Commit 19907980 authored by Michael Starzinger's avatar Michael Starzinger Committed by Commit Bot

[wasm] Fix ordering check of exception section.

This fixes an off-by-one in the ordering restriction check for exception
sections in a module. It also adds proper testing for exception handling
of indirect calls. This in turn adds a table section that triggers the
aforementioned bug.

R=clemensh@chromium.org
TEST=mjsunit/wasm/exceptions,unittests/WasmModuleVerifyTest
BUG=v8:8091

Change-Id: Ie44ad4dee1b0c623f069fca7661c4282492b52d6
Reviewed-on: https://chromium-review.googlesource.com/1203993Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55615}
parent 96a039aa
...@@ -351,7 +351,7 @@ class ModuleDecoderImpl : public Decoder { ...@@ -351,7 +351,7 @@ class ModuleDecoderImpl : public Decoder {
if (++number_of_exception_sections > 1) { if (++number_of_exception_sections > 1) {
errorf(pc(), "Multiple exception sections not allowed"); errorf(pc(), "Multiple exception sections not allowed");
return; return;
} else if (next_section_ >= kCodeSectionCode) { } else if (next_section_ > kCodeSectionCode) {
errorf(pc(), "Exception section must appear before the code section"); errorf(pc(), "Exception section must appear before the code section");
return; return;
} }
......
...@@ -509,47 +509,26 @@ function assertWasmThrows(runtime_id, values, code) { ...@@ -509,47 +509,26 @@ function assertWasmThrows(runtime_id, values, code) {
.exportFunc(); .exportFunc();
// Scenario 2: Catches an exception raised from the direct callee. // Scenario 2: Catches an exception raised from the direct callee.
let kFromDirectCallee = builder.addFunction("from_direct_callee", kSig_i_i)
builder.addFunction("from_direct_callee", kSig_i_i)
.addBody([
kExprTry, kWasmI32,
kExprGetLocal, 0,
kExprCallFunction, kWasmThrowFunction,
kExprUnreachable,
kExprCatch, except,
kExprEnd,
])
.exportFunc()
.index;
// Scenario 3: Catches an exception raised from an indirect callee.
// TODO(mstarzinger): Test case for indirect calls using direct calls not
// fooling anyone, switch to actually use indirect calls.
let kFromIndirectCalleeHelper = kFromDirectCallee + 1;
builder.addFunction("from_indirect_callee_helper", kSig_v_ii)
.addBody([ .addBody([
kExprGetLocal, 0, kExprTry, kWasmI32,
kExprI32Const, 0,
kExprI32GtS,
kExprIf, kWasmStmt,
kExprGetLocal, 0, kExprGetLocal, 0,
kExprI32Const, 1, kExprCallFunction, kWasmThrowFunction,
kExprI32Sub, kExprUnreachable,
kExprGetLocal, 1, kExprCatch, except,
kExprI32Const, 1,
kExprI32Sub,
kExprCallFunction, kFromIndirectCalleeHelper,
kExprEnd, kExprEnd,
kExprGetLocal, 1, ])
kExprCallFunction, kWasmThrowFunction, .exportFunc();
]);
builder.addFunction("from_indirect_callee", kSig_i_i) // Scenario 3: Catches an exception raised from an indirect callee.
let sig_v_i = builder.addType(kSig_v_i);
builder.appendToTable([kWasmThrowFunction, kWasmThrowFunction]);
builder.addFunction("from_indirect_callee", kSig_i_ii)
.addBody([ .addBody([
kExprTry, kWasmI32, kExprTry, kWasmI32,
kExprGetLocal, 0, kExprGetLocal, 0,
kExprI32Const, 0, kExprGetLocal, 1,
kExprCallFunction, kFromIndirectCalleeHelper, kExprCallIndirect, sig_v_i, kTableZero,
kExprUnreachable, kExprUnreachable,
kExprCatch, except, kExprCatch, except,
kExprEnd kExprEnd
...@@ -618,8 +597,8 @@ function assertWasmThrows(runtime_id, values, code) { ...@@ -618,8 +597,8 @@ function assertWasmThrows(runtime_id, values, code) {
assertEquals(3334333, instance.exports.from_direct_callee(3334333)); assertEquals(3334333, instance.exports.from_direct_callee(3334333));
assertEquals(-1, instance.exports.from_direct_callee(0xFFFFFFFF)); assertEquals(-1, instance.exports.from_direct_callee(0xFFFFFFFF));
assertEquals(0x7FFFFFFF, instance.exports.from_direct_callee(0x7FFFFFFF)); assertEquals(0x7FFFFFFF, instance.exports.from_direct_callee(0x7FFFFFFF));
assertEquals(-10, instance.exports.from_indirect_callee(10)); assertEquals(10, instance.exports.from_indirect_callee(10, 0));
assertEquals(-77, instance.exports.from_indirect_callee(77)); assertEquals(77, instance.exports.from_indirect_callee(77, 1));
// TODO(mstarzinger): Re-enable the following test cases. // TODO(mstarzinger): Re-enable the following test cases.
/*assertEquals(10, instance.exports.from_js(10)); /*assertEquals(10, instance.exports.from_js(10));
assertEquals(-10, instance.exports.from_js(-10));*/ assertEquals(-10, instance.exports.from_js(-10));*/
......
...@@ -525,6 +525,26 @@ TEST_F(WasmModuleVerifyTest, Exception_invalid_type) { ...@@ -525,6 +525,26 @@ TEST_F(WasmModuleVerifyTest, Exception_invalid_type) {
EXPECT_FALSE(result.ok()); EXPECT_FALSE(result.ok());
} }
TEST_F(WasmModuleVerifyTest, ExceptionSectionBeforeCode) {
static const byte data[] = {SIGNATURES_SECTION_VOID_VOID, ONE_EMPTY_FUNCTION,
SECTION_EXCEPTIONS(1), 0, ONE_EMPTY_BODY};
FAIL_IF_NO_EXPERIMENTAL_EH(data);
WASM_FEATURE_SCOPE(eh);
ModuleResult result = DecodeModule(data, data + sizeof(data));
EXPECT_OK(result);
}
TEST_F(WasmModuleVerifyTest, ExceptionSectionAfterCode) {
static const byte data[] = {SIGNATURES_SECTION_VOID_VOID, ONE_EMPTY_FUNCTION,
ONE_EMPTY_BODY, SECTION_EXCEPTIONS(1), 0};
FAIL_IF_NO_EXPERIMENTAL_EH(data);
WASM_FEATURE_SCOPE(eh);
ModuleResult result = DecodeModule(data, data + sizeof(data));
EXPECT_FALSE(result.ok());
}
TEST_F(WasmModuleVerifyTest, OneSignature) { TEST_F(WasmModuleVerifyTest, OneSignature) {
{ {
static const byte data[] = {SIGNATURES_SECTION_VOID_VOID}; static const byte data[] = {SIGNATURES_SECTION_VOID_VOID};
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment