	`1293`	`return Flow(NONCONSTANT_FLOW);`
`1294`	`1294`	`}`
`@@ -1327,13 +1327,13 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {`
`1327`	`1327`	`auto argFlow = visit(curr->operands[i]);`
`1328`	`1328`	`if (!argFlow.breaking()) {`
`1329`	`1329`	`assert(argFlow.values.isConcrete());`
`1330`		`- localValues[i] = std::move(argFlow.values);`
	`1330`	`+ localValues[i] = argFlow.values;`
`1331`	`1331`	`}`
`1332`	`1332`	`}`
`1333`	`1333`	`auto retFlow = visit(func->body);`
`1334`		`- localValues = std::move(prevLocalValues);`
	`1334`	`+ localValues = prevLocalValues;`
`1335`	`1335`	`if (retFlow.breakTo == RETURN_FLOW) {`
`1336`		`- return Flow(std::move(retFlow.values));`
	`1336`	`+ return Flow(retFlow.values);`
`1337`	`1337`	`} else if (!retFlow.breaking()) {`
`1338`	`1338`	`return retFlow;`
`1339`	`1339`	`}`
`@@ -1343,7 +1343,7 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {`
`1343`	`1343`	`return Flow(NONCONSTANT_FLOW);`
`1344`	`1344`	`}`
`1345`	`1345`
`1346`		`- Flow visitCallIndirect(CallIndirect*) {`
	`1346`	`+ Flow visitCallIndirect(CallIndirect* curr) {`
`1347`	`1347`	`NOTE_ENTER("CallIndirect");`
`1348`	`1348`	`return Flow(NONCONSTANT_FLOW);`
`1349`	`1349`	`}`
`@@ -1375,39 +1375,39 @@ class ExpressionRunner : public OverriddenVisitor<SubType, Flow> {`
`1375`	`1375`	`NOTE_ENTER("MemoryFill");`
`1376`	`1376`	`return Flow(NONCONSTANT_FLOW);`
`1377`	`1377`	`}`
`1378`		`- Flow visitAtomicRMW(AtomicRMW*) {`
	`1378`	`+ Flow visitAtomicRMW(AtomicRMW* curr) {`
`1379`	`1379`	`NOTE_ENTER("AtomicRMW");`
`1380`	`1380`	`return Flow(NONCONSTANT_FLOW);`
`1381`	`1381`	`}`
`1382`		`- Flow visitAtomicCmpxchg(AtomicCmpxchg*) {`
	`1382`	`+ Flow visitAtomicCmpxchg(AtomicCmpxchg* curr) {`
`1383`	`1383`	`NOTE_ENTER("AtomicCmpxchg");`
`1384`	`1384`	`return Flow(NONCONSTANT_FLOW);`
`1385`	`1385`	`}`
`1386`		`- Flow visitAtomicWait(AtomicWait*) {`
	`1386`	`+ Flow visitAtomicWait(AtomicWait* curr) {`
`1387`	`1387`	`NOTE_ENTER("AtomicWait");`
`1388`	`1388`	`return Flow(NONCONSTANT_FLOW);`
`1389`	`1389`	`}`
`1390`		`- Flow visitAtomicNotify(AtomicNotify*) {`
	`1390`	`+ Flow visitAtomicNotify(AtomicNotify* curr) {`
`1391`	`1391`	`NOTE_ENTER("AtomicNotify");`
`1392`	`1392`	`return Flow(NONCONSTANT_FLOW);`
`1393`	`1393`	`}`
`1394`		`- Flow visitSIMDLoad(SIMDLoad*) {`
	`1394`	`+ Flow visitSIMDLoad(SIMDLoad* curr) {`
`1395`	`1395`	`NOTE_ENTER("SIMDLoad");`
`1396`	`1396`	`return Flow(NONCONSTANT_FLOW);`
`1397`	`1397`	`}`
`1398`		`- Flow visitSIMDLoadSplat(SIMDLoad*) {`
	`1398`	`+ Flow visitSIMDLoadSplat(SIMDLoad* curr) {`
`1399`	`1399`	`NOTE_ENTER("SIMDLoadSplat");`
`1400`	`1400`	`return Flow(NONCONSTANT_FLOW);`
`1401`	`1401`	`}`
`1402`		`- Flow visitSIMDLoadExtend(SIMDLoad*) {`
	`1402`	`+ Flow visitSIMDLoadExtend(SIMDLoad* curr) {`
`1403`	`1403`	`NOTE_ENTER("SIMDLoadExtend");`
`1404`	`1404`	`return Flow(NONCONSTANT_FLOW);`
`1405`	`1405`	`}`
`1406`		`- Flow visitPush(Push*) {`
	`1406`	`+ Flow visitPush(Push* curr) {`
`1407`	`1407`	`NOTE_ENTER("Push");`
`1408`	`1408`	`return Flow(NONCONSTANT_FLOW);`
`1409`	`1409`	`}`
`1410`		`- Flow visitPop(Pop*) {`
	`1410`	`+ Flow visitPop(Pop* curr) {`
`1411`	`1411`	`NOTE_ENTER("Pop");`
`1412`	`1412`	`return Flow(NONCONSTANT_FLOW);`
`1413`	`1413`	`}`
`@@ -2470,7 +2470,8 @@ template<typename GlobalManager, typename SubType> class ModuleInstanceBase {`
`2470`	`2470`	`functionStack.pop_back();`
`2471`	`2471`	`}`
`2472`	`2472`	`#ifdef WASM_INTERPRETER_DEBUG`
`2473`		`- std::cout << "exiting " << function->name << " with " << ret << '\n';`
	`2473`	`+ std::cout << "exiting " << function->name << " with " << flow.values`
	`2474`	`+ << '\n';`
`2474`	`2475`	`#endif`
`2475`	`2476`	`return flow.values;`
`2476`	`2477`	`}`
Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,10 @@ inline std::ostream& operator<<(std::ostream& o, wasm::Expression& expression) {`
`53`	`53`	`return wasm::WasmPrinter::printExpression(&expression, o);`
`54`	`54`	`}`
`55`	`55`
	`56`	`+inline std::ostream& operator<<(std::ostream& o, wasm::Expression* expression) {`
	`57`	`+ return wasm::WasmPrinter::printExpression(expression, o);`
	`58`	`+}`
	`59`	`+`
`56`	`60`	`inline std::ostream& operator<<(std::ostream& o, wasm::StackInst& inst) {`
`57`	`61`	`return wasm::WasmPrinter::printStackInst(&inst, o);`
`58`	`62`	`}`