Chromium Code Reviews Chromium Code Reviews
Issue 2483053005:
[wasm] Check data segments for zero-sized memory. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 the V8 project authors. All rights reserved. | 1 // Copyright 2015 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 | 6 |
| 7 #include "src/base/atomic-utils.h" | 7 #include "src/base/atomic-utils.h" |
| 8 #include "src/code-stubs.h" | 8 #include "src/code-stubs.h" |
| 9 | 9 |
| 10 #include "src/macro-assembler.h" | 10 #include "src/macro-assembler.h" |
| (...skipping 1131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1142 | 1142 |
| 1143 uint32_t old_mem_size = compiled_module_->mem_size(); | 1143 uint32_t old_mem_size = compiled_module_->mem_size(); |
| 1144 Address old_mem_start = | 1144 Address old_mem_start = |
| 1145 compiled_module_->has_memory() | 1145 compiled_module_->has_memory() |
| 1146 ? static_cast<Address>( | 1146 ? static_cast<Address>( |
| 1147 compiled_module_->memory()->backing_store()) | 1147 compiled_module_->memory()->backing_store()) |
| 1148 : nullptr; | 1148 : nullptr; |
| 1149 RelocateMemoryReferencesInCode(code_table, old_mem_start, mem_start, | 1149 RelocateMemoryReferencesInCode(code_table, old_mem_start, mem_start, |
| 1150 old_mem_size, mem_size); | 1150 old_mem_size, mem_size); |
| 1151 compiled_module_->set_memory(memory_); | 1151 compiled_module_->set_memory(memory_); |
| 1152 } else if (!CheckDataSegmentsAreEmpty()) { | |
|
titzer
2016/11/09 17:20:31
Why not just call LoadDataSegments(nullptr, 0)?
ahaas
2016/11/10 10:26:25
Done. I also fixed another issue with non-empty me
| |
| 1153 thrower_->TypeError("data segment does not fit"); | |
| 1152 } | 1154 } |
| 1153 | 1155 |
| 1154 //-------------------------------------------------------------------------- | 1156 //-------------------------------------------------------------------------- |
| 1155 // Set up the runtime support for the new instance. | 1157 // Set up the runtime support for the new instance. |
| 1156 //-------------------------------------------------------------------------- | 1158 //-------------------------------------------------------------------------- |
| 1157 Handle<WeakCell> weak_link = factory->NewWeakCell(instance); | 1159 Handle<WeakCell> weak_link = factory->NewWeakCell(instance); |
| 1158 | 1160 |
| 1159 for (int i = num_imported_functions + FLAG_skip_compiling_wasm_funcs; | 1161 for (int i = num_imported_functions + FLAG_skip_compiling_wasm_funcs; |
| 1160 i < code_table->length(); ++i) { | 1162 i < code_table->length(); ++i) { |
| 1161 Handle<Code> code = code_table->GetValueChecked<Code>(isolate_, i); | 1163 Handle<Code> code = code_table->GetValueChecked<Code>(isolate_, i); |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1338 import_name); | 1340 import_name); |
| 1339 } | 1341 } |
| 1340 } else { | 1342 } else { |
| 1341 // No function specified. Use the "default export". | 1343 // No function specified. Use the "default export". |
| 1342 result = module; | 1344 result = module; |
| 1343 } | 1345 } |
| 1344 | 1346 |
| 1345 return result; | 1347 return result; |
| 1346 } | 1348 } |
| 1347 | 1349 |
| 1348 uint32_t EvalUint32InitExpr(WasmInitExpr& expr) { | 1350 uint32_t EvalUint32InitExpr(const WasmInitExpr& expr) { |
| 1349 switch (expr.kind) { | 1351 switch (expr.kind) { |
| 1350 case WasmInitExpr::kI32Const: | 1352 case WasmInitExpr::kI32Const: |
| 1351 return expr.val.i32_const; | 1353 return expr.val.i32_const; |
| 1352 case WasmInitExpr::kGlobalIndex: { | 1354 case WasmInitExpr::kGlobalIndex: { |
| 1353 uint32_t offset = module_->globals[expr.val.global_index].offset; | 1355 uint32_t offset = module_->globals[expr.val.global_index].offset; |
| 1354 return *reinterpret_cast<uint32_t*>(raw_buffer_ptr(globals_, offset)); | 1356 return *reinterpret_cast<uint32_t*>(raw_buffer_ptr(globals_, offset)); |
| 1355 } | 1357 } |
| 1356 default: | 1358 default: |
| 1357 UNREACHABLE(); | 1359 UNREACHABLE(); |
| 1358 return 0; | 1360 return 0; |
| 1359 } | 1361 } |
| 1360 } | 1362 } |
| 1361 | 1363 |
| 1362 // Load data segments into the memory. | 1364 // Load data segments into the memory. |
| 1363 void LoadDataSegments(Address mem_addr, size_t mem_size) { | 1365 void LoadDataSegments(Address mem_addr, size_t mem_size) { |
| 1364 Handle<SeqOneByteString> module_bytes = compiled_module_->module_bytes(); | 1366 Handle<SeqOneByteString> module_bytes = compiled_module_->module_bytes(); |
| 1365 for (auto segment : module_->data_segments) { | 1367 for (const WasmDataSegment& segment : module_->data_segments) { |
| 1366 uint32_t dest_offset = EvalUint32InitExpr(segment.dest_addr); | 1368 uint32_t dest_offset = EvalUint32InitExpr(segment.dest_addr); |
| 1367 uint32_t source_size = segment.source_size; | 1369 uint32_t source_size = segment.source_size; |
| 1368 if (dest_offset >= mem_size || source_size >= mem_size || | 1370 if (dest_offset >= mem_size || source_size >= mem_size || |
| 1369 dest_offset > (mem_size - source_size)) { | 1371 dest_offset > (mem_size - source_size)) { |
| 1370 thrower_->RangeError( | 1372 thrower_->TypeError( |
| 1371 "data segment (start = %u, size = %u) does not fit into memory " | 1373 "data segment (start = %u, size = %u) does not fit into memory " |
| 1372 "(size = %zu)", | 1374 "(size = %zu)", |
| 1373 dest_offset, source_size, mem_size); | 1375 dest_offset, source_size, mem_size); |
| 1374 return; | 1376 return; |
| 1375 } | 1377 } |
| 1376 byte* dest = mem_addr + dest_offset; | 1378 byte* dest = mem_addr + dest_offset; |
| 1377 const byte* src = reinterpret_cast<const byte*>( | 1379 const byte* src = reinterpret_cast<const byte*>( |
| 1378 module_bytes->GetCharsAddress() + segment.source_offset); | 1380 module_bytes->GetCharsAddress() + segment.source_offset); |
| 1379 memcpy(dest, src, source_size); | 1381 memcpy(dest, src, source_size); |
| 1380 } | 1382 } |
| 1381 } | 1383 } |
| 1382 | 1384 |
| 1385 // Returns true if all segments are empty and write to address 0. | |
| 1386 bool CheckDataSegmentsAreEmpty() { | |
| 1387 for (const WasmDataSegment& segment : module_->data_segments) { | |
| 1388 if (segment.source_size > 0) { | |
| 1389 return false; | |
| 1390 } | |
| 1391 } | |
| 1392 return true; | |
| 1393 } | |
| 1394 | |
| 1383 void WriteGlobalValue(WasmGlobal& global, Handle<Object> value) { | 1395 void WriteGlobalValue(WasmGlobal& global, Handle<Object> value) { |
| 1384 double num = 0; | 1396 double num = 0; |
| 1385 if (value->IsSmi()) { | 1397 if (value->IsSmi()) { |
| 1386 num = Smi::cast(*value)->value(); | 1398 num = Smi::cast(*value)->value(); |
| 1387 } else if (value->IsHeapNumber()) { | 1399 } else if (value->IsHeapNumber()) { |
| 1388 num = HeapNumber::cast(*value)->value(); | 1400 num = HeapNumber::cast(*value)->value(); |
| 1389 } else { | 1401 } else { |
| 1390 UNREACHABLE(); | 1402 UNREACHABLE(); |
| 1391 } | 1403 } |
| 1392 TRACE("init [globals+%u] = %lf, type = %s\n", global.offset, num, | 1404 TRACE("init [globals+%u] = %lf, type = %s\n", global.offset, num, |
| (...skipping 857 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2250 CHECK_NOT_NULL(result.val); | 2262 CHECK_NOT_NULL(result.val); |
| 2251 module = const_cast<WasmModule*>(result.val); | 2263 module = const_cast<WasmModule*>(result.val); |
| 2252 } | 2264 } |
| 2253 | 2265 |
| 2254 Handle<WasmModuleWrapper> module_wrapper = | 2266 Handle<WasmModuleWrapper> module_wrapper = |
| 2255 WasmModuleWrapper::New(isolate, module); | 2267 WasmModuleWrapper::New(isolate, module); |
| 2256 | 2268 |
| 2257 compiled_module->set_module_wrapper(module_wrapper); | 2269 compiled_module->set_module_wrapper(module_wrapper); |
| 2258 DCHECK(WasmCompiledModule::IsWasmCompiledModule(*compiled_module)); | 2270 DCHECK(WasmCompiledModule::IsWasmCompiledModule(*compiled_module)); |
| 2259 } | 2271 } |
| OLD | NEW |
