1# Copyright (c) 2021 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14definitions: [] 15tests: 16 - file-name: "jlez" 17 isa: 18 title: Conditional compared to zero jump 19 description: > 20 Transfer execution to an instruction at offset bytes 21 from the beginning of the current instruction 22 if signed 32-bit integer in accumulator compares with 0 as specified. 23 Offset is sign extended to the size of instruction address. 24 exceptions: 25 - x_none 26 commands: 27 28 - file-name: "op" 29 isa: 30 instructions: 31 - sig: jlez imm:i32 32 acc: in:i32 33 format: [op_imm_8, op_imm_16] 34 description: > 35 Check jump occurs or not occurs, depending on `acc < 0` condition 36 for forward, backward, or current cases. 37 code-template: | 38 # 39 %s 40 check-type: exit-positive 41 cases: 42 - values: 43 - | 44 # Check forward jump 45 ldai -1 46 jlez label 47 ldai 255 ##*65536 48 return # should be jumped over 49 label: 50 - values: 51 - | 52 # Check backward jump 53 jmp label2 54 label1: 55 jmp label3 56 ldai 255 ##*65536 57 label2: 58 ldai -1 59 jlez label1 60 ldai 255 61 return # should be jumped over 62 label3: 63 - values: 64 - | 65 # Check jump to itself 66 ldai 1 67 loop: 68 jlez loop 69 bugid: ['3468'] 70 - values: 71 - | 72 # Check jump to itself 73 ldai -1 74 loop: 75 jlez loop 76 runner-options: [compile-only] 77 78 - file-name: "op_bounds_1" 79 isa: 80 instructions: 81 - sig: jlez imm:i32 82 acc: in:i32 83 format: [op_imm_8, op_imm_16] 84 description: > 85 Check jump occurs or not occurs, depending on `acc < 0` condition 86 for forward and backward cases. 87 code-template: | 88 # 89 %s 90 check-type: none 91 cases: 92 - values: 93 - | 94 # Max forward jump for imm8, 2 + 124 + 1 = 127 bytes 95 ldai -1 96 jlez label # 2-byte instruction 97 ldai 1 ##*62 98 return 99 label: 100 ldai 0 101 return 102 - values: 103 - | 104 # Max backward jump for imm8, 1 + 2 + 2*61 + 1 + 2 = 128 bytes 105 jmp label2 106 label: 107 neg 108 ldai 61 109 subi 1 ##*61 110 return 111 label2: 112 ldai -1 113 jlez label 114 ldai 1 115 return 116 - values: 117 - | 118 # Max forward jump for imm16, 3 + 32760 + 4 = 32767 bytes 119 ldai -1 120 jlez label # 3-byte instruction 121 movi.64 v0, 0 ##*3276 122 neg 123 ldai 2 124 return 125 label: 126 ldai 0 127 return 128 - values: 129 - | 130 # Max backward jump for imm16, 1 + 4 + 32760 + 1 + 2 = 32768 bytes 131 jmp label2 132 label: 133 ldai 0 134 return 135 ldai 1 136 movi.64 v0, 0 ##*3276 137 return 138 label2: 139 ldai -1 140 jlez label 141 ldai 1 142 return 143 144 - file-name: "op_bounds_2" 145 isa: 146 instructions: 147 - sig: jlez imm:i32 148 acc: in:i32 149 format: [op_imm_8, op_imm_16] 150 description: > 151 Check jump occurs or not occurs, depending on `acc == 0` condition 152 for forward and backward cases. 153 code-template: | 154 # 155 %s 156 check-type: none 157 cases: 158 - values: 159 - | 160 # Max forward jump for imm8, 2 + 124 + 1 = 127 bytes 161 ldai 0 162 jlez label # 2-byte instruction 163 neg 164 ldai 2 ##*62 165 label: 166 return 167 - values: 168 - | 169 # Max backward jump for imm8, 1 + 2 + 61*2 + 1 + 2 = 128 bytes 170 jmp label2 171 label: 172 neg 173 ldai 61 174 subi 1 ##*61 175 return 176 label2: 177 ldai 0 178 jlez label 179 ldai 1 180 return 181 - values: 182 - | 183 # Max forward jump for imm16, 3 + 32760 + 4 = 32767 bytes 184 ldai 0 185 jlez label # 3-byte instruction 186 movi.64 v0, 0 ##*3276 187 ldai 1 188 ldai 1 189 label: 190 return 191 - values: 192 - | 193 # Max backward jump for imm16, 1 + 4 + 32760 + 1 + 2 = 32768 bytes 194 jmp label2 195 label: 196 return 197 ldai 2 198 ldai 2 199 movi.64 v0, 0 ##*3276 200 return 201 label2: 202 ldai 0 203 jlez label 204 ldai 1 205 return 206 207 - file-name: "vals" 208 isa: 209 instructions: 210 - sig: jlez imm:i32 211 acc: in:i32 212 format: [op_imm_8, op_imm_16] 213 description: > 214 Check jump not occurs if `acc > 0` 215 for different values in acc. 216 code-template: | 217 # 218 ldai *s 219 jlez label_bad 220 ldai %s 221 jlez label_good 222 label_bad: 223 ldai 255 224 return # should be jumped over 225 label_good: 226 check-type: exit-positive 227 template-cases: 228 - values: 229 - "0" 230 exclude: [one] 231 - values: 232 - "-1" 233 exclude: [one] 234 - values: 235 - "0x80000000" 236 exclude: [max] 237 - values: 238 - "0xFFFFFFFF" 239 exclude: [max] 240 cases: 241 - values: 242 - "1" 243 id: one 244 - values: 245 - "0x7FFFFFFF" 246 id: max 247 248 - file-name: "type" 249 isa: 250 instructions: 251 - sig: jlez imm:i32 252 acc: in:i32 253 format: [op_imm_8, op_imm_16] 254 verification: 255 - acc_type 256 description: > 257 Check `jlez` with invalid types in acc. 258 tags: ['verifier'] 259 runner-options: ['verifier-failure', 'verifier-debug-config'] 260 header-template: [] 261 code-template: | 262 # 263 .record A {} 264 .record panda.String <external> 265 .record panda.Object <external> 266 .function i32 main() { 267 %s 268 jlez label 269 ldai 255 270 label: 271 check-type: exit-positive 272 cases: 273 - values: 274 - lda.null 275 - values: 276 - ldai.64 0 277 - values: 278 - fldai.64 0 279 - values: 280 - lda.type A 281 - values: 282 - lda.type A[] 283 - values: 284 - lda.type panda.String 285 - values: 286 - | 287 newobj v0, A 288 lda.obj v0 289 - values: 290 - | 291 newobj v0, panda.Object 292 lda.obj v0 293 - values: 294 - lda.str "0" 295 - values: 296 - | 297 # 298 movi v0, 10 299 newarr v0, v0, i32[] 300 lda.obj v0 301 302 - file-name: "outside_function" 303 isa: 304 instructions: 305 - sig: jlez imm:i32 306 acc: in:i32 307 format: [op_imm_8, op_imm_16] 308 verification: 309 - branch_target 310 description: > 311 Branch target should point to a beginning 312 of an instruction of the same method. 313 runner-options: ['compile-failure'] 314 header-template: [] 315 code-template: | 316 # 317 .function i32 f() { 318 label: 319 ldai 255 320 return 321 } 322 .function i32 main() { 323 ldai 1 324 jlez label 325 check-type: exit-positive 326 327 - file-name: "outside_try_catch_p" 328 isa: 329 instructions: 330 - sig: jlez imm:i32 331 acc: in:i32 332 format: [op_imm_8, op_imm_16] 333 description: Jump outside try/catch block. 334 bugid: ['3425'] 335 header-template: [] 336 code-template: | 337 .record panda.ArithmeticException <external> 338 .function i32 main() { 339 begin: 340 ldai -1 341 jlez outside 342 newobj v0, panda.ArithmeticException 343 throw v0 344 end: 345 ldai 1 346 return 347 catch_ae: 348 ldai 2 349 return 350 .catch panda.ArithmeticException, begin, end, catch_ae 351 ldai 3 352 return 353 outside: 354 check-type: exit-positive 355 356 - file-name: uninitialized_regs 357 isa: 358 instructions: 359 - sig: jlez imm:i32 360 acc: in:i32 361 format: [op_imm_8, op_imm_16] 362 description: Check `jlez` with uninitialized acc. 363 tags: ['verifier'] 364 runner-options: ['verifier-failure', 'verifier-debug-config'] 365 code-template: | 366 # 367 label: 368 jlez label 369 check-type: exit-positive 370 371 - file-name: "invalid_branch_target" 372 isa: 373 verification: 374 - branch_target 375 runner-options: [compile-failure] 376 description: Check 'jlez' instruction with invalid branch target. 377 header-template: [] 378 code-template: | 379 .record R {} 380 381 .function void R.ctor(R a0) <ctor> { 382 lbl_ctor: 383 return.void 384 } 385 386 .function void R.cctor() <cctor> { 387 lbl_cctor: 388 return.void 389 } 390 391 .function i32 foo(i32 a0, i32 a1) <static> { 392 lda a0 393 jlez %s 394 return 395 } 396 397 .function i32 bar() <static> { 398 lbl_bar: 399 ldai 1 400 return 401 } 402 403 .function i32 main() { 404 movi v0, 0 405 movi v1, 1 406 call.short foo, v0, v1 407 lbl_main: 408 check-type: exit-positive 409 cases: 410 - values: ["main"] 411 - values: ["foo"] 412 - values: ["bar"] 413 - values: ["baz"] 414 - values: ["R"] 415 - values: ["lbl_main"] 416 - values: ["lbl_bar"] 417 - values: ["lbl_ctor"] 418 - values: ["lbl_cctor"] 419 420 421 - file-name: "prohibited_branch_target" 422 isa: 423 verification: 424 - branch_target 425 runner-options: ['verifier-failure', 'verifier-debug-config'] 426 tags: [verifier] 427 description: Check 'jlez' instruction with prohibited branch target. 428 header-template: [] 429 code-template: | 430 .record E1 {} 431 .record E2 {} 432 433 .function i32 main() { 434 ldai 0 435 jlez %s 436 437 begin: 438 ldai 0 439 return 440 mid: 441 ldai 1 442 return 443 end: 444 ldai 2 445 return 446 447 catch_E1_begin: 448 ldai 3 449 return 450 catch_E1_mid: 451 ldai 4 452 return 453 catch_E1_end: 454 ldai 5 455 return 456 457 catch_E2_begin: 458 ldai 6 459 return 460 catch_E2_mid: 461 ldai 7 462 return 463 catch_E2_end: 464 465 quit: 466 ldai 8 467 return 468 469 .catch E1, begin, end, catch_E1_begin, catch_E1_end 470 .catch E2, catch_E1_begin, catch_E1_end, catch_E2_begin, catch_E2_end 471 outside: 472 check-type: none 473 cases: 474 - values: ["begin"] 475 runner-options: ['verifier-only', 'verifier-debug-config'] 476 - values: ["mid"] 477 runner-options: ['verifier-only', 'verifier-debug-config'] 478 - values: ["end"] 479 runner-options: ['verifier-only', 'verifier-debug-config'] 480 - values: ["quit"] 481 runner-options: ['verifier-only', 'verifier-debug-config'] 482 - values: ["catch_E1_begin"] 483 - values: ["catch_E1_mid"] 484 - values: ["catch_E1_end"] 485 runner-options: ['verifier-only', 'verifier-debug-config'] 486 - values: ["catch_E2_begin"] 487 - values: ["catch_E2_mid"] 488 - values: ["catch_E2_end"] 489 runner-options: ['verifier-only', 'verifier-debug-config'] 490 - values: ["outside"] 491