Merge #1191

1191: Fix singlepass miscompilation on `Operator::CallIndirect`. r=losfair a=losfair This fixes the 3 failing tests mentioned in https://00f.net/2019/10/22/updated-webassembly-benchmark/ . (TODO: Add test cases?) Co-authored-by: losfair <zhy20000919@hotmail.com>
2025-03-16 16:20:49 +00:00 · 2020-02-11 19:00:08 +00:00 · 2020-02-11 19:00:08 +00:00 · 3fb5f548ab
commit 3fb5f548ab
parent df268cff0e 2f4e9b1fe3
3 changed files with 35 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,7 @@
 ## **[Unreleased]**

 - [#1192](https://github.com/wasmerio/wasmer/pull/1192) Use `ExceptionCode` for error representation.
+- [#1191](https://github.com/wasmerio/wasmer/pull/1191) Fix singlepass miscompilation on `Operator::CallIndirect`.
 - [#1180](https://github.com/wasmerio/wasmer/pull/1180) Fix compilation for target `x86_64-unknown-linux-musl`.
 - [#1170](https://github.com/wasmerio/wasmer/pull/1170) Improve the WasiFs builder API with convenience methods for overriding stdin, stdout, and stderr as well as a new sub-builder for controlling the permissions and properties of preopened directories.  Also breaks that implementations of `WasiFile` must be `Send` -- please file an issue if this change causes you any issues.
 - [#1161](https://github.com/wasmerio/wasmer/pull/1161) Require imported functions to be `Send`. This is a breaking change that fixes a soundness issue in the API.
--- a/lib/singlepass-backend/src/codegen_x64.rs
+++ b/lib/singlepass-backend/src/codegen_x64.rs
@ -6316,7 +6316,7 @@ impl FunctionCodeGenerator<CodegenError> for X64FunctionCode {
                    ExceptionCode::CallIndirectOOB,
                    |a| a.emit_conditional_trap(Condition::BelowEqual),
                );
-                a.emit_mov(Size::S64, func_index, Location::GPR(table_count));
+                a.emit_mov(Size::S32, func_index, Location::GPR(table_count));
                a.emit_imul_imm32_gpr64(vm::Anyfunc::size() as u32, table_count);
                a.emit_add(
                    Size::S64,
--- a/lib/spectests/spectests/wasmer.wast
+++ b/lib/spectests/spectests/wasmer.wast
@ -0,0 +1,33 @@
+;; Wasmer-specific tests.
+
+(module
+  ;; Auxiliary definitions
+  (type $out-i32 (func (result i32)))
+
+  (func $const-i32 (type $out-i32) (i32.const 0x132))
+
+  (table funcref
+    (elem
+      $const-i32
+    )
+  )
+
+  ;; https://github.com/wasmerio/wasmer/pull/1191
+  (func (export "call-indirect-from-spilled-stack") (result i32)
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0) (i64.const 0))
+    (i64.add (i64.const 0x100000000) (i64.const 0))
+    (i32.wrap_i64)
+    (call_indirect (type $out-i32))
+    (return)
+  )
+)
+
+(assert_return (invoke "call-indirect-from-spilled-stack") (i32.const 0x132))