diff options
| author | Alon Zakai <azakai@google.com> | 2020-04-13 15:57:51 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-13 15:57:51 -0700 |
| commit | 1bddd6be5416be08d92d0b4a8248decb400b60e0 (patch) | |
| tree | 426df38afc548929139c1771571a023c768e02ae /auto_update_tests.py | |
| parent | c16bfeebb5879e9512f2bbf7d611b3b1e0be7dee (diff) | |
| download | binaryen-1bddd6be5416be08d92d0b4a8248decb400b60e0.tar.gz binaryen-1bddd6be5416be08d92d0b4a8248decb400b60e0.tar.bz2 binaryen-1bddd6be5416be08d92d0b4a8248decb400b60e0.zip | |
Fix Atomics fuzz bugs in interpreter (#2760)
I am working to bring up the fuzzer on comparisons between VMs.
Comparing between the binaryen interpreter and v8, it found some
atomics issues:
Atomic operations, including loads and stores, must be aligned
or they trap.
AtomicRMW did the wrong thing with the operands.
AtomicCmpxchg must wrap the input to the proper size (if we
only load 1 byte, only look at 1 byte of the expected value too).
AtomicWait and AtomicNotify must take into account their
offsets. Also SIMDLoadExtend was missing that. This was
confusing in the code as two getFinalAddresses existed,
one that doesn't compute with an offset, and one that does.
I renamed the one without to getFinalAddressWithoutOffset
so it's explicit and we can easily see we only call that one on
an instruction without an offset (which is the case for
MemoryInit, MemoryCopy, and MemoryFill).
AtomicNotify must check its address to see if it should trap,
even though we don't actually have multiple threads running.
Atomic loads of fewer bytes than the type always do an
unsigned extension, not signed.
Diffstat (limited to 'auto_update_tests.py')
0 files changed, 0 insertions, 0 deletions