AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

Fix an overflow in on-stack replacement spill-slot allocation for Crankshaft.

Browse Source 
BUG=v8:1407
TEST=

Review URL: http://codereview.chromium.org/7231008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
whesse@chromium.org 2011-06-22 13:08:40 +00:00
parent 1e1387f12c
commit 8e7405800e
5 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/arm/lithium-arm.cc
View File

@ -2120,6 +2120,9 @@ LInstruction* LChunkBuilder::DoParameter(HParameter* instr) {
LInstruction* LChunkBuilder::DoUnknownOSRValue(HUnknownOSRValue* instr) {
int spill_index = chunk()->GetNextSpillIndex(false); // Not double-width.
if (spill_index > LUnallocated::kMaxFixedIndex) {
Abort("Too many spill slots needed for OSR");
}
return DefineAsSpilled(new LUnknownOSRValue, spill_index);
}

4
src/compiler.cc
View File

@ -213,8 +213,8 @@ static bool MakeCrankshaftCode(CompilationInfo* info) {
//
// The encoding is as a signed value, with parameters and receiver using
// the negative indices and locals the non-negative ones.
const int parameter_limit = (LUnallocated::kMaxFixedIndices / 2);
const int locals_limit = parameter_limit - 1;
const int parameter_limit = -LUnallocated::kMinFixedIndex;
const int locals_limit = LUnallocated::kMaxFixedIndex;
Scope* scope = info->scope();
if ((scope->num_parameters() + 1) > parameter_limit ||
scope->num_stack_slots() > locals_limit) {

3
src/ia32/lithium-ia32.cc
View File

@ -2168,6 +2168,9 @@ LInstruction* LChunkBuilder::DoParameter(HParameter* instr) {
LInstruction* LChunkBuilder::DoUnknownOSRValue(HUnknownOSRValue* instr) {
int spill_index = chunk()->GetNextSpillIndex(false); // Not double-width.
if (spill_index > LUnallocated::kMaxFixedIndex) {
Abort("Too many spill slots needed for OSR");
}
return DefineAsSpilled(new LUnknownOSRValue, spill_index);
}

3
src/lithium.h
View File

@ -144,7 +144,8 @@ class LUnallocated: public LOperand {
};
static const int kMaxVirtualRegisters = 1 << (kVirtualRegisterWidth + 1);
static const int kMaxFixedIndices = 128;
static const int kMaxFixedIndex = 63;
static const int kMinFixedIndex = -64;
bool HasIgnorePolicy() const { return policy() == IGNORE; }
bool HasNoPolicy() const { return policy() == NONE; }

3
src/x64/lithium-x64.cc
View File

@ -2112,6 +2112,9 @@ LInstruction* LChunkBuilder::DoParameter(HParameter* instr) {
LInstruction* LChunkBuilder::DoUnknownOSRValue(HUnknownOSRValue* instr) {
int spill_index = chunk()->GetNextSpillIndex(false); // Not double-width.
if (spill_index > LUnallocated::kMaxFixedIndex) {
Abort("Too many spill slots needed for OSR");
}
return DefineAsSpilled(new LUnknownOSRValue, spill_index);
}