WebAssembly: const in unreachable code decoded incorrectly, erroneously rejects binar...
authorjfbastien@apple.com <jfbastien@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 Aug 2017 01:04:00 +0000 (01:04 +0000)
committerjfbastien@apple.com <jfbastien@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 Aug 2017 01:04:00 +0000 (01:04 +0000)
commit104005f4b4ba27f287cef5f96380d3603ac8254b
tree85a75638360c51c6d4674d82834e6a320508172b
parent03ee1671e4998efeb6a6545cd8ddd0f21cb82241
WebAssembly: const in unreachable code decoded incorrectly, erroneously rejects binary as invalid
https://bugs.webkit.org/show_bug.cgi?id=175693
<rdar://problem/33952443>

Reviewed by Saam Barati.

JSTests:

Add a regression directory for WebAssembly tests.

* wasm.yaml:
* wasm/regress/175693.js: Added.
(else.else):
(instance.new.WebAssembly.Instance.new.WebAssembly.Module):
(catch):
* wasm/regress/175693.wasm: Added.

Source/JavaScriptCore:

64-bit constants in an unreachable context were being decoded as
32-bit constants. This is pretty benign because unreachable code
shouldn't occur often. The effect is that 64-bit constants which
can't be encoded as 32-bit constants would cause the binary to be
rejected.

At the same time, 32-bit integer constants should be decoded as signed.

* wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseUnreachableExpression):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220894 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/wasm.yaml
JSTests/wasm/regress/175693.js [new file with mode: 0644]
JSTests/wasm/regress/175693.wasm [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/wasm/WasmFunctionParser.h