v8/test/mjsunit/regress/wasm/regress-1125951.js
Andreas Haas 7c4b930242 Reland "[wasm][liftoff] Emit safepoints for externref values on the stack"
The emitted safepoint entries had the wrong size, because it did not
contain StandardFrameConstants::kFixedFrameSizeAboveFp. The code still
worked because the indices of encoded in the entries where too low by
StandardFrameConstants::kFixedFrameSizeAboveFp and thereby corrected
the invalid size. It worked as follows:

First the stack_slots_size gets calculated from the safepoint entry.
Then the position of a stack slot was
"frame_header_base + stack_slots_size - index * pointer_size", where
"index" is what is encoded in the safepoint map. Because of the incorrect
encoding, both stack_slot_size and index were too low by
StandardFrameConstants::kFixedFrameSizeAboveFp. Therefore the errors in
both values eliminated each other, making the end result correct.

With --print-code, the safepoint entry size was also read, and it
crashed because the encoded value was too low.

The reland fixes the indices.

Original message:

With this CL we emit safepoint maps for externref values on the Liftoff
value stack. With that there is support for externref parameters and
locals in Liftoff, as well as for intermediate values of type
externref.

R=thibaudm@chromium.org

Bug: v8:7581
Change-Id: I88444e57745d7b9fe8f1630e904d49736fa9d720
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2398531
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69786}
2020-09-09 15:38:32 +00:00

21 lines
749 B
JavaScript

// Copyright 2020 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --expose-wasm --liftoff --no-wasm-tier-up --print-code --wasm-staging
// Flags: --experimental-wasm-threads
load("test/mjsunit/wasm/wasm-module-builder.js");
(function testPrintCode() {
let builder = new WasmModuleBuilder();
builder.addMemory(1, undefined, false);
builder
.addFunction('main', makeSig([kWasmI32, kWasmI32, kWasmF64], [kWasmI32]))
.addBody([
kExprLocalGet, 0, kExprLocalGet, 1, kExprI64UConvertI32, kExprLocalGet,
2, kExprI64SConvertF64, kAtomicPrefix, kExprI64AtomicWait, 0, 0
]);
builder.instantiate();
})();