Skip to content

Commit 98af411

Browse files
rmacnak-googleCommit Queue
rmacnak-google
authored and
Commit Queue
committed
[vm] Increase supported range of TypeParameters to 16 bits.
TypeParameter::set_index was already asserting for 16 bits but silently truncating to 8 bits. The size of TypeParameter does not increase due to allocation rounding. Add explicit range check to class finalization. TEST=ci Change-Id: Id4017f74b7dba47b00d64e77e787712c70290dac Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/275560 Reviewed-by: Alexander Markov <[email protected]> Commit-Queue: Ryan Macnak <[email protected]>
1 parent 987775d commit 98af411

File tree

7 files changed

+62
-47
lines changed

7 files changed

+62
-47
lines changed

runtime/vm/app_snapshot.cc

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4562,8 +4562,8 @@ class TypeParameterSerializationCluster
45624562
AutoTraceObject(type);
45634563
WriteFromTo(type);
45644564
s->Write<int32_t>(type->untag()->parameterized_class_id_);
4565-
s->Write<uint8_t>(type->untag()->base_);
4566-
s->Write<uint8_t>(type->untag()->index_);
4565+
s->Write<uint16_t>(type->untag()->base_);
4566+
s->Write<uint16_t>(type->untag()->index_);
45674567
ASSERT(Utils::IsUint(8, type->untag()->flags()));
45684568
s->Write<uint8_t>(type->untag()->flags());
45694569
}
@@ -4596,8 +4596,8 @@ class TypeParameterDeserializationCluster
45964596
mark_canonical);
45974597
d.ReadFromTo(type);
45984598
type->untag()->parameterized_class_id_ = d.Read<int32_t>();
4599-
type->untag()->base_ = d.Read<uint8_t>();
4600-
type->untag()->index_ = d.Read<uint8_t>();
4599+
type->untag()->base_ = d.Read<uint16_t>();
4600+
type->untag()->index_ = d.Read<uint16_t>();
46014601
type->untag()->set_flags(d.Read<uint8_t>());
46024602
}
46034603
}

runtime/vm/class_finalizer.cc

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -796,8 +796,13 @@ AbstractTypePtr ClassFinalizer::FinalizeType(const AbstractType& type,
796796
// parameterized class.
797797
const intptr_t offset = parameterized_class.NumTypeArguments() -
798798
parameterized_class.NumTypeParameters();
799+
const intptr_t index = type_parameter.index() + offset;
800+
if (!Utils::IsUint(16, index)) {
801+
FATAL("Too many type parameters in %s",
802+
parameterized_class.UserVisibleNameCString());
803+
}
799804
type_parameter.set_base(offset); // Informative, but not needed.
800-
type_parameter.set_index(type_parameter.index() + offset);
805+
type_parameter.set_index(index);
801806

802807
// Remove the reference to the parameterized class.
803808
type_parameter.set_parameterized_class_id(kClassCid);

runtime/vm/compiler/runtime_offsets_extracted.h

Lines changed: 30 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -542,7 +542,7 @@ static constexpr dart::compiler::target::word
542542
FunctionType_type_parameters_offset = 16;
543543
static constexpr dart::compiler::target::word
544544
TypeParameter_parameterized_class_id_offset = 24;
545-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
545+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
546546
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
547547
static constexpr dart::compiler::target::word
548548
TypeArguments_instantiations_offset = 4;
@@ -1215,7 +1215,7 @@ static constexpr dart::compiler::target::word
12151215
FunctionType_type_parameters_offset = 32;
12161216
static constexpr dart::compiler::target::word
12171217
TypeParameter_parameterized_class_id_offset = 48;
1218-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
1218+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
12191219
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
12201220
static constexpr dart::compiler::target::word
12211221
TypeArguments_instantiations_offset = 8;
@@ -1880,7 +1880,7 @@ static constexpr dart::compiler::target::word
18801880
FunctionType_type_parameters_offset = 16;
18811881
static constexpr dart::compiler::target::word
18821882
TypeParameter_parameterized_class_id_offset = 24;
1883-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
1883+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
18841884
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
18851885
static constexpr dart::compiler::target::word
18861886
TypeArguments_instantiations_offset = 4;
@@ -2553,7 +2553,7 @@ static constexpr dart::compiler::target::word
25532553
FunctionType_type_parameters_offset = 32;
25542554
static constexpr dart::compiler::target::word
25552555
TypeParameter_parameterized_class_id_offset = 48;
2556-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
2556+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
25572557
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
25582558
static constexpr dart::compiler::target::word
25592559
TypeArguments_instantiations_offset = 8;
@@ -3226,7 +3226,7 @@ static constexpr dart::compiler::target::word
32263226
FunctionType_type_parameters_offset = 24;
32273227
static constexpr dart::compiler::target::word
32283228
TypeParameter_parameterized_class_id_offset = 32;
3229-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 37;
3229+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 38;
32303230
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 16;
32313231
static constexpr dart::compiler::target::word
32323232
TypeArguments_instantiations_offset = 8;
@@ -3898,7 +3898,7 @@ static constexpr dart::compiler::target::word
38983898
FunctionType_type_parameters_offset = 24;
38993899
static constexpr dart::compiler::target::word
39003900
TypeParameter_parameterized_class_id_offset = 32;
3901-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 37;
3901+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 38;
39023902
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 16;
39033903
static constexpr dart::compiler::target::word
39043904
TypeArguments_instantiations_offset = 8;
@@ -4564,7 +4564,7 @@ static constexpr dart::compiler::target::word
45644564
FunctionType_type_parameters_offset = 16;
45654565
static constexpr dart::compiler::target::word
45664566
TypeParameter_parameterized_class_id_offset = 24;
4567-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
4567+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
45684568
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
45694569
static constexpr dart::compiler::target::word
45704570
TypeArguments_instantiations_offset = 4;
@@ -5239,7 +5239,7 @@ static constexpr dart::compiler::target::word
52395239
FunctionType_type_parameters_offset = 32;
52405240
static constexpr dart::compiler::target::word
52415241
TypeParameter_parameterized_class_id_offset = 48;
5242-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
5242+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
52435243
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
52445244
static constexpr dart::compiler::target::word
52455245
TypeArguments_instantiations_offset = 8;
@@ -5899,7 +5899,7 @@ static constexpr dart::compiler::target::word
58995899
FunctionType_type_parameters_offset = 16;
59005900
static constexpr dart::compiler::target::word
59015901
TypeParameter_parameterized_class_id_offset = 24;
5902-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
5902+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
59035903
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
59045904
static constexpr dart::compiler::target::word
59055905
TypeArguments_instantiations_offset = 4;
@@ -6564,7 +6564,7 @@ static constexpr dart::compiler::target::word
65646564
FunctionType_type_parameters_offset = 32;
65656565
static constexpr dart::compiler::target::word
65666566
TypeParameter_parameterized_class_id_offset = 48;
6567-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
6567+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
65686568
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
65696569
static constexpr dart::compiler::target::word
65706570
TypeArguments_instantiations_offset = 8;
@@ -7221,7 +7221,7 @@ static constexpr dart::compiler::target::word
72217221
FunctionType_type_parameters_offset = 16;
72227222
static constexpr dart::compiler::target::word
72237223
TypeParameter_parameterized_class_id_offset = 24;
7224-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
7224+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
72257225
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
72267226
static constexpr dart::compiler::target::word
72277227
TypeArguments_instantiations_offset = 4;
@@ -7886,7 +7886,7 @@ static constexpr dart::compiler::target::word
78867886
FunctionType_type_parameters_offset = 32;
78877887
static constexpr dart::compiler::target::word
78887888
TypeParameter_parameterized_class_id_offset = 48;
7889-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
7889+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
78907890
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
78917891
static constexpr dart::compiler::target::word
78927892
TypeArguments_instantiations_offset = 8;
@@ -8551,7 +8551,7 @@ static constexpr dart::compiler::target::word
85518551
FunctionType_type_parameters_offset = 24;
85528552
static constexpr dart::compiler::target::word
85538553
TypeParameter_parameterized_class_id_offset = 32;
8554-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 37;
8554+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 38;
85558555
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 16;
85568556
static constexpr dart::compiler::target::word
85578557
TypeArguments_instantiations_offset = 8;
@@ -9215,7 +9215,7 @@ static constexpr dart::compiler::target::word
92159215
FunctionType_type_parameters_offset = 24;
92169216
static constexpr dart::compiler::target::word
92179217
TypeParameter_parameterized_class_id_offset = 32;
9218-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 37;
9218+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 38;
92199219
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 16;
92209220
static constexpr dart::compiler::target::word
92219221
TypeArguments_instantiations_offset = 8;
@@ -9873,7 +9873,7 @@ static constexpr dart::compiler::target::word
98739873
FunctionType_type_parameters_offset = 16;
98749874
static constexpr dart::compiler::target::word
98759875
TypeParameter_parameterized_class_id_offset = 24;
9876-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 29;
9876+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 30;
98779877
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 12;
98789878
static constexpr dart::compiler::target::word
98799879
TypeArguments_instantiations_offset = 4;
@@ -10540,7 +10540,7 @@ static constexpr dart::compiler::target::word
1054010540
FunctionType_type_parameters_offset = 32;
1054110541
static constexpr dart::compiler::target::word
1054210542
TypeParameter_parameterized_class_id_offset = 48;
10543-
static constexpr dart::compiler::target::word TypeParameter_index_offset = 53;
10543+
static constexpr dart::compiler::target::word TypeParameter_index_offset = 54;
1054410544
static constexpr dart::compiler::target::word TypeArguments_hash_offset = 24;
1054510545
static constexpr dart::compiler::target::word
1054610546
TypeArguments_instantiations_offset = 8;
@@ -11259,7 +11259,7 @@ static constexpr dart::compiler::target::word
1125911259
static constexpr dart::compiler::target::word
1126011260
AOT_TypeParameter_parameterized_class_id_offset = 24;
1126111261
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
11262-
29;
11262+
30;
1126311263
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1126411264
12;
1126511265
static constexpr dart::compiler::target::word
@@ -12002,7 +12002,7 @@ static constexpr dart::compiler::target::word
1200212002
static constexpr dart::compiler::target::word
1200312003
AOT_TypeParameter_parameterized_class_id_offset = 48;
1200412004
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
12005-
53;
12005+
54;
1200612006
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1200712007
24;
1200812008
static constexpr dart::compiler::target::word
@@ -12750,7 +12750,7 @@ static constexpr dart::compiler::target::word
1275012750
static constexpr dart::compiler::target::word
1275112751
AOT_TypeParameter_parameterized_class_id_offset = 48;
1275212752
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
12753-
53;
12753+
54;
1275412754
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1275512755
24;
1275612756
static constexpr dart::compiler::target::word
@@ -13497,7 +13497,7 @@ static constexpr dart::compiler::target::word
1349713497
static constexpr dart::compiler::target::word
1349813498
AOT_TypeParameter_parameterized_class_id_offset = 32;
1349913499
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
13500-
37;
13500+
38;
1350113501
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1350213502
16;
1350313503
static constexpr dart::compiler::target::word
@@ -14243,7 +14243,7 @@ static constexpr dart::compiler::target::word
1424314243
static constexpr dart::compiler::target::word
1424414244
AOT_TypeParameter_parameterized_class_id_offset = 32;
1424514245
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
14246-
37;
14246+
38;
1424714247
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1424814248
16;
1424914249
static constexpr dart::compiler::target::word
@@ -14985,7 +14985,7 @@ static constexpr dart::compiler::target::word
1498514985
static constexpr dart::compiler::target::word
1498614986
AOT_TypeParameter_parameterized_class_id_offset = 24;
1498714987
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
14988-
29;
14988+
30;
1498914989
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1499014990
12;
1499114991
static constexpr dart::compiler::target::word
@@ -15730,7 +15730,7 @@ static constexpr dart::compiler::target::word
1573015730
static constexpr dart::compiler::target::word
1573115731
AOT_TypeParameter_parameterized_class_id_offset = 48;
1573215732
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
15733-
53;
15733+
54;
1573415734
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1573515735
24;
1573615736
static constexpr dart::compiler::target::word
@@ -16465,7 +16465,7 @@ static constexpr dart::compiler::target::word
1646516465
static constexpr dart::compiler::target::word
1646616466
AOT_TypeParameter_parameterized_class_id_offset = 24;
1646716467
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
16468-
29;
16468+
30;
1646916469
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1647016470
12;
1647116471
static constexpr dart::compiler::target::word
@@ -17199,7 +17199,7 @@ static constexpr dart::compiler::target::word
1719917199
static constexpr dart::compiler::target::word
1720017200
AOT_TypeParameter_parameterized_class_id_offset = 48;
1720117201
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
17202-
53;
17202+
54;
1720317203
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1720417204
24;
1720517205
static constexpr dart::compiler::target::word
@@ -17938,7 +17938,7 @@ static constexpr dart::compiler::target::word
1793817938
static constexpr dart::compiler::target::word
1793917939
AOT_TypeParameter_parameterized_class_id_offset = 48;
1794017940
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
17941-
53;
17941+
54;
1794217942
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1794317943
24;
1794417944
static constexpr dart::compiler::target::word
@@ -18676,7 +18676,7 @@ static constexpr dart::compiler::target::word
1867618676
static constexpr dart::compiler::target::word
1867718677
AOT_TypeParameter_parameterized_class_id_offset = 32;
1867818678
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
18679-
37;
18679+
38;
1868018680
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1868118681
16;
1868218682
static constexpr dart::compiler::target::word
@@ -19413,7 +19413,7 @@ static constexpr dart::compiler::target::word
1941319413
static constexpr dart::compiler::target::word
1941419414
AOT_TypeParameter_parameterized_class_id_offset = 32;
1941519415
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
19416-
37;
19416+
38;
1941719417
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
1941819418
16;
1941919419
static constexpr dart::compiler::target::word
@@ -20146,7 +20146,7 @@ static constexpr dart::compiler::target::word
2014620146
static constexpr dart::compiler::target::word
2014720147
AOT_TypeParameter_parameterized_class_id_offset = 24;
2014820148
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
20149-
29;
20149+
30;
2015020150
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
2015120151
12;
2015220152
static constexpr dart::compiler::target::word
@@ -20882,7 +20882,7 @@ static constexpr dart::compiler::target::word
2088220882
static constexpr dart::compiler::target::word
2088320883
AOT_TypeParameter_parameterized_class_id_offset = 48;
2088420884
static constexpr dart::compiler::target::word AOT_TypeParameter_index_offset =
20885-
53;
20885+
54;
2088620886
static constexpr dart::compiler::target::word AOT_TypeArguments_hash_offset =
2088720887
24;
2088820888
static constexpr dart::compiler::target::word

runtime/vm/compiler/stub_code_compiler.cc

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -571,7 +571,7 @@ static void BuildInstantiateTypeParameterStub(Assembler* assembler,
571571
__ BranchIf(EQUAL, &return_dynamic);
572572
__ LoadFieldFromOffset(
573573
InstantiateTypeABI::kResultTypeReg, InstantiateTypeABI::kTypeReg,
574-
target::TypeParameter::index_offset(), kUnsignedByte);
574+
target::TypeParameter::index_offset(), kUnsignedTwoBytes);
575575
__ LoadIndexedCompressed(InstantiateTypeABI::kResultTypeReg,
576576
InstantiateTypeABI::kFunctionTypeArgumentsReg,
577577
target::TypeArguments::types_offset(),
@@ -582,7 +582,7 @@ static void BuildInstantiateTypeParameterStub(Assembler* assembler,
582582
__ BranchIf(EQUAL, &return_dynamic);
583583
__ LoadFieldFromOffset(
584584
InstantiateTypeABI::kResultTypeReg, InstantiateTypeABI::kTypeReg,
585-
target::TypeParameter::index_offset(), kUnsignedByte);
585+
target::TypeParameter::index_offset(), kUnsignedTwoBytes);
586586
__ LoadIndexedCompressed(InstantiateTypeABI::kResultTypeReg,
587587
InstantiateTypeABI::kInstantiatorTypeArgumentsReg,
588588
target::TypeArguments::types_offset(),
@@ -919,7 +919,7 @@ static void GenerateNullIsAssignableToType(Assembler* assembler,
919919
// Resolve the type parameter to its instantiated type and loop.
920920
__ LoadFieldFromOffset(kIndexReg, kCurrentTypeReg,
921921
target::TypeParameter::index_offset(),
922-
kUnsignedByte);
922+
kUnsignedTwoBytes);
923923
__ LoadIndexedCompressed(kCurrentTypeReg, tav,
924924
target::TypeArguments::types_offset(),
925925
kIndexReg);
@@ -1035,7 +1035,7 @@ static void BuildTypeParameterTypeTestStub(Assembler* assembler,
10351035
// instantiated type's TTS.
10361036
__ LoadFieldFromOffset(TypeTestABI::kScratchReg, TypeTestABI::kDstTypeReg,
10371037
target::TypeParameter::index_offset(),
1038-
kUnsignedByte);
1038+
kUnsignedTwoBytes);
10391039
__ LoadIndexedCompressed(TypeTestABI::kScratchReg, tav,
10401040
target::TypeArguments::types_offset(),
10411041
TypeTestABI::kScratchReg);

runtime/vm/object.cc

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3727,8 +3727,16 @@ UnboxedFieldBitmap Class::CalculateFieldOffsets() const {
37273727
}
37283728
}
37293729
}
3730-
set_instance_size(RoundedAllocationSize(host_offset),
3731-
compiler::target::RoundedAllocationSize(target_offset));
3730+
3731+
const intptr_t host_instance_size = RoundedAllocationSize(host_offset);
3732+
const intptr_t target_instance_size =
3733+
compiler::target::RoundedAllocationSize(target_offset);
3734+
if (!Utils::IsInt(32, target_instance_size)) {
3735+
// Many parts of the compiler assume offsets can be represented with
3736+
// int32_t.
3737+
FATAL("Too many fields in %s\n", UserVisibleNameCString());
3738+
}
3739+
set_instance_size(host_instance_size, target_instance_size);
37323740
set_next_field_offset(host_offset, target_offset);
37333741
return host_bitmap;
37343742
}

runtime/vm/raw_object.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2754,8 +2754,8 @@ class UntaggedTypeParameter : public UntaggedAbstractType {
27542754
COMPRESSED_POINTER_FIELD(AbstractTypePtr, bound)
27552755
VISIT_TO(bound)
27562756
ClassIdTagType parameterized_class_id_; // Or kFunctionCid for function tp.
2757-
uint8_t base_; // Number of enclosing function type parameters.
2758-
uint8_t index_; // Keep size in sync with BuildTypeParameterTypeTestStub.
2757+
uint16_t base_; // Number of enclosing function type parameters.
2758+
uint16_t index_; // Keep size in sync with BuildTypeParameterTypeTestStub.
27592759

27602760
private:
27612761
CompressedObjectPtr* to_snapshot(Snapshot::Kind kind) { return to(); }

0 commit comments

Comments
 (0)