Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(50)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/compiler/arm64/code-generator-arm64.cc

Issue 804993004: [turbofan] Fix unsafe out-of-bounds check for checked loads/stores. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | src/compiler/arm64/instruction-selector-arm64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 the V8 project authors. All rights reserved. 1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/compiler/code-generator.h" 5 #include "src/compiler/code-generator.h"
6 6
7 #include "src/arm64/macro-assembler-arm64.h" 7 #include "src/arm64/macro-assembler-arm64.h"
8 #include "src/compiler/code-generator-impl.h" 8 #include "src/compiler/code-generator-impl.h"
9 #include "src/compiler/gap-resolver.h" 9 #include "src/compiler/gap-resolver.h"
10 #include "src/compiler/node-matchers.h" 10 #include "src/compiler/node-matchers.h"
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after
169 // The linkage computes where all spill slots are located. 169 // The linkage computes where all spill slots are located.
170 FrameOffset offset = linkage()->GetFrameOffset(op->index(), frame(), 0); 170 FrameOffset offset = linkage()->GetFrameOffset(op->index(), frame(), 0);
171 return MemOperand(offset.from_stack_pointer() ? masm->StackPointer() : fp, 171 return MemOperand(offset.from_stack_pointer() ? masm->StackPointer() : fp,
172 offset.offset()); 172 offset.offset());
173 } 173 }
174 }; 174 };
175 175
176 176
177 namespace { 177 namespace {
178 178
179 class OutOfLineLoadFloat32 FINAL : public OutOfLineCode { 179 class OutOfLineLoadNaN32 FINAL : public OutOfLineCode {
180 public: 180 public:
181 OutOfLineLoadFloat32(CodeGenerator* gen, DoubleRegister result) 181 OutOfLineLoadNaN32(CodeGenerator* gen, DoubleRegister result)
182 : OutOfLineCode(gen), result_(result) {} 182 : OutOfLineCode(gen), result_(result) {}
183 183
184 void Generate() FINAL { 184 void Generate() FINAL {
185 __ Fmov(result_, std::numeric_limits<float>::quiet_NaN()); 185 __ Fmov(result_, std::numeric_limits<float>::quiet_NaN());
186 } 186 }
187 187
188 private: 188 private:
189 DoubleRegister const result_; 189 DoubleRegister const result_;
190 }; 190 };
191 191
192 192
193 class OutOfLineLoadFloat64 FINAL : public OutOfLineCode { 193 class OutOfLineLoadNaN64 FINAL : public OutOfLineCode {
194 public: 194 public:
195 OutOfLineLoadFloat64(CodeGenerator* gen, DoubleRegister result) 195 OutOfLineLoadNaN64(CodeGenerator* gen, DoubleRegister result)
196 : OutOfLineCode(gen), result_(result) {} 196 : OutOfLineCode(gen), result_(result) {}
197 197
198 void Generate() FINAL { 198 void Generate() FINAL {
199 __ Fmov(result_, std::numeric_limits<double>::quiet_NaN()); 199 __ Fmov(result_, std::numeric_limits<double>::quiet_NaN());
200 } 200 }
201 201
202 private: 202 private:
203 DoubleRegister const result_; 203 DoubleRegister const result_;
204 }; 204 };
205 205
206 206
207 class OutOfLineLoadInteger FINAL : public OutOfLineCode { 207 class OutOfLineLoadZero FINAL : public OutOfLineCode {
208 public: 208 public:
209 OutOfLineLoadInteger(CodeGenerator* gen, Register result) 209 OutOfLineLoadZero(CodeGenerator* gen, Register result)
210 : OutOfLineCode(gen), result_(result) {} 210 : OutOfLineCode(gen), result_(result) {}
211 211
212 void Generate() FINAL { __ Mov(result_, 0); } 212 void Generate() FINAL { __ Mov(result_, 0); }
213 213
214 private: 214 private:
215 Register const result_; 215 Register const result_;
216 }; 216 };
217 217
218 } // namespace 218 } // namespace
219 219
220 220
221 #define ASSEMBLE_CHECKED_LOAD_FLOAT(width) \ 221 #define ASSEMBLE_CHECKED_LOAD_FLOAT(width) \
222 do { \ 222 do { \
223 auto result = i.OutputFloat##width##Register(); \ 223 auto result = i.OutputFloat##width##Register(); \
224 auto offset = i.InputRegister32(0); \ 224 auto buffer = i.InputRegister(0); \
225 auto length = i.InputOperand32(1); \ 225 auto offset = i.InputRegister32(1); \
226 __ Cmp(offset, length); \ 226 auto length = i.InputOperand32(2); \
227 auto ool = new (zone()) OutOfLineLoadFloat##width(this, result); \ 227 __ Cmp(offset, length); \
228 __ B(hs, ool->entry()); \ 228 auto ool = new (zone()) OutOfLineLoadNaN##width(this, result); \
229 __ Ldr(result, i.MemoryOperand(2)); \ 229 __ B(hs, ool->entry()); \
230 __ Bind(ool->exit()); \ 230 __ Ldr(result, MemOperand(buffer, offset, UXTW)); \
231 __ Bind(ool->exit()); \
231 } while (0) 232 } while (0)
232 233
233 234
234 #define ASSEMBLE_CHECKED_LOAD_INTEGER(asm_instr) \ 235 #define ASSEMBLE_CHECKED_LOAD_INTEGER(asm_instr) \
235 do { \ 236 do { \
236 auto result = i.OutputRegister32(); \ 237 auto result = i.OutputRegister32(); \
237 auto offset = i.InputRegister32(0); \ 238 auto buffer = i.InputRegister(0); \
238 auto length = i.InputOperand32(1); \ 239 auto offset = i.InputRegister32(1); \
239 __ Cmp(offset, length); \ 240 auto length = i.InputOperand32(2); \
240 auto ool = new (zone()) OutOfLineLoadInteger(this, result); \ 241 __ Cmp(offset, length); \
241 __ B(hs, ool->entry()); \ 242 auto ool = new (zone()) OutOfLineLoadZero(this, result); \
242 __ asm_instr(result, i.MemoryOperand(2)); \ 243 __ B(hs, ool->entry()); \
243 __ Bind(ool->exit()); \ 244 __ asm_instr(result, MemOperand(buffer, offset, UXTW)); \
245 __ Bind(ool->exit()); \
244 } while (0) 246 } while (0)
245 247
246 248
247 #define ASSEMBLE_CHECKED_STORE_FLOAT(width) \ 249 #define ASSEMBLE_CHECKED_STORE_FLOAT(width) \
248 do { \ 250 do { \
249 auto offset = i.InputRegister32(0); \ 251 auto buffer = i.InputRegister(0); \
250 auto length = i.InputOperand32(1); \ 252 auto offset = i.InputRegister32(1); \
251 __ Cmp(offset, length); \ 253 auto length = i.InputOperand32(2); \
252 Label done; \ 254 auto value = i.InputFloat##width##Register(3); \
253 __ B(hs, &done); \ 255 __ Cmp(offset, length); \
254 __ Str(i.InputFloat##width##Register(2), i.MemoryOperand(3)); \ 256 Label done; \
255 __ Bind(&done); \ 257 __ B(hs, &done); \
258 __ Str(value, MemOperand(buffer, offset, UXTW)); \
259 __ Bind(&done); \
256 } while (0) 260 } while (0)
257 261
258 262
259 #define ASSEMBLE_CHECKED_STORE_INTEGER(asm_instr) \ 263 #define ASSEMBLE_CHECKED_STORE_INTEGER(asm_instr) \
260 do { \ 264 do { \
261 auto offset = i.InputRegister32(0); \ 265 auto buffer = i.InputRegister(0); \
262 auto length = i.InputOperand32(1); \ 266 auto offset = i.InputRegister32(1); \
263 __ Cmp(offset, length); \ 267 auto length = i.InputOperand32(2); \
264 Label done; \ 268 auto value = i.InputRegister32(3); \
265 __ B(hs, &done); \ 269 __ Cmp(offset, length); \
266 __ asm_instr(i.InputRegister32(2), i.MemoryOperand(3)); \ 270 Label done; \
267 __ Bind(&done); \ 271 __ B(hs, &done); \
272 __ asm_instr(value, MemOperand(buffer, offset, UXTW)); \
273 __ Bind(&done); \
268 } while (0) 274 } while (0)
269 275
270 276
271 #define ASSEMBLE_SHIFT(asm_instr, width) \ 277 #define ASSEMBLE_SHIFT(asm_instr, width) \
272 do { \ 278 do { \
273 if (instr->InputAt(1)->IsRegister()) { \ 279 if (instr->InputAt(1)->IsRegister()) { \
274 __ asm_instr(i.OutputRegister##width(), i.InputRegister##width(0), \ 280 __ asm_instr(i.OutputRegister##width(), i.InputRegister##width(0), \
275 i.InputRegister##width(1)); \ 281 i.InputRegister##width(1)); \
276 } else { \ 282 } else { \
277 int64_t imm = i.InputOperand##width(1).immediate().value(); \ 283 int64_t imm = i.InputOperand##width(1).immediate().value(); \
(...skipping 896 matching lines...) Expand 10 before | Expand all | Expand 10 after
1174 } 1180 }
1175 } 1181 }
1176 MarkLazyDeoptSite(); 1182 MarkLazyDeoptSite();
1177 } 1183 }
1178 1184
1179 #undef __ 1185 #undef __
1180 1186
1181 } // namespace compiler 1187 } // namespace compiler
1182 } // namespace internal 1188 } // namespace internal
1183 } // namespace v8 1189 } // namespace v8
OLDNEW
« no previous file with comments | « no previous file | src/compiler/arm64/instruction-selector-arm64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698