Diff
Modified: branches/safari-603-branch/JSTests/ChangeLog (210408 => 210409)
--- branches/safari-603-branch/JSTests/ChangeLog 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/JSTests/ChangeLog 2017-01-06 01:48:11 UTC (rev 210409)
@@ -1,5 +1,21 @@
2017-01-05 Matthew Hanson <matthew_han...@apple.com>
+ Merge r210111. rdar://problem/29791695
+
+ 2016-12-22 Keith Miller <keith_mil...@apple.com>
+
+ WebAssembly: The validator should not allow unused stack entries at the end of a block
+ https://bugs.webkit.org/show_bug.cgi?id=166411
+
+ Reviewed by Saam Barati.
+
+ Test cleanup and enable new passing tests.
+
+ * wasm.yaml:
+ * wasm/function-tests/br-if-as-return.js:
+
+2017-01-05 Matthew Hanson <matthew_han...@apple.com>
+
Merge r210102. rdar://problem/29784532
2016-12-22 Saam Barati <sbar...@apple.com>
Modified: branches/safari-603-branch/JSTests/wasm/function-tests/br-if-as-return.js (210408 => 210409)
--- branches/safari-603-branch/JSTests/wasm/function-tests/br-if-as-return.js 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/JSTests/wasm/function-tests/br-if-as-return.js 2017-01-06 01:48:11 UTC (rev 210409)
@@ -10,12 +10,11 @@
.End()
.Code()
.Function("br1", { params: [], ret: "i32" })
- .Block("void", b => {
+ .Block("i32", b => {
return b.I32Const(0)
.I32Const(1)
.BrIf(1)
})
- .Unreachable()
.End()
.Function("br0", { params: [], ret: "i32" })
Modified: branches/safari-603-branch/JSTests/wasm.yaml (210408 => 210409)
--- branches/safari-603-branch/JSTests/wasm.yaml 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/JSTests/wasm.yaml 2017-01-06 01:48:11 UTC (rev 210409)
@@ -35,13 +35,13 @@
cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/block.wast.js
- cmd: runWebAssemblySpecTest :skip
+ cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/br.wast.js
cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/br_if.wast.js
- cmd: runWebAssemblySpecTest :skip
+ cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/br_table.wast.js
cmd: runWebAssemblySpecTest :normal
@@ -101,7 +101,7 @@
cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/func.wast.js
- cmd: runWebAssemblySpecTest :skip
+ cmd: runWebAssemblySpecTest :normal
- path: wasm/spec-tests/func_ptrs.wast.js
cmd: runWebAssemblySpecTest :skip
Modified: branches/safari-603-branch/Source/_javascript_Core/ChangeLog (210408 => 210409)
--- branches/safari-603-branch/Source/_javascript_Core/ChangeLog 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/Source/_javascript_Core/ChangeLog 2017-01-06 01:48:11 UTC (rev 210409)
@@ -1,5 +1,26 @@
2017-01-05 Matthew Hanson <matthew_han...@apple.com>
+ Merge r210111. rdar://problem/29791695
+
+ 2016-12-22 Keith Miller <keith_mil...@apple.com>
+
+ WebAssembly: The validator should not allow unused stack entries at the end of a block
+ https://bugs.webkit.org/show_bug.cgi?id=166411
+
+ Reviewed by Saam Barati.
+
+ This patch also cleans up some of the verbose mode logging.
+
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::dumpExpressionStack):
+ (JSC::Wasm::B3IRGenerator::dump):
+ * wasm/WasmFunctionParser.h:
+ * wasm/WasmValidate.cpp:
+ (JSC::Wasm::dumpExpressionStack):
+ (JSC::Wasm::Validate::dump):
+
+2017-01-05 Matthew Hanson <matthew_han...@apple.com>
+
Merge r210102. rdar://problem/29784532
2016-12-22 Saam Barati <sbar...@apple.com>
Modified: branches/safari-603-branch/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp (210408 => 210409)
--- branches/safari-603-branch/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2017-01-06 01:48:11 UTC (rev 210409)
@@ -199,7 +199,7 @@
PartialResult WARN_UNUSED_RETURN addCallIndirect(const Signature*, SignatureIndex, Vector<ExpressionType>& args, ExpressionType& result);
PartialResult WARN_UNUSED_RETURN addUnreachable();
- void dump(const Vector<ControlEntry>& controlStack, const ExpressionList& expressionStack);
+ void dump(const Vector<ControlEntry>& controlStack, const ExpressionList* expressionStack);
void emitExceptionCheck(CCallHelpers&, ExceptionType);
@@ -803,28 +803,26 @@
static void dumpExpressionStack(const CommaPrinter& comma, const B3IRGenerator::ExpressionList& expressionStack)
{
- dataLogLn(comma, "ExpressionStack:");
+ dataLog(comma, "ExpressionStack:");
for (const auto& _expression_ : expressionStack)
- dataLogLn(comma, *_expression_);
+ dataLog(comma, *_expression_);
}
-void B3IRGenerator::dump(const Vector<ControlEntry>& controlStack, const ExpressionList& expressionStack)
+void B3IRGenerator::dump(const Vector<ControlEntry>& controlStack, const ExpressionList* expressionStack)
{
dataLogLn("Processing Graph:");
dataLog(m_proc);
dataLogLn("With current block:", *m_currentBlock);
dataLogLn("Control stack:");
- for (auto& data : controlStack) {
- dataLogLn(" ", data.controlData);
- if (data.enclosedExpressionStack.size()) {
- CommaPrinter comma(" ", " with ");
- dumpExpressionStack(comma, data.enclosedExpressionStack);
- }
+ ASSERT(controlStack.size());
+ for (size_t i = controlStack.size(); i--;) {
+ dataLog(" ", controlStack[i].controlData, ": ");
+ CommaPrinter comma(", ", "");
+ dumpExpressionStack(comma, *expressionStack);
+ expressionStack = &controlStack[i].enclosedExpressionStack;
+ dataLogLn();
}
-
- CommaPrinter comma(" ", "");
- dumpExpressionStack(comma, expressionStack);
- dataLogLn("\n");
+ dataLogLn();
}
static void createJSToWasmWrapper(VM& vm, CompilationContext& compilationContext, WasmInternalFunction& function, const Signature* signature, const MemoryInformation& memory)
Modified: branches/safari-603-branch/Source/_javascript_Core/wasm/WasmFunctionParser.h (210408 => 210409)
--- branches/safari-603-branch/Source/_javascript_Core/wasm/WasmFunctionParser.h 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/Source/_javascript_Core/wasm/WasmFunctionParser.h 2017-01-06 01:48:11 UTC (rev 210409)
@@ -134,7 +134,7 @@
if (verbose) {
dataLogLn("processing op (", m_unreachableBlocks, "): ", RawPointer(reinterpret_cast<void*>(op)), ", ", makeString(static_cast<OpType>(op)), " at offset: ", RawPointer(reinterpret_cast<void*>(m_offset)));
- m_context.dump(m_controlStack, m_expressionStack);
+ m_context.dump(m_controlStack, &m_expressionStack);
}
if (m_unreachableBlocks)
@@ -389,7 +389,7 @@
}
case Else: {
- WASM_PARSER_FAIL_IF(m_controlStack.isEmpty(), "can't use else block at the top-level of a function");
+ WASM_PARSER_FAIL_IF(m_controlStack.size() == 1, "can't use else block at the top-level of a function");
WASM_TRY_ADD_TO_CONTEXT(addElse(m_controlStack.last().controlData, m_expressionStack));
m_expressionStack.shrink(0);
return { };
Modified: branches/safari-603-branch/Source/_javascript_Core/wasm/WasmValidate.cpp (210408 => 210409)
--- branches/safari-603-branch/Source/_javascript_Core/wasm/WasmValidate.cpp 2017-01-06 01:48:07 UTC (rev 210408)
+++ branches/safari-603-branch/Source/_javascript_Core/wasm/WasmValidate.cpp 2017-01-06 01:48:11 UTC (rev 210409)
@@ -146,13 +146,12 @@
{
}
- void dump(const Vector<ControlEntry>&, const ExpressionList&);
+ void dump(const Vector<ControlEntry>&, const ExpressionList*);
private:
- Result unify(Type, Type);
- Result unify(const ExpressionList&, const ControlData&);
+ Result WARN_UNUSED_RETURN unify(const ExpressionList&, const ControlData&);
- Result checkBranchTarget(ControlData& target, const ExpressionList& expressionStack);
+ Result WARN_UNUSED_RETURN checkBranchTarget(ControlData& target, const ExpressionList& expressionStack);
Vector<Type> m_locals;
const ModuleInformation& m_module;
@@ -295,16 +294,8 @@
auto Validate::endBlock(ControlEntry& entry, ExpressionList& stack) -> Result
{
- ControlData& block = entry.controlData;
- if (block.signature() == Void)
- return { };
-
- WASM_VALIDATOR_FAIL_IF(block.type() == BlockType::If, "If-block had a non-void result type: ", block.signature(), " but had no else-block");
- WASM_VALIDATOR_FAIL_IF(stack.isEmpty(), "typed block falls through on empty stack");
- WASM_VALIDATOR_FAIL_IF(block.signature() != stack.last(), "block fallthrough doesn't match its declared type");
-
- entry.enclosedExpressionStack.append(block.signature());
- return { };
+ WASM_FAIL_IF_HELPER_FAILS(unify(stack, entry.controlData));
+ return addEndToUnreachable(entry);
}
auto Validate::addEndToUnreachable(ControlEntry& entry) -> Result
@@ -346,22 +337,35 @@
auto Validate::unify(const ExpressionList& values, const ControlType& block) -> Result
{
- ASSERT(values.size() <= 1);
- if (block.signature() == Void)
+ if (block.signature() == Void) {
+ WASM_VALIDATOR_FAIL_IF(!values.isEmpty(), "void block should end with an empty stack");
return { };
+ }
- WASM_VALIDATOR_FAIL_IF(values.isEmpty(), "non-void block ends with an empty stack");
+ WASM_VALIDATOR_FAIL_IF(values.size() != 1, "block with type: ", block.signature(), " ends with a stack containing more than one value");
WASM_VALIDATOR_FAIL_IF(values[0] != block.signature(), "control flow returns with unexpected type");
-
return { };
}
-void Validate::dump(const Vector<ControlEntry>&, const ExpressionList&)
+static void dumpExpressionStack(const CommaPrinter& comma, const Validate::ExpressionList& expressionStack)
{
- // If you need this then you should fix the validator's error messages instead...
- // Think of this as penance for the sin of bad error messages.
+ dataLog(comma, " ExpressionStack:");
+ for (const auto& _expression_ : expressionStack)
+ dataLog(comma, makeString(_expression_));
}
+void Validate::dump(const Vector<ControlEntry>& controlStack, const ExpressionList* expressionStack)
+{
+ for (size_t i = controlStack.size(); i--;) {
+ dataLog(" ", controlStack[i].controlData);
+ CommaPrinter comma(", ", "");
+ dumpExpressionStack(comma, *expressionStack);
+ expressionStack = &controlStack[i].enclosedExpressionStack;
+ dataLogLn();
+ }
+ dataLogLn();
+}
+
Expected<void, String> validateFunction(VM* vm, const uint8_t* source, size_t length, const Signature* signature, const ImmutableFunctionIndexSpace& functionIndexSpace, const ModuleInformation& module)
{
Validate context(module);
