57b14b0606
The wasm specification does not fully specify the binary representation of NaN: the sign bit can be non-deterministic. The wasm-code fuzzer found a test case where the wasm interpreter and the compiled code produce a different sign bit for a NaN, and as a consequence they produce different results. With this CL the interpreter tracks whether it executed an instruction which can produce a NaN, which are div and sqrt instructions. The fuzzer uses this information and compares the result of the interpreter with the result of the compiled code only if there was no instruction which could have produced a NaN. R=titzer@chromium.org TEST=cctest/test-run-wasm-interpreter/TestMayProduceNaN BUG=chromium:657481 Review-Url: https://chromiumcodereview.appspot.com/2438603003 Cr-Commit-Position: refs/heads/master@{#40474}
67 lines
2.8 KiB
C++
67 lines
2.8 KiB
C++
// Copyright 2016 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#ifndef V8_WASM_MODULE_RUNNER_H_
|
|
#define V8_WASM_MODULE_RUNNER_H_
|
|
|
|
#include "src/handles.h"
|
|
#include "src/isolate.h"
|
|
#include "src/objects.h"
|
|
#include "src/wasm/wasm-interpreter.h"
|
|
#include "src/wasm/wasm-module.h"
|
|
#include "src/wasm/wasm-result.h"
|
|
#include "src/zone/zone.h"
|
|
|
|
namespace v8 {
|
|
namespace internal {
|
|
namespace wasm {
|
|
namespace testing {
|
|
|
|
// Decodes the given encoded module.
|
|
const WasmModule* DecodeWasmModuleForTesting(Isolate* isolate,
|
|
ErrorThrower* thrower,
|
|
const byte* module_start,
|
|
const byte* module_end,
|
|
ModuleOrigin origin);
|
|
|
|
// Instantiates a module without any imports and exports.
|
|
const Handle<JSObject> InstantiateModuleForTesting(Isolate* isolate,
|
|
ErrorThrower* thrower,
|
|
const WasmModule* module);
|
|
|
|
int32_t CallWasmFunctionForTesting(Isolate* isolate, Handle<JSObject> instance,
|
|
ErrorThrower* thrower, const char* name,
|
|
int argc, Handle<Object> argv[],
|
|
ModuleOrigin origin);
|
|
|
|
// Decode, verify, and run the function labeled "main" in the
|
|
// given encoded module. The module should have no imports.
|
|
int32_t CompileAndRunWasmModule(Isolate* isolate, const byte* module_start,
|
|
const byte* module_end, ModuleOrigin origin);
|
|
|
|
// Interprets the given module, starting at the function specified by
|
|
// {function_index}. The return type of the function has to be int32. The module
|
|
// should not have any imports or exports
|
|
int32_t InterpretWasmModule(Isolate* isolate, ErrorThrower* thrower,
|
|
const WasmModule* module, int function_index,
|
|
WasmVal* args, bool* may_produced_nan);
|
|
|
|
// Compiles WasmModule bytes and return an instance of the compiled module.
|
|
const Handle<JSObject> CompileInstantiateWasmModuleForTesting(
|
|
Isolate* isolate, ErrorThrower* thrower, const byte* module_start,
|
|
const byte* module_end, ModuleOrigin origin);
|
|
|
|
// Runs the module instance with arguments.
|
|
int32_t RunWasmModuleForTesting(Isolate* isolate, Handle<JSObject> instance,
|
|
int argc, Handle<Object> argv[],
|
|
ModuleOrigin origin);
|
|
// Install function map, module symbol for testing
|
|
void SetupIsolateForWasmModule(Isolate* isolate);
|
|
} // namespace testing
|
|
} // namespace wasm
|
|
} // namespace internal
|
|
} // namespace v8
|
|
|
|
#endif // V8_WASM_MODULE_RUNNER_H_
|