Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/ia32/virtual-frame-ia32.h

Issue 3115004: Fix fuzzer-found error where left and right were the same register in bitops. (Closed) Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/
Patch Set: '' Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/ia32/codegen-ia32.cc ('k') | test/mjsunit/regress/bitops-register-alias.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2009 the V8 project authors. All rights reserved. 1 // Copyright 2009 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
132 void ForgetElements(int count); 132 void ForgetElements(int count);
133 133
134 // Spill all values from the frame to memory. 134 // Spill all values from the frame to memory.
135 inline void SpillAll(); 135 inline void SpillAll();
136 136
137 // Spill all occurrences of a specific register from the frame. 137 // Spill all occurrences of a specific register from the frame.
138 void Spill(Register reg) { 138 void Spill(Register reg) {
139 if (is_used(reg)) SpillElementAt(register_location(reg)); 139 if (is_used(reg)) SpillElementAt(register_location(reg));
140 } 140 }
141 141
142 // Make the two registers distinct and spill them. Returns the second
143 // register. If the registers were not distinct then it returns the new
144 // second register.
145 Result MakeDistinctAndSpilled(Result* left, Result* right) {
146 Spill(left->reg());
147 Spill(right->reg());
148 if (left->reg().is(right->reg())) {
149 RegisterAllocator* allocator = cgen()->allocator();
150 Result fresh = allocator->Allocate();
151 ASSERT(fresh.is_valid());
152 masm()->mov(fresh.reg(), right->reg());
153 return fresh;
154 }
155 return *right;
156 }
157
142 // Spill all occurrences of an arbitrary register if possible. Return the 158 // Spill all occurrences of an arbitrary register if possible. Return the
143 // register spilled or no_reg if it was not possible to free any register 159 // register spilled or no_reg if it was not possible to free any register
144 // (ie, they all have frame-external references). 160 // (ie, they all have frame-external references).
145 Register SpillAnyRegister(); 161 Register SpillAnyRegister();
146 162
147 // Spill the top element of the frame. 163 // Spill the top element of the frame.
148 void SpillTop() { SpillElementAt(element_count() - 1); } 164 void SpillTop() { SpillElementAt(element_count() - 1); }
149 165
150 // Sync the range of elements in [begin, end] with memory. 166 // Sync the range of elements in [begin, end] with memory.
151 void SyncRange(int begin, int end); 167 void SyncRange(int begin, int end);
(...skipping 466 matching lines...) Expand 10 before | Expand all | Expand 10 after
618 inline bool Equals(VirtualFrame* other); 634 inline bool Equals(VirtualFrame* other);
619 635
620 // Classes that need raw access to the elements_ array. 636 // Classes that need raw access to the elements_ array.
621 friend class FrameRegisterState; 637 friend class FrameRegisterState;
622 friend class JumpTarget; 638 friend class JumpTarget;
623 }; 639 };
624 640
625 } } // namespace v8::internal 641 } } // namespace v8::internal
626 642
627 #endif // V8_IA32_VIRTUAL_FRAME_IA32_H_ 643 #endif // V8_IA32_VIRTUAL_FRAME_IA32_H_
OLDNEW
« no previous file with comments | « src/ia32/codegen-ia32.cc ('k') | test/mjsunit/regress/bitops-register-alias.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698