Bug 1359612 - Baldr: make ToABIFunctionType work on any function signature (r=bbouvier)
authorLuke Wagner <luke@mozilla.com>
Wed, 26 Apr 2017 09:52:11 -0500
changeset 403195 1aa3673f1b9c700190b9791cb67f704fd160d454
parent 403194 c8884c38a51d35cc619e235a17ae1296f8119760
child 403196 52a9eb86ebf913c165a6b8d58c3ed3ed466c5619
push id7391
push usermtabara@mozilla.com
push dateMon, 12 Jun 2017 13:08:53 +0000
treeherdermozilla-beta@2191d7f87e2e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbbouvier
bugs1359612
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1359612 - Baldr: make ToABIFunctionType work on any function signature (r=bbouvier) MozReview-Commit-ID: IzzCpt6wwPr
js/src/jit-test/tests/asm.js/testBug1359612.js
js/src/jit-test/tests/wasm/regress/builtin-import-sigs.js
js/src/wasm/WasmBuiltins.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/asm.js/testBug1359612.js
@@ -0,0 +1,9 @@
+load(libdir + 'asm.js');
+
+asmLink(asmCompile('stdlib', 'foreign', USE_ASM + `
+  var ff = foreign.ff;
+  function f() {
+      ff(+1);
+  }
+  return f
+`), this, { ff: Math.log1p });
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/wasm/regress/builtin-import-sigs.js
@@ -0,0 +1,15 @@
+var code = wasmTextToBinary(`(module
+    (import $one "" "builtin")
+    (import $two "" "builtin" (param i32))
+    (import $three "" "builtin" (result i32))
+    (import $four "" "builtin" (result f32) (param f32 f32 f32 f32 f32 f32 f32 f32 f32 f32 f32 f32))
+    (func (export "run")
+        (call $one)
+        (call $two (i32.const 0))
+        (drop (call $three))
+        (drop (call $four (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0) (f32.const 0)))
+    )
+)`);
+var m = new WebAssembly.Module(code);
+var i = new WebAssembly.Instance(m, {'':{builtin:Math.sin}});
+i.exports.run();
--- a/js/src/wasm/WasmBuiltins.cpp
+++ b/js/src/wasm/WasmBuiltins.cpp
@@ -899,51 +899,56 @@ wasm::SymbolicAddressTarget(SymbolicAddr
     if (!NeedsBuiltinThunk(sym))
         return funcPtr;
 
     const BuiltinThunks& thunks = *builtinThunks;
     uint32_t codeRangeIndex = thunks.symbolicAddressToCodeRange[sym];
     return thunks.codeBase + thunks.codeRanges[codeRangeIndex].begin();
 }
 
-static ABIFunctionType
-ToABIFunctionType(const Sig& sig)
+static Maybe<ABIFunctionType>
+ToBuiltinABIFunctionType(const Sig& sig)
 {
     const ValTypeVector& args = sig.args();
     ExprType ret = sig.ret();
 
     uint32_t abiType;
     switch (ret) {
       case ExprType::F32: abiType = ArgType_Float32 << RetType_Shift; break;
       case ExprType::F64: abiType = ArgType_Double << RetType_Shift; break;
-      default:            MOZ_CRASH("unhandled ret type");
+      default: return Nothing();
     }
 
+    if ((args.length() + 1) > (sizeof(uint32_t) * 8 / ArgType_Shift))
+        return Nothing();
+
     for (size_t i = 0; i < args.length(); i++) {
         switch (args[i]) {
           case ValType::F32: abiType |= (ArgType_Float32 << (ArgType_Shift * (i + 1))); break;
           case ValType::F64: abiType |= (ArgType_Double << (ArgType_Shift * (i + 1))); break;
-          default:           MOZ_CRASH("unhandled arg type");
+          default: return Nothing();
         }
     }
 
-    return ABIFunctionType(abiType);
+    return Some(ABIFunctionType(abiType));
 }
 
 void*
 wasm::MaybeGetBuiltinThunk(HandleFunction f, const Sig& sig, JSContext* cx)
 {
     MOZ_ASSERT(builtinThunks);
 
     if (!f->isNative() || !f->jitInfo() || f->jitInfo()->type() != JSJitInfo::InlinableNative)
         return nullptr;
 
-    InlinableNative native = f->jitInfo()->inlinableNative;
-    ABIFunctionType abiType = ToABIFunctionType(sig);
-    TypedNative typedNative(native, abiType);
+    Maybe<ABIFunctionType> abiType = ToBuiltinABIFunctionType(sig);
+    if (!abiType)
+        return nullptr;
+
+    TypedNative typedNative(f->jitInfo()->inlinableNative, *abiType);
 
     const BuiltinThunks& thunks = *builtinThunks;
     auto p = thunks.typedNativeToCodeRange.readonlyThreadsafeLookup(typedNative);
     if (!p)
         return nullptr;
 
     return thunks.codeBase + thunks.codeRanges[p->value()].begin();
 }