Stream: git-wasmtime

Topic: wasmtime / issue #4132 Cranelift: develop a bounds-check ...


view this post on Zulip Wasmtime GitHub notifications bot (May 10 2022 at 23:40):

cfallin opened issue #4132:

When using explicit bounds checks for "dynamic" heaps, Cranelift generated code currently includes a comparison and conditional branch for every access (as well as the Spectre-mitigation conditional move if enabled).

In some cases, it should be able to prove that subsequent accesses are "superseded" by the first: they occur at the same or earlier addresses. In such cases, we can only reach the second access if the first bounds-check succeeded (or else we would have trapped), and heaps can never shrink, so the second is unnecessary.

We should develop such an analysis initially with a simple "same index SSA-value" test, and later enhance it with a value range analysis.

view this post on Zulip Wasmtime GitHub notifications bot (May 10 2022 at 23:40):

cfallin labeled issue #4132:

When using explicit bounds checks for "dynamic" heaps, Cranelift generated code currently includes a comparison and conditional branch for every access (as well as the Spectre-mitigation conditional move if enabled).

In some cases, it should be able to prove that subsequent accesses are "superseded" by the first: they occur at the same or earlier addresses. In such cases, we can only reach the second access if the first bounds-check succeeded (or else we would have trapped), and heaps can never shrink, so the second is unnecessary.

We should develop such an analysis initially with a simple "same index SSA-value" test, and later enhance it with a value range analysis.

view this post on Zulip Wasmtime GitHub notifications bot (May 10 2022 at 23:40):

cfallin labeled issue #4132:

When using explicit bounds checks for "dynamic" heaps, Cranelift generated code currently includes a comparison and conditional branch for every access (as well as the Spectre-mitigation conditional move if enabled).

In some cases, it should be able to prove that subsequent accesses are "superseded" by the first: they occur at the same or earlier addresses. In such cases, we can only reach the second access if the first bounds-check succeeded (or else we would have trapped), and heaps can never shrink, so the second is unnecessary.

We should develop such an analysis initially with a simple "same index SSA-value" test, and later enhance it with a value range analysis.


Last updated: Dec 23 2024 at 13:07 UTC