b2b2583d79
The instruction selector currently sometimes emits a lea32 with an offset of 0, which the code generator just ignores (emits no code at all). This can result in the result of TruncateInt64ToInt32 to not be zero extended. This CL fixes that by disallowing lea32 instructions with 0 offset, and fixing the instruction selector to generate a movl or just no code for that case. R=jarin@chromium.org Bug: chromium:863810, v8:7947 Change-Id: I1b21fc5f0fda9ca3144917538c3d0bbf46601c33 Reviewed-on: https://chromium-review.googlesource.com/1137825 Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#54489}
20 lines
660 B
JavaScript
20 lines
660 B
JavaScript
// Copyright 2018 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
// Flags: --no-liftoff --no-wasm-tier-up --no-future --debug-code
|
|
|
|
load('test/mjsunit/wasm/wasm-constants.js');
|
|
load('test/mjsunit/wasm/wasm-module-builder.js');
|
|
|
|
const builder = new WasmModuleBuilder();
|
|
builder.addFunction('main', kSig_i_v)
|
|
.addBody([
|
|
kExprI64Const, 0xa3, 0x82, 0x83, 0x86, 0x8c, 0xd8, 0xae, 0xb5, 0x40,
|
|
kExprI32ConvertI64,
|
|
kExprI32Const, 0x00,
|
|
kExprI32Sub,
|
|
]).exportFunc();
|
|
const instance = builder.instantiate();
|
|
print(instance.exports.main(1, 2, 3));
|