// Copyright 2020 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "src/wasm/wasm-debug-evaluate.h"

#include <algorithm>
#include <limits>

#include "src/api/api-inl.h"
#include "src/codegen/machine-type.h"
#include "src/compiler/wasm-compiler.h"
#include "src/execution/frames-inl.h"
#include "src/wasm/value-type.h"
#include "src/wasm/wasm-arguments.h"
#include "src/wasm/wasm-constants.h"
#include "src/wasm/wasm-debug.h"
#include "src/wasm/wasm-module.h"
#include "src/wasm/wasm-objects.h"
#include "src/wasm/wasm-result.h"
#include "src/wasm/wasm-value.h"

namespace v8 {
namespace internal {
namespace wasm {
namespace {

static Handle<String> V8String(Isolate* isolate, const char* str) {
  return isolate->factory()->NewStringFromAsciiChecked(str);
}

static bool CheckSignature(ValueType return_type,
                           std::initializer_list<ValueType> argument_types,
                           const FunctionSig* sig, ErrorThrower* thrower) {
  if (sig->return_count() != 1 && return_type != kWasmBottom) {
    thrower->CompileError("Invalid return type. Got none, expected %s",
                          return_type.name().c_str());
    return false;
  }

  if (sig->return_count() == 1) {
    if (sig->GetReturn(0) != return_type) {
      thrower->CompileError("Invalid return type. Got %s, expected %s",
                            sig->GetReturn(0).name().c_str(),
                            return_type.name().c_str());
      return false;
    }
  }

  if (sig->parameter_count() != argument_types.size()) {
    thrower->CompileError("Invalid number of arguments. Expected %zu, got %zu",
                          sig->parameter_count(), argument_types.size());
    return false;
  }
  size_t p = 0;
  for (ValueType argument_type : argument_types) {
    if (sig->GetParam(p) != argument_type) {
      thrower->CompileError(
          "Invalid argument type for argument %zu. Got %s, expected %s", p,
          sig->GetParam(p).name().c_str(), argument_type.name().c_str());
      return false;
    }
    ++p;
  }
  return true;
}

static bool CheckRangeOutOfBounds(uint32_t offset, uint32_t size,
                                  size_t allocation_size,
                                  wasm::ErrorThrower* thrower) {
  if (size > std::numeric_limits<uint32_t>::max() - offset) {
    thrower->RuntimeError("Overflowing memory range\n");
    return true;
  }
  if (offset + size > allocation_size) {
    thrower->RuntimeError("Illegal access to out-of-bounds memory");
    return true;
  }
  return false;
}

class DebugEvaluatorProxy {
 public:
  explicit DebugEvaluatorProxy(Isolate* isolate, CommonFrame* frame)
      : isolate_(isolate), frame_(frame) {}

  static void GetMemoryTrampoline(
      const v8::FunctionCallbackInfo<v8::Value>& args) {
    DebugEvaluatorProxy& proxy = GetProxy(args);

    uint32_t offset = proxy.GetArgAsUInt32(args, 0);
    uint32_t size = proxy.GetArgAsUInt32(args, 1);
    uint32_t result = proxy.GetArgAsUInt32(args, 2);

    proxy.GetMemory(offset, size, result);
  }

  // void __getMemory(uint32_t offset, uint32_t size, void* result);
  void GetMemory(uint32_t offset, uint32_t size, uint32_t result) {
    wasm::ScheduledErrorThrower thrower(isolate_, "debug evaluate proxy");
    // Check all overflows.
    if (CheckRangeOutOfBounds(offset, size, debuggee_->memory_size(),
                              &thrower) ||
        CheckRangeOutOfBounds(result, size, evaluator_->memory_size(),
                              &thrower)) {
      return;
    }

    std::memcpy(&evaluator_->memory_start()[result],
                &debuggee_->memory_start()[offset], size);
  }

  // void* __sbrk(intptr_t increment);
  uint32_t Sbrk(uint32_t increment) {
    if (increment > 0 && evaluator_->memory_size() <=
                             std::numeric_limits<uint32_t>::max() - increment) {
      Handle<WasmMemoryObject> memory(evaluator_->memory_object(), isolate_);
      uint32_t new_pages =
          (increment - 1 + wasm::kWasmPageSize) / wasm::kWasmPageSize;
      WasmMemoryObject::Grow(isolate_, memory, new_pages);
    }
    return static_cast<uint32_t>(evaluator_->memory_size());
  }

  static void SbrkTrampoline(const v8::FunctionCallbackInfo<v8::Value>& args) {
    DebugEvaluatorProxy& proxy = GetProxy(args);
    uint32_t size = proxy.GetArgAsUInt32(args, 0);

    uint32_t result = proxy.Sbrk(size);
    args.GetReturnValue().Set(result);
  }

  // void __getLocal(uint32_t local,  void* result);
  void GetLocal(uint32_t local, uint32_t result_offset) {
    DCHECK(frame_->is_wasm());
    wasm::DebugInfo* debug_info =
        WasmFrame::cast(frame_)->native_module()->GetDebugInfo();
    WasmValue result = debug_info->GetLocalValue(
        local, frame_->pc(), frame_->fp(), frame_->callee_fp());
    WriteResult(result, result_offset);
  }

  void GetGlobal(uint32_t global, uint32_t result_offset) {
    DCHECK(frame_->is_wasm());

    const WasmGlobal& global_variable =
        WasmFrame::cast(frame_)->native_module()->module()->globals.at(global);

    Handle<WasmInstanceObject> instance(
        WasmFrame::cast(frame_)->wasm_instance(), isolate_);
    WasmValue result =
        WasmInstanceObject::GetGlobalValue(instance, global_variable);
    WriteResult(result, result_offset);
  }

  void GetOperand(uint32_t operand, uint32_t result_offset) {
    DCHECK(frame_->is_wasm());
    wasm::DebugInfo* debug_info =
        WasmFrame::cast(frame_)->native_module()->GetDebugInfo();
    WasmValue result = debug_info->GetStackValue(
        operand, frame_->pc(), frame_->fp(), frame_->callee_fp());

    WriteResult(result, result_offset);
  }

  static void GetLocalTrampoline(
      const v8::FunctionCallbackInfo<v8::Value>& args) {
    DebugEvaluatorProxy& proxy = GetProxy(args);
    uint32_t local = proxy.GetArgAsUInt32(args, 0);
    uint32_t result = proxy.GetArgAsUInt32(args, 1);

    proxy.GetLocal(local, result);
  }

  static void GetGlobalTrampoline(
      const v8::FunctionCallbackInfo<v8::Value>& args) {
    DebugEvaluatorProxy& proxy = GetProxy(args);
    uint32_t global = proxy.GetArgAsUInt32(args, 0);
    uint32_t result = proxy.GetArgAsUInt32(args, 1);

    proxy.GetGlobal(global, result);
  }

  static void GetOperandTrampoline(
      const v8::FunctionCallbackInfo<v8::Value>& args) {
    DebugEvaluatorProxy& proxy = GetProxy(args);
    uint32_t operand = proxy.GetArgAsUInt32(args, 0);
    uint32_t result = proxy.GetArgAsUInt32(args, 1);

    proxy.GetOperand(operand, result);
  }

  Handle<JSObject> CreateImports() {
    Handle<JSObject> imports_obj =
        isolate_->factory()->NewJSObject(isolate_->object_function());
    Handle<JSObject> import_module_obj =
        isolate_->factory()->NewJSObject(isolate_->object_function());
    Object::SetProperty(isolate_, imports_obj, V8String(isolate_, "env"),
                        import_module_obj)
        .Assert();

    AddImport(import_module_obj, "__getOperand",
              DebugEvaluatorProxy::GetOperandTrampoline);
    AddImport(import_module_obj, "__getGlobal",
              DebugEvaluatorProxy::GetGlobalTrampoline);
    AddImport(import_module_obj, "__getLocal",
              DebugEvaluatorProxy::GetLocalTrampoline);
    AddImport(import_module_obj, "__getMemory",
              DebugEvaluatorProxy::GetMemoryTrampoline);
    AddImport(import_module_obj, "__sbrk", DebugEvaluatorProxy::SbrkTrampoline);

    return imports_obj;
  }

  void SetInstances(Handle<WasmInstanceObject> evaluator,
                    Handle<WasmInstanceObject> debuggee) {
    evaluator_ = evaluator;
    debuggee_ = debuggee;
  }

 private:
  template <typename T>
  void WriteResultImpl(const WasmValue& result, uint32_t result_offset) {
    wasm::ScheduledErrorThrower thrower(isolate_, "debug evaluate proxy");
    T val = result.to<T>();
    STATIC_ASSERT(static_cast<uint32_t>(sizeof(T)) == sizeof(T));
    if (CheckRangeOutOfBounds(result_offset, sizeof(T),
                              evaluator_->memory_size(), &thrower)) {
      return;
    }
    memcpy(&evaluator_->memory_start()[result_offset], &val, sizeof(T));
  }

  void WriteResult(const WasmValue& result, uint32_t result_offset) {
    switch (result.type().kind()) {
      case ValueType::kI32:
        WriteResultImpl<uint32_t>(result, result_offset);
        break;
      case ValueType::kI64:
        WriteResultImpl<int64_t>(result, result_offset);
        break;
      case ValueType::kF32:
        WriteResultImpl<float>(result, result_offset);
        break;
      case ValueType::kF64:
        WriteResultImpl<double>(result, result_offset);
        break;
      default:
        UNIMPLEMENTED();
    }
  }

  uint32_t GetArgAsUInt32(const v8::FunctionCallbackInfo<v8::Value>& args,
                          int index) {
    // No type/range checks needed on his because this is only called for {args}
    // where we have performed a signature check via {VerifyEvaluatorInterface}
    double number = Utils::OpenHandle(*args[index])->Number();
    return static_cast<uint32_t>(number);
  }

  static DebugEvaluatorProxy& GetProxy(
      const v8::FunctionCallbackInfo<v8::Value>& args) {
    return *reinterpret_cast<DebugEvaluatorProxy*>(
        args.Data().As<v8::External>()->Value());
  }

  template <typename CallableT>
  void AddImport(Handle<JSObject> import_module_obj, const char* function_name,
                 CallableT callback) {
    v8::Isolate* api_isolate = reinterpret_cast<v8::Isolate*>(isolate_);
    v8::Local<v8::Context> context = api_isolate->GetCurrentContext();
    std::string data;
    v8::Local<v8::Function> v8_function =
        v8::Function::New(context, callback,
                          v8::External::New(api_isolate, this))
            .ToLocalChecked();

    Handle<JSReceiver> wrapped_function = Utils::OpenHandle(*v8_function);

    Object::SetProperty(isolate_, import_module_obj,
                        V8String(isolate_, function_name), wrapped_function)
        .Assert();
  }

  Isolate* isolate_;
  CommonFrame* frame_;
  Handle<WasmInstanceObject> evaluator_;
  Handle<WasmInstanceObject> debuggee_;
};

static bool VerifyEvaluatorInterface(const WasmModule* raw_module,
                                     const ModuleWireBytes& bytes,
                                     ErrorThrower* thrower) {
  for (const WasmImport imported : raw_module->import_table) {
    if (imported.kind != ImportExportKindCode::kExternalFunction) continue;
    const WasmFunction& F = raw_module->functions.at(imported.index);
    std::string module_name(bytes.start() + imported.module_name.offset(),
                            bytes.start() + imported.module_name.end_offset());
    std::string field_name(bytes.start() + imported.field_name.offset(),
                           bytes.start() + imported.field_name.end_offset());

    if (module_name == "env") {
      if (field_name == "__getMemory") {
        // void __getMemory(uint32_t offset, uint32_t size, void* result);
        if (CheckSignature(kWasmBottom, {kWasmI32, kWasmI32, kWasmI32}, F.sig,
                           thrower)) {
          continue;
        }
      } else if (field_name == "__getOperand") {
        // void __getOperand(uint32_t local,  void* result)
        if (CheckSignature(kWasmBottom, {kWasmI32, kWasmI32}, F.sig, thrower)) {
          continue;
        }
      } else if (field_name == "__getGlobal") {
        // void __getGlobal(uint32_t local,  void* result)
        if (CheckSignature(kWasmBottom, {kWasmI32, kWasmI32}, F.sig, thrower)) {
          continue;
        }
      } else if (field_name == "__getLocal") {
        // void __getLocal(uint32_t local,  void* result)
        if (CheckSignature(kWasmBottom, {kWasmI32, kWasmI32}, F.sig, thrower)) {
          continue;
        }
      } else if (field_name == "__debug") {
        // void __debug(uint32_t flag, uint32_t value)
        if (CheckSignature(kWasmBottom, {kWasmI32, kWasmI32}, F.sig, thrower)) {
          continue;
        }
      } else if (field_name == "__sbrk") {
        // uint32_t __sbrk(uint32_t increment)
        if (CheckSignature(kWasmI32, {kWasmI32}, F.sig, thrower)) {
          continue;
        }
      }
    }

    if (!thrower->error()) {
      thrower->LinkError("Unknown import \"%s\" \"%s\"", module_name.c_str(),
                         field_name.c_str());
    }

    return false;
  }
  for (const WasmExport& exported : raw_module->export_table) {
    if (exported.kind != ImportExportKindCode::kExternalFunction) continue;
    const WasmFunction& F = raw_module->functions.at(exported.index);
    std::string field_name(bytes.start() + exported.name.offset(),
                           bytes.start() + exported.name.end_offset());
    if (field_name == "wasm_format") {
      if (!CheckSignature(kWasmI32, {}, F.sig, thrower)) return false;
    }
  }
  return true;
}
}  // namespace

Maybe<std::string> DebugEvaluateImpl(
    Vector<const byte> snippet, Handle<WasmInstanceObject> debuggee_instance,
    CommonFrame* frame) {
  Isolate* isolate = debuggee_instance->GetIsolate();
  HandleScope handle_scope(isolate);
  WasmEngine* engine = isolate->wasm_engine();
  wasm::ErrorThrower thrower(isolate, "wasm debug evaluate");

  // Create module object.
  wasm::ModuleWireBytes bytes(snippet);
  wasm::WasmFeatures features = wasm::WasmFeatures::FromIsolate(isolate);
  Handle<WasmModuleObject> evaluator_module;
  if (!engine->SyncCompile(isolate, features, &thrower, bytes)
           .ToHandle(&evaluator_module)) {
    return Nothing<std::string>();
  }

  // Verify interface.
  const WasmModule* raw_module = evaluator_module->module();
  if (!VerifyEvaluatorInterface(raw_module, bytes, &thrower)) {
    return Nothing<std::string>();
  }

  // Set up imports.
  DebugEvaluatorProxy proxy(isolate, frame);
  Handle<JSObject> imports = proxy.CreateImports();

  // Instantiate Module.
  Handle<WasmInstanceObject> evaluator_instance;
  if (!engine->SyncInstantiate(isolate, &thrower, evaluator_module, imports, {})
           .ToHandle(&evaluator_instance)) {
    return Nothing<std::string>();
  }

  proxy.SetInstances(evaluator_instance, debuggee_instance);

  Handle<JSObject> exports_obj(evaluator_instance->exports_object(), isolate);
  Handle<Object> entry_point_obj;
  bool get_property_success =
      Object::GetProperty(isolate, exports_obj,
                          V8String(isolate, "wasm_format"))
          .ToHandle(&entry_point_obj);
  if (!get_property_success ||
      !WasmExportedFunction::IsWasmExportedFunction(*entry_point_obj)) {
    thrower.LinkError("Missing export: \"wasm_format\"");
    return Nothing<std::string>();
  }
  Handle<WasmExportedFunction> entry_point =
      Handle<WasmExportedFunction>::cast(entry_point_obj);

  // TODO(wasm): Cache this code.
  Handle<Code> wasm_entry = compiler::CompileCWasmEntry(
      isolate, entry_point->sig(), debuggee_instance->module());

  CWasmArgumentsPacker packer(4 /* uint32_t return value, no parameters. */);
  Execution::CallWasm(isolate, wasm_entry, entry_point->GetWasmCallTarget(),
                      evaluator_instance, packer.argv());
  if (isolate->has_pending_exception()) return Nothing<std::string>();

  uint32_t offset = packer.Pop<uint32_t>();
  if (CheckRangeOutOfBounds(offset, 0, evaluator_instance->memory_size(),
                            &thrower)) {
    return Nothing<std::string>();
  }

  // Copy the zero-terminated string result but don't overflow.
  std::string result;
  byte* heap = evaluator_instance->memory_start() + offset;
  for (; offset < evaluator_instance->memory_size(); ++offset, ++heap) {
    if (*heap == 0) return Just(result);
    result.push_back(*heap);
  }

  thrower.RuntimeError("The evaluation returned an invalid result");
  return Nothing<std::string>();
}

MaybeHandle<String> DebugEvaluate(Vector<const byte> snippet,
                                  Handle<WasmInstanceObject> debuggee_instance,
                                  CommonFrame* frame) {
  Maybe<std::string> result =
      DebugEvaluateImpl(snippet, debuggee_instance, frame);
  if (result.IsNothing()) return {};
  std::string result_str = result.ToChecked();
  return V8String(debuggee_instance->GetIsolate(), result_str.c_str());
}

}  // namespace wasm
}  // namespace internal
}  // namespace v8