From 7f73b2f797b0483ebea656a681b1295677e87799 Mon Sep 17 00:00:00 2001
From: Benjamin Bouvier <benj@benj.me>
Date: Tue, 22 Oct 2019 07:11:05 +0000
Subject: [PATCH] Bug 1590083: Disable wasm multi value with Cranelift; r=lth

Since wasm multi-value is enabled by default (without a shell switch), there
was no way to signal it was disabled in certain configurations, namely
Cranelift.

Instead, assume multi-value is enabled by default and disable it with
Cranelift, and store this information in the CompilerEnvironment so we can use
it when iterating on the wasm binary.

Differential Revision: https://phabricator.services.mozilla.com/D49925

--HG--
extra : moz-landing-system : lando
---
 js/src/jit-test/tests/wasm/binary.js | 7 +++----
 js/src/wasm/WasmCompile.cpp          | 2 ++
 js/src/wasm/WasmOpIter.h             | 4 ++++
 js/src/wasm/WasmValidate.h           | 6 ++++++
 4 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/js/src/jit-test/tests/wasm/binary.js b/js/src/jit-test/tests/wasm/binary.js
index fcdfc18a1dee..e50f470e8da1 100644
--- a/js/src/jit-test/tests/wasm/binary.js
+++ b/js/src/jit-test/tests/wasm/binary.js
@@ -234,13 +234,12 @@ assertErrorMessage(() => wasmEval(moduleWithSections([
 for (var bad of [0xff, 1, 0x3f])
     assertErrorMessage(() => wasmEval(moduleWithSections([sigSection([v2vSig]), declSection([0]), bodySection([funcBody({locals:[], body:[BlockCode, bad, EndCode]})])])), CompileError, /invalid .*block type/);
 
+const multiValueModule = moduleWithSections([sigSection([v2vSig]), declSection([0]), bodySection([funcBody({locals:[], body:[BlockCode, 0, EndCode]})])]);
 if (wasmMultiValueEnabled()) {
     // In this test module, 0 denotes a void-to-void block type.
-    let binary = moduleWithSections([sigSection([v2vSig]), declSection([0]), bodySection([funcBody({locals:[], body:[BlockCode, 0, EndCode]})])]);
-    assertEq(WebAssembly.validate(binary), true);
+    assertEq(WebAssembly.validate(multiValueModule), true);
 } else {
-    const bad = 0;
-    assertErrorMessage(() => wasmEval(moduleWithSections([sigSection([v2vSig]), declSection([0]), bodySection([funcBody({locals:[], body:[BlockCode, bad, EndCode]})])])), CompileError, /invalid .*block type/);
+    assertErrorMessage(() => wasmEval(multiValueModule), CompileError, /invalid .*block type/);
 }
 
 // Ensure all invalid opcodes rejected
diff --git a/js/src/wasm/WasmCompile.cpp b/js/src/wasm/WasmCompile.cpp
index f8b1c3d2086b..7dcb7ca4f459 100644
--- a/js/src/wasm/WasmCompile.cpp
+++ b/js/src/wasm/WasmCompile.cpp
@@ -447,6 +447,7 @@ CompilerEnvironment::CompilerEnvironment(CompileMode mode, Tier tier,
       debug_(debugEnabled),
       refTypes_(refTypesConfigured),
       gcTypes_(gcTypesConfigured),
+      multiValues_(true),
       hugeMemory_(hugeMemory) {}
 
 void CompilerEnvironment::computeParameters(bool gcFeatureOptIn) {
@@ -503,6 +504,7 @@ void CompilerEnvironment::computeParameters(Decoder& d, bool gcFeatureOptIn) {
   debug_ = debugEnabled ? DebugEnabled::True : DebugEnabled::False;
   gcTypes_ = gcEnabled;
   refTypes_ = !craneliftEnabled;
+  multiValues_ = !craneliftEnabled;
   hugeMemory_ = hugeMemory;
   state_ = Computed;
 }
diff --git a/js/src/wasm/WasmOpIter.h b/js/src/wasm/WasmOpIter.h
index 3c7bc0d63d62..9ebf8fe11182 100644
--- a/js/src/wasm/WasmOpIter.h
+++ b/js/src/wasm/WasmOpIter.h
@@ -1165,6 +1165,10 @@ inline bool OpIter<Policy>::readBlockType(BlockType* type) {
   }
 
 #ifdef ENABLE_WASM_MULTI_VALUE
+  if (!env_.multiValuesEnabled()) {
+    return fail("invalid block type reference");
+  }
+
   int32_t x;
   if (!d_.readVarS32(&x) || x < 0 || uint32_t(x) >= env_.types.length()) {
     return fail("invalid block type type index");
diff --git a/js/src/wasm/WasmValidate.h b/js/src/wasm/WasmValidate.h
index 7ba45414646e..cf82ef954666 100644
--- a/js/src/wasm/WasmValidate.h
+++ b/js/src/wasm/WasmValidate.h
@@ -71,6 +71,7 @@ struct CompilerEnvironment {
       DebugEnabled debug_;
       bool refTypes_;
       bool gcTypes_;
+      bool multiValues_;
       bool hugeMemory_;
     };
   };
@@ -121,6 +122,10 @@ struct CompilerEnvironment {
     MOZ_ASSERT(isComputed());
     return refTypes_;
   }
+  bool multiValues() const {
+    MOZ_ASSERT(isComputed());
+    return multiValues_;
+  }
   bool hugeMemory() const {
     MOZ_ASSERT(isComputed());
     return hugeMemory_;
@@ -209,6 +214,7 @@ struct ModuleEnvironment {
   }
   bool gcTypesEnabled() const { return compilerEnv->gcTypes(); }
   bool refTypesEnabled() const { return compilerEnv->refTypes(); }
+  bool multiValuesEnabled() const { return compilerEnv->multiValues(); }
   bool usesMemory() const { return memoryUsage != MemoryUsage::None; }
   bool usesSharedMemory() const { return memoryUsage == MemoryUsage::Shared; }
   bool isAsmJS() const { return kind == ModuleKind::AsmJS; }