Chromium Code Reviews Chromium Code Reviews
Issue 271543004:
Reland - Arm64: Ensure that csp is always aligned to 16 byte values even if jssp is not. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge| Index: src/arm64/macro-assembler-arm64-inl.h |
| diff --git a/src/arm64/macro-assembler-arm64-inl.h b/src/arm64/macro-assembler-arm64-inl.h |
| index 7c9258a9ca363aa13c7bcf9f1bb4511a52aa137f..a595ca95e323df47d77b3f246de4513c41eaea87 100644 |
| --- a/src/arm64/macro-assembler-arm64-inl.h |
| +++ b/src/arm64/macro-assembler-arm64-inl.h |
| @@ -1246,29 +1246,58 @@ void MacroAssembler::Uxtw(const Register& rd, const Register& rn) { |
| void MacroAssembler::BumpSystemStackPointer(const Operand& space) { |
| ASSERT(!csp.Is(sp_)); |
| - // TODO(jbramley): Several callers rely on this not using scratch registers, |
| - // so we use the assembler directly here. However, this means that large |
| - // immediate values of 'space' cannot be handled cleanly. (Only 24-bits |
| - // immediates or values of 'space' that can be encoded in one instruction are |
| - // accepted.) Once we implement our flexible scratch register idea, we could |
| - // greatly simplify this function. |
| - InstructionAccurateScope scope(this); |
| - if ((space.IsImmediate()) && !is_uint12(space.immediate())) { |
| - // The subtract instruction supports a 12-bit immediate, shifted left by |
| - // zero or 12 bits. So, in two instructions, we can subtract any immediate |
| - // between zero and (1 << 24) - 1. |
| - int64_t imm = space.immediate(); |
| + if (!TmpList()->IsEmpty()) { |
| + if (CpuFeatures::IsSupported(ALWAYS_ALIGN_CSP)) { |
| + UseScratchRegisterScope temps(this); |
| + Register temp = temps.AcquireX(); |
| + Sub(temp, StackPointer(), space); |
|
ulan
2014/05/08 08:18:43
What was the bug here?
|
| + Bic(csp, temp, 0xf); |
| + } else { |
| + Sub(csp, StackPointer(), space); |
| + } |
| + } else { |
| + // TODO(jbramley): Several callers rely on this not using scratch |
| + // registers, so we use the assembler directly here. However, this means |
| + // that large immediate values of 'space' cannot be handled cleanly. (Only |
| + // 24-bits immediates or values of 'space' that can be encoded in one |
| + // instruction are accepted.) Once we implement our flexible scratch |
| + // register idea, we could greatly simplify this function. |
| + InstructionAccurateScope scope(this); |
| + ASSERT(space.IsImmediate()); |
| + // Align to 16 bytes. |
| + uint64_t imm = RoundUp(space.immediate(), 0x10); |
| ASSERT(is_uint24(imm)); |
| - int64_t imm_top_12_bits = imm >> 12; |
| - sub(csp, StackPointer(), imm_top_12_bits << 12); |
| - imm -= imm_top_12_bits << 12; |
| + Register source = StackPointer(); |
| + if (CpuFeatures::IsSupported(ALWAYS_ALIGN_CSP)) { |
| + bic(csp, source, 0xf); |
| + source = csp; |
| + } |
| + if (!is_uint12(imm)) { |
| + int64_t imm_top_12_bits = imm >> 12; |
| + sub(csp, source, imm_top_12_bits << 12); |
| + source = csp; |
| + imm -= imm_top_12_bits << 12; |
| + } |
| if (imm > 0) { |
| - sub(csp, csp, imm); |
| + sub(csp, source, imm); |
| + } |
| + } |
| + AssertStackConsistency(true); |
| +} |
| + |
| + |
| +void MacroAssembler::SyncSystemStackPointer() { |
| + ASSERT(emit_debug_code()); |
| + ASSERT(!csp.Is(sp_)); |
| + { InstructionAccurateScope scope(this); |
| + if (CpuFeatures::IsSupported(ALWAYS_ALIGN_CSP)) { |
| + bic(csp, StackPointer(), 0xf); |
| + } else { |
| + mov(csp, StackPointer()); |
| } |
| - } else { |
| - sub(csp, StackPointer(), space); |
| } |
| + AssertStackConsistency(true); |
| } |
| @@ -1540,7 +1569,7 @@ void MacroAssembler::Drop(uint64_t count, uint64_t unit_size) { |
| // It is safe to leave csp where it is when unwinding the JavaScript stack, |
| // but if we keep it matching StackPointer, the simulator can detect memory |
| // accesses in the now-free part of the stack. |
| - Mov(csp, StackPointer()); |
| + SyncSystemStackPointer(); |
| } |
| } |
| @@ -1562,7 +1591,7 @@ void MacroAssembler::Drop(const Register& count, uint64_t unit_size) { |
| // It is safe to leave csp where it is when unwinding the JavaScript stack, |
| // but if we keep it matching StackPointer, the simulator can detect memory |
| // accesses in the now-free part of the stack. |
| - Mov(csp, StackPointer()); |
| + SyncSystemStackPointer(); |
| } |
| } |
| @@ -1584,7 +1613,7 @@ void MacroAssembler::DropBySMI(const Register& count_smi, uint64_t unit_size) { |
| // It is safe to leave csp where it is when unwinding the JavaScript stack, |
| // but if we keep it matching StackPointer, the simulator can detect memory |
| // accesses in the now-free part of the stack. |
| - Mov(csp, StackPointer()); |
| + SyncSystemStackPointer(); |
| } |
| } |
