[wasm] Use correct instance when calling start function

We were always using the instance we were currently building. If the start function is an exported wasm function of another instance, use the exporting instance instead. R=titzer@chromium.org Bug: chromium:843120 Change-Id: I141d272b947bef8e903be7208ddf6ce344e754c4 Reviewed-on: https://chromium-review.googlesource.com/1059620 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#53190}
2018-05-15 16:55:58 +02:00 · 2018-05-15 16:55:58 +02:00 · 37e9017f8e
commit 37e9017f8e
parent b9df312346
2 changed files with 39 additions and 4 deletions
--- a/src/wasm/module-compiler.cc
+++ b/src/wasm/module-compiler.cc
@ -1828,15 +1828,25 @@ MaybeHandle<WasmInstanceObject> InstanceBuilder::Build() {
  //--------------------------------------------------------------------------
  if (module_->start_function_index >= 0) {
    int start_index = module_->start_function_index;
-    wasm::WasmCode* start_code =
-        native_module->GetIndirectlyCallableCode(start_index);
+    Handle<WasmInstanceObject> start_function_instance = instance;
+    wasm::WasmCode* start_code;
+    if (static_cast<uint32_t>(start_index) < module_->num_imported_functions) {
+      ImportedFunctionEntry entry(instance, start_index);
+      start_function_instance = handle(entry.instance(), isolate_);
+      start_code =
+          isolate_->wasm_engine()->code_manager()->GetCodeFromStartAddress(
+              entry.target());
+      DCHECK_EQ(start_code->native_module(),
+                start_function_instance->compiled_module()->GetNativeModule());
+    } else {
+      start_code = native_module->GetIndirectlyCallableCode(start_index);
+    }
    FunctionSig* sig = module_->functions[start_index].sig;
    Handle<Code> wrapper_code = js_to_wasm_cache_.CloneOrCompileJSToWasmWrapper(
        isolate_, module_, start_code, start_index, use_trap_handler());
    start_function_ = WasmExportedFunction::New(
-        isolate_, instance, MaybeHandle<String>(), start_index,
+        isolate_, start_function_instance, MaybeHandle<String>(), start_index,
        static_cast<int>(sig->parameter_count()), wrapper_code);
-    RecordStats(start_code, counters());
  }

  DCHECK(!isolate_->has_pending_exception());
--- a/test/mjsunit/wasm/import-function.js
+++ b/test/mjsunit/wasm/import-function.js
@ -360,3 +360,28 @@ testImportName('');
  new WebAssembly.Instance(module, {q: {imp: _ => set_global(27)}});
  assertEquals(27, global);
 })();
+
+(function testImportedStartFunctionUsesRightInstance() {
+  print(arguments.callee.name);
+  var global = 0;
+  const set_global = n => global = n;
+  const exp = (function() {
+    const builder = new WasmModuleBuilder();
+    builder.addMemory(1, 1);
+    builder.exportMemoryAs('mem');
+    const imp_index = builder.addImport('q', 'imp', kSig_v_i);
+    builder.addFunction('f', kSig_v_v)
+        .addBody([kExprI32Const, 0, kExprI32Const, 11, kExprI32StoreMem8, 0, 0])
+        .exportFunc();
+    return builder.instantiate({q: {imp: set_global}}).exports;
+  })();
+
+  const builder = new WasmModuleBuilder();
+  const imp_index = builder.addImport('q', 'imp', kSig_v_v);
+  builder.addStart(imp_index);
+  const module = builder.toModule();
+
+  assertEquals(0, new Uint8Array(exp.mem.buffer)[0], 'memory initially 0');
+  new WebAssembly.Instance(module, {q: {imp: exp.f}});
+  assertEquals(11, new Uint8Array(exp.mem.buffer)[0], 'memory changed to 11');
+})();