Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(282)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/crankshaft/mips/lithium-codegen-mips.cc

Issue 2686263002: [crankshaft] Fix Smi overflow in {HMaybeGrowElements}. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/crankshaft/ia32/lithium-codegen-ia32.cc ('k') | src/crankshaft/mips64/lithium-codegen-mips64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved.7 1 // Copyright 2012 the V8 project authors. All rights reserved.7
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 4002 matching lines...) Expand 10 before | Expand all | Expand 10 after
4013 __ lw(result, ToMemOperand(instr->object())); 4013 __ lw(result, ToMemOperand(instr->object()));
4014 } 4014 }
4015 4015
4016 LOperand* key = instr->key(); 4016 LOperand* key = instr->key();
4017 if (key->IsConstantOperand()) { 4017 if (key->IsConstantOperand()) {
4018 LConstantOperand* constant_key = LConstantOperand::cast(key); 4018 LConstantOperand* constant_key = LConstantOperand::cast(key);
4019 int32_t int_key = ToInteger32(constant_key); 4019 int32_t int_key = ToInteger32(constant_key);
4020 if (Smi::IsValid(int_key)) { 4020 if (Smi::IsValid(int_key)) {
4021 __ li(a3, Operand(Smi::FromInt(int_key))); 4021 __ li(a3, Operand(Smi::FromInt(int_key)));
4022 } else { 4022 } else {
4023 // We should never get here at runtime because there is a smi check on 4023 Abort(kArrayIndexConstantValueTooBig);
4024 // the key before this point.
4025 __ stop("expected smi");
4026 } 4024 }
4027 } else { 4025 } else {
4028 __ mov(a3, ToRegister(key)); 4026 Label is_smi;
4029 __ SmiTag(a3); 4027 __ SmiTagCheckOverflow(a3, ToRegister(key), at);
4028 // Deopt if the key is outside Smi range. The stub expects Smi and would
4029 // bump the elements into dictionary mode (and trigger a deopt) anyways.
4030 __ BranchOnNoOverflow(&is_smi, at);
4031 RestoreRegistersStateStub stub(isolate());
4032 __ push(ra);
4033 __ CallStub(&stub);
4034 DeoptimizeIf(al, instr, DeoptimizeReason::kOverflow);
4035 __ bind(&is_smi);
4030 } 4036 }
4031 4037
4032 GrowArrayElementsStub stub(isolate(), instr->hydrogen()->kind()); 4038 GrowArrayElementsStub stub(isolate(), instr->hydrogen()->kind());
4033 __ mov(a0, result); 4039 __ mov(a0, result);
4034 __ CallStub(&stub); 4040 __ CallStub(&stub);
4035 RecordSafepointWithLazyDeopt( 4041 RecordSafepointWithLazyDeopt(
4036 instr, RECORD_SAFEPOINT_WITH_REGISTERS_AND_NO_ARGUMENTS); 4042 instr, RECORD_SAFEPOINT_WITH_REGISTERS_AND_NO_ARGUMENTS);
4037 __ StoreToSafepointRegisterSlot(result, result); 4043 __ StoreToSafepointRegisterSlot(result, result);
4038 } 4044 }
4039 4045
(...skipping 1392 matching lines...) Expand 10 before | Expand all | Expand 10 after
5432 __ lw(result, FieldMemOperand(scratch, 5438 __ lw(result, FieldMemOperand(scratch,
5433 FixedArray::kHeaderSize - kPointerSize)); 5439 FixedArray::kHeaderSize - kPointerSize));
5434 __ bind(deferred->exit()); 5440 __ bind(deferred->exit());
5435 __ bind(&done); 5441 __ bind(&done);
5436 } 5442 }
5437 5443
5438 #undef __ 5444 #undef __
5439 5445
5440 } // namespace internal 5446 } // namespace internal
5441 } // namespace v8 5447 } // namespace v8
OLDNEW
« no previous file with comments | « src/crankshaft/ia32/lithium-codegen-ia32.cc ('k') | src/crankshaft/mips64/lithium-codegen-mips64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698