Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/codegen-ia32.h

Issue 21392: Change compiler to safely write unsafe smis when they are spilled from... (Closed) Base URL: http://v8.googlecode.com/svn/branches/experimental/toiger/
Patch Set: '' Created 11 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | src/codegen-ia32.cc » ('j') | src/codegen-ia32.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2006-2008 the V8 project authors. All rights reserved. 1 // Copyright 2006-2008 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 446 matching lines...) Expand 10 before | Expand all | Expand 10 after
457 void ToBoolean(ControlDestination* destination); 457 void ToBoolean(ControlDestination* destination);
458 458
459 void GenericBinaryOperation(Token::Value op, 459 void GenericBinaryOperation(Token::Value op,
460 StaticType* type, 460 StaticType* type,
461 const OverwriteMode overwrite_mode = NO_OVERWRITE); 461 const OverwriteMode overwrite_mode = NO_OVERWRITE);
462 462
463 void Comparison(Condition cc, 463 void Comparison(Condition cc,
464 bool strict, 464 bool strict,
465 ControlDestination* destination); 465 ControlDestination* destination);
466 466
467 // Inline small integer literals. To prevent long attacker-controlled byte 467 // To prevent long attacker-controlled byte sequences, integer constants
468 // sequences, we only inline small Smis. 468 // from the JavaScript source are loaded in two parts if they are larger
469 // than 16 bits.
469 static const int kMaxSmiInlinedBits = 16; 470 static const int kMaxSmiInlinedBits = 16;
471 bool IsUnsafeSmi(Handle<Object> value);
472 // Load an integer constant x into a register target using
473 // at most 16 bits of user-controlled data per assembly operation.
474 void LoadUnsafeSmi(Register target, Handle<Object> value);
475
470 bool IsInlineSmi(Literal* literal); 476 bool IsInlineSmi(Literal* literal);
471 void SmiComparison(Condition cc, Handle<Object> value, bool strict); 477 void SmiComparison(Condition cc, Handle<Object> value, bool strict);
472 void SmiOperation(Token::Value op, 478 void SmiOperation(Token::Value op,
473 StaticType* type, 479 StaticType* type,
474 Handle<Object> value, 480 Handle<Object> value,
475 bool reversed, 481 bool reversed,
476 OverwriteMode overwrite_mode); 482 OverwriteMode overwrite_mode);
477 483
478 void CallWithArguments(ZoneList<Expression*>* arguments, int position); 484 void CallWithArguments(ZoneList<Expression*>* arguments, int position);
479 485
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
608 614
609 // True when we are in code that expects the virtual frame to be fully 615 // True when we are in code that expects the virtual frame to be fully
610 // spilled. Some virtual frame function are disabled in DEBUG builds when 616 // spilled. Some virtual frame function are disabled in DEBUG builds when
611 // called from spilled code, because they do not leave the virtual frame 617 // called from spilled code, because they do not leave the virtual frame
612 // in a spilled state. 618 // in a spilled state.
613 bool in_spilled_code_; 619 bool in_spilled_code_;
614 620
615 friend class VirtualFrame; 621 friend class VirtualFrame;
616 friend class JumpTarget; 622 friend class JumpTarget;
617 friend class Reference; 623 friend class Reference;
624 friend class Result;
618 625
619 DISALLOW_COPY_AND_ASSIGN(CodeGenerator); 626 DISALLOW_COPY_AND_ASSIGN(CodeGenerator);
620 }; 627 };
621 628
622 629
623 void Reference::GetValueAndSpill(TypeofState typeof_state) { 630 void Reference::GetValueAndSpill(TypeofState typeof_state) {
624 ASSERT(cgen_->in_spilled_code()); 631 ASSERT(cgen_->in_spilled_code());
625 cgen_->set_in_spilled_code(false); 632 cgen_->set_in_spilled_code(false);
626 GetValue(typeof_state); 633 GetValue(typeof_state);
627 cgen_->frame()->SpillAll(); 634 cgen_->frame()->SpillAll();
628 cgen_->set_in_spilled_code(true); 635 cgen_->set_in_spilled_code(true);
629 } 636 }
630 637
631 638
632 } } // namespace v8::internal 639 } } // namespace v8::internal
633 640
634 #endif // V8_CODEGEN_IA32_H_ 641 #endif // V8_CODEGEN_IA32_H_
OLDNEW
« no previous file with comments | « no previous file | src/codegen-ia32.cc » ('j') | src/codegen-ia32.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698