Commit b2f094bf authored by Andreas Haas's avatar Andreas Haas Committed by Commit Bot

[wasm] Add AtomicLoad and AtomicStore to the fuzzer

I also fixed one issue in the wasm interpreter.

R=clemensb@chromium.org

Bug: v8:10180
Change-Id: Ie30e908ad051a27fa611e8d36134b67aaf4c830c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000741
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65764}
parent 3352fcc9
......@@ -1735,10 +1735,14 @@ class ThreadImpl {
if (val) *val = static_cast<type>(Pop().to<op_type>());
uint32_t index = Pop().to<uint32_t>();
*address = BoundsCheckMem<type>(imm.offset, index);
if (!address) {
if (!*address) {
DoTrap(kTrapMemOutOfBounds, pc);
return false;
}
if (!IsAligned(*address, sizeof(type))) {
DoTrap(kTrapUnalignedAccess, pc);
return false;
}
*len = 2 + imm.length;
return true;
}
......
......@@ -88,6 +88,12 @@ void WasmFunctionBuilder::EmitCode(const byte* code, uint32_t code_size) {
void WasmFunctionBuilder::Emit(WasmOpcode opcode) { body_.write_u8(opcode); }
void WasmFunctionBuilder::EmitWithPrefix(WasmOpcode opcode) {
DCHECK_NE(0, opcode & 0xff00);
body_.write_u8(opcode >> 8);
body_.write_u8(opcode);
}
void WasmFunctionBuilder::EmitWithU8(WasmOpcode opcode, const byte immediate) {
body_.write_u8(opcode);
body_.write_u8(immediate);
......
......@@ -162,6 +162,7 @@ class V8_EXPORT_PRIVATE WasmFunctionBuilder : public ZoneObject {
void EmitU32V(uint32_t val);
void EmitCode(const byte* code, uint32_t code_size);
void Emit(WasmOpcode opcode);
void EmitWithPrefix(WasmOpcode opcode);
void EmitGetLocal(uint32_t index);
void EmitSetLocal(uint32_t index);
void EmitTeeLocal(uint32_t index);
......
......@@ -179,6 +179,8 @@ class WasmGenerator {
case kExprF64LoadMem:
case kExprI64StoreMem:
case kExprF64StoreMem:
case kExprI64AtomicStore:
case kExprI64AtomicLoad:
return 3;
case kExprI32LoadMem:
case kExprI64LoadMem32S:
......@@ -187,6 +189,10 @@ class WasmGenerator {
case kExprI32StoreMem:
case kExprI64StoreMem32:
case kExprF32StoreMem:
case kExprI32AtomicStore:
case kExprI64AtomicStore32U:
case kExprI32AtomicLoad:
case kExprI64AtomicLoad32U:
return 2;
case kExprI32LoadMem16S:
case kExprI32LoadMem16U:
......@@ -194,6 +200,10 @@ class WasmGenerator {
case kExprI64LoadMem16U:
case kExprI32StoreMem16:
case kExprI64StoreMem16:
case kExprI32AtomicStore16U:
case kExprI64AtomicStore16U:
case kExprI32AtomicLoad16U:
case kExprI64AtomicLoad16U:
return 1;
case kExprI32LoadMem8S:
case kExprI32LoadMem8U:
......@@ -201,6 +211,10 @@ class WasmGenerator {
case kExprI64LoadMem8U:
case kExprI32StoreMem8:
case kExprI64StoreMem8:
case kExprI32AtomicStore8U:
case kExprI64AtomicStore8U:
case kExprI32AtomicLoad8U:
case kExprI64AtomicLoad8U:
return 0;
default:
return 0;
......@@ -215,7 +229,12 @@ class WasmGenerator {
// Generate the index and the arguments, if any.
Generate<kWasmI32, arg_types...>(data);
if ((memory_op & 0xfe00) == 0xfe00) {
// This is an atomic-load or atomic-store.
builder_->EmitWithPrefix(memory_op);
} else {
builder_->Emit(memory_op);
}
builder_->EmitU32V(align);
builder_->EmitU32V(offset);
}
......@@ -513,6 +532,13 @@ void WasmGenerator::Generate<kWasmStmt>(DataRange* data) {
&WasmGenerator::memop<kExprI64StoreMem32, kWasmI64>,
&WasmGenerator::memop<kExprF32StoreMem, kWasmF32>,
&WasmGenerator::memop<kExprF64StoreMem, kWasmF64>,
&WasmGenerator::memop<kExprI32AtomicStore, kWasmI32>,
&WasmGenerator::memop<kExprI32AtomicStore8U, kWasmI32>,
&WasmGenerator::memop<kExprI32AtomicStore16U, kWasmI32>,
&WasmGenerator::memop<kExprI64AtomicStore, kWasmI64>,
&WasmGenerator::memop<kExprI64AtomicStore8U, kWasmI64>,
&WasmGenerator::memop<kExprI64AtomicStore16U, kWasmI64>,
&WasmGenerator::memop<kExprI64AtomicStore32U, kWasmI64>,
&WasmGenerator::drop,
......@@ -607,6 +633,9 @@ void WasmGenerator::Generate<kWasmI32>(DataRange* data) {
&WasmGenerator::memop<kExprI32LoadMem8U>,
&WasmGenerator::memop<kExprI32LoadMem16S>,
&WasmGenerator::memop<kExprI32LoadMem16U>,
&WasmGenerator::memop<kExprI32AtomicLoad>,
&WasmGenerator::memop<kExprI32AtomicLoad8U>,
&WasmGenerator::memop<kExprI32AtomicLoad16U>,
&WasmGenerator::current_memory,
&WasmGenerator::grow_memory,
......@@ -678,6 +707,10 @@ void WasmGenerator::Generate<kWasmI64>(DataRange* data) {
&WasmGenerator::memop<kExprI64LoadMem16U>,
&WasmGenerator::memop<kExprI64LoadMem32S>,
&WasmGenerator::memop<kExprI64LoadMem32U>,
&WasmGenerator::memop<kExprI64AtomicLoad>,
&WasmGenerator::memop<kExprI64AtomicLoad8U>,
&WasmGenerator::memop<kExprI64AtomicLoad16U>,
&WasmGenerator::memop<kExprI64AtomicLoad32U>,
&WasmGenerator::get_local<kWasmI64>,
&WasmGenerator::tee_local<kWasmI64>,
......@@ -886,6 +919,8 @@ class WasmCompileFuzzer : public WasmExecutionFuzzer {
}
builder.SetMaxMemorySize(32);
// We enable shared memory to be able to test atomics.
builder.SetHasSharedMemory();
builder.WriteTo(buffer);
*num_args = 3;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment