Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(229)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: runtime/vm/intrinsifier_mips.cc

Issue 1096063002: Fix array allocation overflow check on arm/arm64/mips. (Closed) Base URL: http://dart.googlecode.com/svn/branches/bleeding_edge/dart/
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« runtime/vm/intrinsifier_arm64.cc ('K') | « runtime/vm/intrinsifier_arm64.cc ('k') | runtime/vm/object_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 #include "vm/globals.h" // Needed here to get TARGET_ARCH_MIPS. 5 #include "vm/globals.h" // Needed here to get TARGET_ARCH_MIPS.
6 #if defined(TARGET_ARCH_MIPS) 6 #if defined(TARGET_ARCH_MIPS)
7 7
8 #include "vm/intrinsifier.h" 8 #include "vm/intrinsifier.h"
9 9
10 #include "vm/assembler.h" 10 #include "vm/assembler.h"
(...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after
193 const intptr_t fixed_size = sizeof(Raw##type_name) + kObjectAlignment - 1; \ 193 const intptr_t fixed_size = sizeof(Raw##type_name) + kObjectAlignment - 1; \
194 __ AddImmediate(T2, fixed_size); \ 194 __ AddImmediate(T2, fixed_size); \
195 __ LoadImmediate(TMP, -kObjectAlignment); \ 195 __ LoadImmediate(TMP, -kObjectAlignment); \
196 __ and_(T2, T2, TMP); \ 196 __ and_(T2, T2, TMP); \
197 Heap* heap = Isolate::Current()->heap(); \ 197 Heap* heap = Isolate::Current()->heap(); \
198 Heap::Space space = heap->SpaceForAllocation(cid); \ 198 Heap::Space space = heap->SpaceForAllocation(cid); \
199 __ LoadImmediate(V0, heap->TopAddress(space)); \ 199 __ LoadImmediate(V0, heap->TopAddress(space)); \
200 __ lw(V0, Address(V0, 0)); \ 200 __ lw(V0, Address(V0, 0)); \
201 \ 201 \
202 /* T2: allocation size. */ \ 202 /* T2: allocation size. */ \
203 __ AdduDetectOverflow(T1, V0, T2, CMPRES1); \ 203 __ addu(T1, V0, T2); \
204 __ bltz(CMPRES1, &fall_through); \ 204 /* Branch on unsigned overflow. */ \
205 __ BranchUnsignedLess(T1, V0, &fall_through); \
205 \ 206 \
206 /* Check if the allocation fits into the remaining space. */ \ 207 /* Check if the allocation fits into the remaining space. */ \
207 /* V0: potential new object start. */ \ 208 /* V0: potential new object start. */ \
208 /* T1: potential next object start. */ \ 209 /* T1: potential next object start. */ \
209 /* T2: allocation size. */ \ 210 /* T2: allocation size. */ \
210 __ LoadImmediate(T3, heap->EndAddress(space)); \ 211 __ LoadImmediate(T3, heap->EndAddress(space)); \
211 __ lw(T3, Address(T3, 0)); \ 212 __ lw(T3, Address(T3, 0)); \
212 __ BranchUnsignedGreaterEqual(T1, T3, &fall_through); \ 213 __ BranchUnsignedGreaterEqual(T1, T3, &fall_through); \
213 \ 214 \
214 /* Successfully allocated the object(s), now update top to point to */ \ 215 /* Successfully allocated the object(s), now update top to point to */ \
(...skipping 1541 matching lines...) Expand 10 before | Expand all | Expand 10 after
1756 // Allocates one-byte string of length 'end - start'. The content is not 1757 // Allocates one-byte string of length 'end - start'. The content is not
1757 // initialized. 1758 // initialized.
1758 // 'length-reg' (T2) contains tagged length. 1759 // 'length-reg' (T2) contains tagged length.
1759 // Returns new string as tagged pointer in V0. 1760 // Returns new string as tagged pointer in V0.
1760 static void TryAllocateOnebyteString(Assembler* assembler, 1761 static void TryAllocateOnebyteString(Assembler* assembler,
1761 Label* ok, 1762 Label* ok,
1762 Label* failure) { 1763 Label* failure) {
1763 const Register length_reg = T2; 1764 const Register length_reg = T2;
1764 1765
1765 __ mov(T6, length_reg); // Save the length register. 1766 __ mov(T6, length_reg); // Save the length register.
1767 // TODO(koda): Protect against negative length and overflow here.
1766 __ SmiUntag(length_reg); 1768 __ SmiUntag(length_reg);
1767 const intptr_t fixed_size = sizeof(RawString) + kObjectAlignment - 1; 1769 const intptr_t fixed_size = sizeof(RawString) + kObjectAlignment - 1;
1768 __ AddImmediate(length_reg, fixed_size); 1770 __ AddImmediate(length_reg, fixed_size);
1769 __ LoadImmediate(TMP, ~(kObjectAlignment - 1)); 1771 __ LoadImmediate(TMP, ~(kObjectAlignment - 1));
1770 __ and_(length_reg, length_reg, TMP); 1772 __ and_(length_reg, length_reg, TMP);
1771 1773
1772 Isolate* isolate = Isolate::Current(); 1774 Isolate* isolate = Isolate::Current();
1773 Heap* heap = isolate->heap(); 1775 Heap* heap = isolate->heap();
1774 const intptr_t cid = kOneByteStringCid; 1776 const intptr_t cid = kOneByteStringCid;
1775 Heap::Space space = heap->SpaceForAllocation(cid); 1777 Heap::Space space = heap->SpaceForAllocation(cid);
1776 __ LoadImmediate(T3, heap->TopAddress(space)); 1778 __ LoadImmediate(T3, heap->TopAddress(space));
1777 __ lw(V0, Address(T3, 0)); 1779 __ lw(V0, Address(T3, 0));
1778 1780
1779 // length_reg: allocation size. 1781 // length_reg: allocation size.
1780 __ AdduDetectOverflow(T1, V0, length_reg, CMPRES1); 1782 __ addu(T1, V0, length_reg);
1781 __ bltz(CMPRES1, failure); // Fail on overflow. 1783 __ BranchUnsignedLess(T1, V0, failure); // Fail on unsigned overflow.
1782 1784
1783 // Check if the allocation fits into the remaining space. 1785 // Check if the allocation fits into the remaining space.
1784 // V0: potential new object start. 1786 // V0: potential new object start.
1785 // T1: potential next object start. 1787 // T1: potential next object start.
1786 // T2: allocation size. 1788 // T2: allocation size.
1787 // T3: heap->TopAddress(space). 1789 // T3: heap->TopAddress(space).
1788 __ LoadImmediate(T4, heap->EndAddress(space)); 1790 __ LoadImmediate(T4, heap->EndAddress(space));
1789 __ lw(T4, Address(T4, 0)); 1791 __ lw(T4, Address(T4, 0));
1790 __ BranchUnsignedGreaterEqual(T1, T4, failure); 1792 __ BranchUnsignedGreaterEqual(T1, T4, failure);
1791 1793
(...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after
2044 Isolate* isolate = Isolate::Current(); 2046 Isolate* isolate = Isolate::Current();
2045 __ LoadImmediate(V0, reinterpret_cast<uword>(isolate)); 2047 __ LoadImmediate(V0, reinterpret_cast<uword>(isolate));
2046 // Set return value. 2048 // Set return value.
2047 __ Ret(); 2049 __ Ret();
2048 __ delay_slot()->lw(V0, Address(V0, Isolate::current_tag_offset())); 2050 __ delay_slot()->lw(V0, Address(V0, Isolate::current_tag_offset()));
2049 } 2051 }
2050 2052
2051 } // namespace dart 2053 } // namespace dart
2052 2054
2053 #endif // defined TARGET_ARCH_MIPS 2055 #endif // defined TARGET_ARCH_MIPS
OLDNEW
« runtime/vm/intrinsifier_arm64.cc ('K') | « runtime/vm/intrinsifier_arm64.cc ('k') | runtime/vm/object_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698