[MERGE #5886 @Cellule] WebAssembly.Memory & Table consctructor spec compliance

Merge pull request #5886 from Cellule:users/micfer/wasm-spec-constructor

- Use TypeError instead of RangeError when initial/maximum have the wrong type (ie: not uint32).
- Check for NaN, Infinity and -Infinity for NonWrappingUint32 conversion
- Do not use HasProperty to see if the descriptor has a property, instead just use GetProperty and check against `undefined`. This is according to https://heycam.github.io/webidl/#dfn-present
- Convert Table `descriptor.element` to string before doing the comparison

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/microsoft/chakracore/5886)
<!-- Reviewable:end -->

Author: MikeHolman

lib/Runtime/Library/WebAssembly.cpp

@@ -288,12 +288,18 @@ Var WebAssembly::TryResolveResponse(RecyclableObject* function, Var thisArg, Var
 uint32
 WebAssembly::ToNonWrappingUint32(Var val, ScriptContext * ctx)
 {
-    double i = JavascriptConversion::ToInteger(val, ctx);
-    if (i < 0 || i > (double)UINT32_MAX)
+    double i = JavascriptConversion::ToNumber(val, ctx);
+    if (
+        JavascriptNumber::IsNan(i) ||
+        JavascriptNumber::IsPosInf(i) ||
+        JavascriptNumber::IsNegInf(i) ||
+        i < 0 ||
+        i > (double)UINT32_MAX
+    )
     {
-        JavascriptError::ThrowRangeError(ctx, JSERR_ArgumentOutOfRange);
+        JavascriptError::ThrowTypeError(ctx, JSERR_NeedNumber);
     }
-    return (uint32)i;
+    return (uint32)JavascriptConversion::ToInteger(i);
 }
 
 void

lib/Runtime/Library/WebAssemblyMemory.cpp

@@ -22,22 +22,33 @@ WebAssemblyMemory::WebAssemblyMemory(ArrayBufferBase* buffer, uint32 initial, ui
 }
 
 
-_Must_inspect_result_ bool WebAssemblyMemory::AreLimitsValid(uint32 initial, uint32 maximum)
+void WebAssemblyMemory::CheckLimits(ScriptContext * scriptContext, uint32 initial, uint32 maximum)
 {
-    return initial <= maximum && initial <= Wasm::Limits::GetMaxMemoryInitialPages() && maximum <= Wasm::Limits::GetMaxMemoryMaximumPages();
+    if (maximum < initial)
+    {
+        JavascriptError::ThrowRangeError(scriptContext, JSERR_ArgumentOutOfRange);
+    }
+    if (initial > Wasm::Limits::GetMaxMemoryInitialPages())
+    {
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_FunctionArgument_Invalid, _u("descriptor.initial"));
+    }
+    if (maximum > Wasm::Limits::GetMaxMemoryMaximumPages())
+    {
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_FunctionArgument_Invalid, _u("descriptor.maximum"));
+    }
 }
 
 
-_Must_inspect_result_ bool WebAssemblyMemory::AreLimitsValid(uint32 initial, uint32 maximum, uint32 bufferLength)
+void WebAssemblyMemory::CheckLimits(ScriptContext * scriptContext, uint32 initial, uint32 maximum, uint32 bufferLength)
 {
-    if (!AreLimitsValid(initial, maximum))
-    {
-        return false;
-    }
+    CheckLimits(scriptContext, initial, maximum);
     // Do the mul after initial checks to avoid potential unneeded OOM exception
     const uint32 initBytes = UInt32Math::Mul<WebAssembly::PageSize>(initial);
     const uint32 maxBytes = UInt32Math::Mul<WebAssembly::PageSize>(maximum);
-    return initBytes <= bufferLength && bufferLength <= maxBytes;
+    if (initBytes > bufferLength || bufferLength > maxBytes)
+    {
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_FunctionArgument_Invalid);
+    }
 }
 
 Var
@@ -60,31 +71,38 @@ WebAssemblyMemory::NewInstance(RecyclableObject* function, CallInfo callInfo, ..
 
     if (args.Info.Count < 2 || !JavascriptOperators::IsObject(args[1]))
     {
-        JavascriptError::ThrowTypeError(scriptContext, JSERR_NeedObject, _u("memoryDescriptor"));
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_NeedObject, _u("descriptor"));
     }
     DynamicObject * memoryDescriptor = VarTo<DynamicObject>(args[1]);
 
     Var initVar = JavascriptOperators::OP_GetProperty(memoryDescriptor, PropertyIds::initial, scriptContext);
+    if (Js::JavascriptOperators::IsUndefined(initVar))
+    {
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_NeedNumber, _u("descriptor.initial"));
+    }
     uint32 initial = WebAssembly::ToNonWrappingUint32(initVar, scriptContext);
 
     uint32 maximum = Wasm::Limits::GetMaxMemoryMaximumPages();
     bool hasMaximum = false;
-    if (JavascriptOperators::OP_HasProperty(memoryDescriptor, PropertyIds::maximum, scriptContext))
+    Var maxVar = JavascriptOperators::OP_GetProperty(memoryDescriptor, PropertyIds::maximum, scriptContext);
+    if (!Js::JavascriptOperators::IsUndefined(maxVar))
     {
         hasMaximum = true;
-        Var maxVar = JavascriptOperators::OP_GetProperty(memoryDescriptor, PropertyIds::maximum, scriptContext);
         maximum = WebAssembly::ToNonWrappingUint32(maxVar, scriptContext);
     }
 
     bool isShared = false;
-    if (Wasm::Threads::IsEnabled() && JavascriptOperators::OP_HasProperty(memoryDescriptor, PropertyIds::shared, scriptContext))
+    if (Wasm::Threads::IsEnabled())
     {
-        if (!hasMaximum)
+        Var sharedVar = JavascriptOperators::OP_GetProperty(memoryDescriptor, PropertyIds::shared, scriptContext);
+        if (!Js::JavascriptOperators::IsUndefined(sharedVar))
         {
-            JavascriptError::ThrowTypeError(scriptContext, WASMERR_SharedNoMaximum);
+            isShared = JavascriptConversion::ToBool(sharedVar, scriptContext);
+            if (!hasMaximum)
+            {
+                JavascriptError::ThrowTypeError(scriptContext, WASMERR_SharedNoMaximum);
+            }
         }
-        Var sharedVar = JavascriptOperators::OP_GetProperty(memoryDescriptor, PropertyIds::shared, scriptContext);
-        isShared = JavascriptConversion::ToBool(sharedVar, scriptContext);
     }
 
     return CreateMemoryObject(initial, maximum, isShared, scriptContext);
@@ -271,10 +289,7 @@ WebAssemblyMemory::EntryGetterBuffer(RecyclableObject* function, CallInfo callIn
 WebAssemblyMemory *
 WebAssemblyMemory::CreateMemoryObject(uint32 initial, uint32 maximum, bool isShared, ScriptContext * scriptContext)
 {
-    if (!AreLimitsValid(initial, maximum))
-    {
-        JavascriptError::ThrowRangeError(scriptContext, JSERR_ArgumentOutOfRange);
-    }
+    CheckLimits(scriptContext, initial, maximum);
     uint32 byteLength = UInt32Math::Mul<WebAssembly::PageSize>(initial);
     ArrayBufferBase* buffer = nullptr;
 #ifdef ENABLE_WASM_THREADS
@@ -300,10 +315,7 @@ WebAssemblyMemory::CreateMemoryObject(uint32 initial, uint32 maximum, bool isSha
 
 WebAssemblyMemory * WebAssemblyMemory::CreateForExistingBuffer(uint32 initial, uint32 maximum, uint32 currentByteLength, ScriptContext * scriptContext)
 {
-    if (!AreLimitsValid(initial, maximum, currentByteLength))
-    {
-        JavascriptError::ThrowRangeError(scriptContext, JSERR_ArgumentOutOfRange);
-    }
+    CheckLimits(scriptContext, initial, maximum, currentByteLength);
     ArrayBufferBase* buffer = scriptContext->GetLibrary()->CreateWebAssemblyArrayBuffer(currentByteLength);
     Assert(buffer);
     if (currentByteLength > 0 && buffer->GetByteLength() == 0)
@@ -317,10 +329,11 @@ WebAssemblyMemory * WebAssemblyMemory::CreateForExistingBuffer(uint32 initial, u
 #ifdef ENABLE_WASM_THREADS
 WebAssemblyMemory * WebAssemblyMemory::CreateFromSharedContents(uint32 initial, uint32 maximum, SharedContents* sharedContents, ScriptContext * scriptContext)
 {
-    if (!sharedContents || !AreLimitsValid(initial, maximum, sharedContents->bufferLength))
+    if (!sharedContents)
     {
-        JavascriptError::ThrowRangeError(scriptContext, JSERR_ArgumentOutOfRange);
+        JavascriptError::ThrowTypeError(scriptContext, JSERR_FunctionArgument_Invalid);
     }
+    CheckLimits(scriptContext, initial, maximum, sharedContents->bufferLength);
     ArrayBufferBase* buffer = scriptContext->GetLibrary()->CreateWebAssemblySharedArrayBuffer(sharedContents);
     return RecyclerNewFinalized(scriptContext->GetRecycler(), WebAssemblyMemory, buffer, initial, maximum, scriptContext->GetLibrary()->GetWebAssemblyMemoryType());
 }

lib/Runtime/Library/WebAssemblyMemory.h

@@ -50,8 +50,8 @@ namespace Js
 #endif
     private:
         WebAssemblyMemory(ArrayBufferBase* buffer, uint32 initial, uint32 maximum, DynamicType * type);
-        static _Must_inspect_result_ bool AreLimitsValid(uint32 initial, uint32 maximum);
-        static _Must_inspect_result_ bool AreLimitsValid(uint32 initial, uint32 maximum, uint32 bufferLength);
+        static void CheckLimits(ScriptContext * scriptContext, uint32 initial, uint32 maximum);
+        static void CheckLimits(ScriptContext * scriptContext, uint32 initial, uint32 maximum, uint32 bufferLength);
 
         Field(ArrayBufferBase*) m_buffer;
 

lib/Runtime/Library/WebAssemblyTable.cpp

@@ -46,7 +46,8 @@ WebAssemblyTable::NewInstance(RecyclableObject* function, CallInfo callInfo, ...
     DynamicObject * tableDescriptor = VarTo<DynamicObject>(args[1]);
 
     Var elementVar = JavascriptOperators::OP_GetProperty(tableDescriptor, PropertyIds::element, scriptContext);
-    if (!JavascriptOperators::StrictEqualString(elementVar, scriptContext->GetLibrary()->CreateStringFromCppLiteral(_u("anyfunc"))))
+    auto elementStr = JavascriptConversion::ToString(elementVar, scriptContext);
+    if (!JavascriptOperators::StrictEqualString(elementStr, scriptContext->GetLibrary()->CreateStringFromCppLiteral(_u("anyfunc"))))
     {
         JavascriptError::ThrowTypeError(scriptContext, WASMERR_ExpectedAnyFunc, _u("tableDescriptor.element"));
     }
@@ -55,9 +56,9 @@ WebAssemblyTable::NewInstance(RecyclableObject* function, CallInfo callInfo, ...
     uint32 initial = WebAssembly::ToNonWrappingUint32(initVar, scriptContext);
 
     uint32 maximum = Wasm::Limits::GetMaxTableSize();
-    if (JavascriptOperators::OP_HasProperty(tableDescriptor, PropertyIds::maximum, scriptContext))
+    Var maxVar = JavascriptOperators::OP_GetProperty(tableDescriptor, PropertyIds::maximum, scriptContext);
+    if (!JavascriptOperators::IsUndefined(maxVar))
     {
-        Var maxVar = JavascriptOperators::OP_GetProperty(tableDescriptor, PropertyIds::maximum, scriptContext);
         maximum = WebAssembly::ToNonWrappingUint32(maxVar, scriptContext);
     }
     return Create(initial, maximum, scriptContext);

test/WasmSpec/baselines/testsuite/js-api/memory/constructor.any.baseline

@@ -1,25 +1,25 @@
 Harness Status: OK
-Found 24 tests: Pass = 9 Fail = 15
+Found 24 tests: Pass = 24
 Pass name  
 Pass length  
 Pass No arguments  
 Pass Calling  
-Fail Invalid descriptor argument  assert_throws: new Memory(object "[object Object]") function "() => new WebAssembly.Memory(invalidArgument)" did not throw
-Fail Undefined initial value in descriptor  assert_throws: function "() => new WebAssembly.Memory({ "initial": undefined })" did not throw
-Fail Out-of-range initial value in descriptor: NaN  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" did not throw
-Fail Out-of-range maximum value in descriptor: NaN  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" did not throw
-Fail Out-of-range initial value in descriptor: Infinity  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range maximum value in descriptor: Infinity  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range initial value in descriptor: -Infinity  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range maximum value in descriptor: -Infinity  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range initial value in descriptor: -1  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range maximum value in descriptor: -1  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range initial value in descriptor: 4294967296  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range maximum value in descriptor: 4294967296  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range initial value in descriptor: 68719476736  assert_throws: function "() => new WebAssembly.Memory({ "initial": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range maximum value in descriptor: 68719476736  assert_throws: function "() => new WebAssembly.Memory({ "initial": 0, "maximum": value })" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
+Pass Invalid descriptor argument  
+Pass Undefined initial value in descriptor  
+Pass Out-of-range initial value in descriptor: NaN  
+Pass Out-of-range maximum value in descriptor: NaN  
+Pass Out-of-range initial value in descriptor: Infinity  
+Pass Out-of-range maximum value in descriptor: Infinity  
+Pass Out-of-range initial value in descriptor: -Infinity  
+Pass Out-of-range maximum value in descriptor: -Infinity  
+Pass Out-of-range initial value in descriptor: -1  
+Pass Out-of-range maximum value in descriptor: -1  
+Pass Out-of-range initial value in descriptor: 4294967296  
+Pass Out-of-range maximum value in descriptor: 4294967296  
+Pass Out-of-range initial value in descriptor: 68719476736  
+Pass Out-of-range maximum value in descriptor: 68719476736  
 Pass Initial value exceeds maximum  
-Fail Proxy descriptor  assert_unreached: Should not call [[HasProperty]] with maximum Reached unreachable code
+Pass Proxy descriptor  
 Pass Order of evaluation for descriptor  
 Pass Zero initial  
 Pass Non-zero initial  

test/WasmSpec/baselines/testsuite/js-api/memory/grow.any.baseline

@@ -1,20 +1,20 @@
 Harness Status: OK
-Found 18 tests: Fail = 10 Pass = 8
-Fail Missing arguments  assert_throws: function "() => memory.grow()" did not throw
+Found 18 tests: Pass = 18
+Pass Missing arguments  
 Pass Branding  
 Pass Zero initial  
 Pass Zero initial with valueOf  
 Pass Non-zero initial  
 Pass Zero initial with respected maximum  
 Pass Zero initial with respected maximum grown twice  
 Pass Zero initial growing too much  
-Fail Out-of-range argument: undefined  assert_throws: function "() => memory.grow(value)" did not throw
-Fail Out-of-range argument: NaN  assert_throws: function "() => memory.grow(value)" did not throw
-Fail Out-of-range argument: Infinity  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: -Infinity  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: -1  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: 4294967296  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: 68719476736  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: "0x100000000"  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
-Fail Out-of-range argument: object "[object Object]"  assert_throws: function "() => memory.grow(value)" threw object "RangeError: argument out of range" ("RangeError") expected object "TypeError" ("TypeError")
+Pass Out-of-range argument: undefined  
+Pass Out-of-range argument: NaN  
+Pass Out-of-range argument: Infinity  
+Pass Out-of-range argument: -Infinity  
+Pass Out-of-range argument: -1  
+Pass Out-of-range argument: 4294967296  
+Pass Out-of-range argument: 68719476736  
+Pass Out-of-range argument: "0x100000000"  
+Pass Out-of-range argument: object "[object Object]"  
 Pass Stray argument