91f0cd0082
Fixing a few float and int overflows. Drive-by fix: with --experimental-wasm-bigint, Number values may not be used to initialize i64-typed globals. The existing code for doing that relied on UB; since it's a spec violation the fix is to throw instead. No regression test for 933103 because it will OOM anyway. No regression test for 932896 because it would be extremely slow. Bug: chromium:927894, chromium:927996, chromium:930086, chromium:932679, chromium:932896, chromium:933103, chromium:933134 Change-Id: Iae1c1ff1038af4512a52d3e56b8c4b75f2233314 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1495911 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#60075}
20 lines
567 B
JavaScript
20 lines
567 B
JavaScript
// Copyright 2019 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
load('test/mjsunit/wasm/wasm-module-builder.js');
|
|
|
|
// crbug.com/933134
|
|
(function() {
|
|
var builder = new WasmModuleBuilder();
|
|
builder.addImportedGlobal("mod", "i32", kWasmI32);
|
|
builder.addImportedGlobal("mod", "f32", kWasmF32);
|
|
var module = new WebAssembly.Module(builder.toBuffer());
|
|
return new WebAssembly.Instance(module, {
|
|
mod: {
|
|
i32: 1e12,
|
|
f32: 1e300,
|
|
}
|
|
});
|
|
})();
|