Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(123)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/ia32/lithium-codegen-ia32.cc

Issue 72813004: Fixed crashes exposed though fuzzing. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Fix nits Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/ia32/full-codegen-ia32.cc ('k') | src/ia32/lithium-ia32.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 2112 matching lines...) Expand 10 before | Expand all | Expand 10 after
2123 __ movzx_w(result, operand); 2123 __ movzx_w(result, operand);
2124 } 2124 }
2125 } 2125 }
2126 2126
2127 2127
2128 void LCodeGen::DoSeqStringSetChar(LSeqStringSetChar* instr) { 2128 void LCodeGen::DoSeqStringSetChar(LSeqStringSetChar* instr) {
2129 String::Encoding encoding = instr->hydrogen()->encoding(); 2129 String::Encoding encoding = instr->hydrogen()->encoding();
2130 Register string = ToRegister(instr->string()); 2130 Register string = ToRegister(instr->string());
2131 2131
2132 if (FLAG_debug_code) { 2132 if (FLAG_debug_code) {
2133 __ push(string); 2133 Register value = ToRegister(instr->value());
2134 __ mov(string, FieldOperand(string, HeapObject::kMapOffset)); 2134 Register index = ToRegister(instr->index());
2135 __ movzx_b(string, FieldOperand(string, Map::kInstanceTypeOffset));
2136
2137 __ and_(string, Immediate(kStringRepresentationMask | kStringEncodingMask));
2138 static const uint32_t one_byte_seq_type = kSeqStringTag | kOneByteStringTag; 2135 static const uint32_t one_byte_seq_type = kSeqStringTag | kOneByteStringTag;
2139 static const uint32_t two_byte_seq_type = kSeqStringTag | kTwoByteStringTag; 2136 static const uint32_t two_byte_seq_type = kSeqStringTag | kTwoByteStringTag;
2140 __ cmp(string, Immediate(encoding == String::ONE_BYTE_ENCODING 2137 int encoding_mask =
2141 ? one_byte_seq_type : two_byte_seq_type)); 2138 instr->hydrogen()->encoding() == String::ONE_BYTE_ENCODING
2142 __ Check(equal, kUnexpectedStringType); 2139 ? one_byte_seq_type : two_byte_seq_type;
2143 __ pop(string); 2140 __ EmitSeqStringSetCharCheck(string, index, value, encoding_mask);
2144 } 2141 }
2145 2142
2146 Operand operand = BuildSeqStringOperand(string, instr->index(), encoding); 2143 Operand operand = BuildSeqStringOperand(string, instr->index(), encoding);
2147 if (instr->value()->IsConstantOperand()) { 2144 if (instr->value()->IsConstantOperand()) {
2148 int value = ToRepresentation(LConstantOperand::cast(instr->value()), 2145 int value = ToRepresentation(LConstantOperand::cast(instr->value()),
2149 Representation::Integer32()); 2146 Representation::Integer32());
2150 ASSERT_LE(0, value); 2147 ASSERT_LE(0, value);
2151 if (encoding == String::ONE_BYTE_ENCODING) { 2148 if (encoding == String::ONE_BYTE_ENCODING) {
2152 ASSERT_LE(value, String::kMaxOneByteCharCode); 2149 ASSERT_LE(value, String::kMaxOneByteCharCode);
2153 __ mov_b(operand, static_cast<int8_t>(value)); 2150 __ mov_b(operand, static_cast<int8_t>(value));
(...skipping 4355 matching lines...) Expand 10 before | Expand all | Expand 10 after
6509 FixedArray::kHeaderSize - kPointerSize)); 6506 FixedArray::kHeaderSize - kPointerSize));
6510 __ bind(&done); 6507 __ bind(&done);
6511 } 6508 }
6512 6509
6513 6510
6514 #undef __ 6511 #undef __
6515 6512
6516 } } // namespace v8::internal 6513 } } // namespace v8::internal
6517 6514
6518 #endif // V8_TARGET_ARCH_IA32 6515 #endif // V8_TARGET_ARCH_IA32
OLDNEW
« no previous file with comments | « src/ia32/full-codegen-ia32.cc ('k') | src/ia32/lithium-ia32.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698