1. 27 Mar, 2018 1 commit
    • Tobias Tebbi's avatar
      [turbofan] unify interpreter and JIT speculation poisoning · 1ef6c437
      Tobias Tebbi authored
      This CL changes the poisoning in the interpreter to use the
      infrastructure used in the JIT.
      
      This does not change the original flag semantics:
      
      --branch-load-poisoning enables JIT mitigations as before.
      
      --untrusted-code-mitigation enables the interpreter mitigations
        (now realized using the compiler back-end), but does not enable
        the back-end based mitigations for the Javascript JIT. So in effect
        --untrusted-code-mitigation makes the CSA pipeline for bytecode handlers
        use the same mechanics (including changed register allocation) that
        --branch-load-poisoning enables for the JIT.
      
      Bug: chromium:798964
      Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
      Change-Id: If7f6852ae44e32e6e0ad508e9237f24dec7e5b27
      Reviewed-on: https://chromium-review.googlesource.com/928881Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52243}
      1ef6c437
  2. 12 Feb, 2018 1 commit
    • Ross McIlroy's avatar
      [Ignition] [TurboFan] Generate speculation poison in code generator. · a021b6c4
      Ross McIlroy authored
      Moves generation of speculation poison to be based on the PC target vs the
      actual PC being executed. The speculation poison is generated in the prologue
      of the generated code if CompilationInfo::kGenerateSpeculationPoison is set.
      The result is stored in a known register, which can then be read using the
      SpeculationPoison machine node.
      
      Currently we need to ensure the SpeculationPoison node is scheduled right after
      the code prologue so that the poison register doesn't get clobbered. This is
      currently not verified, however it's only use is in RawMachineAssembler where
      it is manually scheduled early.
      
      The Ignition bytecode handlers are updated to use this speculation poison
      rather than one generated by comparing the target bytecode.
      
      BUG=chromium:798964
      
      Change-Id: I2a3d0cfc694e88d7a8fe893282bd5082f693d5e2
      Reviewed-on: https://chromium-review.googlesource.com/893160
      Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51229}
      a021b6c4
  3. 29 Jan, 2018 1 commit
  4. 19 Oct, 2017 1 commit
  5. 28 Dec, 2016 1 commit
  6. 16 Nov, 2016 2 commits
  7. 15 Nov, 2016 1 commit
  8. 12 Aug, 2016 1 commit
  9. 06 Apr, 2016 1 commit
  10. 21 Mar, 2016 1 commit
    • oth's avatar
      [interpreter] Add support for scalable operands. · 48d082af
      oth authored
      This change introduces wide prefix bytecodes to support wide (16-bit)
      and extra-wide (32-bit) operands. It retires the previous
      wide-bytecodes and reduces the number of operand types.
      
      Operands are now either scalable or fixed size. Scalable operands
      increase in width when a bytecode is prefixed with wide or extra-wide.
      
      The bytecode handler table is extended to 256*3 entries. The
      first 256 entries are used for bytecodes with 8-bit operands,
      the second 256 entries are used for bytecodes with operands that
      scale to 16-bits, and the third group of 256 entries are used for
      bytecodes with operands that scale to 32-bits.
      
      LOG=N
      BUG=v8:4747,v8:4280
      
      Review URL: https://codereview.chromium.org/1783483002
      
      Cr-Commit-Position: refs/heads/master@{#34955}
      48d082af
  11. 10 Feb, 2016 1 commit
    • rmcilroy's avatar
      [Interpreter] Make InterpreterAssembler a subclass of CodeStubAssembler. · d1c28849
      rmcilroy authored
      Moves InterpreterAssembler out of the compiler directory and into the
      interpreter directory. Makes InterpreterAssembler as subclass of
      CodeStubAssembler.
      
      As part of this change, the special bytecode dispatch linkage type
      is removed and instead we use a InterfaceDispatchDescriptor and
      a normal CodeStub linkage type.
      
      Removes a bunch of duplicated logic in InterpreterAssembler and
      instead uses the CodeStubAssembler logic. Refactors Interpreter
      with these changes.
      
      Modifies CodeStubAssembler to add the extra operations required
      by the Interpreter (extra call types, raw memory access and some extra
      binary ops). Also adds the ability for subclasses to add extra
      prologue and epilogue operations around calls, which is required
      for the Interpreter.
      
      BUG=v8:4280
      LOG=N
      
      Review URL: https://codereview.chromium.org/1673333004
      
      Cr-Commit-Position: refs/heads/master@{#33873}
      d1c28849