Chromium Code Reviews Chromium Code Reviews
Issue 2500443004:
[wasm] OOB traps: build protected instruction list during codegen (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 the V8 project authors. All rights reserved. | 1 // Copyright 2015 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef V8_WASM_MODULE_H_ | 5 #ifndef V8_WASM_MODULE_H_ |
| 6 #define V8_WASM_MODULE_H_ | 6 #define V8_WASM_MODULE_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "src/api.h" | 10 #include "src/api.h" |
| (...skipping 13 matching lines...) Expand all Loading... | |
| 24 class WasmModuleObject; | 24 class WasmModuleObject; |
| 25 | 25 |
| 26 namespace compiler { | 26 namespace compiler { |
| 27 class CallDescriptor; | 27 class CallDescriptor; |
| 28 class WasmCompilationUnit; | 28 class WasmCompilationUnit; |
| 29 } | 29 } |
| 30 | 30 |
| 31 namespace wasm { | 31 namespace wasm { |
| 32 class ErrorThrower; | 32 class ErrorThrower; |
| 33 | 33 |
| 34 // TODO(eholk): Move this into trap-handler.h once those files land. | |
| 35 struct ProtectedInstructionData { | |
|
titzer
2016/11/16 18:06:47
I think it'd be best to move this into the compile
Eric Holk
2016/11/18 02:19:46
Done.
| |
| 36 /// The offset of this instruction from the start of its code object. | |
| 37 int32_t instr_offset; | |
| 38 | |
| 39 /// The offset of the landing pad from the start of its code object. | |
| 40 // | |
| 41 // TODO(eholk): Using a single landing pad and store parameters here. | |
| 42 int32_t landing_offset; | |
| 43 }; | |
| 44 | |
| 34 const size_t kMaxModuleSize = 1024 * 1024 * 1024; | 45 const size_t kMaxModuleSize = 1024 * 1024 * 1024; |
| 35 const size_t kMaxFunctionSize = 128 * 1024; | 46 const size_t kMaxFunctionSize = 128 * 1024; |
| 36 const size_t kMaxStringSize = 256; | 47 const size_t kMaxStringSize = 256; |
| 37 const uint32_t kWasmMagic = 0x6d736100; | 48 const uint32_t kWasmMagic = 0x6d736100; |
| 38 const uint32_t kWasmVersion = 0x0d; | 49 const uint32_t kWasmVersion = 0x0d; |
| 39 | 50 |
| 40 const uint8_t kWasmFunctionTypeForm = 0x60; | 51 const uint8_t kWasmFunctionTypeForm = 0x60; |
| 41 const uint8_t kWasmAnyFunctionTypeForm = 0x70; | 52 const uint8_t kWasmAnyFunctionTypeForm = 0x70; |
| 42 | 53 |
| 43 enum WasmSectionCode { | 54 enum WasmSectionCode { |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 165 // Static representation of a WASM export. | 176 // Static representation of a WASM export. |
| 166 struct WasmExport { | 177 struct WasmExport { |
| 167 uint32_t name_length; // length in bytes of the exported name. | 178 uint32_t name_length; // length in bytes of the exported name. |
| 168 uint32_t name_offset; // offset in module bytes of the name to export. | 179 uint32_t name_offset; // offset in module bytes of the name to export. |
| 169 WasmExternalKind kind; // kind of the export. | 180 WasmExternalKind kind; // kind of the export. |
| 170 uint32_t index; // index into the respective space. | 181 uint32_t index; // index into the respective space. |
| 171 }; | 182 }; |
| 172 | 183 |
| 173 enum ModuleOrigin { kWasmOrigin, kAsmJsOrigin }; | 184 enum ModuleOrigin { kWasmOrigin, kAsmJsOrigin }; |
| 174 | 185 |
| 186 typedef std::vector<ProtectedInstructionData> ProtectedInstructionList; | |
| 187 | |
| 175 // Static representation of a module. | 188 // Static representation of a module. |
| 176 struct V8_EXPORT_PRIVATE WasmModule { | 189 struct V8_EXPORT_PRIVATE WasmModule { |
| 177 static const uint32_t kPageSize = 0x10000; // Page size, 64kb. | 190 static const uint32_t kPageSize = 0x10000; // Page size, 64kb. |
| 178 static const uint32_t kMinMemPages = 1; // Minimum memory size = 64kb | 191 static const uint32_t kMinMemPages = 1; // Minimum memory size = 64kb |
| 179 static const size_t kV8MaxPages = 16384; // Maximum memory size = 1gb | 192 static const size_t kV8MaxPages = 16384; // Maximum memory size = 1gb |
| 180 static const size_t kSpecMaxPages = 65536; // Maximum according to the spec | 193 static const size_t kSpecMaxPages = 65536; // Maximum according to the spec |
| 181 static const size_t kV8MaxTableSize = 16 * 1024 * 1024; | 194 static const size_t kV8MaxTableSize = 16 * 1024 * 1024; |
| 182 | 195 |
| 196 enum TrapFields { kTrapCodeOffset, kTrapLandingOffset, kTrapDataSize }; | |
| 197 | |
| 183 Zone* owned_zone; | 198 Zone* owned_zone; |
| 184 const byte* module_start = nullptr; // starting address for the module bytes | 199 const byte* module_start = nullptr; // starting address for the module bytes |
| 185 const byte* module_end = nullptr; // end address for the module bytes | 200 const byte* module_end = nullptr; // end address for the module bytes |
| 186 uint32_t min_mem_pages = 0; // minimum size of the memory in 64k pages | 201 uint32_t min_mem_pages = 0; // minimum size of the memory in 64k pages |
| 187 uint32_t max_mem_pages = 0; // maximum size of the memory in 64k pages | 202 uint32_t max_mem_pages = 0; // maximum size of the memory in 64k pages |
| 188 bool has_memory = false; // true if the memory was defined or imported | 203 bool has_memory = false; // true if the memory was defined or imported |
| 189 bool mem_export = false; // true if the memory is exported | 204 bool mem_export = false; // true if the memory is exported |
| 190 // TODO(wasm): reconcile start function index being an int with | 205 // TODO(wasm): reconcile start function index being an int with |
| 191 // the fact that we index on uint32_t, so we may technically not be | 206 // the fact that we index on uint32_t, so we may technically not be |
| 192 // able to represent some start_function_index -es. | 207 // able to represent some start_function_index -es. |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 254 return start <= size && end <= size; | 269 return start <= size && end <= size; |
| 255 } | 270 } |
| 256 | 271 |
| 257 // Creates a new instantiation of the module in the given isolate. | 272 // Creates a new instantiation of the module in the given isolate. |
| 258 static MaybeHandle<JSObject> Instantiate(Isolate* isolate, | 273 static MaybeHandle<JSObject> Instantiate(Isolate* isolate, |
| 259 ErrorThrower* thrower, | 274 ErrorThrower* thrower, |
| 260 Handle<JSObject> wasm_module, | 275 Handle<JSObject> wasm_module, |
| 261 Handle<JSReceiver> ffi, | 276 Handle<JSReceiver> ffi, |
| 262 Handle<JSArrayBuffer> memory); | 277 Handle<JSArrayBuffer> memory); |
| 263 | 278 |
| 279 Handle<FixedArray> PackProtectedInstructions( | |
| 280 const std::vector<ProtectedInstructionList>& protected_instructions, | |
| 281 Factory* factory) const; | |
| 282 | |
| 264 MaybeHandle<WasmCompiledModule> CompileFunctions( | 283 MaybeHandle<WasmCompiledModule> CompileFunctions( |
| 265 Isolate* isolate, Handle<Managed<WasmModule>> module_wrapper, | 284 Isolate* isolate, Handle<Managed<WasmModule>> module_wrapper, |
| 266 ErrorThrower* thrower) const; | 285 ErrorThrower* thrower) const; |
| 267 }; | 286 }; |
| 268 | 287 |
| 269 typedef Managed<WasmModule> WasmModuleWrapper; | 288 typedef Managed<WasmModule> WasmModuleWrapper; |
| 270 | 289 |
| 271 // An instantiated WASM module, including memory, function table, etc. | 290 // An instantiated WASM module, including memory, function table, etc. |
| 272 struct WasmInstance { | 291 struct WasmInstance { |
| 273 const WasmModule* module; // static representation of the module. | 292 const WasmModule* module; // static representation of the module. |
| 274 // -- Heap allocated -------------------------------------------------------- | 293 // -- Heap allocated -------------------------------------------------------- |
| 275 Handle<JSObject> js_object; // JavaScript module object. | 294 Handle<JSObject> js_object; // JavaScript module object. |
| 276 Handle<Context> context; // JavaScript native context. | 295 Handle<Context> context; // JavaScript native context. |
| 277 Handle<JSArrayBuffer> mem_buffer; // Handle to array buffer of memory. | 296 Handle<JSArrayBuffer> mem_buffer; // Handle to array buffer of memory. |
| 278 Handle<JSArrayBuffer> globals_buffer; // Handle to array buffer of globals. | 297 Handle<JSArrayBuffer> globals_buffer; // Handle to array buffer of globals. |
| 279 std::vector<Handle<FixedArray>> function_tables; // indirect function tables. | 298 std::vector<Handle<FixedArray>> function_tables; // indirect function tables. |
| 280 std::vector<Handle<Code>> function_code; // code objects for each function. | 299 std::vector<Handle<Code>> function_code; // code objects for each function. |
| 300 std::vector<ProtectedInstructionList> protected_instructions; // Instructions | |
|
titzer
2016/11/16 18:06:47
I think this should somehow be associated with the
Eric Holk
2016/11/18 02:19:46
Done.
| |
| 301 // that are | |
| 302 // protected by | |
| 303 // the signal | |
| 304 // handler. | |
| 281 // -- raw memory ------------------------------------------------------------ | 305 // -- raw memory ------------------------------------------------------------ |
| 282 byte* mem_start = nullptr; // start of linear memory. | 306 byte* mem_start = nullptr; // start of linear memory. |
| 283 uint32_t mem_size = 0; // size of the linear memory. | 307 uint32_t mem_size = 0; // size of the linear memory. |
| 284 // -- raw globals ----------------------------------------------------------- | 308 // -- raw globals ----------------------------------------------------------- |
| 285 byte* globals_start = nullptr; // start of the globals area. | 309 byte* globals_start = nullptr; // start of the globals area. |
| 286 | 310 |
| 287 explicit WasmInstance(const WasmModule* m) | 311 explicit WasmInstance(const WasmModule* m) |
| 288 : module(m), | 312 : module(m), |
| 289 function_tables(m->function_tables.size()), | 313 function_tables(m->function_tables.size()), |
| 290 function_code(m->functions.size()) {} | 314 function_code(m->functions.size()), |
| 315 protected_instructions(m->functions.size()) {} | |
| 291 }; | 316 }; |
| 292 | 317 |
| 293 // Interface provided to the decoder/graph builder which contains only | 318 // Interface provided to the decoder/graph builder which contains only |
| 294 // minimal information about the globals, functions, and function tables. | 319 // minimal information about the globals, functions, and function tables. |
| 295 struct V8_EXPORT_PRIVATE ModuleEnv { | 320 struct V8_EXPORT_PRIVATE ModuleEnv { |
| 296 const WasmModule* module; | 321 const WasmModule* module; |
| 297 WasmInstance* instance; | 322 WasmInstance* instance; |
| 298 ModuleOrigin origin; | 323 ModuleOrigin origin; |
| 299 | 324 |
| 300 bool IsValidGlobal(uint32_t index) const { | 325 bool IsValidGlobal(uint32_t index) const { |
| (...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 438 int instance_count); | 463 int instance_count); |
| 439 void ValidateModuleState(Isolate* isolate, Handle<JSObject> wasm_module); | 464 void ValidateModuleState(Isolate* isolate, Handle<JSObject> wasm_module); |
| 440 void ValidateOrphanedInstance(Isolate* isolate, Handle<JSObject> instance); | 465 void ValidateOrphanedInstance(Isolate* isolate, Handle<JSObject> instance); |
| 441 | 466 |
| 442 } // namespace testing | 467 } // namespace testing |
| 443 } // namespace wasm | 468 } // namespace wasm |
| 444 } // namespace internal | 469 } // namespace internal |
| 445 } // namespace v8 | 470 } // namespace v8 |
| 446 | 471 |
| 447 #endif // V8_WASM_MODULE_H_ | 472 #endif // V8_WASM_MODULE_H_ |
| OLD | NEW |
