Commit b5c69cbf authored by ahaas's avatar ahaas Committed by Commit bot

[builtins] NonNumberToNumber and StringToNumber now use CallRuntime instead of TailCallRuntime

With the tail call, pointers to the JS heap could be pushed on a
js-to-wasm frame. On the js-to-wasm frame, however, this pointer would
not be updated by the GC.

R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com, v8-mips-ports@googlegroups.com
BUG=617084
TEST=mjsunit/wasm/gc-frame.js:GCInJSToWasmTest()

Review-Url: https://codereview.chromium.org/2079393003
Cr-Commit-Position: refs/heads/master@{#37132}
parent 706b3f27
......@@ -2699,8 +2699,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ bind(&runtime);
__ Push(r0); // Push argument.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(r0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
void Builtins::Generate_ToNumber(MacroAssembler* masm) {
......@@ -2734,9 +2741,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ ldr(r0, FieldMemOperand(r0, Oddball::kToNumberOffset));
__ Ret();
__ bind(&not_oddball);
__ Push(r0); // Push argument.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(r0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -2792,8 +2792,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ Bind(&runtime);
__ Push(x0); // Push argument.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(x0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
// static
......@@ -2836,9 +2843,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ Ldr(x0, FieldMemOperand(x0, Oddball::kToNumberOffset));
__ Ret();
__ Bind(&not_oddball);
__ Push(x0); // Push argument.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(x0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -2666,10 +2666,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ bind(&runtime);
__ PopReturnAddressTo(ecx); // Pop return address.
__ Push(eax); // Push argument.
__ PushReturnAddressFrom(ecx); // Push return address.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ push(eax);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
// static
......@@ -2710,11 +2715,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ mov(eax, FieldOperand(eax, Oddball::kToNumberOffset));
__ Ret();
__ bind(&not_oddball);
__ pop(ecx); // Pop return address.
__ push(eax); // Push argument.
__ push(ecx); // Push return address.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ push(eax);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -2776,8 +2776,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ bind(&runtime);
__ Push(a0); // Push argument.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(a0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
// static
......@@ -2821,9 +2828,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ Ret(USE_DELAY_SLOT);
__ lw(v0, FieldMemOperand(a0, Oddball::kToNumberOffset)); // In delay slot.
__ bind(&not_oddball);
__ Push(a0); // Push argument.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(a0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -2762,8 +2762,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ bind(&runtime);
__ Push(a0); // Push argument.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(a0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
// static
......@@ -2807,9 +2814,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ Ret(USE_DELAY_SLOT);
__ ld(v0, FieldMemOperand(a0, Oddball::kToNumberOffset)); // In delay slot.
__ bind(&not_oddball);
__ Push(a0); // Push argument.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(a0);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -2094,10 +2094,15 @@ void Builtins::Generate_StringToNumber(MacroAssembler* masm) {
__ Ret();
__ bind(&runtime);
__ PopReturnAddressTo(rcx); // Pop return address.
__ Push(rax); // Push argument.
__ PushReturnAddressFrom(rcx); // Push return address.
__ TailCallRuntime(Runtime::kStringToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(rax);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kStringToNumber);
}
__ Ret();
}
// static
......@@ -2139,11 +2144,15 @@ void Builtins::Generate_NonNumberToNumber(MacroAssembler* masm) {
__ movp(rax, FieldOperand(rax, Oddball::kToNumberOffset));
__ Ret();
__ bind(&not_oddball);
__ PopReturnAddressTo(rcx); // Pop return address.
__ Push(rax); // Push argument.
__ PushReturnAddressFrom(rcx); // Push return address.
__ TailCallRuntime(Runtime::kToNumber);
{
FrameScope frame(masm, StackFrame::INTERNAL);
// Push argument.
__ Push(rax);
// We cannot use a tail call here because this builtin can also be called
// from wasm.
__ CallRuntime(Runtime::kToNumber);
}
__ Ret();
}
void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
......
......@@ -66,9 +66,32 @@ function print10(a, b, c, d, e, f, g, h, i) {
}
})();
(function I32Test() {
(function F64Test() {
var main = makeFFI(print10, kAstF64);
for (var i = 1; i < 2e+80; i *= -1137) {
main(i - 1, i, i + 2, i + 3, i + 4, i + 5, i + 6, i + 7, i + 8);
}
})();
(function GCInJSToWasmTest() {
var builder = new WasmModuleBuilder();
var sig_index = builder.addSignature([1, kAstI32, 1, kAstI32]);
builder.addFunction("main", sig_index)
.addBody([
kExprGetLocal, 0, // --
]) // --
.exportFunc();
var main = builder.instantiate({}).exports.main;
var gc_object = {
valueOf: function() {
// Call the GC in valueOf, which is called within the JSToWasm wrapper.
gc();
return {};
}
};
main(gc_object);
})();
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment