Chromium Code Reviews Chromium Code Reviews
Issue 215853005:
Check stack limit in ArgumentAdaptorTrampoline. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge| OLD | NEW |
|---|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 1234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1245 __ IncrementCounter(counters->string_ctor_gc_required(), 1); | 1245 __ IncrementCounter(counters->string_ctor_gc_required(), 1); |
| 1246 { | 1246 { |
| 1247 FrameScope scope(masm, StackFrame::INTERNAL); | 1247 FrameScope scope(masm, StackFrame::INTERNAL); |
| 1248 __ push(ebx); | 1248 __ push(ebx); |
| 1249 __ CallRuntime(Runtime::kNewStringWrapper, 1); | 1249 __ CallRuntime(Runtime::kNewStringWrapper, 1); |
| 1250 } | 1250 } |
| 1251 __ ret(0); | 1251 __ ret(0); |
| 1252 } | 1252 } |
| 1253 | 1253 |
| 1254 | 1254 |
| 1255 static void ArgumentsAdaptorStackCheck(MacroAssembler* masm, | |
| 1256 Label* stack_overflow) { | |
| 1257 // ----------- S t a t e ------------- | |
| 1258 // -- eax : actual number of arguments | |
| 1259 // -- ebx : expected number of arguments | |
| 1260 // -- edi : function (passed through to callee) | |
| 1261 // ----------------------------------- | |
| 1262 // Check the stack for overflow. We are not trying to catch | |
| 1263 // interruptions (e.g. debug break and preemption) here, so the "real stack | |
| 1264 // limit" is checked. | |
| 1265 ExternalReference real_stack_limit = | |
| 1266 ExternalReference::address_of_real_stack_limit(masm->isolate()); | |
| 1267 __ mov(edx, Operand::StaticVariable(real_stack_limit)); | |
| 1268 // Make ecx the space we have left. The stack might already be overflowed | |
| 1269 // here which will cause ecx to become negative. | |
| 1270 __ mov(ecx, esp); | |
| 1271 __ sub(ecx, edx); | |
| 1272 // Make edx the space we need for the array when it is unrolled onto the | |
| 1273 // stack. | |
| 1274 __ mov(edx, ebx); | |
| 1275 __ shl(edx, kPointerSizeLog2); | |
| 1276 // Check if the arguments will overflow the stack. | |
| 1277 __ cmp(ecx, edx); | |
| 1278 __ j(less_equal, stack_overflow); // Signed comparison. | |
| 1279 } | |
| 1280 | |
| 1281 | |
| 1255 static void EnterArgumentsAdaptorFrame(MacroAssembler* masm) { | 1282 static void EnterArgumentsAdaptorFrame(MacroAssembler* masm) { |
| 1256 __ push(ebp); | 1283 __ push(ebp); |
| 1257 __ mov(ebp, esp); | 1284 __ mov(ebp, esp); |
| 1258 | 1285 |
| 1259 // Store the arguments adaptor context sentinel. | 1286 // Store the arguments adaptor context sentinel. |
| 1260 __ push(Immediate(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR))); | 1287 __ push(Immediate(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR))); |
| 1261 | 1288 |
| 1262 // Push the function on the stack. | 1289 // Push the function on the stack. |
| 1263 __ push(edi); | 1290 __ push(edi); |
| 1264 | 1291 |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 1289 void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) { | 1316 void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) { |
| 1290 // ----------- S t a t e ------------- | 1317 // ----------- S t a t e ------------- |
| 1291 // -- eax : actual number of arguments | 1318 // -- eax : actual number of arguments |
| 1292 // -- ebx : expected number of arguments | 1319 // -- ebx : expected number of arguments |
| 1293 // -- edi : function (passed through to callee) | 1320 // -- edi : function (passed through to callee) |
| 1294 // ----------------------------------- | 1321 // ----------------------------------- |
| 1295 | 1322 |
| 1296 Label invoke, dont_adapt_arguments; | 1323 Label invoke, dont_adapt_arguments; |
| 1297 __ IncrementCounter(masm->isolate()->counters()->arguments_adaptors(), 1); | 1324 __ IncrementCounter(masm->isolate()->counters()->arguments_adaptors(), 1); |
| 1298 | 1325 |
| 1326 Label stack_overflow; | |
| 1327 ArgumentsAdaptorStackCheck(masm, &stack_overflow); | |
| 1328 | |
| 1299 Label enough, too_few; | 1329 Label enough, too_few; |
| 1300 __ mov(edx, FieldOperand(edi, JSFunction::kCodeEntryOffset)); | 1330 __ mov(edx, FieldOperand(edi, JSFunction::kCodeEntryOffset)); |
| 1301 __ cmp(eax, ebx); | 1331 __ cmp(eax, ebx); |
| 1302 __ j(less, &too_few); | 1332 __ j(less, &too_few); |
| 1303 __ cmp(ebx, SharedFunctionInfo::kDontAdaptArgumentsSentinel); | 1333 __ cmp(ebx, SharedFunctionInfo::kDontAdaptArgumentsSentinel); |
| 1304 __ j(equal, &dont_adapt_arguments); | 1334 __ j(equal, &dont_adapt_arguments); |
| 1305 | 1335 |
| 1306 { // Enough parameters: Actual >= expected. | 1336 { // Enough parameters: Actual >= expected. |
| 1307 __ bind(&enough); | 1337 __ bind(&enough); |
| 1308 EnterArgumentsAdaptorFrame(masm); | 1338 EnterArgumentsAdaptorFrame(masm); |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1363 | 1393 |
| 1364 // Leave frame and return. | 1394 // Leave frame and return. |
| 1365 LeaveArgumentsAdaptorFrame(masm); | 1395 LeaveArgumentsAdaptorFrame(masm); |
| 1366 __ ret(0); | 1396 __ ret(0); |
| 1367 | 1397 |
| 1368 // ------------------------------------------- | 1398 // ------------------------------------------- |
| 1369 // Dont adapt arguments. | 1399 // Dont adapt arguments. |
| 1370 // ------------------------------------------- | 1400 // ------------------------------------------- |
| 1371 __ bind(&dont_adapt_arguments); | 1401 __ bind(&dont_adapt_arguments); |
| 1372 __ jmp(edx); | 1402 __ jmp(edx); |
| 1403 | |
| 1404 __ bind(&stack_overflow); | |
| 1405 EnterArgumentsAdaptorFrame(masm); | |
| 1406 __ InvokeBuiltin(Builtins::STACK_OVERFLOW, JUMP_FUNCTION); | |
|
Michael Starzinger
2014/04/08 11:58:40
The assumption is that this invocation never retur
ulan
2014/04/08 14:00:56
Done.
| |
| 1373 } | 1407 } |
| 1374 | 1408 |
| 1375 | 1409 |
| 1376 void Builtins::Generate_OnStackReplacement(MacroAssembler* masm) { | 1410 void Builtins::Generate_OnStackReplacement(MacroAssembler* masm) { |
| 1377 // Lookup the function in the JavaScript frame. | 1411 // Lookup the function in the JavaScript frame. |
| 1378 __ mov(eax, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset)); | 1412 __ mov(eax, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset)); |
| 1379 { | 1413 { |
| 1380 FrameScope scope(masm, StackFrame::INTERNAL); | 1414 FrameScope scope(masm, StackFrame::INTERNAL); |
| 1381 // Pass function as argument. | 1415 // Pass function as argument. |
| 1382 __ push(eax); | 1416 __ push(eax); |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1426 | 1460 |
| 1427 __ bind(&ok); | 1461 __ bind(&ok); |
| 1428 __ ret(0); | 1462 __ ret(0); |
| 1429 } | 1463 } |
| 1430 | 1464 |
| 1431 #undef __ | 1465 #undef __ |
| 1432 } | 1466 } |
| 1433 } // namespace v8::internal | 1467 } // namespace v8::internal |
| 1434 | 1468 |
| 1435 #endif // V8_TARGET_ARCH_IA32 | 1469 #endif // V8_TARGET_ARCH_IA32 |
| OLD | NEW |
