From 1b9ecebb696c22e97fd01506ce78e765bda1a63b Mon Sep 17 00:00:00 2001
From: Zhi An Ng <zhin@chromium.org>
Date: Wed, 28 Oct 2020 02:08:58 +0000
Subject: [PATCH] [wasm-simd][interpreter] Fix decoding memory imm for atomic
 op

The immediate might not be 2 bytes from start of instruction, because
the opcode is leb encoded.

Bug: chromium:1143053
Change-Id: I3c514e771419470ce34e02d4faa24e9e59676aa6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2504852
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70828}
---
 test/common/wasm/wasm-interpreter.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/common/wasm/wasm-interpreter.cc b/test/common/wasm/wasm-interpreter.cc
index 56a794ed92..6310c90fb4 100644
--- a/test/common/wasm/wasm-interpreter.cc
+++ b/test/common/wasm/wasm-interpreter.cc
@@ -1590,8 +1590,8 @@ class WasmInterpreterInternals {
   bool ExtractAtomicOpParams(Decoder* decoder, InterpreterCode* code,
                              Address* address, pc_t pc, int* const len,
                              type* val = nullptr, type* val2 = nullptr) {
-    MemoryAccessImmediate<Decoder::kNoValidation> imm(decoder, code->at(pc + 2),
-                                                      sizeof(type));
+    MemoryAccessImmediate<Decoder::kNoValidation> imm(
+        decoder, code->at(pc + *len), sizeof(type));
     if (val2) *val2 = static_cast<type>(Pop().to<op_type>());
     if (val) *val = static_cast<type>(Pop().to<op_type>());
     uint32_t index = Pop().to<uint32_t>();