Subzero: Add sandboxing for x86-32.

src/assembler.h

 //===- subzero/src/assembler.h - Integrated assembler -----------*- C++ -*-===//
 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 //
 // Modified by the Subzero authors.
 //
 //===----------------------------------------------------------------------===//
 //
 //                        The Subzero Code Generator
@@ skipping 97 matching lines @@
 #endif // NDEBUG
 
   // Returns the position in the instruction stream.
   intptr_t GetPosition() const { return cursor_ - contents_; }
 
   // Create and track a fixup in the current function.
   AssemblerFixup *createFixup(FixupKind Kind, const Constant *Value);
 
   const FixupRefList &fixups() const { return fixups_; }
 
+  void setSize(intptr_t NewSize) {
+    assert(NewSize <= Size());
+    cursor_ = contents_ + NewSize;
+  }
+
 private:
   // The limit is set to kMinimumGap bytes before the end of the data area.
   // This leaves enough space for the longest possible instruction and allows
   // for a single, fast space check per instruction.
   static const intptr_t kMinimumGap = 32;
 
   uintptr_t contents_;
   uintptr_t cursor_;
   uintptr_t limit_;
   Assembler &assembler_;
@@ skipping 14 matching lines @@
   }
 
   void ExtendCapacity();
 };
 
 class Assembler {
   Assembler(const Assembler &) = delete;
   Assembler &operator=(const Assembler &) = delete;
 
 public:
-  Assembler() : FunctionName(""), IsInternal(false), buffer_(*this) {}
+  Assembler()
+      : FunctionName(""), IsInternal(false), Preliminary(false),
+        buffer_(*this) {}
   virtual ~Assembler() {}
 
   // Allocate a chunk of bytes using the per-Assembler allocator.
   uintptr_t AllocateBytes(size_t bytes) {
     // For now, alignment is not related to NaCl bundle alignment, since
     // the buffer's GetPosition is relative to the base. So NaCl bundle
     // alignment checks can be relative to that base. Later, the buffer
     // will be copied out to a ".text" section (or an in memory-buffer
     // that can be mprotect'ed with executable permission), and that
     // second buffer should be aligned for NaCl.
@@ skipping 24 matching lines @@
 
   AssemblerFixup *createFixup(FixupKind Kind, const Constant *Value) {
     return buffer_.createFixup(Kind, Value);
   }
 
   void emitIASBytes(GlobalContext *Ctx) const;
   bool getInternal() const { return IsInternal; }
   void setInternal(bool Internal) { IsInternal = Internal; }
   const IceString &getFunctionName() { return FunctionName; }
   void setFunctionName(const IceString &NewName) { FunctionName = NewName; }
+  intptr_t getBufferSize() const { return buffer_.Size(); }
+  // Roll back to a (smaller) size.
+  void setBufferSize(intptr_t NewSize) { buffer_.setSize(NewSize); }
+  void setPreliminary(bool Value) { Preliminary = Value; }
+  bool getPreliminary() const { return Preliminary; }
+  // Add nop padding of a particular width.
+  virtual void padWithNop(intptr_t Padding) = 0;

[jvoung (off chromium), 2015/02/19 21:01:47]

Maybe put this padWithNop along with the alignFunction method?

[Jim Stichnoth, 2015/02/19 23:17:39]

Done.

 
 private:
   ArenaAllocator<32 * 1024> Allocator;
   // FunctionName and IsInternal are transferred from the original Cfg
   // object, since the Cfg object may be deleted by the time the
   // assembler buffer is emitted.
   IceString FunctionName;
   bool IsInternal;
+  bool Preliminary;

[jvoung (off chromium), 2015/02/19 21:01:47]

Document what Preliminary does

[Jim Stichnoth, 2015/02/19 23:17:39]

Done.

 
 protected:
   AssemblerBuffer buffer_;
 };
 
 } // end of namespace Ice
 
 #endif // SUBZERO_SRC_ASSEMBLER_H_