Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2424)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/compiler/arm64/instruction-selector-arm64.cc

Issue 804993004: [turbofan] Fix unsafe out-of-bounds check for checked loads/stores. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/compiler/arm64/code-generator-arm64.cc ('k') | src/compiler/x64/code-generator-x64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 the V8 project authors. All rights reserved. 1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/compiler/instruction-selector-impl.h" 5 #include "src/compiler/instruction-selector-impl.h"
6 #include "src/compiler/node-matchers.h" 6 #include "src/compiler/node-matchers.h"
7 7
8 namespace v8 { 8 namespace v8 {
9 namespace internal { 9 namespace internal {
10 namespace compiler { 10 namespace compiler {
(...skipping 372 matching lines...) Expand 10 before | Expand all | Expand 10 after
383 case kRepFloat32: 383 case kRepFloat32:
384 opcode = kCheckedLoadFloat32; 384 opcode = kCheckedLoadFloat32;
385 break; 385 break;
386 case kRepFloat64: 386 case kRepFloat64:
387 opcode = kCheckedLoadFloat64; 387 opcode = kCheckedLoadFloat64;
388 break; 388 break;
389 default: 389 default:
390 UNREACHABLE(); 390 UNREACHABLE();
391 return; 391 return;
392 } 392 }
393 InstructionOperand* offset_operand = g.UseRegister(offset); 393 Emit(opcode, g.DefineAsRegister(node), g.UseRegister(buffer),
394 Emit(opcode | AddressingModeField::encode(kMode_MRR), 394 g.UseRegister(offset), g.UseOperand(length, kArithmeticImm));
395 g.DefineAsRegister(node), offset_operand, g.UseRegister(length),
396 g.UseRegister(buffer), offset_operand);
397 } 395 }
398 396
399 397
400 void InstructionSelector::VisitCheckedStore(Node* node) { 398 void InstructionSelector::VisitCheckedStore(Node* node) {
401 MachineType rep = RepresentationOf(OpParameter<MachineType>(node)); 399 MachineType rep = RepresentationOf(OpParameter<MachineType>(node));
402 Arm64OperandGenerator g(this); 400 Arm64OperandGenerator g(this);
403 Node* const buffer = node->InputAt(0); 401 Node* const buffer = node->InputAt(0);
404 Node* const offset = node->InputAt(1); 402 Node* const offset = node->InputAt(1);
405 Node* const length = node->InputAt(2); 403 Node* const length = node->InputAt(2);
406 Node* const value = node->InputAt(3); 404 Node* const value = node->InputAt(3);
(...skipping 11 matching lines...) Expand all
418 case kRepFloat32: 416 case kRepFloat32:
419 opcode = kCheckedStoreFloat32; 417 opcode = kCheckedStoreFloat32;
420 break; 418 break;
421 case kRepFloat64: 419 case kRepFloat64:
422 opcode = kCheckedStoreFloat64; 420 opcode = kCheckedStoreFloat64;
423 break; 421 break;
424 default: 422 default:
425 UNREACHABLE(); 423 UNREACHABLE();
426 return; 424 return;
427 } 425 }
428 InstructionOperand* offset_operand = g.UseRegister(offset); 426 Emit(opcode, nullptr, g.UseRegister(buffer), g.UseRegister(offset),
429 Emit(opcode | AddressingModeField::encode(kMode_MRR), nullptr, offset_operand, 427 g.UseOperand(length, kArithmeticImm), g.UseRegister(value));
430 g.UseRegister(length), g.UseRegister(value), g.UseRegister(buffer),
431 offset_operand);
432 } 428 }
433 429
434 430
435 template <typename Matcher> 431 template <typename Matcher>
436 static void VisitLogical(InstructionSelector* selector, Node* node, Matcher* m, 432 static void VisitLogical(InstructionSelector* selector, Node* node, Matcher* m,
437 ArchOpcode opcode, bool left_can_cover, 433 ArchOpcode opcode, bool left_can_cover,
438 bool right_can_cover, ImmediateMode imm_mode) { 434 bool right_can_cover, ImmediateMode imm_mode) {
439 Arm64OperandGenerator g(selector); 435 Arm64OperandGenerator g(selector);
440 436
441 // Map instruction to equivalent operation with inverted right input. 437 // Map instruction to equivalent operation with inverted right input.
(...skipping 1083 matching lines...) Expand 10 before | Expand all | Expand 10 after
1525 MachineOperatorBuilder::kFloat64Ceil | 1521 MachineOperatorBuilder::kFloat64Ceil |
1526 MachineOperatorBuilder::kFloat64RoundTruncate | 1522 MachineOperatorBuilder::kFloat64RoundTruncate |
1527 MachineOperatorBuilder::kFloat64RoundTiesAway | 1523 MachineOperatorBuilder::kFloat64RoundTiesAway |
1528 MachineOperatorBuilder::kWord32ShiftIsSafe | 1524 MachineOperatorBuilder::kWord32ShiftIsSafe |
1529 MachineOperatorBuilder::kInt32DivIsSafe | 1525 MachineOperatorBuilder::kInt32DivIsSafe |
1530 MachineOperatorBuilder::kUint32DivIsSafe; 1526 MachineOperatorBuilder::kUint32DivIsSafe;
1531 } 1527 }
1532 } // namespace compiler 1528 } // namespace compiler
1533 } // namespace internal 1529 } // namespace internal
1534 } // namespace v8 1530 } // namespace v8
OLDNEW
« no previous file with comments | « src/compiler/arm64/code-generator-arm64.cc ('k') | src/compiler/x64/code-generator-x64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698