Skip to content

V
V8
Commit 19dab886 authored by gdeepti's avatar gdeepti Committed by Commit bot
Browse files
Options

[wasm] Simd128 types should not be available in asmjs modules. 

 - Added gating code in the module-decoder to allow SIMD code only when
 it can be decoded correctly
 - SIMD128 values should not be exported to JS
 - Try/Catch should not be available in asmjs modules
 - Trivial fixes for S128  values

BUG=chromium:648079

R=ahaas@chromium.org, titzer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2400863003
Cr-Commit-Position: refs/heads/master@{#40067}
parent a78c5ea5
Hide whitespace changes
Inline Side-by-side
Showing with 349 additions and 6 deletions
src/compiler/wasm-compiler.cc
View file @ 19dab886
...@@ -206,6 +206,9 @@ class WasmTrapHelper : public ZoneObject { ...@@ -206,6 +206,9 @@ class WasmTrapHelper : public ZoneObject {
case wasm::kAstF64: case wasm::kAstF64:
return jsgraph()->Float64Constant(bit_cast<double>(0xdeadbeefdeadbeef)); return jsgraph()->Float64Constant(bit_cast<double>(0xdeadbeefdeadbeef));
break; break;
case wasm::kAstS128:
return builder_->CreateS128Value(0xdeadbeef);
break;
default: default:
UNREACHABLE(); UNREACHABLE();
return nullptr; return nullptr;
...@@ -2295,6 +2298,7 @@ Node* WasmGraphBuilder::ToJS(Node* node, wasm::LocalType type) { ...@@ -2295,6 +2298,7 @@ Node* WasmGraphBuilder::ToJS(Node* node, wasm::LocalType type) {
switch (type) { switch (type) {
case wasm::kAstI32: case wasm::kAstI32:
return BuildChangeInt32ToTagged(node); return BuildChangeInt32ToTagged(node);
case wasm::kAstS128:
case wasm::kAstI64: case wasm::kAstI64:
// Throw a TypeError. The native context is good enough here because we // Throw a TypeError. The native context is good enough here because we
// only throw a TypeError. // only throw a TypeError.
...@@ -2457,6 +2461,7 @@ Node* WasmGraphBuilder::FromJS(Node* node, Node* context, ...@@ -2457,6 +2461,7 @@ Node* WasmGraphBuilder::FromJS(Node* node, Node* context,
num); num);
break; break;
} }
case wasm::kAstS128:
case wasm::kAstI64: case wasm::kAstI64:
// Throw a TypeError. The native context is good enough here because we // Throw a TypeError. The native context is good enough here because we
// only throw a TypeError. // only throw a TypeError.
...@@ -3024,12 +3029,12 @@ void WasmGraphBuilder::SetSourcePosition(Node* node, ...@@ -3024,12 +3029,12 @@ void WasmGraphBuilder::SetSourcePosition(Node* node,
source_position_table_->SetSourcePosition(node, pos); source_position_table_->SetSourcePosition(node, pos);
} }
Node* WasmGraphBuilder::DefaultS128Value() { Node* WasmGraphBuilder::CreateS128Value(int32_t value) {
// TODO(gdeepti): Introduce Simd128Constant to common-operator.h and use // TODO(gdeepti): Introduce Simd128Constant to common-operator.h and use
// instead of creating a SIMD Value. // instead of creating a SIMD Value.
return graph()->NewNode(jsgraph()->machine()->CreateInt32x4(), return graph()->NewNode(jsgraph()->machine()->CreateInt32x4(),
Int32Constant(0), Int32Constant(0), Int32Constant(0), Int32Constant(value), Int32Constant(value),
Int32Constant(0)); Int32Constant(value), Int32Constant(value));
} }
Node* WasmGraphBuilder::SimdOp(wasm::WasmOpcode opcode, Node* WasmGraphBuilder::SimdOp(wasm::WasmOpcode opcode,
......
src/compiler/wasm-compiler.h
View file @ 19dab886
...@@ -198,7 +198,7 @@ class WasmGraphBuilder { ...@@ -198,7 +198,7 @@ class WasmGraphBuilder {
void SetSourcePosition(Node* node, wasm::WasmCodePosition position); void SetSourcePosition(Node* node, wasm::WasmCodePosition position);
Node* DefaultS128Value(); Node* CreateS128Value(int32_t value);
Node* SimdOp(wasm::WasmOpcode opcode, const NodeVector& inputs); Node* SimdOp(wasm::WasmOpcode opcode, const NodeVector& inputs);
Node* SimdExtractLane(wasm::WasmOpcode opcode, uint8_t lane, Node* input); Node* SimdExtractLane(wasm::WasmOpcode opcode, uint8_t lane, Node* input);
......
src/wasm/ast-decoder.cc
View file @ 19dab886
...@@ -32,6 +32,9 @@ namespace wasm { ...@@ -32,6 +32,9 @@ namespace wasm {
#endif #endif
#define CHECK_PROTOTYPE_OPCODE(flag) \ #define CHECK_PROTOTYPE_OPCODE(flag) \
if (module_ && module_->origin == kAsmJsOrigin) { \
error("Opcode not supported for asmjs modules"); \
} \
if (!FLAG_##flag) { \ if (!FLAG_##flag) { \
error("Invalid opcode (enable with --" #flag ")"); \ error("Invalid opcode (enable with --" #flag ")"); \
break; \ break; \
...@@ -500,7 +503,7 @@ class WasmFullDecoder : public WasmDecoder { ...@@ -500,7 +503,7 @@ class WasmFullDecoder : public WasmDecoder {
case kAstF64: case kAstF64:
return builder_->Float64Constant(0); return builder_->Float64Constant(0);
case kAstS128: case kAstS128:
return builder_->DefaultS128Value(); return builder_->CreateS128Value(0);
default: default:
UNREACHABLE(); UNREACHABLE();
return nullptr; return nullptr;
......
src/wasm/ast-decoder.h
View file @ 19dab886
...@@ -156,6 +156,9 @@ struct BlockTypeOperand { ...@@ -156,6 +156,9 @@ struct BlockTypeOperand {
case kLocalF64: case kLocalF64:
*result = kAstF64; *result = kAstF64;
return true; return true;
case kLocalS128:
*result = kAstS128;
return true;
default: default:
*result = kAstStmt; *result = kAstStmt;
return false; return false;
......
src/wasm/module-decoder.cc
View file @ 19dab886
...@@ -6,6 +6,7 @@ ...@@ -6,6 +6,7 @@
#include "src/base/functional.h" #include "src/base/functional.h"
#include "src/base/platform/platform.h" #include "src/base/platform/platform.h"
#include "src/flags.h"
#include "src/macro-assembler.h" #include "src/macro-assembler.h"
#include "src/objects.h" #include "src/objects.h"
#include "src/v8.h" #include "src/v8.h"
...@@ -932,7 +933,12 @@ class ModuleDecoder : public Decoder { ...@@ -932,7 +933,12 @@ class ModuleDecoder : public Decoder {
case kLocalF64: case kLocalF64:
return kAstF64; return kAstF64;
case kLocalS128: case kLocalS128:
return kAstS128; if (origin_ != kAsmJsOrigin && FLAG_wasm_simd_prototype) {
return kAstS128;
} else {
error(pc_ - 1, "invalid local type");
return kAstStmt;
}
default: default:
error(pc_ - 1, "invalid local type"); error(pc_ - 1, "invalid local type");
return kAstStmt; return kAstStmt;
......
test/mjsunit/regress/wasm/regression-648079.js 0 → 100644
View file @ 19dab886
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --expose-wasm
load("test/mjsunit/wasm/wasm-constants.js");
load("test/mjsunit/wasm/wasm-module-builder.js");
(function() {
"use asm";
var builder = new WasmModuleBuilder();
builder.addFunction("regression_648079", kSig_s_v)
.addBody([
// locals:
0x00,
// body:
kExprI64RemU,
kExprI64Ctz,
kExprI64LeU,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprI64Ctz,
kExprI64Ne,
kExprI64ShrS,
kExprI64GtS,
kExprI64RemU,
kExprUnreachable,
kExprI64RemU,
kExprI32Eqz,
kExprI64LeU,
kExprDrop,
kExprF32Add,
kExprI64Ior,
kExprF32CopySign,
kExprI64Ne,
kExprI64GeS,
kExprUnreachable,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprIf, 10, // @32
kExprBlock, 00, // @34
kExprBr, // depth=109
kExprI64Shl,
kExprI64LeU,
kExprI64GeS,
kExprI64Clz,
kExprF32Min,
kExprF32Eq,
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprI32Const,
kExprUnreachable,
kExprBr, // depth=101
kExprF32Div,
kExprI64GtU,
kExprI64GeS,
kExprI64Clz,
kExprSelect,
kExprI64GtS,
kExprI64RemU,
kExprI64LeU,
kExprI64Shl,
kExprI64Ctz,
kExprLoop, 01, // @63 i32
kExprElse, // @65
kExprI64LeU,
kExprI64RemU,
kExprI64Ne,
kExprI64GeS,
kExprI32Const,
kExprI64GtS,
kExprI64LoadMem32U,
kExprI64Clz,
kExprI64Shl,
kExprI64Ne,
kExprI64ShrS,
kExprI64GtS,
kExprI64DivU,
kExprI64Ne,
kExprI64GtS,
kExprI64Ne,
kExprI64Popcnt,
kExprI64DivU,
kExprI64DivU,
kExprSelect,
kExprI64Ctz,
kExprI64Popcnt,
kExprI64RemU,
kExprI64Clz,
kExprF64Sub,
kExprF32Trunc,
kExprF32Trunc,
kExprI64RemU,
kExprI64Ctz,
kExprI64LeU,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprBrIf, // depth=116
kExprF32Min,
kExprI64GtU,
kExprBlock, 01, // @107 i32
kExprTeeLocal,
kExprBlock, 01, // @111 i32
kExprBlock, 01, // @113 i32
kExprBlock, 01, // @115 i32
kExprBlock, 01, // @117 i32
kExprBlock, 01, // @119 i32
kExprBlock, 01, // @121 i32
kExprBlock, 01, // @123 i32
kExprBlock, 88, // @125
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprLoop, 40, // @131
kExprUnreachable,
kExprUnreachable,
kExprI32Add,
kExprBlock, 05, // @136
kExprUnreachable,
kExprIf, 02, // @139 i64
kExprBlock, 01, // @141 i32
kExprBrIf, // depth=16
kExprLoop, 00, // @145
kExprUnreachable,
kExprUnreachable,
kExprReturn,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprI64LoadMem16U,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprNop,
kExprBr, // depth=1
kExprElse, // @164
kExprF32Trunc,
kExprI32Add,
kExprCallIndirect, // sig #1
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprBlock, 00, // @172
kExprI64RemU,
kExprI64Ctz,
kExprI64LeU,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprDrop,
kExprI64Popcnt,
kExprF32Min,
kExprUnreachable,
kExprF64Sub,
kExprI32Const,
kExprUnreachable,
kExprGetLocal,
kExprI64LoadMem32U,
kExprUnreachable,
kExprI64RemU,
kExprI32Eqz,
kExprI64LeU,
kExprDrop,
kExprF32Add,
kExprI64Ior,
kExprF32CopySign,
kExprI64Ne,
kExprI64GeS,
kExprUnreachable,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprIf, 10, // @216
kExprBlock, 00, // @218
kExprBr, // depth=109
kExprI64Shl,
kExprI64LeU,
kExprI64GeS,
kExprI64Clz,
kExprF32Min,
kExprF32Eq,
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprF64Min,
kExprI32Const,
kExprBr, // depth=101
kExprF32Div,
kExprI64GtU,
kExprI64GeS,
kExprI64Clz,
kExprI64Popcnt,
kExprF64Lt,
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprLoop, 01, // @247 i32
kExprElse, // @249
kExprI64LeU,
kExprI64RemU,
kExprI64Ne,
kExprI64GeS,
kExprI32Const,
kExprBlock, 01, // @256 i32
kExprBlock, 01, // @258 i32
kExprBlock, 01, // @260 i32
kExprBlock, 01, // @262 i32
kExprBlock, 01, // @264 i32
kExprF32Ge,
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprLoop, 40, // @271
kExprUnreachable,
kExprUnreachable,
kExprI32Add,
kExprBlock, 01, // @276 i32
kExprUnreachable,
kExprIf, 02, // @279 i64
kExprBlock, 00, // @281
kExprBrIf, // depth=16
kExprLoop, 00, // @285
kExprUnreachable,
kExprUnreachable,
kExprReturn,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprI64LoadMem16U,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprNop,
kExprBr, // depth=1
kExprElse, // @304
kExprF32Trunc,
kExprI32Add,
kExprCallIndirect, // sig #1
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprBlock, 00, // @312
kExprI64RemU,
kExprI64Ctz,
kExprI64LeU,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprDrop,
kExprI64Popcnt,
kExprF32Min,
kExprUnreachable,
kExprF64Sub,
kExprI32Const,
kExprUnreachable,
kExprGetLocal,
kExprI64LoadMem32U,
kExprUnreachable,
kExprUnreachable,
kExprNop,
kExprBr, // depth=1
kExprElse, // @348
kExprF32Trunc,
kExprI32Add,
kExprCallIndirect, // sig #1
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprBlock, 00, // @356
kExprI64RemU,
kExprI64Ctz,
kExprI64LeU,
kExprUnreachable,
kExprUnreachable,
kExprUnreachable,
kExprDrop,
kExprI64Popcnt,
kExprF32Min,
kExprUnreachable,
kExprF64Sub,
kExprI32Const,
kExprUnreachable,
kExprGetLocal,
kExprI64LoadMem32U,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF32Trunc,
kExprF32Trunc,
kExprF32Trunc,
kExprUnreachable,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
kExprF64Min,
])
.exportFunc();
assertThrows(function() { builder.instantiate(); });
})();
test/mjsunit/wasm/wasm-constants.js
View file @ 19dab886
...@@ -82,6 +82,7 @@ var kAstI32 = 1; ...@@ -82,6 +82,7 @@ var kAstI32 = 1;
var kAstI64 = 2; var kAstI64 = 2;
var kAstF32 = 3; var kAstF32 = 3;
var kAstF64 = 4; var kAstF64 = 4;
var kAstS128 = 5;
var kExternalFunction = 0; var kExternalFunction = 0;
var kExternalTable = 1; var kExternalTable = 1;
...@@ -106,6 +107,7 @@ var kSig_v_iii = makeSig([kAstI32, kAstI32, kAstI32], []); ...@@ -106,6 +107,7 @@ var kSig_v_iii = makeSig([kAstI32, kAstI32, kAstI32], []);
var kSig_v_d = makeSig([kAstF64], []); var kSig_v_d = makeSig([kAstF64], []);
var kSig_v_dd = makeSig([kAstF64, kAstF64], []); var kSig_v_dd = makeSig([kAstF64, kAstF64], []);
var kSig_v_ddi = makeSig([kAstF64, kAstF64, kAstI32], []); var kSig_v_ddi = makeSig([kAstF64, kAstF64, kAstI32], []);
var kSig_s_v = makeSig([], [kAstS128]);
function makeSig(params, results) { function makeSig(params, results) {
return {params: params, results: results}; return {params: params, results: results};
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment