Skip to content

Commit

Permalink
[torque] Fix crash when calling builtin via function pointer
Browse files Browse the repository at this point in the history 
When calling a builtin via a function pointer, torque tries to find any
builtin with the same parameter types for a descriptor. If no such
builtin exist, we currently crash.

Example:

type DoesNotExistFn = builtin(Context, Smi, Smi, Smi) => Smi;
macro TestMacro(c: Context, fn: DoesNotExistFn) {
  let result: Smi = fn(c, 1, 2, 3);
}

R=tebbi@chromium.org

Bug: v8:7793
Change-Id: Ia7436dc6541aca5de2e8dcb6b2a09978a1af9d39
Reviewed-on: https://chromium-review.googlesource.com/1123821
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54165}
  • Loading branch information
@szuend
szuend authored and Commit Bot committed Jul 3, 2018
1 parent 2bc78a1 commit 08d11cd
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/torque/implementation-visitor.cc
View file
Expand Up @@ -1428,6 +1428,11 @@ VisitResult ImplementationVisitor::GeneratePointerCall(

Builtin* example_builtin =
declarations()->FindSomeInternalBuiltinWithType(type);
if (!example_builtin) {
std::stringstream stream;
stream << "unable to find any builtin with type \"" << *type << "\"";
ReportError(stream.str());
}

if (is_tailcall) {
source_out() << "TailCallStub(";
Expand Down

0 comments on commit 08d11cd

Please sign in to comment.