Commit 930142e8 authored by gdeepti's avatar gdeepti Committed by Commit bot

[wasm] Update table bounds when module is instantiated with a table import

When WebAssembly.Table initial size is greater than the declared initial size, table size references should be updated on instantiate for functions to be called at indices greater than the declared initial size.

R=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2661773002
Cr-Commit-Position: refs/heads/master@{#42781}
parent 3903817e
...@@ -2123,6 +2123,13 @@ class WasmInstanceBuilder { ...@@ -2123,6 +2123,13 @@ class WasmInstanceBuilder {
table_instance.signature_table->set(i, table_instance.signature_table->set(i,
Smi::FromInt(kInvalidSigIndex)); Smi::FromInt(kInvalidSigIndex));
} }
} else {
// Table is imported, patch table bounds check
DCHECK(table_size <= table_instance.function_table->length());
if (table_size < table_instance.function_table->length()) {
RelocateTableSizeReferences(code_table, table_size,
table_instance.function_table->length());
}
} }
new_function_tables->set(static_cast<int>(index), new_function_tables->set(static_cast<int>(index),
......
...@@ -477,3 +477,49 @@ function js_div(a, b) { return (a / b) | 0; } ...@@ -477,3 +477,49 @@ function js_div(a, b) { return (a / b) | 0; }
assertThrows(() => builder.instantiate({t: {t: new WebAssembly.Table( assertThrows(() => builder.instantiate({t: {t: new WebAssembly.Table(
{element: "anyfunc", initial: 1})}})); {element: "anyfunc", initial: 1})}}));
})(); })();
(function TableImportLargerThanCompiled() {
print("TableImportLargerThanCompiled...");
var kMaxSize = 30, kInitSize = 5;
var builder = new WasmModuleBuilder();
builder.addImportedTable("x", "table", 1, 35);
let table = new WebAssembly.Table({element: "anyfunc",
initial: kInitSize, maximum: kMaxSize});
let module = new WebAssembly.Module(builder.toBuffer());
let instance = new WebAssembly.Instance(module, {x: {base: 1, table: table}});
for (var i = 0; i < kInitSize; ++i) table.set(i, null);
for (var i = 0; i < kInitSize; ++i) assertEquals(null, table.get(i));
assertThrows(() => table.set(kInitSize, null));
})();
(function ModulesShareTableAndGrow() {
print("ModulesShareTableAndGrow...");
let module1 = (() => {
let builder = new WasmModuleBuilder();
builder.addImportedTable("x", "table", 1, 35);
return new WebAssembly.Module(builder.toBuffer());
})();
let module2 = (() => {
let builder = new WasmModuleBuilder();
builder.addImportedTable("x", "table", 2, 40);
return new WebAssembly.Module(builder.toBuffer());
})();
var kMaxSize = 30, kInitSize = 5;
let table = new WebAssembly.Table({element: "anyfunc",
initial: kInitSize, maximum: kMaxSize});
let instance1 = new WebAssembly.Instance(
module1, {x: {base: 1, table: table}});
let instance2 = new WebAssembly.Instance(
module2, {x: {base: 1, table: table}});
for (var i = 0; i < kInitSize; ++i) table.set(i, null);
for (var i = 0; i < kInitSize; ++i) assertEquals(null, table.get(i));
assertThrows(() => table.set(kInitSize, null));
assertEquals(kInitSize, table.grow(5));
for (var i = 0; i < 2*kInitSize; ++i) table.set(i, null);
for (var i = 0; i < 2*kInitSize; ++i) assertEquals(null, table.get(i));
assertThrows(() => table.set(2*kInitSize, null));
// Try to grow past imported maximum
assertThrows(() => table.grow(21));
})();
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment