• ahaas's avatar
    [wasm] Track in the interpreter if a NaN could have been produced. · 57b14b06
    ahaas authored
    The wasm specification does not fully specify the binary representation
    of NaN: the sign bit can be non-deterministic. The wasm-code fuzzer
    found a test case where the wasm interpreter and the compiled code
    produce a different sign bit for a NaN, and as a consequence they
    produce different results.
    
    With this CL the interpreter tracks whether it executed an instruction
    which can produce a NaN, which are div and sqrt instructions. The
    fuzzer uses this information and compares the result of the interpreter
    with the result of the compiled code only if there was no instruction
    which could have produced a NaN.
    
    R=titzer@chromium.org
    
    TEST=cctest/test-run-wasm-interpreter/TestMayProduceNaN
    BUG=chromium:657481
    
    Review-Url: https://chromiumcodereview.appspot.com/2438603003
    Cr-Commit-Position: refs/heads/master@{#40474}
    57b14b06
wasm-run-utils.h 27.8 KB