[Atomics] code stubs for atomic operations

src/builtins.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/builtins.h"
 
 #include "src/api.h"
 #include "src/api-natives.h"
 #include "src/arguments.h"
 #include "src/base/once.h"
 #include "src/bootstrapper.h"
+#include "src/compiler/code-stub-assembler.h"
 #include "src/dateparser-inl.h"
 #include "src/elements.h"
 #include "src/frames-inl.h"
 #include "src/gdb-jit.h"
 #include "src/ic/handler-compiler.h"
 #include "src/ic/ic.h"
 #include "src/isolate-inl.h"
 #include "src/messages.h"
 #include "src/profiler/cpu-profiler.h"
 #include "src/property-descriptor.h"
@@ skipping 4329 matching lines @@
 void Builtins::Generate_InterruptCheck(MacroAssembler* masm) {
   masm->TailCallRuntime(Runtime::kInterrupt);
 }
 
 
 void Builtins::Generate_StackCheck(MacroAssembler* masm) {
   masm->TailCallRuntime(Runtime::kStackGuard);
 }
 
 
+namespace {
+
+void ValidateSharedTypedArray(compiler::CodeStubAssembler* a,
+                              compiler::Node* tagged, compiler::Node* context) {
+  using namespace compiler;
+  CodeStubAssembler::Label is_smi(a), not_smi(a), is_typed_array(a),
+      not_typed_array(a), is_shared(a), not_shared(a), is_float(a),
+      not_float(a), invalid(a);
+
+  // Check if it is a heap object.
+  a->Branch(a->WordIsSmi(tagged), &is_smi, &not_smi);
+  a->Bind(&is_smi);
+  a->Goto(&invalid);
+
+  // Check if the array's instance type is JSTypedArray.
+  a->Bind(&not_smi);
+  a->Branch(a->WordEqual(a->InstanceType(tagged),
+                         a->Int32Constant(JS_TYPED_ARRAY_TYPE)),
+            &is_typed_array, &not_typed_array);
+  a->Bind(&not_typed_array);
+  a->Goto(&invalid);
+
+  // Check if the array's JSArrayBuffer is shared.
+  a->Bind(&is_typed_array);
+  Node* is_buffer_shared =
+      a->BitFieldValue<JSArrayBuffer::IsShared>(a->LoadObjectField(
+          a->LoadObjectField(tagged, JSTypedArray::kBufferOffset),
+          JSArrayBuffer::kBitFieldOffset));
+  a->Branch(is_buffer_shared, &is_shared, &not_shared);
+  a->Bind(&not_shared);
+  a->Goto(&invalid);
+
+  // Check if the array's element type is float32 or float64.
+  // TODO(binji): should fail on clamped as well.
+  a->Bind(&is_shared);
+  Node* elements_instance_type =
+      a->InstanceType(a->LoadObjectField(tagged, JSObject::kElementsOffset));
+  a->Branch(a->WordOr(a->WordEqual(elements_instance_type,
+                                   a->Int32Constant(FIXED_FLOAT32_ARRAY_TYPE)),
+                      a->WordEqual(elements_instance_type,
+                                   a->Int32Constant(FIXED_FLOAT64_ARRAY_TYPE))),
+            &is_float, &not_float);
+  a->Bind(&is_float);
+  a->Goto(&invalid);
+
+  a->Bind(&invalid);
+  a->TailCallRuntime(Runtime::kThrowNotIntegerSharedTypedArrayError, context,
+                     tagged);
+
+  a->Bind(&not_float);
+}
+
+
+compiler::Node* TaggedNumberAsWord32(compiler::CodeStubAssembler* a,
+                                     compiler::Node* tagged) {
+  using namespace compiler;
+  CodeStubAssembler::Label is_smi(a), is_not_smi(a), is_word(a);
+  CodeStubAssembler::Variable result(a, MachineRepresentation::kWord32);
+
+  a->Branch(a->WordIsSmi(tagged), &is_smi, &is_not_smi);
+
+  a->Bind(&is_smi);
+  result.Bind(a->SmiUntag(tagged));
+  a->Goto(&is_word);
+
+  a->Bind(&is_not_smi);
+  result.Bind(a->ChangeFloat64ToUint32(a->LoadHeapNumber(tagged)));
+  a->Goto(&is_word);
+
+  a->Bind(&is_word);
+  return result.value();
+}
+
+
+compiler::Node* ConvertTaggedAtomicIndexToWord32(compiler::CodeStubAssembler* a,
+                                                 compiler::Node* tagged,
+                                                 compiler::Node* context) {
+  using namespace compiler;
+  CodeStubAssembler::Label is_smi(a), is_not_smi(a), is_string(a),
+      is_not_string(a), strings_equal(a), strings_not_equal(a),
+      string_number_is_smi(a), string_number_is_not_smi(a), is_number(a),
+      convert_number(a), is_unknown(a), is_integer(a), is_not_integer(a),
+      is_word(a), invalid(a);
+  CodeStubAssembler::Variable number(a, MachineRepresentation::kTagged);
+  CodeStubAssembler::Variable word(a, MachineRepresentation::kWord32);
+
+  // Check if the index's type is a Smi.
+  a->Branch(a->WordIsSmi(tagged), &is_smi, &is_not_smi);
+
+  // Check if the index's type is a String.
+  a->Bind(&is_not_smi);
+  Node* instance_type = a->InstanceType(tagged);
+  a->Branch(a->WordEqual(
+                a->WordAnd(instance_type, a->Int32Constant(kIsNotStringMask)),
+                a->Int32Constant(0)),
+            &is_string, &is_not_string);
+
+  // Check that converting the string to a number and back is equal to itself.
+  a->Bind(&is_string);
+  Node* string_as_number =
+      a->CallRuntime(Runtime::kStringToNumber, context, tagged);
+  a->Branch(
+      a->WordEqual(a->CallRuntime(Runtime::kStringEquals, context,
+                                  a->CallRuntime(Runtime::kNumberToString,
+                                                 context, string_as_number),
+                                  tagged),
+                   a->Int32Constant(EQUAL)),
+      &strings_equal, &strings_not_equal);
+
+  a->Bind(&strings_not_equal);
+  a->Goto(&invalid);
+
+  // Check if the string converted to a number is a Smi.
+  a->Bind(&strings_equal);
+  a->Branch(a->WordIsSmi(string_as_number), &string_number_is_smi,
+            &string_number_is_not_smi);
+
+  // If the string-number is a Smi, untag it.
+  a->Bind(&string_number_is_smi);
+  word.Bind(a->SmiUntag(string_as_number));
+  a->Goto(&is_word);
+
+  // If the string-number is a HeapNumber, convert it to a word32.
+  a->Bind(&string_number_is_not_smi);
+  number.Bind(string_as_number);
+  a->Goto(&convert_number);
+
+  // Check if the index's type is a HeapNumber.
+  a->Bind(&is_not_string);
+  a->Branch(a->WordEqual(instance_type, a->Int32Constant(HEAP_NUMBER_TYPE)),
+            &is_number, &is_unknown);
+
+  // Index is an invalid type, throw.
+  a->Bind(&is_unknown);
+  a->Goto(&invalid);
+
+  a->Bind(&is_number);
+  number.Bind(tagged);
+  a->Goto(&convert_number);
+
+  // Convert index from a HeapNumber to a word32.
+  a->Bind(&convert_number);
+  Node* number_value = a->LoadHeapNumber(number.value());
+  word.Bind(a->ChangeFloat64ToUint32(number_value));
+
+  // Check that the index is an integer.
+  a->Branch(
+      a->Float64Equal(a->ChangeUint32ToFloat64(word.value()), number_value),
+      &is_integer, &is_not_integer);
+
+  a->Bind(&is_not_integer);
+  a->Goto(&invalid);
+
+  a->Bind(&is_integer);
+  a->Goto(&is_word);
+
+  // Index is a Smi, untag.
+  a->Bind(&is_smi);
+  word.Bind(a->SmiUntag(tagged));
+  a->Goto(&is_word);
+
+  a->Bind(&invalid);
+  a->TailCallRuntime(Runtime::kThrowInvalidAtomicAccessIndexError, context);
+
+  a->Bind(&is_word);
+  return word.value();
+}
+
+
+void ValidateAtomicIndex(compiler::CodeStubAssembler* a,
+                         compiler::Node* index_word,
+                         compiler::Node* array_length_word,
+                         compiler::Node* context) {
+  using namespace compiler;
+  // Check if the index is in bounds. If not, throw RangeError.
+  CodeStubAssembler::Label in_bounds(a), not_in_bounds(a);
+  a->Branch(
+      a->WordOr(a->Int32LessThan(index_word, a->Int32Constant(0)),
+                a->Int32GreaterThanOrEqual(index_word, array_length_word)),
+      &not_in_bounds, &in_bounds);
+  a->Bind(&not_in_bounds);
+  a->TailCallRuntime(Runtime::kThrowInvalidAtomicAccessIndexError,
+                     context);
+  a->Bind(&in_bounds);
+}
+
+}  // anonymous namespace
+
+
+void Builtins::Generate_AtomicsLoadCheck(MacroAssembler* masm) {
+  using namespace compiler;
+  Isolate* isolate = masm->isolate();
+  Zone zone;
+  CodeStubAssembler a(isolate, &zone, 2, Code::ComputeFlags(Code::STUB),
+                      "AtomicsLoadCheck");
+
+  Node* array = a.Parameter(0);
+  Node* index = a.Parameter(1);
+  Node* context = a.Parameter(2);

[Jarin, 2016/02/15 10:30:15]

I am a bit surprised that the parameters work here. I believe index 0 is the
receiver, i.e., the Atomics object. The real arguments start with index 1, after
the arguments goes the context. (And yes, all this parameter indexing and
parameter counts are a bit of a mess).

In your case, I though the indexes should be:

Node* array = a.Parameter(1);
Node* index = a.Parameter(2);
Node* context = a.Parameter(3);

[binji, 2016/02/15 20:31:31]

Yes, you're right! Thanks, that was the bug I was looking for. Looks like it
worked because I told the assembler the function only had two args. Since they
are pushed in reverse order, it was accessing the correct values with an index
of one less, but it was also leaving an extra value on the stack (which explains
why I was seeing a stack overflow in some cases as well).

+  ValidateSharedTypedArray(&a, array, context);
+  Node* index_word = ConvertTaggedAtomicIndexToWord32(&a, index, context);
+  Node* array_length_word = TaggedNumberAsWord32(
+      &a, a.LoadObjectField(array, JSTypedArray::kLengthOffset));
+  ValidateAtomicIndex(&a, index_word, array_length_word, context);
+
+  AtomicsLoadStub stub(isolate);
+  // TODO(binji): can't just re-tag index, because it might be out of range.
+  // Can we just pass the untagged index value to the code stub?
+  Node* stub_args[] = {array, a.SmiTag(index_word), context};
+  a.TailCallStub(stub, stub_args);
+
+  masm->Jump(a.GenerateCode(), RelocInfo::CODE_TARGET);
+}
+
+
 #define DEFINE_BUILTIN_ACCESSOR_C(name, ignore)               \
 Handle<Code> Builtins::name() {                               \
   Code** code_address =                                       \
       reinterpret_cast<Code**>(builtin_address(k##name));     \
   return Handle<Code>(code_address);                          \
 }
 #define DEFINE_BUILTIN_ACCESSOR_A(name, kind, state, extra) \
 Handle<Code> Builtins::name() {                             \
   Code** code_address =                                     \
       reinterpret_cast<Code**>(builtin_address(k##name));   \
   return Handle<Code>(code_address);                        \
 }
 #define DEFINE_BUILTIN_ACCESSOR_H(name, kind)               \
 Handle<Code> Builtins::name() {                             \
   Code** code_address =                                     \
       reinterpret_cast<Code**>(builtin_address(k##name));   \
   return Handle<Code>(code_address);                        \
 }
 BUILTIN_LIST_C(DEFINE_BUILTIN_ACCESSOR_C)
 BUILTIN_LIST_A(DEFINE_BUILTIN_ACCESSOR_A)
 BUILTIN_LIST_H(DEFINE_BUILTIN_ACCESSOR_H)
 BUILTIN_LIST_DEBUG_A(DEFINE_BUILTIN_ACCESSOR_A)
 #undef DEFINE_BUILTIN_ACCESSOR_C
 #undef DEFINE_BUILTIN_ACCESSOR_A
 
 
 }  // namespace internal
 }  // namespace v8