[wasm][sim][jspi] Fix inconsistent stack limit margin

thibaudmichaud · V8 LUCI CQ · commit dfc894cd22d8 · 2025-03-26T03:10:53.000-07:00
The arm simulators have their own stack limit margin, Simulator::kAdditionalStackMargin, which differs from the one used by JSPI, StackMemory::kJSLimitOffsetKB. These two values where sometimes used inconsistently. Always use the former for simulator builds and the latter for native builds. R=jkummerow@chromium.org Fixed: 405522049 Change-Id: I5496f0d0cd6629dba6bfb9165635939915168f40 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/6388625 Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#99465}
diff --git a/src/execution/arm/simulator-arm.h b/src/execution/arm/simulator-arm.h
@@ -246,6 +246,7 @@ class Simulator : public SimulatorBase {
   // Return central stack view, without additional safety margins.
   // Users, for example wasm::StackMemory, can add their own.
   base::Vector<uint8_t> GetCentralStackView() const;
+  static constexpr int JSStackLimitMargin() { return kAdditionalStackMargin; }
 
   void IterateRegistersAndStack(::heap::base::StackVisitor* visitor);
 
diff --git a/src/execution/arm64/simulator-arm64.h b/src/execution/arm64/simulator-arm64.h
@@ -766,6 +766,7 @@ class Simulator : public DecoderVisitor, public SimulatorBase {
   // Return central stack view, without additional safety margins.
   // Users, for example wasm::StackMemory, can add their own.
   base::Vector<uint8_t> GetCentralStackView() const;
+  static constexpr int JSStackLimitMargin() { return kAdditionalStackMargin; }
 
   void IterateRegistersAndStack(::heap::base::StackVisitor* visitor);
 
diff --git a/src/execution/isolate.cc b/src/execution/isolate.cc
@@ -2341,7 +2341,7 @@ Tagged<Object> Isolate::UnwindAndFindHandler() {
         RetireWasmStack(old_continuation);
 #if USE_SIMULATOR_BOOL && V8_TARGET_ARCH_ARM64
         Simulator::current(this)->SetStackLimit(
-            reinterpret_cast<uintptr_t>(parent->jslimit()));
+            reinterpret_cast<uintptr_t>(parent->jmpbuf()->stack_limit));
 #endif
         continue;
       }
@@ -3848,7 +3848,7 @@ void Isolate::SwitchStacks(Tagged<WasmContinuationObject> old_continuation) {
       reinterpret_cast<wasm::StackMemory*>(old_continuation->stack());
   if (v8_flags.trace_wasm_stack_switching) {
     if (stack->jmpbuf()->state == wasm::JumpBuffer::Suspended) {
-      PrintF("Switch from stack %d to #%d (resume/start)\n", old_stack->id(),
+      PrintF("Switch from stack %d to %d (resume/start)\n", old_stack->id(),
              stack->id());
     } else if (stack->jmpbuf()->state == wasm::JumpBuffer::Inactive) {
       PrintF("Switch from stack %d to %d (suspend/return)\n", old_stack->id(),
diff --git a/src/execution/simulator.h b/src/execution/simulator.h
@@ -56,10 +56,14 @@ class SimulatorStack : public v8::internal::AllStatic {
   }
 
 #if V8_ENABLE_WEBASSEMBLY
+  // Includes the safety stack limit gap.
   static inline base::Vector<uint8_t> GetCentralStackView(
       v8::internal::Isolate* isolate) {
     return Simulator::current(isolate)->GetCentralStackView();
   }
+
+  // Size of the safety stack limit gap.
+  static int JSStackLimitMargin() { return Simulator::JSStackLimitMargin(); }
 #endif
 
   // Iterates the simulator registers and stack for conservative stack scanning.
@@ -107,11 +111,14 @@ class SimulatorStack : public v8::internal::AllStatic {
   static inline base::Vector<uint8_t> GetCentralStackView(
       v8::internal::Isolate* isolate) {
     uintptr_t upper_bound = base::Stack::GetStackStart();
-    size_t size =
-        isolate->stack_size() + wasm::StackMemory::kJSLimitOffsetKB * KB;
+    size_t size = isolate->stack_size() + JSStackLimitMargin();
     uintptr_t lower_bound = upper_bound - size;
     return base::VectorOf(reinterpret_cast<uint8_t*>(lower_bound), size);
   }
+
+  static constexpr int JSStackLimitMargin() {
+    return wasm::StackMemory::kJSLimitOffsetKB * KB;
+  }
 #endif
 
   static void IterateRegistersAndStack(Isolate* isolate,
diff --git a/src/wasm/stacks.cc b/src/wasm/stacks.cc
@@ -28,6 +28,11 @@ StackMemory::~StackMemory() {
   }
 }
 
+void* StackMemory::jslimit() const {
+  return (active_segment_ ? active_segment_->limit_ : limit_) +
+         SimulatorStack::JSStackLimitMargin();
+}
+
 StackMemory::StackMemory() : owned_(true) {
   static std::atomic<int> next_id(1);
   id_ = next_id.fetch_add(1);
@@ -37,8 +42,9 @@ StackMemory::StackMemory() : owned_(true) {
   const size_t size_limit = v8_flags.stack_size;
   PageAllocator* allocator = GetPlatformPageAllocator();
   auto page_size = allocator->AllocatePageSize();
-  size_t initial_size =
-      std::min<size_t>(size_limit, kJsStackSizeKB + kJSLimitOffsetKB) * KB;
+  size_t initial_size = std::min<size_t>(
+      size_limit * KB,
+      kJsStackSizeKB * KB + SimulatorStack::JSStackLimitMargin());
   first_segment_ =
       new StackSegment(RoundUp(initial_size, page_size) / page_size);
   active_segment_ = first_segment_;
diff --git a/src/wasm/stacks.h b/src/wasm/stacks.h
@@ -71,10 +71,7 @@ class StackMemory {
   static StackMemory* GetCentralStackView(Isolate* isolate);
 
   ~StackMemory();
-  void* jslimit() const {
-    return (active_segment_ ? active_segment_->limit_ : limit_) +
-           kJSLimitOffsetKB * KB;
-  }
+  void* jslimit() const;
   Address base() const {
     Address memory_limit = active_segment_
                                ? active_segment_->base()
