Skip to content

S
swiftshader
Switch branch/tag
  1. 18 Sep, 2015 1 commit
  3. 17 Sep, 2015 2 commits
  5. 16 Sep, 2015 7 commits
  7. 15 Sep, 2015 4 commits
    • Subzero: Add a flag to mock up bounds checking on unsafe references. · ad2989b6
      Jim Stichnoth authored 
      The idea is that, before each load or store operation, we add a couple of compares/branches against the load/store address, one for the lower bound and one for the upper bound.  The conditional branches would be to an error throwing routine, and would never be taken in practice.  The compares might be against an immediate or a global location.  So a load of [reg] will mock-expand to this:

  cmp reg, 0
  je label
  cmp reg, 1
  je label
label:
  mov xxx, [reg]

We also make address mode inference less aggressive, because for a load of e.g. [eax+4*ecx], we can't compare that address expression against anything in any instruction, so we would have to reconstruct the address and undo at least part of the address mode inference.

The bounds-check mock is added for loads, stores, and rmw operations (with an exclusion for stores to the stack for out-arg pushes).  There are probably a small handful of other cases that are missing the bounds check, but if we add the transformation inside legalize(), which is the most obvious place, we may add extra bounds checks because sometimes legalize() is called twice on the same operand.

BUG= none
R=ascull@google.com

Review URL: https://codereview.chromium.org/1338633005 .
    • Subzero: Fix off-by-one asserts in intrinsic info lookup routines. · 92b31446
      Jim Stichnoth authored 
      It turns out that getNumArgs() and getReturnType() were never actually called except to print errors, so this bug was never encountered until now.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=4315
R=ascull@google.com

Review URL: https://codereview.chromium.org/1347683002 .
    • Subzero: Fix labels for block profiling. · e7dbc0bc
      Jim Stichnoth authored 
      The problem is that the block profiling pass runs at the very beginning and commits to particular label strings, but the actual label names might change by emission time because of node reordering.

There was actually something of a workaround - given a label string from the profile output, inspect the *profiled* asm code and search for the block containing the increment of the counter location, as the name of the counter location label is related to the label string in the profile output.  However, it's tedious to mentally filter out the counter update code, and the counter update code has a huge impact on register allocation.

The solution is to use a persistent number in CfgNode for constructing the label string, which doesn't change when the nodes are reordered.

One note (independent of this change): Without block profiling, empty basic blocks are deleted and don't appear in the asm output.  But with block profiling, these blocks are never empty because they contain profile update instructions.  This means the profile output may contain labels that don't exist in the non-profiled asm.

Another note: New nodes created as a result of edge splitting from advanced phi lowering are not profiled.

BUG= none
R=ascull@google.com, jpp@chromium.org

Review URL: https://codereview.chromium.org/1341613002 .
    • Subzero: Don't contract an empty node that branches to itself. · 1921fba6
      Jim Stichnoth authored 
      BUG= https://code.google.com/p/nativeclient/issues/detail?id=4307
R=ascull@google.com

Review URL: https://codereview.chromium.org/1337113008 .
  9. 14 Sep, 2015 2 commits
  11. 11 Sep, 2015 1 commit
  13. 09 Sep, 2015 2 commits
  15. 08 Sep, 2015 2 commits
  17. 04 Sep, 2015 3 commits
  19. 03 Sep, 2015 1 commit
  21. 31 Aug, 2015 1 commit
  23. 28 Aug, 2015 1 commit
  25. 25 Aug, 2015 2 commits
  27. 21 Aug, 2015 2 commits
  29. 20 Aug, 2015 3 commits
    • Use separate random number generator for each randomization pass · aee5fa8d
      Qining Lu authored 
      This removes random number generator from GlobalContext class and decouples different randomization passes

1. Add a new constructor for random number generator which merge three arguments to into one seed for the underlying implementation of random number generator.

RandomNumberGenerator(uint64_t Seed, RandomizationPassesEnum RandomizationPassID, uint64_t Salt=0)

param Seed: Should be the global random number seed passed through command line.
param RandomizationPassID: Should be the ID for different randomization passes.
param Salt: Should be an additional integer salt, default to be 0.

2. Move the creation of random number generators to the call sites of randomization passes. Each randomization pass create its own random number generator with specific salt value.

Function reordering:		Salt = 0 (default)
Basic Block reordering:		Salt = Function Sequence Number
Global Variable reordering:	Salt = 0 (default)
Pooled Constants reordering:	Salt = Constants' Kind value (return of getKind())
               *Jump Tables:	Salt = 0
Nop Insertion:			Salt = Function Sequence Number
Register Alloc Randomization:	Salt = (Function Sequence Number << 1) ^ (Kind == RAK_Phi ? 0u : 1u)
Constants Blinding:		Salt = Function Sequence Number

*Jump tables are treated as pooled constants, but without Kind value as salt.

BUG=
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/1300993002.
    • Inline memove for small constant sizes and refactor memcpy and memset. · cfa628b5
      Andrew Scull authored 
      The memory intrinsics are only optimized at -O1 and higher unless the
-fmem-intrin-opt flag is set to force to optimization to take place.

This change also introduces the xchg instruction for two register operands. This
is no longer used in the memory intrinsic lowering (or by anything else) but the
implementation is left for future use.

BUG=
R=jvoung@chromium.org, stichnot@chromium.org

Review URL: https://codereview.chromium.org/1278173009.
    • Change to use arena allocation for function-local data in parser. · 209318af
      Karl Schimpf authored 
      Changes to use arena allocator of the CFG associated with function, for
vectors in the function parser.

BUG=None
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/1293343003 .
  31. 17 Aug, 2015 1 commit
    • Restore function-local variables to use a vector. · 7a99327d
      Karl Schimpf authored 
      CL 1282523002 changed the bitcode parser from using a vector, to using
an unordered map. This was done because one could forward reference a
local variable, and would freeze the computer trying to allocate a
vector large enough to contain the index.

This patch goes back to using vectors. To fix the forward variable
reference, we use the number of bytes in the function to determine if
the index is possible. This stops very large (probematic) vector
resizes from happening.

BUG=None
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/1293923002 .
  33. 14 Aug, 2015 1 commit
    • Change tracking of basic blocks (within function) to use a vector. · 98ed4464
      Karl Schimpf authored 
      Changing the code to "preallocate" basic blocks in a vector, rather
than dynamically creating on demand. This has the advantage of not
requiring basic blocks to be sorted after the bitcode is parsed.

This also means that the name of the basic blocks remain constant,
even during parsing, making debugging easier.

The drawback is that the DECLAREBLOCKS bitcode record of a function
block can define a very large number of basic blocks. To control this,
we look at the function block size (within the bitstream) to determine
the maximal number of basic blocks that could be defined. If the
DECLAREBLOCKS record specifies a number larger than this, we generate
an error and recover (if applicable).

We also add an cleanup test that confirms the number of declared basic
blocks correspond to the number of basic blocks defined in the
function.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=4261
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/1297433002 .
  35. 12 Aug, 2015 2 commits
  37. 10 Aug, 2015 2 commits
    • Subzero: Misc fixes/cleanup. · 992f91dd
      Jim Stichnoth authored 
      1. Fix MINIMAL build.
  (a) Add a void cast to a var only used in asserts.
  (b) Use "REQUIRES:" instead of "REQUIRES" in a .ll file.
2. Use StrError instead of StrDump for errors.
3. Use a lambda instead of a functor because C++11.
4. Explicit check for -filetype=obj in a non-dump-enabled build, to avoid cryptic downstream error messages.
5. Run "make format" which was neglected earlier.

BUG= none
R=kschimpf@google.com

Review URL: https://codereview.chromium.org/1284493003.
    • Fix processing of local variable indices in fuction blocks. · c6acf08f
      Karl Schimpf authored 
      The previous code used a vector to hold local values associated with
indices in the bitcode file. The problem was that the vector would be
expanded to match the index of a "variable index forward reference".
If the index was very large, the program would freeze the computer
trying to allocate an array large enough to contain the index.

This patch fixes this by using a local unordered map instead of a
vector.  Hence, forward index references just add a sinle entry into
the map.

Note that this fix doesn't have a corresponding issue. However, the
problem was made apparent from the problems noted in issues 4257 and
4261.

BUG=None
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/1282523002 .