Baseline: assorted SIMD corner case bugs
Categories
(Core :: JavaScript: WebAssembly, defect, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox78 | --- | fixed |
People
(Reporter: lth, Assigned: lth)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
needResultRegisters() only allocates SIMD registers if which == RegKind::All, so we must free only in that situation too. Slightly surprising that we've not stumbled across that in an assertion, but needIntegerResultRegisters() is only used by br_table and it could be that no v128 test uses br_table; will test this hypothesis.
|
Assignee | |
Comment 1•5 years ago
|
||
Test case, run with --wasm-simd in a debug build and we trigger the expected assert:
new WebAssembly.Module(wasmTextToBinary(`
(module
(memory (export "mem") 1 1)
(func $f (result v128)
(block $B1 (result v128)
(v128.const i32x4 1 2 3 4)
(br_table $B1 (i32.const 0)))))`))
|
|
Assignee | |
Updated•5 years ago
|
|
|
Assignee | |
Comment 2•5 years ago
|
||
Another one: when materializing values during popStackResults, we need to handle the ConstV128 case. (This is yet another instance of the general badness of allowing a default on an enum class, as an exhaustive switch would have caught this problem a long time ago.)
|
|
Assignee | |
Comment 3•5 years ago
|
||
There was a missing guard when freeing the SIMD result register; it
was freed unconditionally, but this would fail for br_table, when only
the int register is needed.
There was a missing case when materializing constants during
popStackResults, we need to handle V128 here.
In both cases the underlying cause was iffy test coverage, though in
the latter case the problem is also that we allow the use of switch
with default for enum class value sets, thus masking problems where a
case that must be covered is not covered.
|
||
Updated•5 years ago
|
|
||
Comment 5•5 years ago
|
||
| bugherder | ||
Description
•