| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_PPC | 5 #if V8_TARGET_ARCH_PPC |
| 6 | 6 |
| 7 #include "src/ast/scopes.h" | 7 #include "src/ast/scopes.h" |
| 8 #include "src/code-factory.h" | 8 #include "src/code-factory.h" |
| 9 #include "src/code-stubs.h" | 9 #include "src/code-stubs.h" |
| 10 #include "src/codegen.h" | 10 #include "src/codegen.h" |
| (...skipping 1375 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1386 break; | 1386 break; |
| 1387 } | 1387 } |
| 1388 | 1388 |
| 1389 case VariableLocation::LOOKUP: { | 1389 case VariableLocation::LOOKUP: { |
| 1390 Comment cmnt(masm_, "[ Lookup variable"); | 1390 Comment cmnt(masm_, "[ Lookup variable"); |
| 1391 Label done, slow; | 1391 Label done, slow; |
| 1392 // Generate code for loading from variables potentially shadowed | 1392 // Generate code for loading from variables potentially shadowed |
| 1393 // by eval-introduced variables. | 1393 // by eval-introduced variables. |
| 1394 EmitDynamicLookupFastCase(proxy, typeof_mode, &slow, &done); | 1394 EmitDynamicLookupFastCase(proxy, typeof_mode, &slow, &done); |
| 1395 __ bind(&slow); | 1395 __ bind(&slow); |
| 1396 __ mov(r4, Operand(var->name())); | 1396 __ Push(var->name()); |
| 1397 __ Push(cp, r4); // Context and name. | |
| 1398 Runtime::FunctionId function_id = | 1397 Runtime::FunctionId function_id = |
| 1399 typeof_mode == NOT_INSIDE_TYPEOF | 1398 typeof_mode == NOT_INSIDE_TYPEOF |
| 1400 ? Runtime::kLoadLookupSlot | 1399 ? Runtime::kLoadLookupSlot |
| 1401 : Runtime::kLoadLookupSlotNoReferenceError; | 1400 : Runtime::kLoadLookupSlotInsideTypeof; |
| 1402 __ CallRuntime(function_id); | 1401 __ CallRuntime(function_id); |
| 1403 __ bind(&done); | 1402 __ bind(&done); |
| 1404 context()->Plug(r3); | 1403 context()->Plug(r3); |
| 1405 } | 1404 } |
| 1406 } | 1405 } |
| 1407 } | 1406 } |
| 1408 | 1407 |
| 1409 | 1408 |
| 1410 void FullCodeGenerator::VisitRegExpLiteral(RegExpLiteral* expr) { | 1409 void FullCodeGenerator::VisitRegExpLiteral(RegExpLiteral* expr) { |
| 1411 Comment cmnt(masm_, "[ RegExpLiteral"); | 1410 Comment cmnt(masm_, "[ RegExpLiteral"); |
| (...skipping 1031 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2443 __ mov(r4, Operand(var->name())); | 2442 __ mov(r4, Operand(var->name())); |
| 2444 __ push(r4); | 2443 __ push(r4); |
| 2445 __ CallRuntime(Runtime::kThrowReferenceError); | 2444 __ CallRuntime(Runtime::kThrowReferenceError); |
| 2446 __ bind(&uninitialized_this); | 2445 __ bind(&uninitialized_this); |
| 2447 EmitStoreToStackLocalOrContextSlot(var, location); | 2446 EmitStoreToStackLocalOrContextSlot(var, location); |
| 2448 | 2447 |
| 2449 } else if (!var->is_const_mode() || | 2448 } else if (!var->is_const_mode() || |
| 2450 (var->mode() == CONST && op == Token::INIT)) { | 2449 (var->mode() == CONST && op == Token::INIT)) { |
| 2451 if (var->IsLookupSlot()) { | 2450 if (var->IsLookupSlot()) { |
| 2452 // Assignment to var. | 2451 // Assignment to var. |
| 2453 __ push(r3); // Value. | 2452 __ Push(var->name()); |
| 2454 __ mov(r4, Operand(var->name())); | 2453 __ Push(r3); |
| 2455 __ mov(r3, Operand(Smi::FromInt(language_mode()))); | 2454 __ CallRuntime(is_strict(language_mode()) |
| 2456 __ Push(cp, r4, r3); // Context, name, language mode. | 2455 ? Runtime::kStoreLookupSlot_Strict |
| 2457 __ CallRuntime(Runtime::kStoreLookupSlot); | 2456 : Runtime::kStoreLookupSlot_Sloppy); |
| 2458 } else { | 2457 } else { |
| 2459 // Assignment to var or initializing assignment to let/const in harmony | 2458 // Assignment to var or initializing assignment to let/const in harmony |
| 2460 // mode. | 2459 // mode. |
| 2461 DCHECK((var->IsStackAllocated() || var->IsContextSlot())); | 2460 DCHECK((var->IsStackAllocated() || var->IsContextSlot())); |
| 2462 MemOperand location = VarOperand(var, r4); | 2461 MemOperand location = VarOperand(var, r4); |
| 2463 if (generate_debug_code_ && var->mode() == LET && op == Token::INIT) { | 2462 if (generate_debug_code_ && var->mode() == LET && op == Token::INIT) { |
| 2464 // Check for an uninitialized let binding. | 2463 // Check for an uninitialized let binding. |
| 2465 __ LoadP(r5, location); | 2464 __ LoadP(r5, location); |
| 2466 __ CompareRoot(r5, Heap::kTheHoleValueRootIndex); | 2465 __ CompareRoot(r5, Heap::kTheHoleValueRootIndex); |
| 2467 __ Check(eq, kLetBindingReInitialization); | 2466 __ Check(eq, kLetBindingReInitialization); |
| (...skipping 319 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2787 if (callee->var()->IsLookupSlot()) { | 2786 if (callee->var()->IsLookupSlot()) { |
| 2788 Label slow, done; | 2787 Label slow, done; |
| 2789 SetExpressionPosition(callee); | 2788 SetExpressionPosition(callee); |
| 2790 // Generate code for loading from variables potentially shadowed by | 2789 // Generate code for loading from variables potentially shadowed by |
| 2791 // eval-introduced variables. | 2790 // eval-introduced variables. |
| 2792 EmitDynamicLookupFastCase(callee, NOT_INSIDE_TYPEOF, &slow, &done); | 2791 EmitDynamicLookupFastCase(callee, NOT_INSIDE_TYPEOF, &slow, &done); |
| 2793 | 2792 |
| 2794 __ bind(&slow); | 2793 __ bind(&slow); |
| 2795 // Call the runtime to find the function to call (returned in r3) and | 2794 // Call the runtime to find the function to call (returned in r3) and |
| 2796 // the object holding it (returned in r4). | 2795 // the object holding it (returned in r4). |
| 2797 DCHECK(!context_register().is(r5)); | 2796 __ Push(callee->name()); |
| 2798 __ mov(r5, Operand(callee->name())); | 2797 __ CallRuntime(Runtime::kLoadLookupSlotForCall); |
| 2799 __ Push(context_register(), r5); | |
| 2800 __ CallRuntime(Runtime::kLoadLookupSlot); | |
| 2801 __ Push(r3, r4); // Function, receiver. | 2798 __ Push(r3, r4); // Function, receiver. |
| 2802 PrepareForBailoutForId(expr->LookupId(), NO_REGISTERS); | 2799 PrepareForBailoutForId(expr->LookupId(), NO_REGISTERS); |
| 2803 | 2800 |
| 2804 // If fast case code has been generated, emit code to push the function | 2801 // If fast case code has been generated, emit code to push the function |
| 2805 // and receiver and have the slow path jump around this code. | 2802 // and receiver and have the slow path jump around this code. |
| 2806 if (done.is_linked()) { | 2803 if (done.is_linked()) { |
| 2807 Label call; | 2804 Label call; |
| 2808 __ b(&call); | 2805 __ b(&call); |
| 2809 __ bind(&done); | 2806 __ bind(&done); |
| 2810 // Push function. | 2807 // Push function. |
| (...skipping 1112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3923 __ Push(r5, r4); | 3920 __ Push(r5, r4); |
| 3924 __ CallRuntime(Runtime::kDeleteProperty_Sloppy); | 3921 __ CallRuntime(Runtime::kDeleteProperty_Sloppy); |
| 3925 context()->Plug(r3); | 3922 context()->Plug(r3); |
| 3926 } else if (var->IsStackAllocated() || var->IsContextSlot()) { | 3923 } else if (var->IsStackAllocated() || var->IsContextSlot()) { |
| 3927 // Result of deleting non-global, non-dynamic variables is false. | 3924 // Result of deleting non-global, non-dynamic variables is false. |
| 3928 // The subexpression does not have side effects. | 3925 // The subexpression does not have side effects. |
| 3929 context()->Plug(is_this); | 3926 context()->Plug(is_this); |
| 3930 } else { | 3927 } else { |
| 3931 // Non-global variable. Call the runtime to try to delete from the | 3928 // Non-global variable. Call the runtime to try to delete from the |
| 3932 // context where the variable was introduced. | 3929 // context where the variable was introduced. |
| 3933 DCHECK(!context_register().is(r5)); | 3930 __ Push(var->name()); |
| 3934 __ mov(r5, Operand(var->name())); | |
| 3935 __ Push(context_register(), r5); | |
| 3936 __ CallRuntime(Runtime::kDeleteLookupSlot); | 3931 __ CallRuntime(Runtime::kDeleteLookupSlot); |
| 3937 context()->Plug(r3); | 3932 context()->Plug(r3); |
| 3938 } | 3933 } |
| 3939 } else { | 3934 } else { |
| 3940 // Result of deleting non-property, non-variable reference is true. | 3935 // Result of deleting non-property, non-variable reference is true. |
| 3941 // The subexpression may have side effects. | 3936 // The subexpression may have side effects. |
| 3942 VisitForEffect(expr->expression()); | 3937 VisitForEffect(expr->expression()); |
| 3943 context()->Plug(true); | 3938 context()->Plug(true); |
| 3944 } | 3939 } |
| 3945 break; | 3940 break; |
| (...skipping 677 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4623 return ON_STACK_REPLACEMENT; | 4618 return ON_STACK_REPLACEMENT; |
| 4624 } | 4619 } |
| 4625 | 4620 |
| 4626 DCHECK(interrupt_address == | 4621 DCHECK(interrupt_address == |
| 4627 isolate->builtins()->OsrAfterStackCheck()->entry()); | 4622 isolate->builtins()->OsrAfterStackCheck()->entry()); |
| 4628 return OSR_AFTER_STACK_CHECK; | 4623 return OSR_AFTER_STACK_CHECK; |
| 4629 } | 4624 } |
| 4630 } // namespace internal | 4625 } // namespace internal |
| 4631 } // namespace v8 | 4626 } // namespace v8 |
| 4632 #endif // V8_TARGET_ARCH_PPC | 4627 #endif // V8_TARGET_ARCH_PPC |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1683103002:
[compiler] Sanitize entry points to LookupSlot access. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master