980037cefe
In AtomicOp64 ClearRegister is called twice to clear the registers r8 and r9. Thereby new registers may get allocated. We forgot to add the newly allocated registers to pinned after the first call to ClearRegister, which caused the same registers to be allocated again in the second ClearRegister, and thereby caused the bug. R=clemensb@chromium.org Change-Id: I0d069aea4c9438fe30c30c22406b4075ddf3e95c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170088 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67445}
24 lines
892 B
JavaScript
24 lines
892 B
JavaScript
// Copyright 2020 the V8 project authors. All rights reserved.
|
|
// // Use of this source code is governed by a BSD-style license that can be
|
|
// // found in the LICENSE file.
|
|
|
|
// Flags: --wasm-staging
|
|
|
|
load('test/mjsunit/wasm/wasm-module-builder.js');
|
|
|
|
const builder = new WasmModuleBuilder();
|
|
builder.addMemory(16, 32, false, true);
|
|
const sig = builder.addType(makeSig(
|
|
[kWasmI32, kWasmI32, kWasmI32, kWasmI32, kWasmI32, kWasmI32, kWasmI32],
|
|
[]));
|
|
builder.addFunction(undefined, sig).addBodyWithEnd([
|
|
// signature: v_iiiiifidi
|
|
// body:
|
|
kExprI32Const, 0x00, // i32.const
|
|
kExprI64Const, 0x00, // i64.const
|
|
kAtomicPrefix, kExprI64AtomicStore, 0x00, 0x00, // i64.atomic.store64
|
|
kExprEnd, // end @9
|
|
]);
|
|
builder.addExport('main', 0);
|
|
assertDoesNotThrow(() => builder.instantiate());
|