src/mips/full-codegen-mips.cc - Issue 68793008: MIPS: Fixed crashes exposed though fuzzing.

Side by Side Diff: src/mips/full-codegen-mips.cc

Issue 68793008: MIPS: Fixed crashes exposed though fuzzing. (Closed) Base URL: https://github.com/v8/v8.git@gbl

Patch Set: Created 7 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2012 the V8 project authors. All rights reserved.	1 // Copyright 2012 the V8 project authors. All rights reserved.

2 // Redistribution and use in source and binary forms, with or without	2 // Redistribution and use in source and binary forms, with or without

3 // modification, are permitted provided that the following conditions are	3 // modification, are permitted provided that the following conditions are

4 // met:	4 // met:

5 //	5 //

6 // * Redistributions of source code must retain the above copyright	6 // * Redistributions of source code must retain the above copyright

7 // notice, this list of conditions and the following disclaimer.	7 // notice, this list of conditions and the following disclaimer.

8 // * Redistributions in binary form must reproduce the above	8 // * Redistributions in binary form must reproduce the above

9 // copyright notice, this list of conditions and the following	9 // copyright notice, this list of conditions and the following

10 // disclaimer in the documentation and/or other materials provided	10 // disclaimer in the documentation and/or other materials provided

(...skipping 3498 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
3509 __ jmp(&done);	3509 __ jmp(&done);

3510 }	3510 }

3511	3511

3512 __ bind(&not_date_object);	3512 __ bind(&not_date_object);

3513 __ CallRuntime(Runtime::kThrowNotDateError, 0);	3513 __ CallRuntime(Runtime::kThrowNotDateError, 0);

3514 __ bind(&done);	3514 __ bind(&done);

3515 context()->Plug(v0);	3515 context()->Plug(v0);

3516 }	3516 }

3517	3517

3518	3518

3519 void FullCodeGenerator::EmitSeqStringSetCharCheck(Register string,

3520 Register index,

3521 Register value,

3522 uint32_t encoding_mask) {

3523 __ And(at, index, Operand(kSmiTagMask));

3524 __ Check(eq, kNonSmiIndex, at, Operand(zero_reg));

3525 __ And(at, value, Operand(kSmiTagMask));

3526 __ Check(eq, kNonSmiValue, at, Operand(zero_reg));

3527

3528 __ lw(at, FieldMemOperand(string, String::kLengthOffset));

3529 __ Check(lt, kIndexIsTooLarge, index, Operand(at));

3530

3531 __ Check(ge, kIndexIsNegative, index, Operand(zero_reg));

3532

3533 __ lw(at, FieldMemOperand(string, HeapObject::kMapOffset));

3534 __ lbu(at, FieldMemOperand(at, Map::kInstanceTypeOffset));

3535

3536 __ And(at, at, Operand(kStringRepresentationMask \| kStringEncodingMask));

3537 __ Subu(at, at, Operand(encoding_mask));

3538 __ Check(eq, kUnexpectedStringType, at, Operand(zero_reg));

3539 }

3540

3541

3542 void FullCodeGenerator::EmitOneByteSeqStringSetChar(CallRuntime* expr) {	3519 void FullCodeGenerator::EmitOneByteSeqStringSetChar(CallRuntime* expr) {

3543 ZoneList<Expression> args = expr->arguments();	3520 ZoneList<Expression> args = expr->arguments();

3544 ASSERT_EQ(3, args->length());	3521 ASSERT_EQ(3, args->length());

3545	3522

3546 Register string = v0;	3523 Register string = v0;

3547 Register index = a1;	3524 Register index = a1;

3548 Register value = a2;	3525 Register value = a2;

3549	3526

3550 VisitForStackValue(args->at(1)); // index	3527 VisitForStackValue(args->at(1)); // index

3551 VisitForStackValue(args->at(2)); // value	3528 VisitForStackValue(args->at(2)); // value

3552 VisitForAccumulatorValue(args->at(0)); // string	3529 VisitForAccumulatorValue(args->at(0)); // string

3553 __ Pop(index, value);	3530 __ Pop(index, value);

3554	3531

3555 if (FLAG_debug_code) {	3532 if (FLAG_debug_code) {

	3533 __ And(at, value, Operand(kSmiTagMask));

	3534 __ ThrowIf(ne, kNonSmiValue, at, Operand(zero_reg));

	3535 __ And(at, index, Operand(kSmiTagMask));

	3536 __ ThrowIf(ne, kNonSmiIndex, at, Operand(zero_reg));

	3537 __ SmiUntag(index, index);

3556 static const uint32_t one_byte_seq_type = kSeqStringTag \| kOneByteStringTag;	3538 static const uint32_t one_byte_seq_type = kSeqStringTag \| kOneByteStringTag;

3557 EmitSeqStringSetCharCheck(string, index, value, one_byte_seq_type);	3539 Register scratch = t5;

	3540 __ EmitSeqStringSetCharCheck(

	3541 string, index, value, scratch, one_byte_seq_type);

	3542 __ SmiTag(index, index);

3558 }	3543 }

3559	3544

3560 __ SmiUntag(value, value);	3545 __ SmiUntag(value, value);

3561 __ Addu(at,	3546 __ Addu(at,

3562 string,	3547 string,

3563 Operand(SeqOneByteString::kHeaderSize - kHeapObjectTag));	3548 Operand(SeqOneByteString::kHeaderSize - kHeapObjectTag));

3564 __ SmiUntag(index);	3549 __ SmiUntag(index);

3565 __ Addu(at, at, index);	3550 __ Addu(at, at, index);

3566 __ sb(value, MemOperand(at));	3551 __ sb(value, MemOperand(at));

3567 context()->Plug(string);	3552 context()->Plug(string);

3568 }	3553 }

3569	3554

3570	3555

3571 void FullCodeGenerator::EmitTwoByteSeqStringSetChar(CallRuntime* expr) {	3556 void FullCodeGenerator::EmitTwoByteSeqStringSetChar(CallRuntime* expr) {

3572 ZoneList<Expression> args = expr->arguments();	3557 ZoneList<Expression> args = expr->arguments();

3573 ASSERT_EQ(3, args->length());	3558 ASSERT_EQ(3, args->length());

3574	3559

3575 Register string = v0;	3560 Register string = v0;

3576 Register index = a1;	3561 Register index = a1;

3577 Register value = a2;	3562 Register value = a2;

3578	3563

3579 VisitForStackValue(args->at(1)); // index	3564 VisitForStackValue(args->at(1)); // index

3580 VisitForStackValue(args->at(2)); // value	3565 VisitForStackValue(args->at(2)); // value

3581 VisitForAccumulatorValue(args->at(0)); // string	3566 VisitForAccumulatorValue(args->at(0)); // string

3582 __ Pop(index, value);	3567 __ Pop(index, value);

3583	3568

3584 if (FLAG_debug_code) {	3569 if (FLAG_debug_code) {

	3570 __ And(at, value, Operand(kSmiTagMask));

	3571 __ ThrowIf(ne, kNonSmiValue, at, Operand(zero_reg));

	3572 __ And(at, index, Operand(kSmiTagMask));

	3573 __ ThrowIf(ne, kNonSmiIndex, at, Operand(zero_reg));

	3574 __ SmiUntag(index, index);

3585 static const uint32_t two_byte_seq_type = kSeqStringTag \| kTwoByteStringTag;	3575 static const uint32_t two_byte_seq_type = kSeqStringTag \| kTwoByteStringTag;

3586 EmitSeqStringSetCharCheck(string, index, value, two_byte_seq_type);	3576 Register scratch = t5;

	3577 __ EmitSeqStringSetCharCheck(

	3578 string, index, value, scratch, two_byte_seq_type);

	3579 __ SmiTag(index, index);

3587 }	3580 }

3588	3581

3589 __ SmiUntag(value, value);	3582 __ SmiUntag(value, value);

3590 __ Addu(at,	3583 __ Addu(at,

3591 string,	3584 string,

3592 Operand(SeqTwoByteString::kHeaderSize - kHeapObjectTag));	3585 Operand(SeqTwoByteString::kHeaderSize - kHeapObjectTag));

3593 __ Addu(at, at, index);	3586 __ Addu(at, at, index);

3594 STATIC_ASSERT(kSmiTagSize == 1 && kSmiTag == 0);	3587 STATIC_ASSERT(kSmiTagSize == 1 && kSmiTag == 0);

3595 __ sh(value, MemOperand(at));	3588 __ sh(value, MemOperand(at));

3596 context()->Plug(string);	3589 context()->Plug(string);

(...skipping 1419 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
5016 Assembler::target_address_at(pc_immediate_load_address)) ==	5009 Assembler::target_address_at(pc_immediate_load_address)) ==

5017 reinterpret_cast<uint32_t>(	5010 reinterpret_cast<uint32_t>(

5018 isolate->builtins()->OsrAfterStackCheck()->entry()));	5011 isolate->builtins()->OsrAfterStackCheck()->entry()));

5019 return OSR_AFTER_STACK_CHECK;	5012 return OSR_AFTER_STACK_CHECK;

5020 }	5013 }

5021	5014

5022	5015

5023 } } // namespace v8::internal	5016 } } // namespace v8::internal

5024	5017

5025 #endif // V8_TARGET_ARCH_MIPS	5018 #endif // V8_TARGET_ARCH_MIPS

OLD	NEW

« no previous file with comments | « no previous file | src/mips/lithium-codegen-mips.cc » ('j') | no next file with comments »