src/compiler/wasm-compiler.cc - Issue 2148743004: WIP: wasm oob trap handling experiments

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/compiler/wasm-compiler.cc

Issue 2148743004: WIP: wasm oob trap handling experiments (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master

Patch Set: Undoing spurious changes Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/compiler/wasm-compiler.cc

diff --git a/src/compiler/wasm-compiler.cc b/src/compiler/wasm-compiler.cc

index 35e78b6aa2a617ad7241d5e2b33e10419e8dc920..2db0d2a520e101d2244d2b35652922d83c57b811 100644

--- a/src/compiler/wasm-compiler.cc

+++ b/src/compiler/wasm-compiler.cc

@@ -12,6 +12,7 @@

#include "src/base/platform/platform.h"

#include "src/compiler/access-builder.h"

+#include "src/compiler/code-generator-impl.h"

#include "src/compiler/common-operator.h"

#include "src/compiler/diamond.h"

#include "src/compiler/graph-visualizer.h"

@@ -45,6 +46,9 @@

namespace v8 {

namespace internal {

+extern Context* TrapHandlerContext;

namespace compiler {

namespace {

@@ -2744,10 +2748,15 @@ void WasmGraphBuilder::BoundsCheckMem(MachineType memtype, Node* index,

}

- Node* cond = graph()->NewNode(jsgraph()->machine()->Uint32LessThan(), index,

- jsgraph()->RelocatableInt32Constant(

- static_cast<uint32_t>(effective_size),

- RelocInfo::WASM_MEMORY_SIZE_REFERENCE));

+ // Hack to make the bounds check always succeed so we can try the

+ // signal handler instead.

+ index = jsgraph()->Uint32Constant(0);

+ Node* cond =

+ graph()->NewNode(jsgraph()->machine()->Uint32LessThanOrEqual(), index,

+ jsgraph()->RelocatableInt32Constant(

+ static_cast<uint32_t>(effective_size),

+ RelocInfo::WASM_MEMORY_SIZE_REFERENCE));

trap_->AddTrapIfFalse(wasm::kTrapMemOutOfBounds, cond, position);

}

@@ -2759,19 +2768,23 @@ Node* WasmGraphBuilder::LoadMem(wasm::LocalType type, MachineType memtype,

Node* load;

// WASM semantics throw on OOB. Introduce explicit bounds check.

- BoundsCheckMem(memtype, index, offset, position);

+ // BoundsCheckMem(memtype, index, offset, position);

bool aligned = static_cast<int>(alignment) >=

ElementSizeLog2Of(memtype.representation());

if (aligned ||

jsgraph()->machine()->UnalignedLoadSupported(memtype, alignment)) {

- load = graph()->NewNode(jsgraph()->machine()->Load(memtype),

- MemBuffer(offset), index, *effect_, *control_);

+ auto* context = HeapConstant(module_->instance->context);

+ auto position_node = jsgraph()->Int32Constant(position);

+ load = graph()->NewNode(jsgraph()->machine()->TrapableLoad(memtype),

+ MemBuffer(offset), index, context, position_node,

+ *effect_, *control_);

+ *effect_ = load;

} else {

+ DCHECK(false);

load = graph()->NewNode(jsgraph()->machine()->UnalignedLoad(memtype),

MemBuffer(offset), index, *effect_, *control_);

}

*effect_ = load;

#if defined(V8_TARGET_BIG_ENDIAN)

« no previous file with comments | « src/compiler/verifier.cc ('k') | src/compiler/x64/code-generator-x64.cc » ('j') | no next file with comments »