New issue
Advanced search Search tips

Issue 849656 link

Starred by 1 user
Status: Fixed
Owner:
clemensh@chromium.org
Closed: Jun 2018
Cc:
mstarzinger@chromium.org
adamk@chromium.org
titzer@chromium.org
dschuff@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

[ia32] --print-wasm-code broken after deserialization

Project Member Reported by clemensh@chromium.org, Jun 5 2018 
Reproducer:

=================================================================
// Flags: --allow-natives-syntax --print-wasm-code

load('test/mjsunit/wasm/wasm-constants.js');
load('test/mjsunit/wasm/wasm-module-builder.js');

var builder = new WasmModuleBuilder();
builder.addImport("", "imp", kSig_i_v);

builder.addFunction('main', kSig_i_v)
    .addBody([
      kExprCallFunction,
      0,
    ])
    .exportFunc();

var wire_bytes = builder.toBuffer();
var module = new WebAssembly.Module(wire_bytes);
print("serializing");
var buff = %SerializeWasmModule(module);
print("deserializing");
module = %DeserializeWasmModule(buff, wire_bytes);
=================================================================

On ia32, results in:

#
# Fatal error in ../../src/ia32/disasm-ia32.cc, line 2541
# Debug check failed: instr_len > 0 (0 vs. 0).
#
Project Member

Comment 1 by ClusterFuzz, Jun 5 2018 

ClusterFuzz is analyzing your testcase. Developers can follow the progress at https://clusterfuzz.com/testcase?key=6033379037020160.

Comment 2 by clemensh@chromium.org, Jun 5 2018 

Hm, seems like we don't have clusterfuzz bots for ia32. Doing a manual bisect.

Comment 3 by clemensh@chromium.org, Jun 5 2018

Cc: -clemensh@chromium.org mstarzinger@chromium.org
Owner: clemensh@chromium.org
Status: Started (was: Untriaged)
Bisects to 79c7e1897a78e057c6d59b48205ddb88fa835b4c ([wasm] Use retpoline for indirect calls).
Probably just missing disassembler support for the pause instruction.

Comment 4 by clemensh@chromium.org, Jun 5 2018 

Note: The serialize/deserialize steps are only needed because we currently don't print wasm code on compilation (see  issue 849713 ).

Comment 5 by clemensh@chromium.org, Jun 5 2018 

CL to implement the 'pause' instruction on ia32: https://crrev.com/c/1087271
Project Member

Comment 6 by bugdroid1@chromium.org, Jun 5 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/423b8a2011e8def61180aff9c75325e36c17dda3

commit 423b8a2011e8def61180aff9c75325e36c17dda3
Author: Clemens Hammacher <clemensh@chromium.org>
Date: Tue Jun 05 19:12:14 2018

[ia32] Add disassembler support for 'pause'

R=mstarzinger@chromium.org

Bug:  chromium:849656 
Change-Id: I34effca4770f732216b93b5e4e8c28383f2f9963
Reviewed-on: https://chromium-review.googlesource.com/1087271
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53534}
[modify] https://crrev.com/423b8a2011e8def61180aff9c75325e36c17dda3/src/ia32/disasm-ia32.cc
[modify] https://crrev.com/423b8a2011e8def61180aff9c75325e36c17dda3/test/cctest/test-disasm-ia32.cc
Project Member

Comment 7 by bugdroid1@chromium.org, Jun 5 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/dd8356020f98ee3d15b03d10b7bdcf15336da912

commit dd8356020f98ee3d15b03d10b7bdcf15336da912
Author: Clemens Hammacher <clemensh@chromium.org>
Date: Tue Jun 05 19:15:15 2018

[wasm] Add test for printing wasm code after deserialization

R=mstarzinger@chromium.org

Bug:  chromium:849656 
Change-Id: I4c1990e10905969c94913f434ec0013e5cbbfb19
Reviewed-on: https://chromium-review.googlesource.com/1087273
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53535}
[add] https://crrev.com/dd8356020f98ee3d15b03d10b7bdcf15336da912/test/mjsunit/wasm/print-code.js

Comment 8 by clemensh@chromium.org, Jun 5 2018

Status: Fixed (was: Started)

Sign in to add a comment