AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[wasm] Register protected instructions after deserialization

Browse Source 
R=mstarzinger@chromium.org

Bug: chromium:856938
Change-Id: I57699de23b5c35a531c7601fd14a91f075abb0da
Reviewed-on: https://chromium-review.googlesource.com/1117182
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54085}
This commit is contained in:
Clemens Hammacher 2018-06-28 11:50:01 +02:00 committed by Commit Bot
parent 37ca8c3d2d
commit 15428f19f2
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/wasm/wasm-code-manager.cc
View File

@ -539,7 +539,7 @@ WasmCode* NativeModule::AddCode(
}
}
if (use_trap_handler_) {
if (!ret->protected_instructions_.is_empty()) {
ret->RegisterTrapHandlerData();
}
set_code(index, ret);
@ -568,6 +568,9 @@ WasmCode* NativeModule::AddDeserializedCode(
std::move(reloc_info), std::move(source_position_table),
WasmCode::kFunction, tier, WasmCode::kNoFlushICache);
if (!code->protected_instructions_.is_empty()) {
code->RegisterTrapHandlerData();
}
set_code(index, code);
PatchJumpTable(index, code->instruction_start(), WasmCode::kFlushICache);
// Note: we do not flush the i-cache here, since the code needs to be

32
test/mjsunit/wasm/compiled-module-serialization.js
View File

@ -8,6 +8,7 @@ load("test/mjsunit/wasm/wasm-constants.js");
load("test/mjsunit/wasm/wasm-module-builder.js");
(function SerializeAndDeserializeModule() {
print(arguments.callee.name);
var builder = new WasmModuleBuilder();
builder.addImportedMemory("", "memory", 1);
var kSig_v_i = makeSig([kWasmI32], []);
@ -75,6 +76,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function DeserializeInvalidObject() {
print(arguments.callee.name);
var invalid_buffer = new ArrayBuffer(10);
module = %DeserializeWasmModule(invalid_buffer, invalid_buffer);
@ -82,6 +84,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function RelationBetweenModuleAndClone() {
print(arguments.callee.name);
let builder = new WasmModuleBuilder();
builder.addFunction("main", kSig_i_v)
.addBody([kExprI32Const, 42])
@ -99,6 +102,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function SerializeWrappersWithSameSignature() {
print(arguments.callee.name);
let builder = new WasmModuleBuilder();
builder.addFunction("main", kSig_i_v)
.addBody([kExprI32Const, 42])
@ -119,6 +123,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function SerializeAfterInstantiation() {
print(arguments.callee.name);
let builder = new WasmModuleBuilder();
builder.addFunction("main", kSig_i_v)
.addBody([kExprI32Const, 42])
@ -141,6 +146,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
(function SerializeAfterInstantiationWithMemory() {
print(arguments.callee.name);
let builder = new WasmModuleBuilder();
builder.addImportedMemory("", "memory", 1);
builder.addFunction("main", kSig_i_v)
@ -164,6 +170,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function GlobalsArePrivateBetweenClones() {
print(arguments.callee.name);
var builder = new WasmModuleBuilder();
builder.addGlobal(kWasmI32, true);
builder.addFunction("read", kSig_i_v)
@ -191,6 +198,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function SharedTableTest() {
print(arguments.callee.name);
let kTableSize = 3;
var sig_index1;
@ -264,6 +272,7 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
})();
(function StackOverflowAfterSerialization() {
print(arguments.callee.name);
const builder = new WasmModuleBuilder();
var fun = builder.addFunction('main', kSig_v_v);
fun.addBody([kExprCallFunction, fun.index]);
@ -277,3 +286,26 @@ load("test/mjsunit/wasm/wasm-module-builder.js");
assertThrows(instance.exports.main, RangeError);
})();
(function TrapAfterDeserialization() {
print(arguments.callee.name);
function GenerateSerializedModule() {
const builder = new WasmModuleBuilder();
builder.addMemory(1, 1);
builder.addFunction('main', kSig_i_i)
.addBody([kExprGetLocal, 0, kExprI32LoadMem, 0, 0])
.exportFunc();
const wire_bytes = builder.toBuffer();
const module = new WebAssembly.Module(wire_bytes);
const buffer = %SerializeWasmModule(module);
return [wire_bytes, buffer];
}
const [wire_bytes, buffer] = GenerateSerializedModule();
module = %DeserializeWasmModule(buffer, wire_bytes);
const instance = new WebAssembly.Instance(module);
assertEquals(0, instance.exports.main(0));
assertEquals(0, instance.exports.main(kPageSize - 4));
assertTraps(
kTrapMemOutOfBounds, _ => instance.exports.main(kPageSize - 3));
})();