Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(587)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/hydrogen.cc

Issue 653993005: Fix out-of-bounds read in SourcePositionToScriptPosition with --hydrogen-track-positions. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/hydrogen.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 the V8 project authors. All rights reserved. 1 // Copyright 2013 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/hydrogen.h" 5 #include "src/hydrogen.h"
6 6
7 #include <sstream> 7 #include <sstream>
8 8
9 #include "src/v8.h" 9 #include "src/v8.h"
10 10
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
137 } 137 }
138 if (first_ == NULL) { 138 if (first_ == NULL) {
139 DCHECK(last_environment() != NULL); 139 DCHECK(last_environment() != NULL);
140 DCHECK(!last_environment()->ast_id().IsNone()); 140 DCHECK(!last_environment()->ast_id().IsNone());
141 HBlockEntry* entry = new(zone()) HBlockEntry(); 141 HBlockEntry* entry = new(zone()) HBlockEntry();
142 entry->InitializeAsFirst(this); 142 entry->InitializeAsFirst(this);
143 if (!position.IsUnknown()) { 143 if (!position.IsUnknown()) {
144 entry->set_position(position); 144 entry->set_position(position);
145 } else { 145 } else {
146 DCHECK(!FLAG_hydrogen_track_positions || 146 DCHECK(!FLAG_hydrogen_track_positions ||
147 !graph()->info()->IsOptimizing()); 147 !graph()->info()->IsOptimizing() || instr->IsAbnormalExit());
148 } 148 }
149 first_ = last_ = entry; 149 first_ = last_ = entry;
150 } 150 }
151 instr->InsertAfter(last_); 151 instr->InsertAfter(last_);
152 } 152 }
153 153
154 154
155 HPhi* HBasicBlock::AddNewPhi(int merged_index) { 155 HPhi* HBasicBlock::AddNewPhi(int merged_index) {
156 if (graph()->IsInsideNoSideEffectsScope()) { 156 if (graph()->IsInsideNoSideEffectsScope()) {
157 merged_index = HPhi::kInvalidMergedIndex; 157 merged_index = HPhi::kInvalidMergedIndex;
(...skipping 3281 matching lines...) Expand 10 before | Expand all | Expand 10 after
3439 osr_(NULL), 3439 osr_(NULL),
3440 info_(info), 3440 info_(info),
3441 zone_(info->zone()), 3441 zone_(info->zone()),
3442 is_recursive_(false), 3442 is_recursive_(false),
3443 use_optimistic_licm_(false), 3443 use_optimistic_licm_(false),
3444 depends_on_empty_array_proto_elements_(false), 3444 depends_on_empty_array_proto_elements_(false),
3445 type_change_checksum_(0), 3445 type_change_checksum_(0),
3446 maximum_environment_size_(0), 3446 maximum_environment_size_(0),
3447 no_side_effects_scope_count_(0), 3447 no_side_effects_scope_count_(0),
3448 disallow_adding_new_values_(false), 3448 disallow_adding_new_values_(false),
3449 next_inline_id_(0), 3449 inlined_functions_(FLAG_hydrogen_track_positions ? 5 : 0, info->zone()),
3450 inlined_functions_(5, info->zone()) { 3450 inlining_id_to_function_id_(FLAG_hydrogen_track_positions ? 5 : 0,
3451 info->zone()) {
3451 if (info->IsStub()) { 3452 if (info->IsStub()) {
3452 CallInterfaceDescriptor descriptor = 3453 CallInterfaceDescriptor descriptor =
3453 info->code_stub()->GetCallInterfaceDescriptor(); 3454 info->code_stub()->GetCallInterfaceDescriptor();
3454 start_environment_ = new (zone_) 3455 start_environment_ = new (zone_)
3455 HEnvironment(zone_, descriptor.GetEnvironmentParameterCount()); 3456 HEnvironment(zone_, descriptor.GetEnvironmentParameterCount());
3456 } else { 3457 } else {
3457 TraceInlinedFunction(info->shared_info(), HSourcePosition::Unknown()); 3458 TraceInlinedFunction(info->shared_info(), HSourcePosition::Unknown());
3458 start_environment_ = 3459 start_environment_ =
3459 new(zone_) HEnvironment(NULL, info->scope(), info->closure(), zone_); 3460 new(zone_) HEnvironment(NULL, info->scope(), info->closure(), zone_);
3460 } 3461 }
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
3520 os << AsReversiblyEscapedUC16(stream.GetNext()); 3521 os << AsReversiblyEscapedUC16(stream.GetNext());
3521 } 3522 }
3522 } 3523 }
3523 } 3524 }
3524 3525
3525 os << "\n--- END ---\n"; 3526 os << "\n--- END ---\n";
3526 } 3527 }
3527 } 3528 }
3528 } 3529 }
3529 3530
3530 int inline_id = next_inline_id_++; 3531 int inline_id = inlining_id_to_function_id_.length();
3532 inlining_id_to_function_id_.Add(id, zone());
3531 3533
3532 if (inline_id != 0) { 3534 if (inline_id != 0) {
3533 CodeTracer::Scope tracing_scope(isolate()->GetCodeTracer()); 3535 CodeTracer::Scope tracing_scope(isolate()->GetCodeTracer());
3534 OFStream os(tracing_scope.file()); 3536 OFStream os(tracing_scope.file());
3535 os << "INLINE (" << shared->DebugName()->ToCString().get() << ") id{" 3537 os << "INLINE (" << shared->DebugName()->ToCString().get() << ") id{"
3536 << info()->optimization_id() << "," << id << "} AS " << inline_id 3538 << info()->optimization_id() << "," << id << "} AS " << inline_id
3537 << " AT " << position << std::endl; 3539 << " AT " << position << std::endl;
3538 } 3540 }
3539 3541
3540 return inline_id; 3542 return inline_id;
3541 } 3543 }
3542 3544
3543 3545
3544 int HGraph::SourcePositionToScriptPosition(HSourcePosition pos) { 3546 int HGraph::SourcePositionToScriptPosition(HSourcePosition pos) {
3545 if (!FLAG_hydrogen_track_positions || pos.IsUnknown()) { 3547 if (!FLAG_hydrogen_track_positions || pos.IsUnknown()) {
3546 return pos.raw(); 3548 return pos.raw();
3547 } 3549 }
3548 3550
3549 return inlined_functions_[pos.inlining_id()].start_position() + 3551 const int id = inlining_id_to_function_id_[pos.inlining_id()];
3550 pos.position(); 3552 return inlined_functions_[id].start_position() + pos.position();
3551 } 3553 }
3552 3554
3553 3555
3554 // Block ordering was implemented with two mutually recursive methods, 3556 // Block ordering was implemented with two mutually recursive methods,
3555 // HGraph::Postorder and HGraph::PostorderLoopBlocks. 3557 // HGraph::Postorder and HGraph::PostorderLoopBlocks.
3556 // The recursion could lead to stack overflow so the algorithm has been 3558 // The recursion could lead to stack overflow so the algorithm has been
3557 // implemented iteratively. 3559 // implemented iteratively.
3558 // At a high level the algorithm looks like this: 3560 // At a high level the algorithm looks like this:
3559 // 3561 //
3560 // Postorder(block, loop_header) : { 3562 // Postorder(block, loop_header) : {
(...skipping 8978 matching lines...) Expand 10 before | Expand all | Expand 10 after
12539 if (ShouldProduceTraceOutput()) { 12541 if (ShouldProduceTraceOutput()) {
12540 isolate()->GetHTracer()->TraceHydrogen(name(), graph_); 12542 isolate()->GetHTracer()->TraceHydrogen(name(), graph_);
12541 } 12543 }
12542 12544
12543 #ifdef DEBUG 12545 #ifdef DEBUG
12544 graph_->Verify(false); // No full verify. 12546 graph_->Verify(false); // No full verify.
12545 #endif 12547 #endif
12546 } 12548 }
12547 12549
12548 } } // namespace v8::internal 12550 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/hydrogen.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698