Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(188)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/full-codegen/arm/full-codegen-arm.cc

Issue 1683103002: [compiler] Sanitize entry points to LookupSlot access. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: REBASE. Fixes. Comments. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/compiler/verifier.cc ('k') | src/full-codegen/arm64/full-codegen-arm64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #if V8_TARGET_ARCH_ARM 5 #if V8_TARGET_ARCH_ARM
6 6
7 #include "src/ast/scopes.h" 7 #include "src/ast/scopes.h"
8 #include "src/code-factory.h" 8 #include "src/code-factory.h"
9 #include "src/code-stubs.h" 9 #include "src/code-stubs.h"
10 #include "src/codegen.h" 10 #include "src/codegen.h"
(...skipping 1415 matching lines...) Expand 10 before | Expand all | Expand 10 after
1426 break; 1426 break;
1427 } 1427 }
1428 1428
1429 case VariableLocation::LOOKUP: { 1429 case VariableLocation::LOOKUP: {
1430 Comment cmnt(masm_, "[ Lookup variable"); 1430 Comment cmnt(masm_, "[ Lookup variable");
1431 Label done, slow; 1431 Label done, slow;
1432 // Generate code for loading from variables potentially shadowed 1432 // Generate code for loading from variables potentially shadowed
1433 // by eval-introduced variables. 1433 // by eval-introduced variables.
1434 EmitDynamicLookupFastCase(proxy, typeof_mode, &slow, &done); 1434 EmitDynamicLookupFastCase(proxy, typeof_mode, &slow, &done);
1435 __ bind(&slow); 1435 __ bind(&slow);
1436 __ mov(r1, Operand(var->name())); 1436 __ Push(var->name());
1437 __ Push(cp, r1); // Context and name.
1438 Runtime::FunctionId function_id = 1437 Runtime::FunctionId function_id =
1439 typeof_mode == NOT_INSIDE_TYPEOF 1438 typeof_mode == NOT_INSIDE_TYPEOF
1440 ? Runtime::kLoadLookupSlot 1439 ? Runtime::kLoadLookupSlot
1441 : Runtime::kLoadLookupSlotNoReferenceError; 1440 : Runtime::kLoadLookupSlotInsideTypeof;
1442 __ CallRuntime(function_id); 1441 __ CallRuntime(function_id);
1443 __ bind(&done); 1442 __ bind(&done);
1444 context()->Plug(r0); 1443 context()->Plug(r0);
1445 } 1444 }
1446 } 1445 }
1447 } 1446 }
1448 1447
1449 1448
1450 void FullCodeGenerator::VisitRegExpLiteral(RegExpLiteral* expr) { 1449 void FullCodeGenerator::VisitRegExpLiteral(RegExpLiteral* expr) {
1451 Comment cmnt(masm_, "[ RegExpLiteral"); 1450 Comment cmnt(masm_, "[ RegExpLiteral");
(...skipping 995 matching lines...) Expand 10 before | Expand all | Expand 10 after
2447 __ mov(r0, Operand(var->name())); 2446 __ mov(r0, Operand(var->name()));
2448 __ Push(r0); 2447 __ Push(r0);
2449 __ CallRuntime(Runtime::kThrowReferenceError); 2448 __ CallRuntime(Runtime::kThrowReferenceError);
2450 __ bind(&uninitialized_this); 2449 __ bind(&uninitialized_this);
2451 EmitStoreToStackLocalOrContextSlot(var, location); 2450 EmitStoreToStackLocalOrContextSlot(var, location);
2452 2451
2453 } else if (!var->is_const_mode() || 2452 } else if (!var->is_const_mode() ||
2454 (var->mode() == CONST && op == Token::INIT)) { 2453 (var->mode() == CONST && op == Token::INIT)) {
2455 if (var->IsLookupSlot()) { 2454 if (var->IsLookupSlot()) {
2456 // Assignment to var. 2455 // Assignment to var.
2457 __ push(r0); // Value. 2456 __ Push(var->name());
2458 __ mov(r1, Operand(var->name())); 2457 __ Push(r0);
2459 __ mov(r0, Operand(Smi::FromInt(language_mode()))); 2458 __ CallRuntime(is_strict(language_mode())
2460 __ Push(cp, r1, r0); // Context, name, language mode. 2459 ? Runtime::kStoreLookupSlot_Strict
2461 __ CallRuntime(Runtime::kStoreLookupSlot); 2460 : Runtime::kStoreLookupSlot_Sloppy);
2462 } else { 2461 } else {
2463 // Assignment to var or initializing assignment to let/const in harmony 2462 // Assignment to var or initializing assignment to let/const in harmony
2464 // mode. 2463 // mode.
2465 DCHECK((var->IsStackAllocated() || var->IsContextSlot())); 2464 DCHECK((var->IsStackAllocated() || var->IsContextSlot()));
2466 MemOperand location = VarOperand(var, r1); 2465 MemOperand location = VarOperand(var, r1);
2467 if (generate_debug_code_ && var->mode() == LET && op == Token::INIT) { 2466 if (generate_debug_code_ && var->mode() == LET && op == Token::INIT) {
2468 // Check for an uninitialized let binding. 2467 // Check for an uninitialized let binding.
2469 __ ldr(r2, location); 2468 __ ldr(r2, location);
2470 __ CompareRoot(r2, Heap::kTheHoleValueRootIndex); 2469 __ CompareRoot(r2, Heap::kTheHoleValueRootIndex);
2471 __ Check(eq, kLetBindingReInitialization); 2470 __ Check(eq, kLetBindingReInitialization);
(...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after
2800 if (callee->var()->IsLookupSlot()) { 2799 if (callee->var()->IsLookupSlot()) {
2801 Label slow, done; 2800 Label slow, done;
2802 SetExpressionPosition(callee); 2801 SetExpressionPosition(callee);
2803 // Generate code for loading from variables potentially shadowed 2802 // Generate code for loading from variables potentially shadowed
2804 // by eval-introduced variables. 2803 // by eval-introduced variables.
2805 EmitDynamicLookupFastCase(callee, NOT_INSIDE_TYPEOF, &slow, &done); 2804 EmitDynamicLookupFastCase(callee, NOT_INSIDE_TYPEOF, &slow, &done);
2806 2805
2807 __ bind(&slow); 2806 __ bind(&slow);
2808 // Call the runtime to find the function to call (returned in r0) 2807 // Call the runtime to find the function to call (returned in r0)
2809 // and the object holding it (returned in edx). 2808 // and the object holding it (returned in edx).
2810 DCHECK(!context_register().is(r2)); 2809 __ Push(callee->name());
2811 __ mov(r2, Operand(callee->name())); 2810 __ CallRuntime(Runtime::kLoadLookupSlotForCall);
2812 __ Push(context_register(), r2);
2813 __ CallRuntime(Runtime::kLoadLookupSlot);
2814 __ Push(r0, r1); // Function, receiver. 2811 __ Push(r0, r1); // Function, receiver.
2815 PrepareForBailoutForId(expr->LookupId(), NO_REGISTERS); 2812 PrepareForBailoutForId(expr->LookupId(), NO_REGISTERS);
2816 2813
2817 // If fast case code has been generated, emit code to push the 2814 // If fast case code has been generated, emit code to push the
2818 // function and receiver and have the slow path jump around this 2815 // function and receiver and have the slow path jump around this
2819 // code. 2816 // code.
2820 if (done.is_linked()) { 2817 if (done.is_linked()) {
2821 Label call; 2818 Label call;
2822 __ b(&call); 2819 __ b(&call);
2823 __ bind(&done); 2820 __ bind(&done);
(...skipping 1101 matching lines...) Expand 10 before | Expand all | Expand 10 after
3925 __ Push(r2, r1); 3922 __ Push(r2, r1);
3926 __ CallRuntime(Runtime::kDeleteProperty_Sloppy); 3923 __ CallRuntime(Runtime::kDeleteProperty_Sloppy);
3927 context()->Plug(r0); 3924 context()->Plug(r0);
3928 } else if (var->IsStackAllocated() || var->IsContextSlot()) { 3925 } else if (var->IsStackAllocated() || var->IsContextSlot()) {
3929 // Result of deleting non-global, non-dynamic variables is false. 3926 // Result of deleting non-global, non-dynamic variables is false.
3930 // The subexpression does not have side effects. 3927 // The subexpression does not have side effects.
3931 context()->Plug(is_this); 3928 context()->Plug(is_this);
3932 } else { 3929 } else {
3933 // Non-global variable. Call the runtime to try to delete from the 3930 // Non-global variable. Call the runtime to try to delete from the
3934 // context where the variable was introduced. 3931 // context where the variable was introduced.
3935 DCHECK(!context_register().is(r2)); 3932 __ Push(var->name());
3936 __ mov(r2, Operand(var->name()));
3937 __ Push(context_register(), r2);
3938 __ CallRuntime(Runtime::kDeleteLookupSlot); 3933 __ CallRuntime(Runtime::kDeleteLookupSlot);
3939 context()->Plug(r0); 3934 context()->Plug(r0);
3940 } 3935 }
3941 } else { 3936 } else {
3942 // Result of deleting non-property, non-variable reference is true. 3937 // Result of deleting non-property, non-variable reference is true.
3943 // The subexpression may have side effects. 3938 // The subexpression may have side effects.
3944 VisitForEffect(expr->expression()); 3939 VisitForEffect(expr->expression());
3945 context()->Plug(true); 3940 context()->Plug(true);
3946 } 3941 }
3947 break; 3942 break;
(...skipping 754 matching lines...) Expand 10 before | Expand all | Expand 10 after
4702 DCHECK(interrupt_address == 4697 DCHECK(interrupt_address ==
4703 isolate->builtins()->OsrAfterStackCheck()->entry()); 4698 isolate->builtins()->OsrAfterStackCheck()->entry());
4704 return OSR_AFTER_STACK_CHECK; 4699 return OSR_AFTER_STACK_CHECK;
4705 } 4700 }
4706 4701
4707 4702
4708 } // namespace internal 4703 } // namespace internal
4709 } // namespace v8 4704 } // namespace v8
4710 4705
4711 #endif // V8_TARGET_ARCH_ARM 4706 #endif // V8_TARGET_ARCH_ARM
OLDNEW
« no previous file with comments | « src/compiler/verifier.cc ('k') | src/full-codegen/arm64/full-codegen-arm64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698