Skip to content

V
V8
Commit e6961df2 authored by Martyn Capewell's avatar Martyn Capewell Committed by V8 LUCI CQ
Browse files
Options

[wasm][liftoff][arm][arm64] Detect NaNs for fuzzing 

Instrument floating-point operations to set a flag if the result is NaN.

Port: e699762e
Bug: v8:11856
Change-Id: Iae8121dd17ae8acf402ac74e41122cad77387db7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3099945Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/main@{#76605}
parent 23b9d13b
Hide whitespace changes
Inline Side-by-side
Showing with 70 additions and 34 deletions
src/codegen/arm/assembler-arm.cc
View file @ e6961df2
......@@ -4786,7 +4786,7 @@ static Instr EncodeNeonPairwiseOp(NeonPairwiseOp op, NeonDataType dt,
void Assembler::vpadd(DwVfpRegister dst, DwVfpRegister src1,
DwVfpRegister src2) {
DCHECK(IsEnabled(NEON));
// Dd = vpadd(Dn, Dm) SIMD integer pairwise ADD.
// Dd = vpadd(Dn, Dm) SIMD floating point pairwise ADD.
// Instruction details available in ARM DDI 0406C.b, A8-982.
int vd, d;
dst.split_code(&vd, &d);
......
src/codegen/arm64/macro-assembler-arm64.h
View file @ e6961df2
......@@ -1192,6 +1192,29 @@ class V8_EXPORT_PRIVATE TurboAssembler : public TurboAssemblerBase {
LSPAIR_MACRO_LIST(DECLARE_FUNCTION)
#undef DECLARE_FUNCTION
void St1(const VRegister& vt, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const VRegister& vt3,
const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, vt3, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const VRegister& vt3,
const VRegister& vt4, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, vt3, vt4, dst);
}
void St1(const VRegister& vt, int lane, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, lane, dst);
}
#define NEON_2VREG_SHIFT_MACRO_LIST(V) \
V(rshrn, Rshrn) \
V(rshrn2, Rshrn2) \
......@@ -1658,28 +1681,6 @@ class V8_EXPORT_PRIVATE MacroAssembler : public TurboAssembler {
DCHECK(allow_macro_instructions());
ld4r(vt, vt2, vt3, vt4, src);
}
void St1(const VRegister& vt, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const VRegister& vt3,
const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, vt3, dst);
}
void St1(const VRegister& vt, const VRegister& vt2, const VRegister& vt3,
const VRegister& vt4, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, vt2, vt3, vt4, dst);
}
void St1(const VRegister& vt, int lane, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st1(vt, lane, dst);
}
void St2(const VRegister& vt, const VRegister& vt2, const MemOperand& dst) {
DCHECK(allow_macro_instructions());
st2(vt, vt2, dst);
......
src/wasm/baseline/arm/liftoff-assembler-arm.h
View file @ e6961df2
......@@ -4262,14 +4262,34 @@ void LiftoffAssembler::MaybeOSR() {}
void LiftoffAssembler::emit_set_if_nan(Register dst, DoubleRegister src,
ValueKind kind) {
UNIMPLEMENTED();
if (kind == kF32) {
FloatRegister src_f = liftoff::GetFloatRegister(src);
VFPCompareAndSetFlags(src_f, src_f);
} else {
DCHECK_EQ(kind, kF64);
VFPCompareAndSetFlags(src, src);
}
// Store a non-zero value if src is NaN.
str(dst, MemOperand(dst), ne); // x != x iff isnan(x)
}
void LiftoffAssembler::emit_s128_set_if_nan(Register dst, LiftoffRegister src,
Register tmp_gp,
LiftoffRegister tmp_s128,
ValueKind lane_kind) {
UNIMPLEMENTED();
QwNeonRegister src_q = liftoff::GetSimd128Register(src);
QwNeonRegister tmp_q = liftoff::GetSimd128Register(tmp_s128);
if (lane_kind == kF32) {
vpadd(tmp_q.low(), src_q.low(), src_q.high());
LowDwVfpRegister tmp_d =
LowDwVfpRegister::from_code(tmp_s128.low_fp().code());
vadd(tmp_d.low(), tmp_d.low(), tmp_d.high());
} else {
DCHECK_EQ(lane_kind, kF64);
vadd(tmp_q.low(), src_q.low(), src_q.high());
}
emit_set_if_nan(dst, tmp_q.low(), lane_kind);
}
void LiftoffStackSlots::Construct(int param_slots) {
......
src/wasm/baseline/arm64/liftoff-assembler-arm64.h
View file @ e6961df2
......@@ -3249,14 +3249,35 @@ void LiftoffAssembler::MaybeOSR() {}
void LiftoffAssembler::emit_set_if_nan(Register dst, DoubleRegister src,
ValueKind kind) {
UNIMPLEMENTED();
Label not_nan;
if (kind == kF32) {
Fcmp(src.S(), src.S());
B(eq, &not_nan); // x != x iff isnan(x)
// If it's a NaN, it must be non-zero, so store that as the set value.
Str(src.S(), MemOperand(dst));
} else {
DCHECK_EQ(kind, kF64);
Fcmp(src.D(), src.D());
B(eq, &not_nan); // x != x iff isnan(x)
// Double-precision NaNs must be non-zero in the most-significant 32
// bits, so store that.
St1(src.V4S(), 1, MemOperand(dst));
}
Bind(&not_nan);
}
void LiftoffAssembler::emit_s128_set_if_nan(Register dst, LiftoffRegister src,
Register tmp_gp,
LiftoffRegister tmp_s128,
ValueKind lane_kind) {
UNIMPLEMENTED();
DoubleRegister tmp_fp = tmp_s128.fp();
if (lane_kind == kF32) {
Fmaxv(tmp_fp.S(), src.fp().V4S());
} else {
DCHECK_EQ(lane_kind, kF64);
Fmaxp(tmp_fp.D(), src.fp().V2D());
}
emit_set_if_nan(dst, tmp_fp, lane_kind);
}
void LiftoffStackSlots::Construct(int param_slots) {
......
src/wasm/baseline/liftoff-assembler.h
View file @ e6961df2
......@@ -1456,7 +1456,7 @@ class LiftoffAssembler : public TurboAssembler {
// Instrumentation for shadow-stack-compatible OSR on x64.
inline void MaybeOSR();
// Set the i32 at address dst to 1 if src is a NaN.
// Set the i32 at address dst to a non-zero value if src is a NaN.
inline void emit_set_if_nan(Register dst, DoubleRegister src, ValueKind kind);
// Set the i32 at address dst to a non-zero value if src contains a NaN.
......
test/cctest/cctest.status
View file @ e6961df2
......@@ -175,9 +175,6 @@
# BUG(v8:3434).
'test-api/LoadICFastApi_DirectCall_GCMoveStubWithProfiler': [SKIP],
# TODO(11856): Port nondeterminism detection.
'test-liftoff-for-fuzzing/*': [SKIP],
}], # 'arch == arm64'
['arch == arm64 and simulator_run', {
......@@ -336,9 +333,6 @@
'test-serialize/StartupSerializerTwice': [SKIP],
'test-serialize/StartupSerializerOnceRunScript': [SKIP],
'test-serialize/StartupSerializerTwiceRunScript': [SKIP],
# TODO(11856): Port nondeterminism detection.
'test-liftoff-for-fuzzing/*': [SKIP],
}], # 'arch == arm'
##############################################################################
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment