244352 – [Wasm-GC] Fix regression on armv7 in structs.js test

Bug 244352 - [Wasm-GC] Fix regression on armv7 in structs.js test

Summary: [Wasm-GC] Fix regression on armv7 in structs.js test

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebAssembly (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:	247394
	Show dependency tree / graph

Reported:	2022-08-25 13:00 PDT by Asumu Takikawa
Modified:	2022-11-02 17:15 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Asumu Takikawa 2022-08-25 13:00:23 PDT

On armv7 builds, the structs.js test fails (at least in debug mode):

```
wasm.yaml/wasm/gc/structs.js.default-wasm: ASSERTION FAILED: isCell()                                     
wasm.yaml/wasm/gc/structs.js.default-wasm: ../../Source/JavaScriptCore/runtime/JSCJSValueInlines.h(406) : JSC::JSCell* JSC::JSValue::asCell() const
wasm.yaml/wasm/gc/structs.js.default-wasm: ERROR: Unexpected exit code: 134
```

This is a regression introduced by https://github.com/WebKit/WebKit/pull/2983.

The cause is a write to the callee slot of the call frame header that doesn't account for the tag on 32-bit. There is a straightforward fix (use `storeCell` or 32-bit specific code as done elsewhere in WasmToJS.cpp) that I'll submit soon.

Comment 1 Asumu Takikawa 2022-08-25 13:16:35 PDT

Pull request: https://github.com/WebKit/WebKit/pull/3670

Comment 2 EWS 2022-08-29 09:24:14 PDT

Committed 253906@main (97d8c872ff5e): <https://commits.webkit.org/253906@main>

Reviewed commits have been landed. Closing PR #3670 and removing active labels.

Comment 3 Radar WebKit Bug Importer 2022-08-29 09:25:19 PDT

<rdar://problem/99280742>