Commit b534e00e authored by Clemens Hammacher's avatar Clemens Hammacher Committed by Commit Bot

[wasm] Deprecate reachability tracking in SsaEnv

Reachability is already being tracked in the function body decoder.
This CL adds a DCHECK that the reachability tracked in the SsaEnv
matches the reachability tracked in the function body decoder. Most of
our methods will only be called for reachable code anyway.
For exceptions, we still track reachability explicitly for now in the
wasm graph builder, this can be refactored in the future by improving
reachability tracking for catch blocks in the function body decoder.

If this DCHECK survives fuzzing for a few days, we can remove code that
handles unreachable code in graph-building-interface.cc.

R=herhut@chromium.org

Bug: v8:8423, v8:8611
Change-Id: I0fb375c99497352aad396816566883fe234ca0ac
Reviewed-on: https://chromium-review.googlesource.com/c/1384089Reviewed-by: 's avatarStephan Herhut <herhut@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58368}
parent 27d1e9f2
...@@ -36,7 +36,14 @@ struct SsaEnv { ...@@ -36,7 +36,14 @@ struct SsaEnv {
compiler::WasmInstanceCacheNodes instance_cache; compiler::WasmInstanceCacheNodes instance_cache;
TFNode** locals; TFNode** locals;
bool reached() const { return state >= kReached; } bool reached() const {
// The function body decoder already keeps track of reached vs unreached
// code. Each SsaEnv we work with should be reached.
// TODO(clemensh): Remove this method (https://crbug.com/v8/8611).
DCHECK_LE(kReached, state);
return state >= kReached;
}
void Kill(State new_state = kControlEnd) { void Kill(State new_state = kControlEnd) {
state = new_state; state = new_state;
locals = nullptr; locals = nullptr;
...@@ -71,6 +78,8 @@ class WasmGraphBuildingInterface { ...@@ -71,6 +78,8 @@ class WasmGraphBuildingInterface {
SsaEnv* catch_env; SsaEnv* catch_env;
TFNode* exception = nullptr; TFNode* exception = nullptr;
bool might_throw() const { return exception != nullptr; }
explicit TryInfo(SsaEnv* c) : catch_env(c) {} explicit TryInfo(SsaEnv* c) : catch_env(c) {}
}; };
...@@ -438,20 +447,20 @@ class WasmGraphBuildingInterface { ...@@ -438,20 +447,20 @@ class WasmGraphBuildingInterface {
const ExceptionIndexImmediate<validate>& imm, const ExceptionIndexImmediate<validate>& imm,
Control* block, Vector<Value> values) { Control* block, Vector<Value> values) {
DCHECK(block->is_try_catch()); DCHECK(block->is_try_catch());
TFNode* exception = block->try_info->exception;
current_catch_ = block->previous_catch; // Pop try scope. current_catch_ = block->previous_catch; // Pop try scope.
SsaEnv* catch_env = block->try_info->catch_env;
SetEnv(catch_env);
// The catch block is unreachable if no possible throws in the try block // The catch block is unreachable if no possible throws in the try block
// exist. We only build a landing pad if some node in the try block can // exist. We only build a landing pad if some node in the try block can
// (possibly) throw. Otherwise the catch environments remain empty. // (possibly) throw. Otherwise the catch environments remain empty.
DCHECK_EQ(exception != nullptr, ssa_env_->reached()); if (!block->try_info->might_throw()) {
if (exception == nullptr) {
block->reachability = kSpecOnlyReachable; block->reachability = kSpecOnlyReachable;
return; return;
} }
TFNode* exception = block->try_info->exception;
SetEnv(block->try_info->catch_env);
TFNode* if_catch = nullptr; TFNode* if_catch = nullptr;
TFNode* if_no_catch = nullptr; TFNode* if_no_catch = nullptr;
...@@ -483,19 +492,18 @@ class WasmGraphBuildingInterface { ...@@ -483,19 +492,18 @@ class WasmGraphBuildingInterface {
void CatchAll(FullDecoder* decoder, Control* block) { void CatchAll(FullDecoder* decoder, Control* block) {
DCHECK(block->is_try_catchall() || block->is_try_catch()); DCHECK(block->is_try_catchall() || block->is_try_catch());
TFNode* exception = block->try_info->exception;
current_catch_ = block->previous_catch; // Pop try scope. current_catch_ = block->previous_catch; // Pop try scope.
SsaEnv* catch_env = block->try_info->catch_env;
SetEnv(catch_env);
// The catch block is unreachable if no possible throws in the try block // The catch block is unreachable if no possible throws in the try block
// exist. We only build a landing pad if some node in the try block can // exist. We only build a landing pad if some node in the try block can
// (possibly) throw. Otherwise the catch environments remain empty. // (possibly) throw. Otherwise the catch environments remain empty.
DCHECK_EQ(exception != nullptr, ssa_env_->reached()); if (!block->try_info->might_throw()) {
if (exception == nullptr) {
block->reachability = kSpecOnlyReachable; block->reachability = kSpecOnlyReachable;
return; return;
} }
SetEnv(block->try_info->catch_env);
} }
void AtomicOp(FullDecoder* decoder, WasmOpcode opcode, Vector<Value> args, void AtomicOp(FullDecoder* decoder, WasmOpcode opcode, Vector<Value> args,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment