Support verified heap pointer writes on ia32.

runtime/vm/intrinsifier_ia32.cc

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 //
 // The intrinsic code below is executed before a method has built its frame.
 // The return address is on the stack and the arguments below it.
 // Registers EDX (arguments descriptor) and ECX (function) must be preserved.
 // Each intrinsification method returns true if the corresponding
 // Dart method was intrinsified.
 
@@ skipping 96 matching lines @@
   // This snippet of inlined code uses the following registers:
   // EAX, EBX
   // and the newly allocated object is returned in EAX.
   const intptr_t kTypeArgumentsOffset = 2 * kWordSize;
   const intptr_t kArrayOffset = 1 * kWordSize;
   Label fall_through;
 
   // Try allocating in new space.
   const Class& cls = Class::Handle(
       Isolate::Current()->object_store()->growable_object_array_class());
-  __ TryAllocate(cls, &fall_through, Assembler::kNearJump, EAX, EBX);
+  const bool jump_length = VerifiedMemory::enabled() ?
+      Assembler::kFarJump :
+      Assembler::kNearJump;
+  __ TryAllocate(cls, &fall_through, jump_length, EAX, EBX);
 
   // Store backing array object in growable array object.
   __ movl(EBX, Address(ESP, kArrayOffset));  // data argument.
   // EAX is new, no barrier needed.
   __ StoreIntoObjectNoBarrier(
       EAX,
       FieldAddress(EAX, GrowableObjectArray::data_offset()),
       EBX);
 
   // EAX: new growable array object start as a tagged pointer.
   // Store the type argument field in the growable array object.
   __ movl(EBX, Address(ESP, kTypeArgumentsOffset));  // type argument.
   __ StoreIntoObjectNoBarrier(
       EAX,
       FieldAddress(EAX, GrowableObjectArray::type_arguments_offset()),
       EBX);
 
-  // Set the length field in the growable array object to 0.
-  __ movl(FieldAddress(EAX, GrowableObjectArray::length_offset()),
-          Immediate(0));
+  __ ZeroSmiField(FieldAddress(EAX, GrowableObjectArray::length_offset()));
   __ ret();  // returns the newly allocated object in EAX.
 
   __ Bind(&fall_through);
 }
 
 
 // Access growable object array at specified index.
 // On stack: growable array (+2), index (+1), return-address (+0).
 void Intrinsifier::GrowableArrayGetIndexed(Assembler* assembler) {
   Label fall_through;
@@ skipping 44 matching lines @@
 
 // Set length of growable object array. The length cannot
 // be greater than the length of the data container.
 // On stack: growable array (+2), length (+1), return-address (+0).
 void Intrinsifier::GrowableArraySetLength(Assembler* assembler) {
   Label fall_through;
   __ movl(EAX, Address(ESP, + 2 * kWordSize));  // Growable array.
   __ movl(EBX, Address(ESP, + 1 * kWordSize));  // Length value.
   __ testl(EBX, Immediate(kSmiTagMask));
   __ j(NOT_ZERO, &fall_through, Assembler::kNearJump);  // Non-smi length.
-  __ movl(FieldAddress(EAX, GrowableObjectArray::length_offset()), EBX);
+  FieldAddress length_field(EAX, GrowableObjectArray::length_offset());
+  __ StoreIntoSmiField(length_field, EBX);
   __ ret();
   __ Bind(&fall_through);
 }
 
 
 // Set data of growable object array.
 // On stack: growable array (+2), data (+1), return-address (+0).
 void Intrinsifier::GrowableArraySetData(Assembler* assembler) {
   if (FLAG_enable_type_checks) {
     return;
@@ skipping 1608 matching lines @@
   // hash_ = hash_ & ((static_cast<intptr_t>(1) << bits) - 1);
   __ andl(EAX,
       Immediate(((static_cast<intptr_t>(1) << String::kHashBits) - 1)));
 
   // return hash_ == 0 ? 1 : hash_;
   __ cmpl(EAX, Immediate(0));
   __ j(NOT_EQUAL, &set_hash_code, Assembler::kNearJump);
   __ incl(EAX);
   __ Bind(&set_hash_code);
   __ SmiTag(EAX);
-  __ movl(FieldAddress(EBX, String::hash_offset()), EAX);
+  __ StoreIntoSmiField(FieldAddress(EBX, String::hash_offset()), EAX);
   __ ret();
 }
 
 
 // Allocates one-byte string of length 'end - start'. The content is not
 // initialized. 'length-reg' contains tagged length.
 // Returns new string as tagged pointer in EAX.
 static void TryAllocateOnebyteString(Assembler* assembler,
                                      Label* ok,
                                      Label* failure,
@@ skipping 52 matching lines @@
     __ orl(EDI, Immediate(RawObject::ClassIdTag::encode(cid)));
     __ movl(FieldAddress(EAX, String::tags_offset()), EDI);  // Tags.
   }
 
   // Set the length field.
   __ popl(EDI);
   __ StoreIntoObjectNoBarrier(EAX,
                               FieldAddress(EAX, String::length_offset()),
                               EDI);
   // Clear hash.
-  __ movl(FieldAddress(EAX, String::hash_offset()), Immediate(0));
+  __ ZeroSmiField(FieldAddress(EAX, String::hash_offset()));
   __ jmp(ok, Assembler::kNearJump);
 
   __ Bind(&pop_and_fail);
   __ popl(EDI);
   __ jmp(failure);
 }
 
 
 // Arg0: OneByteString (receiver)
 // Arg1: Start index as Smi.
@@ skipping 176 matching lines @@
                         Isolate::current_tag_offset());
   // Set return value to Isolate::current_tag_.
   __ movl(EAX, current_tag_addr);
   __ ret();
 }
 
 #undef __
 }  // namespace dart
 
 #endif  // defined TARGET_ARCH_IA32