| OLD | NEW |
|---|
| 1 // Copyright 2015 the V8 project authors. All rights reserved. | 1 // Copyright 2015 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/compiler/wasm-compiler.h" | 5 #include "src/compiler/wasm-compiler.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "src/isolate-inl.h" | 9 #include "src/isolate-inl.h" |
| 10 | 10 |
| 11 #include "src/base/platform/elapsed-timer.h" | 11 #include "src/base/platform/elapsed-timer.h" |
| 12 #include "src/base/platform/platform.h" | 12 #include "src/base/platform/platform.h" |
| 13 | 13 |
| 14 #include "src/compiler/access-builder.h" | 14 #include "src/compiler/access-builder.h" |
| 15 #include "src/compiler/code-generator-impl.h" |
| 15 #include "src/compiler/common-operator.h" | 16 #include "src/compiler/common-operator.h" |
| 16 #include "src/compiler/diamond.h" | 17 #include "src/compiler/diamond.h" |
| 17 #include "src/compiler/graph-visualizer.h" | 18 #include "src/compiler/graph-visualizer.h" |
| 18 #include "src/compiler/graph.h" | 19 #include "src/compiler/graph.h" |
| 19 #include "src/compiler/instruction-selector.h" | 20 #include "src/compiler/instruction-selector.h" |
| 20 #include "src/compiler/int64-lowering.h" | 21 #include "src/compiler/int64-lowering.h" |
| 21 #include "src/compiler/js-graph.h" | 22 #include "src/compiler/js-graph.h" |
| 22 #include "src/compiler/js-operator.h" | 23 #include "src/compiler/js-operator.h" |
| 23 #include "src/compiler/linkage.h" | 24 #include "src/compiler/linkage.h" |
| 24 #include "src/compiler/machine-operator.h" | 25 #include "src/compiler/machine-operator.h" |
| (...skipping 13 matching lines...) Expand all Loading... |
| 38 | 39 |
| 39 // TODO(titzer): pull WASM_64 up to a common header. | 40 // TODO(titzer): pull WASM_64 up to a common header. |
| 40 #if !V8_TARGET_ARCH_32_BIT || V8_TARGET_ARCH_X64 | 41 #if !V8_TARGET_ARCH_32_BIT || V8_TARGET_ARCH_X64 |
| 41 #define WASM_64 1 | 42 #define WASM_64 1 |
| 42 #else | 43 #else |
| 43 #define WASM_64 0 | 44 #define WASM_64 0 |
| 44 #endif | 45 #endif |
| 45 | 46 |
| 46 namespace v8 { | 47 namespace v8 { |
| 47 namespace internal { | 48 namespace internal { |
| 49 |
| 50 extern Context* TrapHandlerContext; |
| 51 |
| 48 namespace compiler { | 52 namespace compiler { |
| 49 | 53 |
| 50 namespace { | 54 namespace { |
| 51 const Operator* UnsupportedOpcode(wasm::WasmOpcode opcode) { | 55 const Operator* UnsupportedOpcode(wasm::WasmOpcode opcode) { |
| 52 V8_Fatal(__FILE__, __LINE__, "Unsupported opcode #%d:%s", opcode, | 56 V8_Fatal(__FILE__, __LINE__, "Unsupported opcode #%d:%s", opcode, |
| 53 wasm::WasmOpcodes::OpcodeName(opcode)); | 57 wasm::WasmOpcodes::OpcodeName(opcode)); |
| 54 return nullptr; | 58 return nullptr; |
| 55 } | 59 } |
| 56 | 60 |
| 57 void MergeControlToEnd(JSGraph* jsgraph, Node* node) { | 61 void MergeControlToEnd(JSGraph* jsgraph, Node* node) { |
| (...skipping 2679 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2737 | 2741 |
| 2738 Uint32Matcher m(index); | 2742 Uint32Matcher m(index); |
| 2739 if (m.HasValue()) { | 2743 if (m.HasValue()) { |
| 2740 uint32_t value = m.Value(); | 2744 uint32_t value = m.Value(); |
| 2741 if (value < effective_size) { | 2745 if (value < effective_size) { |
| 2742 // The bounds check will always succeed. | 2746 // The bounds check will always succeed. |
| 2743 return; | 2747 return; |
| 2744 } | 2748 } |
| 2745 } | 2749 } |
| 2746 | 2750 |
| 2747 Node* cond = graph()->NewNode(jsgraph()->machine()->Uint32LessThan(), index, | 2751 // Hack to make the bounds check always succeed so we can try the |
| 2748 jsgraph()->RelocatableInt32Constant( | 2752 // signal handler instead. |
| 2749 static_cast<uint32_t>(effective_size), | 2753 index = jsgraph()->Uint32Constant(0); |
| 2750 RelocInfo::WASM_MEMORY_SIZE_REFERENCE)); | 2754 |
| 2755 Node* cond = |
| 2756 graph()->NewNode(jsgraph()->machine()->Uint32LessThanOrEqual(), index, |
| 2757 jsgraph()->RelocatableInt32Constant( |
| 2758 static_cast<uint32_t>(effective_size), |
| 2759 RelocInfo::WASM_MEMORY_SIZE_REFERENCE)); |
| 2751 trap_->AddTrapIfFalse(wasm::kTrapMemOutOfBounds, cond, position); | 2760 trap_->AddTrapIfFalse(wasm::kTrapMemOutOfBounds, cond, position); |
| 2752 } | 2761 } |
| 2753 | 2762 |
| 2754 | 2763 |
| 2755 Node* WasmGraphBuilder::LoadMem(wasm::LocalType type, MachineType memtype, | 2764 Node* WasmGraphBuilder::LoadMem(wasm::LocalType type, MachineType memtype, |
| 2756 Node* index, uint32_t offset, | 2765 Node* index, uint32_t offset, |
| 2757 uint32_t alignment, | 2766 uint32_t alignment, |
| 2758 wasm::WasmCodePosition position) { | 2767 wasm::WasmCodePosition position) { |
| 2759 Node* load; | 2768 Node* load; |
| 2760 | 2769 |
| 2761 // WASM semantics throw on OOB. Introduce explicit bounds check. | 2770 // WASM semantics throw on OOB. Introduce explicit bounds check. |
| 2762 BoundsCheckMem(memtype, index, offset, position); | 2771 // BoundsCheckMem(memtype, index, offset, position); |
| 2763 bool aligned = static_cast<int>(alignment) >= | 2772 bool aligned = static_cast<int>(alignment) >= |
| 2764 ElementSizeLog2Of(memtype.representation()); | 2773 ElementSizeLog2Of(memtype.representation()); |
| 2765 | 2774 |
| 2766 if (aligned || | 2775 if (aligned || |
| 2767 jsgraph()->machine()->UnalignedLoadSupported(memtype, alignment)) { | 2776 jsgraph()->machine()->UnalignedLoadSupported(memtype, alignment)) { |
| 2768 load = graph()->NewNode(jsgraph()->machine()->Load(memtype), | 2777 auto* context = HeapConstant(module_->instance->context); |
| 2769 MemBuffer(offset), index, *effect_, *control_); | 2778 auto position_node = jsgraph()->Int32Constant(position); |
| 2779 load = graph()->NewNode(jsgraph()->machine()->TrapableLoad(memtype), |
| 2780 MemBuffer(offset), index, context, position_node, |
| 2781 *effect_, *control_); |
| 2782 *effect_ = load; |
| 2770 } else { | 2783 } else { |
| 2784 DCHECK(false); |
| 2771 load = graph()->NewNode(jsgraph()->machine()->UnalignedLoad(memtype), | 2785 load = graph()->NewNode(jsgraph()->machine()->UnalignedLoad(memtype), |
| 2772 MemBuffer(offset), index, *effect_, *control_); | 2786 MemBuffer(offset), index, *effect_, *control_); |
| 2773 } | 2787 } |
| 2774 | |
| 2775 *effect_ = load; | 2788 *effect_ = load; |
| 2776 | 2789 |
| 2777 #if defined(V8_TARGET_BIG_ENDIAN) | 2790 #if defined(V8_TARGET_BIG_ENDIAN) |
| 2778 load = BuildChangeEndianness(load, memtype, type); | 2791 load = BuildChangeEndianness(load, memtype, type); |
| 2779 #endif | 2792 #endif |
| 2780 | 2793 |
| 2781 if (type == wasm::kAstI64 && | 2794 if (type == wasm::kAstI64 && |
| 2782 ElementSizeLog2Of(memtype.representation()) < 3) { | 2795 ElementSizeLog2Of(memtype.representation()) < 3) { |
| 2783 // TODO(titzer): TF zeroes the upper bits of 64-bit loads for subword sizes. | 2796 // TODO(titzer): TF zeroes the upper bits of 64-bit loads for subword sizes. |
| 2784 if (memtype.IsSigned()) { | 2797 if (memtype.IsSigned()) { |
| (...skipping 464 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3249 function_->code_start_offset), | 3262 function_->code_start_offset), |
| 3250 compile_ms); | 3263 compile_ms); |
| 3251 } | 3264 } |
| 3252 | 3265 |
| 3253 return code; | 3266 return code; |
| 3254 } | 3267 } |
| 3255 | 3268 |
| 3256 } // namespace compiler | 3269 } // namespace compiler |
| 3257 } // namespace internal | 3270 } // namespace internal |
| 3258 } // namespace v8 | 3271 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2148743004:
WIP: wasm oob trap handling experiments (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master