d2ab873de9
This is a reland of3593ee832c
The MSAN doesn't seem to be considering initializing stores via inline assembly as such (in a new cctest helper GetStackPointer()), so this reland attempt fixes the issue and ensures that the MSAN bot is happy. Original change's description: > Reland "[csa] Fix semantics of PopAndReturn" > > This is a reland of5e5eaf7954
> > This CL fixes the "function returns address of local variable" issue > which GCC was complaining about by using inline assembly instead of > address of a local for getting stack pointer approximation. > > Original change's description: > > [csa] Fix semantics of PopAndReturn > > > > This CL prohibits using PopAndReturn from the builtins that > > have calling convention with arguments on the stack. > > > > This CL also updates the PopAndReturn tests so that even off-by-one > > errors in the number of poped arguments are caught which was not the > > case before. > > > > Motivation: > > > > PopAndReturn is supposed to be using ONLY in CSA/Torque builtins for > > dropping ALL JS arguments that are currently located on the stack. > > Disallowing PopAndReturn in builtins with stack arguments simplifies > > semantics of this instruction because in case of presence of declared > > stack parameters it's impossible to distinguish the following cases: > > 1) stack parameter is included in JS arguments (and therefore it will > > be dropped as a part of 'pop' number of arguments), > > 2) stack parameter is NOT included in JS arguments (and therefore it > > should be dropped in ADDITION to the 'pop' number of arguments). > > > > This issue wasn't noticed before because builtins with stack parameters > > relied on adapter frames machinery to ensure that the expected > > parameters are present on the stack, but on the same time the adapter > > frame tearing down code was effectively recovering the stack pointer > > potentially broken by the CSA builtin. > > > > Once we get rid of the arguments adapter frames keeping stack pointer > > in a valid state becomes crucial. > > > > Bug: v8:5269, v8:10201 > > Change-Id: Id3ea9730bb0d41d17999c73136c4dfada374a822 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2460819 > > Commit-Queue: Igor Sheludko <ishell@chromium.org> > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#70454} > > Tbr: tebbi@chromium.org > Bug: v8:5269 > Bug: v8:10201 > Change-Id: Ic1a05fcc4efd2068538bff28189545cfd2617d9b > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465839 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Victor Gomes <victorgomes@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70483} Tbr: tebbi@chromium.org Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel_ng Bug: v8:5269 Bug: v8:10201 Change-Id: Ib09af2d1260bb42ac26aabface14e6b83b3efec4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467847 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70492}
89 lines
3.1 KiB
C++
89 lines
3.1 KiB
C++
// Copyright 2016 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#ifndef V8_TEST_CCTEST_COMPILER_CODE_ASSEMBLER_TESTER_H_
|
|
#define V8_TEST_CCTEST_COMPILER_CODE_ASSEMBLER_TESTER_H_
|
|
|
|
#include "src/codegen/interface-descriptors.h"
|
|
#include "src/compiler/code-assembler.h"
|
|
#include "src/compiler/raw-machine-assembler.h"
|
|
#include "src/execution/isolate.h"
|
|
#include "src/handles/handles.h"
|
|
#include "test/cctest/compiler/function-tester.h"
|
|
|
|
namespace v8 {
|
|
namespace internal {
|
|
namespace compiler {
|
|
|
|
class CodeAssemblerTester {
|
|
public:
|
|
CodeAssemblerTester(Isolate* isolate,
|
|
const CallInterfaceDescriptor& descriptor,
|
|
const char* name = "test")
|
|
: zone_(isolate->allocator(), ZONE_NAME, kCompressGraphZone),
|
|
scope_(isolate),
|
|
state_(isolate, &zone_, descriptor,
|
|
CodeKind::DEOPT_ENTRIES_OR_FOR_TESTING, name,
|
|
PoisoningMitigationLevel::kDontPoison, Builtins::kNoBuiltinId) {}
|
|
|
|
// Test generating code for a stub. Assumes VoidDescriptor call interface.
|
|
explicit CodeAssemblerTester(Isolate* isolate, const char* name = "test")
|
|
: CodeAssemblerTester(isolate, VoidDescriptor{}, name) {}
|
|
|
|
// Test generating code for a JS function (e.g. builtins).
|
|
CodeAssemblerTester(Isolate* isolate, int parameter_count,
|
|
CodeKind kind = CodeKind::BUILTIN,
|
|
const char* name = "test")
|
|
: zone_(isolate->allocator(), ZONE_NAME, kCompressGraphZone),
|
|
scope_(isolate),
|
|
state_(isolate, &zone_, parameter_count, kind, name,
|
|
PoisoningMitigationLevel::kDontPoison) {}
|
|
|
|
CodeAssemblerTester(Isolate* isolate, CodeKind kind,
|
|
const char* name = "test")
|
|
: CodeAssemblerTester(isolate, 0, kind, name) {}
|
|
|
|
CodeAssemblerTester(Isolate* isolate, CallDescriptor* call_descriptor,
|
|
const char* name = "test")
|
|
: zone_(isolate->allocator(), ZONE_NAME, kCompressGraphZone),
|
|
scope_(isolate),
|
|
state_(isolate, &zone_, call_descriptor,
|
|
CodeKind::DEOPT_ENTRIES_OR_FOR_TESTING, name,
|
|
PoisoningMitigationLevel::kDontPoison, Builtins::kNoBuiltinId) {}
|
|
|
|
CodeAssemblerState* state() { return &state_; }
|
|
|
|
// Direct low-level access to the machine assembler, for testing only.
|
|
RawMachineAssembler* raw_assembler_for_testing() {
|
|
return state_.raw_assembler_.get();
|
|
}
|
|
|
|
Handle<Code> GenerateCode() {
|
|
return GenerateCode(AssemblerOptions::Default(scope_.isolate()));
|
|
}
|
|
|
|
Handle<Code> GenerateCode(const AssemblerOptions& options) {
|
|
if (state_.InsideBlock()) {
|
|
CodeAssembler(&state_).Unreachable();
|
|
}
|
|
return CodeAssembler::GenerateCode(&state_, options, nullptr);
|
|
}
|
|
|
|
Handle<Code> GenerateCodeCloseAndEscape() {
|
|
return scope_.CloseAndEscape(GenerateCode());
|
|
}
|
|
|
|
private:
|
|
Zone zone_;
|
|
HandleScope scope_;
|
|
LocalContext context_;
|
|
CodeAssemblerState state_;
|
|
};
|
|
|
|
} // namespace compiler
|
|
} // namespace internal
|
|
} // namespace v8
|
|
|
|
#endif // V8_TEST_CCTEST_COMPILER_CODE_ASSEMBLER_TESTER_H_
|