| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_X64 | 5 #if V8_TARGET_ARCH_X64 |
| 6 | 6 |
| 7 #include "src/code-factory.h" | 7 #include "src/code-factory.h" |
| 8 #include "src/code-stubs.h" | 8 #include "src/code-stubs.h" |
| 9 #include "src/codegen.h" | 9 #include "src/codegen.h" |
| 10 #include "src/debug/debug.h" | 10 #include "src/debug/debug.h" |
| (...skipping 2926 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2937 SetConstructCallPosition(expr, arg_count); | 2937 SetConstructCallPosition(expr, arg_count); |
| 2938 | 2938 |
| 2939 // Load function and argument count into rdi and rax. | 2939 // Load function and argument count into rdi and rax. |
| 2940 __ Set(rax, arg_count); | 2940 __ Set(rax, arg_count); |
| 2941 __ movp(rdi, Operand(rsp, arg_count * kPointerSize)); | 2941 __ movp(rdi, Operand(rsp, arg_count * kPointerSize)); |
| 2942 | 2942 |
| 2943 // Record call targets in unoptimized code, but not in the snapshot. | 2943 // Record call targets in unoptimized code, but not in the snapshot. |
| 2944 __ EmitLoadTypeFeedbackVector(rbx); | 2944 __ EmitLoadTypeFeedbackVector(rbx); |
| 2945 __ Move(rdx, SmiFromSlot(expr->CallNewFeedbackSlot())); | 2945 __ Move(rdx, SmiFromSlot(expr->CallNewFeedbackSlot())); |
| 2946 | 2946 |
| 2947 CallConstructStub stub(isolate(), RECORD_CONSTRUCTOR_TARGET); | 2947 CallConstructStub stub(isolate()); |
| 2948 __ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL); | 2948 __ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL); |
| 2949 PrepareForBailoutForId(expr->ReturnId(), TOS_REG); | 2949 PrepareForBailoutForId(expr->ReturnId(), TOS_REG); |
| 2950 // Restore context register. | 2950 // Restore context register. |
| 2951 __ movp(rsi, Operand(rbp, StandardFrameConstants::kContextOffset)); | 2951 __ movp(rsi, Operand(rbp, StandardFrameConstants::kContextOffset)); |
| 2952 context()->Plug(rax); | 2952 context()->Plug(rax); |
| 2953 } | 2953 } |
| 2954 | 2954 |
| 2955 | 2955 |
| 2956 void FullCodeGenerator::EmitSuperConstructorCall(Call* expr) { | 2956 void FullCodeGenerator::EmitSuperConstructorCall(Call* expr) { |
| 2957 SuperCallReference* super_call_ref = | 2957 SuperCallReference* super_call_ref = |
| 2958 expr->expression()->AsSuperCallReference(); | 2958 expr->expression()->AsSuperCallReference(); |
| 2959 DCHECK_NOT_NULL(super_call_ref); | 2959 DCHECK_NOT_NULL(super_call_ref); |
| 2960 | 2960 |
| 2961 EmitLoadSuperConstructor(super_call_ref); | 2961 EmitLoadSuperConstructor(super_call_ref); |
| 2962 __ Push(result_register()); | 2962 __ Push(result_register()); |
| 2963 | 2963 |
| 2964 // Push the arguments ("left-to-right") on the stack. | 2964 // Push the arguments ("left-to-right") on the stack. |
| 2965 ZoneList<Expression*>* args = expr->arguments(); | 2965 ZoneList<Expression*>* args = expr->arguments(); |
| 2966 int arg_count = args->length(); | 2966 int arg_count = args->length(); |
| 2967 for (int i = 0; i < arg_count; i++) { | 2967 for (int i = 0; i < arg_count; i++) { |
| 2968 VisitForStackValue(args->at(i)); | 2968 VisitForStackValue(args->at(i)); |
| 2969 } | 2969 } |
| 2970 | 2970 |
| 2971 // Call the construct call builtin that handles allocation and | 2971 // Call the construct call builtin that handles allocation and |
| 2972 // constructor invocation. | 2972 // constructor invocation. |
| 2973 SetConstructCallPosition(expr, arg_count); | 2973 SetConstructCallPosition(expr, arg_count); |
| 2974 | 2974 |
| 2975 // Load new target into rcx. | 2975 // Load new target into rdx. |
| 2976 VisitForAccumulatorValue(super_call_ref->new_target_var()); | 2976 VisitForAccumulatorValue(super_call_ref->new_target_var()); |
| 2977 __ movp(rcx, result_register()); | 2977 __ movp(rdx, result_register()); |
| 2978 | 2978 |
| 2979 // Load function and argument count into rdi and rax. | 2979 // Load function and argument count into rdi and rax. |
| 2980 __ Set(rax, arg_count); | 2980 __ Set(rax, arg_count); |
| 2981 __ movp(rdi, Operand(rsp, arg_count * kPointerSize)); | 2981 __ movp(rdi, Operand(rsp, arg_count * kPointerSize)); |
| 2982 | 2982 |
| 2983 // Record call targets in unoptimized code. | 2983 __ Call(isolate()->builtins()->Construct(), RelocInfo::CONSTRUCT_CALL); |
| 2984 __ EmitLoadTypeFeedbackVector(rbx); | |
| 2985 __ Move(rdx, SmiFromSlot(expr->CallFeedbackSlot())); | |
| 2986 | |
| 2987 CallConstructStub stub(isolate(), SUPER_CALL_RECORD_TARGET); | |
| 2988 __ call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL); | |
| 2989 | 2984 |
| 2990 RecordJSReturnSite(expr); | 2985 RecordJSReturnSite(expr); |
| 2991 | 2986 |
| 2992 // Restore context register. | 2987 // Restore context register. |
| 2993 __ movp(rsi, Operand(rbp, StandardFrameConstants::kContextOffset)); | 2988 __ movp(rsi, Operand(rbp, StandardFrameConstants::kContextOffset)); |
| 2994 | 2989 |
| 2995 context()->Plug(rax); | 2990 context()->Plug(rax); |
| 2996 } | 2991 } |
| 2997 | 2992 |
| 2998 | 2993 |
| (...skipping 1940 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4939 Assembler::target_address_at(call_target_address, | 4934 Assembler::target_address_at(call_target_address, |
| 4940 unoptimized_code)); | 4935 unoptimized_code)); |
| 4941 return OSR_AFTER_STACK_CHECK; | 4936 return OSR_AFTER_STACK_CHECK; |
| 4942 } | 4937 } |
| 4943 | 4938 |
| 4944 | 4939 |
| 4945 } // namespace internal | 4940 } // namespace internal |
| 4946 } // namespace v8 | 4941 } // namespace v8 |
| 4947 | 4942 |
| 4948 #endif // V8_TARGET_ARCH_X64 | 4943 #endif // V8_TARGET_ARCH_X64 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1469793002:
[builtins] Sanitize the machinery around Construct calls. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master