1 files changed, 94 insertions, 9 deletions

diff --git a/lib/compiler/src/beam_validator.erl b/lib/compiler/src/beam_validator.erl
index eb72290306..9d5563d13b 100644
--- a/lib/compiler/src/beam_validator.erl
+++ b/lib/compiler/src/beam_validator.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2004-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2004-2014. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -213,9 +213,12 @@ validate_error_1(Error, Module, Name, Ar) ->
     {{Module,Name,Ar},
      {internal_error,'_',{Error,erlang:get_stacktrace()}}}.
 
+-type index() :: non_neg_integer().
+-type reg_tab() :: gb_trees:tree(index(), 'none' | {'value', _}).
+
 -record(st,				%Emulation state
-	{x=init_regs(0, term)        :: gb_tree(),	%x register info.
-	 y=init_regs(0, initialized) :: gb_tree(),	%y register info.
+	{x=init_regs(0, term)        :: reg_tab(),%x register info.
+	 y=init_regs(0, initialized) :: reg_tab(),%y register info.
 	 f=init_fregs(),                %
 	 numy=none,			%Number of y registers.
 	 h=0,				%Available heap size.
@@ -227,11 +230,16 @@ validate_error_1(Error, Module, Name, Ar) ->
 	 setelem=false			%Previous instruction was setelement/3.
 	}).
 
+-type label()        :: integer().
+-type label_set()    :: gb_sets:set(label()).
+-type branched_tab() :: gb_trees:tree(label(), #st{}).
+-type ft_tab()       :: gb_trees:tree().
+
 -record(vst,				%Validator state
 	{current=none              :: #st{} | 'none',	%Current state
-	 branched=gb_trees:empty() :: gb_tree(),	%States at jumps
-	 labels=gb_sets:empty()    :: gb_set(),		%All defined labels
-	 ft=gb_trees:empty()       :: gb_tree()         %Some other functions
+	 branched=gb_trees:empty() :: branched_tab(),	%States at jumps
+	 labels=gb_sets:empty()    :: label_set(),	%All defined labels
+	 ft=gb_trees:empty()       :: ft_tab()          %Some other functions
 	 		% in the module (those that start with bs_start_match2).
 	}).
 
@@ -530,7 +538,7 @@ valfun_2(I, #vst{current=#st{ct=[[Fail]|_]}}=Vst) when is_integer(Fail) ->
     %% Update branched state
     valfun_3(I, branch_state(Fail, Vst));
 valfun_2(_, _) ->
-    error(ambigous_catch_try_state).
+    error(ambiguous_catch_try_state).
 
 %% Handle the remaining floating point instructions here.
 %% Floating point.
@@ -574,6 +582,7 @@ valfun_4({apply,Live}, Vst) ->
 valfun_4({apply_last,Live,_}, Vst) ->
     tail_call(apply, Live+2, Vst);
 valfun_4({call_fun,Live}, Vst) ->
+    validate_src([{x,Live}], Vst),
     call('fun', Live+1, Vst);
 valfun_4({call,Live,Func}, Vst) ->
     call(Func, Live, Vst);
@@ -628,6 +637,7 @@ valfun_4({gc_bif,Op,{f,Fail},Live,Src,Dst}, #vst{current=St0}=Vst0) ->
     Type = bif_type(Op, Src, Vst),
     set_type_reg(Type, Dst, Vst);
 valfun_4(return, #vst{current=#st{numy=none}}=Vst) ->
+    assert_term({x,0}, Vst),
     kill_state(Vst);
 valfun_4(return, #vst{current=#st{numy=NumY}}) ->
     error({stack_frame,NumY});
@@ -768,6 +778,10 @@ valfun_4({test,is_nonempty_list,{f,Lbl},[Cons]}, Vst) ->
 valfun_4({test,test_arity,{f,Lbl},[Tuple,Sz]}, Vst) when is_integer(Sz) ->
     assert_type(tuple, Tuple, Vst),
     set_type_reg({tuple,Sz}, Tuple, branch_state(Lbl, Vst));
+valfun_4({test,has_map_fields,{f,Lbl},Src,{list,List}}, Vst) ->
+    validate_src([Src], Vst),
+    assert_strict_literal_termorder(List),
+    branch_state(Lbl, Vst);
 valfun_4({test,_Op,{f,Lbl},Src}, Vst) ->
     validate_src(Src, Vst),
     branch_state(Lbl, Vst);
@@ -864,9 +878,38 @@ valfun_4({bs_final,{f,Fail},Dst}, Vst0) ->
 valfun_4({bs_final2,Src,Dst}, Vst0) ->
     assert_term(Src, Vst0),
     set_type_reg(binary, Dst, Vst0);
+%% Map instructions.
+valfun_4({put_map_assoc,{f,Fail},Src,Dst,Live,{list,List}}, Vst) ->
+    verify_put_map(Fail, Src, Dst, Live, List, Vst);
+valfun_4({put_map_exact,{f,Fail},Src,Dst,Live,{list,List}}, Vst) ->
+    verify_put_map(Fail, Src, Dst, Live, List, Vst);
+valfun_4({get_map_elements,{f,Fail},Src,{list,List}}, Vst) ->
+    verify_get_map(Fail, Src, List, Vst);
 valfun_4(_, _) ->
     error(unknown_instruction).
 
+verify_get_map(Fail, Src, List, Vst0) ->
+    assert_term(Src, Vst0),
+    Vst1 = branch_state(Fail, Vst0),
+    Lits = mmap(fun(L,_R) -> [L] end, List),
+    assert_strict_literal_termorder(Lits),
+    verify_get_map_pair(List,Vst0,Vst1).
+
+verify_get_map_pair([],_,Vst) -> Vst;
+verify_get_map_pair([Src,Dst|Vs],Vst0,Vsti) ->
+    assert_term(Src, Vst0),
+    verify_get_map_pair(Vs,Vst0,set_type_reg(term,Dst,Vsti)).
+
+verify_put_map(Fail, Src, Dst, Live, List, Vst0) ->
+    verify_live(Live, Vst0),
+    verify_y_init(Vst0),
+    foreach(fun (Term) -> assert_term(Term, Vst0) end, List),
+    assert_term(Src, Vst0),
+    Vst1 = heap_alloc(0, Vst0),
+    Vst2 = branch_state(Fail, Vst1),
+    Vst = prune_x_regs(Live, Vst2),
+    set_type_reg(term, Dst, Vst).
+
 %%
 %% Common code for validating bs_get* instructions.
 %%
@@ -887,7 +930,7 @@ validate_bs_skip_utf(Fail, Ctx, Live, Vst0) ->
     branch_state(Fail, Vst).
 
 %%
-%% Special state handling for setelement/3 and the set_tuple_element/3 instruction.
+%% Special state handling for setelement/3 and set_tuple_element/3 instructions.
 %% A possibility for garbage collection must not occur between setelement/3 and
 %% set_tuple_element/3.
 %%
@@ -1077,6 +1120,39 @@ assert_freg_set({fr,Fr}=Freg, #vst{current=#st{f=Fregs}})
     end;
 assert_freg_set(Fr, _) -> error({bad_source,Fr}).
 
+%%% Maps
+
+%% ensure that a list of literals has a strict
+%% ascending term order (also meaning unique literals)
+assert_strict_literal_termorder(Ls) ->
+    Vs = lists:map(fun (L) -> get_literal(L) end, Ls),
+    case check_strict_value_termorder(Vs) of
+	true ->  ok;
+	false -> error({not_strict_order, Ls})
+    end.
+
+%% usage:
+%% mmap(fun(A,B) -> [{A,B}] end, [1,2,3,4]),
+%% [{1,2},{3,4}]
+
+mmap(F,List) ->
+    {arity,Ar} = erlang:fun_info(F,arity),
+    mmap(F,Ar,List).
+mmap(_F,_,[]) -> [];
+mmap(F,Ar,List) ->
+    {Hd,Tl} = lists:split(Ar,List),
+    apply(F,Hd) ++ mmap(F,Ar,Tl).
+
+check_strict_value_termorder([]) -> true;
+check_strict_value_termorder([_]) -> true;
+check_strict_value_termorder([V1,V2]) ->
+    erts_internal:cmp_term(V1,V2) < 0;
+check_strict_value_termorder([V1,V2|Vs]) ->
+    case erts_internal:cmp_term(V1,V2) < 0 of
+	true -> check_strict_value_termorder([V2|Vs]);
+	false -> false
+    end.
+
 %%%
 %%% Binary matching.
 %%%
@@ -1312,6 +1388,7 @@ assert_term(Src, Vst) ->
 %% number		Integer or Float of unknown value
 %%
 
+
 assert_type(WantedType, Term, Vst) ->
     assert_type(WantedType, get_term_type(Term, Vst)).
 
@@ -1327,7 +1404,6 @@ assert_type({tuple_element,I}, {tuple,Sz})
 assert_type(Needed, Actual) ->
     error({bad_type,{needed,Needed},{actual,Actual}}).
 
-
 %% upgrade_tuple_type(NewTupleType, OldType) -> TupleType.
 %%  upgrade_tuple_type/2 is used when linear code finds out more and
 %%  more information about a tuple type, so that the type gets more
@@ -1408,6 +1484,15 @@ get_term_type_1({y,Y}=Reg, #vst{current=#st{y=Ys}}) when is_integer(Y) ->
 get_term_type_1(Src, _) -> error({bad_source,Src}).
 
 
+%% get_literal(Src) -> literal_value().
+get_literal(nil) -> [];
+get_literal({atom,A}) when is_atom(A) -> A;
+get_literal({float,F}) when is_float(F) -> F;
+get_literal({integer,I}) when is_integer(I) -> I;
+get_literal({literal,L}) -> L;
+get_literal(T) -> error({not_literal,T}).
+
+
 branch_arities([], _, #vst{}=Vst) -> Vst;
 branch_arities([Sz,{f,L}|T], Tuple, #vst{current=St}=Vst0) 
   when is_integer(Sz) ->