[wasm] Simd128 types should not be available in asmjs modules.

- Added gating code in the module-decoder to allow SIMD code only when it can be decoded correctly - SIMD128 values should not be exported to JS - Try/Catch should not be available in asmjs modules - Trivial fixes for S128 values BUG=chromium:648079 R=ahaas@chromium.org, titzer@chromium.org, bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2400863003 Cr-Commit-Position: refs/heads/master@{#40067}

[wasm] Simd128 types should not be available in asmjs modules.
- Added gating code in the module-decoder to allow SIMD code only when it can be decoded correctly - SIMD128 values should not be exported to JS - Try/Catch should not be available in asmjs modules - Trivial fixes for S128 values BUG=chromium:648079 R=ahaas@chromium.org, titzer@chromium.org, bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2400863003 Cr-Commit-Position: refs/heads/master@{#40067}
19dab886 · gdeepti · Commit bot · a78c5ea5 · 19dab886 · 19dab886
Commit 19dab886 authored Oct 07, 2016 by gdeepti Committed by Commit bot Oct 07, 2016
7 changed files
--- a/src/compiler/wasm-compiler.cc
+++ b/src/compiler/wasm-compiler.cc
@@ -206,6 +206,9 @@ class WasmTrapHelper : public ZoneObject {
      case wasm::kAstF64:
        return jsgraph()->Float64Constant(bit_cast<double>(0xdeadbeefdeadbeef));
        break;
+      case wasm::kAstS128:
+        return builder_->CreateS128Value(0xdeadbeef);
+        break;
      default:
        UNREACHABLE();
        return nullptr;
@@ -2295,6 +2298,7 @@ Node* WasmGraphBuilder::ToJS(Node* node, wasm::LocalType type) {
  switch (type) {
    case wasm::kAstI32:
      return BuildChangeInt32ToTagged(node);
+    case wasm::kAstS128:
    case wasm::kAstI64:
      // Throw a TypeError. The native context is good enough here because we
      // only throw a TypeError.
@@ -2457,6 +2461,7 @@ Node* WasmGraphBuilder::FromJS(Node* node, Node* context,
                             num);
      break;
    }
+    case wasm::kAstS128:
    case wasm::kAstI64:
      // Throw a TypeError. The native context is good enough here because we
      // only throw a TypeError.
@@ -3024,12 +3029,12 @@ void WasmGraphBuilder::SetSourcePosition(Node* node,
    source_position_table_->SetSourcePosition(node, pos);
 }

-Node* WasmGraphBuilder::DefaultS128Value() {
+Node* WasmGraphBuilder::CreateS128Value(int32_t value) {
  // TODO(gdeepti): Introduce Simd128Constant to common-operator.h and use
  // instead of creating a SIMD Value.
  return graph()->NewNode(jsgraph()->machine()->CreateInt32x4(),
-                          Int32Constant(0), Int32Constant(0), Int32Constant(0),
-                          Int32Constant(0));
+                          Int32Constant(value), Int32Constant(value),
+                          Int32Constant(value), Int32Constant(value));
 }

 Node* WasmGraphBuilder::SimdOp(wasm::WasmOpcode opcode,

--- a/src/compiler/wasm-compiler.h
+++ b/src/compiler/wasm-compiler.h
@@ -198,7 +198,7 @@ class WasmGraphBuilder {

  void SetSourcePosition(Node* node, wasm::WasmCodePosition position);

-  Node* DefaultS128Value();
+  Node* CreateS128Value(int32_t value);

  Node* SimdOp(wasm::WasmOpcode opcode, const NodeVector& inputs);
  Node* SimdExtractLane(wasm::WasmOpcode opcode, uint8_t lane, Node* input);

--- a/src/wasm/ast-decoder.cc
+++ b/src/wasm/ast-decoder.cc
@@ -32,6 +32,9 @@ namespace wasm {
 #endif

 #define CHECK_PROTOTYPE_OPCODE(flag)                   \
+  if (module_ && module_->origin == kAsmJsOrigin) {    \
+    error("Opcode not supported for asmjs modules");   \
+  }                                                    \
  if (!FLAG_##flag) {                                  \
    error("Invalid opcode (enable with --" #flag ")"); \
    break;                                             \
@@ -500,7 +503,7 @@ class WasmFullDecoder : public WasmDecoder {
      case kAstF64:
        return builder_->Float64Constant(0);
      case kAstS128:
-        return builder_->DefaultS128Value();
+        return builder_->CreateS128Value(0);
      default:
        UNREACHABLE();
        return nullptr;

--- a/src/wasm/ast-decoder.h
+++ b/src/wasm/ast-decoder.h
@@ -156,6 +156,9 @@ struct BlockTypeOperand {
      case kLocalF64:
        *result = kAstF64;
        return true;
+      case kLocalS128:
+        *result = kAstS128;
+        return true;
      default:
        *result = kAstStmt;
        return false;

--- a/src/wasm/module-decoder.cc
+++ b/src/wasm/module-decoder.cc
@@ -6,6 +6,7 @@

 #include "src/base/functional.h"
 #include "src/base/platform/platform.h"
+#include "src/flags.h"
 #include "src/macro-assembler.h"
 #include "src/objects.h"
 #include "src/v8.h"
@@ -932,7 +933,12 @@ class ModuleDecoder : public Decoder {
      case kLocalF64:
        return kAstF64;
      case kLocalS128:
-        return kAstS128;
+        if (origin_ != kAsmJsOrigin && FLAG_wasm_simd_prototype) {
+          return kAstS128;
+        } else {
+          error(pc_ - 1, "invalid local type");
+          return kAstStmt;
+        }
      default:
        error(pc_ - 1, "invalid local type");
        return kAstStmt;

--- a/test/mjsunit/regress/wasm/regression-648079.js
+++ b/test/mjsunit/regress/wasm/regression-648079.js
+// Copyright 2016 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --expose-wasm
+
+load("test/mjsunit/wasm/wasm-constants.js");
+load("test/mjsunit/wasm/wasm-module-builder.js");
+
+(function() {
+"use asm";
+var builder = new WasmModuleBuilder();
+builder.addFunction("regression_648079", kSig_s_v)
+  .addBody([
+    // locals:
+    0x00,
+    // body:
+    kExprI64RemU,
+    kExprI64Ctz,
+    kExprI64LeU,
+    kExprUnreachable,
+    kExprUnreachable,
+    kExprUnreachable,
+    kExprUnreachable,
+    kExprI64Ctz,
+    kExprI64Ne,
+    kExprI64ShrS,
+    kExprI64GtS,
+    kExprI64RemU,
+    kExprUnreachable,
+    kExprI64RemU,
+    kExprI32Eqz,
+    kExprI64LeU,
+    kExprDrop,
+    kExprF32Add,
+    kExprI64Ior,
+    kExprF32CopySign,
+    kExprI64Ne,
+    kExprI64GeS,
+    kExprUnreachable,
+    kExprF32Trunc,
+    kExprF32Trunc,
+    kExprUnreachable,
+    kExprIf, 10,   // @32
+      kExprBlock, 00,   // @34
+        kExprBr,   // depth=109
+        kExprI64Shl,
+        kExprI64LeU,
+        kExprI64GeS,
+        kExprI64Clz,
+        kExprF32Min,
+        kExprF32Eq,
+        kExprF32Trunc,
+        kExprF32Trunc,
+        kExprF32Trunc,
+        kExprUnreachable,
+        kExprI32Const,
+        kExprUnreachable,
+        kExprBr,   // depth=101
+        kExprF32Div,
+        kExprI64GtU,
+        kExprI64GeS,
+        kExprI64Clz,
+        kExprSelect,
+        kExprI64GtS,
+        kExprI64RemU,
+        kExprI64LeU,
+        kExprI64Shl,
+        kExprI64Ctz,
+        kExprLoop, 01,   // @63 i32
+        kExprElse,   // @65
+          kExprI64LeU,
+          kExprI64RemU,
+          kExprI64Ne,
+          kExprI64GeS,
+          kExprI32Const,
+          kExprI64GtS,
+          kExprI64LoadMem32U,
+          kExprI64Clz,
+          kExprI64Shl,
+          kExprI64Ne,
+          kExprI64ShrS,
+          kExprI64GtS,
+          kExprI64DivU,
+          kExprI64Ne,
+          kExprI64GtS,
+          kExprI64Ne,
+          kExprI64Popcnt,
+          kExprI64DivU,
+          kExprI64DivU,
+          kExprSelect,
+          kExprI64Ctz,
+          kExprI64Popcnt,
+          kExprI64RemU,
+          kExprI64Clz,
+          kExprF64Sub,
+          kExprF32Trunc,
+          kExprF32Trunc,
+          kExprI64RemU,
+          kExprI64Ctz,
+          kExprI64LeU,
+          kExprUnreachable,
+          kExprUnreachable,
+          kExprUnreachable,
+          kExprBrIf,   // depth=116
+          kExprF32Min,
+          kExprI64GtU,
+          kExprBlock, 01,   // @107 i32
+            kExprTeeLocal,
+            kExprBlock, 01,   // @111 i32
+              kExprBlock, 01,   // @113 i32
+                kExprBlock, 01,   // @115 i32
+                  kExprBlock, 01,   // @117 i32
+                    kExprBlock, 01,   // @119 i32
+                      kExprBlock, 01,   // @121 i32
+                        kExprBlock, 01,   // @123 i32
+                          kExprBlock, 88,   // @125
+                            kExprF32Trunc,
+                            kExprF32Trunc,
+                            kExprF32Trunc,
+                            kExprUnreachable,
+                            kExprLoop, 40,   // @131
+                              kExprUnreachable,
+                              kExprUnreachable,
+                              kExprI32Add,
+                              kExprBlock, 05,   // @136
+                                kExprUnreachable,
+                                kExprIf, 02,   // @139 i64
+                                  kExprBlock, 01,   // @141 i32
+                                    kExprBrIf,   // depth=16
+                                    kExprLoop, 00,   // @145
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprReturn,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprI64LoadMem16U,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprNop,
+                                      kExprBr,   // depth=1
+                                    kExprElse,   // @164
+                                      kExprF32Trunc,
+                                      kExprI32Add,
+                                      kExprCallIndirect,   // sig #1
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprUnreachable,
+                                      kExprBlock, 00,   // @172
+                                        kExprI64RemU,
+                                        kExprI64Ctz,
+                                        kExprI64LeU,
+                                        kExprUnreachable,
+                                        kExprUnreachable,
+                                        kExprUnreachable,
+                                        kExprUnreachable,
+                                        kExprUnreachable,
+                                        kExprDrop,
+                                        kExprI64Popcnt,
+                                        kExprF32Min,
+                                        kExprUnreachable,
+                                        kExprF64Sub,
+                                        kExprI32Const,
+                                        kExprUnreachable,
+                                        kExprGetLocal,
+                                        kExprI64LoadMem32U,
+                                        kExprUnreachable,
+                                        kExprI64RemU,
+                                        kExprI32Eqz,
+                                        kExprI64LeU,
+                                        kExprDrop,
+                                        kExprF32Add,
+                                        kExprI64Ior,
+                                        kExprF32CopySign,
+                                        kExprI64Ne,
+                                        kExprI64GeS,
+                                        kExprUnreachable,
+                                        kExprF32Trunc,
+                                        kExprF32Trunc,
+                                        kExprUnreachable,
+                                        kExprIf, 10,   // @216
+                                          kExprBlock, 00,   // @218
+                                            kExprBr,   // depth=109
+                                            kExprI64Shl,
+                                            kExprI64LeU,
+                                            kExprI64GeS,
+                                            kExprI64Clz,
+                                            kExprF32Min,
+                                            kExprF32Eq,
+                                            kExprF32Trunc,
+                                            kExprF32Trunc,
+                                            kExprF32Trunc,
+                                            kExprUnreachable,
+                                            kExprF64Min,
+                                            kExprI32Const,
+                                            kExprBr,   // depth=101
+                                            kExprF32Div,
+                                            kExprI64GtU,
+                                            kExprI64GeS,
+                                            kExprI64Clz,
+                                            kExprI64Popcnt,
+                                            kExprF64Lt,
+                                            kExprF32Trunc,
+                                            kExprF32Trunc,
+                                            kExprF32Trunc,
+                                            kExprUnreachable,
+                                            kExprLoop, 01,   // @247 i32
+                                            kExprElse,   // @249
+                                              kExprI64LeU,
+                                              kExprI64RemU,
+                                              kExprI64Ne,
+                                              kExprI64GeS,
+                                              kExprI32Const,
+                                              kExprBlock, 01,   // @256 i32
+                                                kExprBlock, 01,   // @258 i32
+                                                  kExprBlock, 01,   // @260 i32
+                                                    kExprBlock, 01,   // @262 i32
+                                                      kExprBlock, 01,   // @264 i32
+                                                        kExprF32Ge,
+                                                        kExprF32Trunc,
+                                                        kExprF32Trunc,
+                                                        kExprF32Trunc,
+                                                        kExprUnreachable,
+                                                        kExprLoop, 40,   // @271
+                                                          kExprUnreachable,
+                                                          kExprUnreachable,
+                                                          kExprI32Add,
+                                                          kExprBlock, 01,   // @276 i32
+                                                            kExprUnreachable,
+                                                            kExprIf, 02,   // @279 i64
+                                                              kExprBlock, 00,   // @281
+                                                                kExprBrIf,   // depth=16
+                                                                kExprLoop, 00,   // @285
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprReturn,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprI64LoadMem16U,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprNop,
+                                                                  kExprBr,   // depth=1
+                                                                kExprElse,   // @304
+                                                                  kExprF32Trunc,
+                                                                  kExprI32Add,
+                                                                  kExprCallIndirect,   // sig #1
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprUnreachable,
+                                                                  kExprBlock, 00,   // @312
+                                                                    kExprI64RemU,
+                                                                    kExprI64Ctz,
+                                                                    kExprI64LeU,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprDrop,
+                                                                    kExprI64Popcnt,
+                                                                    kExprF32Min,
+                                                                    kExprUnreachable,
+                                                                    kExprF64Sub,
+                                                                    kExprI32Const,
+                                                                    kExprUnreachable,
+                                                                    kExprGetLocal,
+                                                                    kExprI64LoadMem32U,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprNop,
+                                                                    kExprBr,   // depth=1
+                                                                  kExprElse,   // @348
+                                                                    kExprF32Trunc,
+                                                                    kExprI32Add,
+                                                                    kExprCallIndirect,   // sig #1
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprBlock, 00,   // @356
+                                                                    kExprI64RemU,
+                                                                    kExprI64Ctz,
+                                                                    kExprI64LeU,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprUnreachable,
+                                                                    kExprDrop,
+                                                                    kExprI64Popcnt,
+                                                                    kExprF32Min,
+                                                                    kExprUnreachable,
+                                                                    kExprF64Sub,
+                                                                    kExprI32Const,
+                                                                    kExprUnreachable,
+                                                                    kExprGetLocal,
+                                                                    kExprI64LoadMem32U,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF32Trunc,
+                                                                    kExprF32Trunc,
+                                                                    kExprF32Trunc,
+                                                                    kExprUnreachable,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+                                                                    kExprF64Min,
+            ])
+            .exportFunc();
+assertThrows(function() { builder.instantiate(); });
+})();
--- a/test/mjsunit/wasm/wasm-constants.js
+++ b/test/mjsunit/wasm/wasm-constants.js
@@ -82,6 +82,7 @@ var kAstI32 = 1;
 var kAstI64 = 2;
 var kAstF32 = 3;
 var kAstF64 = 4;
+var kAstS128 = 5;

 var kExternalFunction = 0;
 var kExternalTable = 1;
@@ -106,6 +107,7 @@ var kSig_v_iii = makeSig([kAstI32, kAstI32, kAstI32], []);
 var kSig_v_d = makeSig([kAstF64], []);
 var kSig_v_dd = makeSig([kAstF64, kAstF64], []);
 var kSig_v_ddi = makeSig([kAstF64, kAstF64, kAstI32], []);
+var kSig_s_v = makeSig([], [kAstS128]);

 function makeSig(params, results) {
  return {params: params, results: results};