Bug 233392

Summary: WebAssembly: memory.fill returns wrong error on out-of-bounds
Product: WebKit Reporter: Asumu Takikawa <asumu>
Component: WebAssemblyAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, saam, tzagallo, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Asumu Takikawa 2021-11-19 18:29:28 PST 
The following wasm program should produce a memory out of bounds exception when `fill_oob` is called:

```
  (module
    (import "env" "memory" (memory $mem0 1 1))
    (func (export "fill_oob")
      (memory.fill (i32.const 0) (i32.const 42) (i32.const 65537))
    )
  )
```

Right now, JSC will throw "Out of bounds table access" instead.
Comment 1 Asumu Takikawa 2021-11-19 18:41:57 PST 
Created attachment 444879 [details]
Patch
Comment 2 Yusuke Suzuki 2021-11-19 22:31:53 PST 
Comment on attachment 444879 [details]
Patch

r=me
Comment 3 EWS 2021-11-19 22:57:59 PST 
Committed r286092 (244479@main): <https://commits.webkit.org/244479@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 444879 [details].
Comment 4 Radar WebKit Bug Importer 2021-11-19 22:58:24 PST 
<rdar://problem/85630086>