Closed
Bug 1459893
Opened 7 years ago
Closed 7 years ago
Wasm: memory.fill and memory.copy: add validation code and test cases
Categories
(Core :: JavaScript Engine: JIT, enhancement)
Core
JavaScript Engine: JIT
Tracking
()
RESOLVED
FIXED
mozilla62
| Tracking | Status | |
|---|---|---|
| firefox62 | --- | fixed |
People
(Reporter: jseward, Assigned: jseward)
References
Details
Attachments
(1 file)
|
5.52 KB,
patch
|
lth
:
review+
|
Details | Diff | Splinter Review |
Bug 1446930 added a baseline implementation of memory.fill/copy, and
runtime test cases for them, but missed out validation code and test
cases for them. This is a followup, to add those missing elements.
|
Assignee | |
Comment 1•7 years ago
|
||
|
|
Assignee | |
Updated•7 years ago
|
Attachment #8973990 -
Flags: review?(lhansen)
|
||
Comment 2•7 years ago
|
||
Comment on attachment 8973990 [details] [diff] [review]
bug1459893-bulkmem-validation-2.diff
Review of attachment 8973990 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/src/jit-test/tests/wasm/memory-bulk.js
@@ +91,5 @@
> + bodySection(
> + [funcBody(
> + {locals:[],
> + body:[0x41, 0x0, 0x41, 0x0, 0x41, 0x0, // 3 x const.i32 0
> + MiscPrefix, opcode]})])]);
Sweet.
::: js/src/wasm/WasmValidate.cpp
@@ +820,5 @@
> +#ifdef ENABLE_WASM_BULKMEM_OPS
> + case uint16_t(MiscOp::MemCopy):
> + CHECK(iter.readMemCopy(ValType::I32, ¬hing, ¬hing, ¬hing));
> + case uint16_t(MiscOp::MemFill):
> + CHECK(iter.readMemFill(ValType::I32, ¬hing, ¬hing, ¬hing));
This is fine, though I wonder whether the argType argument (here I32) is really needed at all. When would it ever be different?
Attachment #8973990 -
Flags: review?(lhansen) → review+
|
|
Assignee | |
Comment 3•7 years ago
|
||
(In reply to Lars T Hansen [:lth] from comment #2)
Thanks for the review.
> ::: js/src/wasm/WasmValidate.cpp
> @@ +820,5 @@
> > +#ifdef ENABLE_WASM_BULKMEM_OPS
> > + case uint16_t(MiscOp::MemCopy):
> > + CHECK(iter.readMemCopy(ValType::I32, ¬hing, ¬hing, ¬hing));
> > + case uint16_t(MiscOp::MemFill):
> > + CHECK(iter.readMemFill(ValType::I32, ¬hing, ¬hing, ¬hing));
>
> This is fine, though I wonder whether the argType argument (here I32) is
> really needed at all. When would it ever be different?
Yeah, good point. It might be different at some point in the future if we
implement 64 bit memories, and/or the committee changes any of the arguments,
eg to a base+offset form. But for now it's irrelevant complexity, so I have
removed it.
Pushed by jseward@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/c81dfed2fa9f
Wasm: memory.fill and memory.copy: add validation code and test cases. r=lth.
|
||
Comment 5•7 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox62:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
|
||
Comment 6•7 years ago
|
||
To wit: using wasmEvalText is not only about code conciseness. It's indeed equivalent to x => new W.Instance(new W.Module(wasmTextToBinary(x))), but it also checks that WebAssembly.validate is consistent with the return value of new W.Module(). So using it in the first place would prevent to forget to update the validation algorithm. For next time :)
|
||
Updated•7 years ago
|
Assignee: nobody → jseward
You need to log in
before you can comment on or make changes to this bug.
Description
•