Commit a784ec8a authored by jameslahm's avatar jameslahm Committed by V8 LUCI CQ

Reland "[maglev] Support LdaModuleVariable and StaModuleVariable"

This is a reland of commit 532ca599

Fix interger overflow when result_location is invalid in
MaglevCompiler::InReturnValues.

Original change's description:
> [maglev] Support LdaModuleVariable and StaModuleVariable
>
> Bug: v8:7700
> Change-Id: I036ac71324e0c1c96a4da4aacdb5a6718726db31
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3821203
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Commit-Queue: 王澳 <wangao.james@bytedance.com>
> Cr-Commit-Position: refs/heads/main@{#82347}

Bug: v8:7700
Change-Id: I24f56691eefd1c6cb695fedd3b5c14264bb17943
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824942Reviewed-by: 's avatarVictor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82379}
parent 4be7742f
......@@ -423,7 +423,7 @@ class TranslationArrayProcessor {
bool InReturnValues(interpreter::Register reg,
interpreter::Register result_location, int result_size) {
if (result_size == 0) {
if (result_size == 0 || !result_location.is_valid()) {
return false;
}
return base::IsInRange(reg.index(), result_location.index(),
......
......@@ -1110,8 +1110,59 @@ void MaglevGraphBuilder::VisitGetKeyedProperty() {
AddNewNode<GetKeyedGeneric>({context, object, key}, feedback_source));
}
MAGLEV_UNIMPLEMENTED_BYTECODE(LdaModuleVariable)
MAGLEV_UNIMPLEMENTED_BYTECODE(StaModuleVariable)
void MaglevGraphBuilder::VisitLdaModuleVariable() {
// LdaModuleVariable <cell_index> <depth>
int cell_index = iterator_.GetImmediateOperand(0);
int depth = iterator_.GetUnsignedImmediateOperand(1);
ValueNode* context = GetContext();
for (int i = 0; i < depth; i++) {
context = AddNewNode<LoadTaggedField>(
{context}, Context::OffsetOfElementAt(Context::PREVIOUS_INDEX));
}
ValueNode* module = AddNewNode<LoadTaggedField>(
{context}, Context::OffsetOfElementAt(Context::EXTENSION_INDEX));
ValueNode* exports_or_imports;
if (cell_index > 0) {
exports_or_imports = AddNewNode<LoadTaggedField>(
{module}, SourceTextModule::kRegularExportsOffset);
// The actual array index is (cell_index - 1).
cell_index -= 1;
} else {
exports_or_imports = AddNewNode<LoadTaggedField>(
{module}, SourceTextModule::kRegularImportsOffset);
// The actual array index is (-cell_index - 1).
cell_index = -cell_index - 1;
}
ValueNode* cell = LoadFixedArrayElement(exports_or_imports, cell_index);
SetAccumulator(AddNewNode<LoadTaggedField>({cell}, Cell::kValueOffset));
}
void MaglevGraphBuilder::VisitStaModuleVariable() {
// StaModuleVariable <cell_index> <depth>
int cell_index = iterator_.GetImmediateOperand(0);
if (V8_UNLIKELY(cell_index < 0)) {
BuildCallRuntime(Runtime::kAbort,
{GetSmiConstant(static_cast<int>(
AbortReason::kUnsupportedModuleOperation))});
return;
}
ValueNode* context = GetContext();
int depth = iterator_.GetUnsignedImmediateOperand(1);
for (int i = 0; i < depth; i++) {
context = AddNewNode<LoadTaggedField>(
{context}, Context::OffsetOfElementAt(Context::PREVIOUS_INDEX));
}
ValueNode* module = AddNewNode<LoadTaggedField>(
{context}, Context::OffsetOfElementAt(Context::EXTENSION_INDEX));
ValueNode* exports = AddNewNode<LoadTaggedField>(
{module}, SourceTextModule::kRegularExportsOffset);
// The actual array index is (cell_index - 1).
cell_index -= 1;
ValueNode* cell = LoadFixedArrayElement(exports, cell_index);
AddNewNode<StoreTaggedFieldWithWriteBarrier>({cell, GetAccumulatorTagged()},
Cell::kValueOffset);
}
bool MaglevGraphBuilder::TryBuildMonomorphicStoreFromSmiHandler(
ValueNode* object, const compiler::MapRef& map, int32_t handler) {
......
......@@ -610,6 +610,11 @@ class MaglevGraphBuilder {
return GetFloat64(iterator_.GetRegisterOperand(operand_index));
}
ValueNode* LoadFixedArrayElement(ValueNode* node, int index) {
return AddNewNode<LoadTaggedField>({node},
FixedArray::OffsetOfElementAt(index));
}
template <typename NodeT>
void SetAccumulator(NodeT* node) {
// Accumulator stores are equivalent to stores to the virtual accumulator
......
// Copyright 2022 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --maglev --no-stress-opt --no-always-turbofan
const b = 1;
export {b};
// Copyright 2022 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --maglev --no-stress-opt --no-always-turbofan
// Test LdaModuleVariable with imports.
import {b} from './lda-module-variable-import.mjs'
function bar(y) {
// b = 1.
return b + y;
};
%PrepareFunctionForOptimization(bar);
assertEquals(2, bar(1));
assertEquals(3, bar(2));
%OptimizeMaglevOnNextCall(bar);
assertEquals(2, bar(1));
assertEquals(3, bar(2));
assertTrue(isMaglevved(bar));
// Test LdaModuleVariable with exports.
export let x = 1;
function foo(y) { return x + y };
%PrepareFunctionForOptimization(foo);
assertEquals(2, foo(1));
assertEquals(3, foo(2));
%OptimizeMaglevOnNextCall(foo);
assertEquals(2, foo(1));
assertEquals(3, foo(2));
assertTrue(isMaglevved(foo));
// Copyright 2022 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --maglev --no-stress-opt --no-always-turbofan
export let x = 1;
function foo(y) {
x = x + 1;
return x + y;
};
%PrepareFunctionForOptimization(foo);
assertEquals(3, foo(1));
assertEquals(4, foo(1));
%OptimizeMaglevOnNextCall(foo);
assertEquals(5, foo(1));
assertEquals(6, foo(1));
assertTrue(isMaglevved(foo));
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment