Remove push(holder_reg) in CheckAccessGlobalProxy.

R=jkummerow@chromium.org
BUG=v8:119

Review URL: https://chromiumcodereview.appspot.com/13177002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
yangguo@chromium.org 2013-04-05 12:06:34 +00:00
parent deecbb2e01
commit c02bf4515c
5 changed files with 30 additions and 35 deletions

View File

@ -1402,7 +1402,6 @@ void MacroAssembler::CheckAccessGlobalProxy(Register holder_reg,
// Check the context is a native context.
if (emit_debug_code()) {
// TODO(119): avoid push(holder_reg)/pop(holder_reg)
// Cannot use ip as a temporary in this verification code. Due to the fact
// that ip is clobbered as part of cmp with an object Operand.
push(holder_reg); // Temporarily save holder on the stack.
@ -1421,7 +1420,6 @@ void MacroAssembler::CheckAccessGlobalProxy(Register holder_reg,
// Check the context is a native context.
if (emit_debug_code()) {
// TODO(119): avoid push(holder_reg)/pop(holder_reg)
// Cannot use ip as a temporary in this verification code. Due to the fact
// that ip is clobbered as part of cmp with an object Operand.
push(holder_reg); // Temporarily save holder on the stack.

View File

@ -1024,69 +1024,65 @@ void MacroAssembler::ThrowUncatchable(Register value) {
void MacroAssembler::CheckAccessGlobalProxy(Register holder_reg,
Register scratch,
Register scratch1,
Register scratch2,
Label* miss) {
Label same_contexts;
ASSERT(!holder_reg.is(scratch));
ASSERT(!holder_reg.is(scratch1));
ASSERT(!holder_reg.is(scratch2));
ASSERT(!scratch1.is(scratch2));
// Load current lexical context from the stack frame.
mov(scratch, Operand(ebp, StandardFrameConstants::kContextOffset));
mov(scratch1, Operand(ebp, StandardFrameConstants::kContextOffset));
// When generating debug code, make sure the lexical context is set.
if (emit_debug_code()) {
cmp(scratch, Immediate(0));
cmp(scratch1, Immediate(0));
Check(not_equal, "we should not have an empty lexical context");
}
// Load the native context of the current context.
int offset =
Context::kHeaderSize + Context::GLOBAL_OBJECT_INDEX * kPointerSize;
mov(scratch, FieldOperand(scratch, offset));
mov(scratch, FieldOperand(scratch, GlobalObject::kNativeContextOffset));
mov(scratch1, FieldOperand(scratch1, offset));
mov(scratch1, FieldOperand(scratch1, GlobalObject::kNativeContextOffset));
// Check the context is a native context.
if (emit_debug_code()) {
push(scratch);
// Read the first word and compare to native_context_map.
mov(scratch, FieldOperand(scratch, HeapObject::kMapOffset));
cmp(scratch, isolate()->factory()->native_context_map());
cmp(FieldOperand(scratch1, HeapObject::kMapOffset),
isolate()->factory()->native_context_map());
Check(equal, "JSGlobalObject::native_context should be a native context.");
pop(scratch);
}
// Check if both contexts are the same.
cmp(scratch, FieldOperand(holder_reg, JSGlobalProxy::kNativeContextOffset));
cmp(scratch1, FieldOperand(holder_reg, JSGlobalProxy::kNativeContextOffset));
j(equal, &same_contexts);
// Compare security tokens, save holder_reg on the stack so we can use it
// as a temporary register.
//
// TODO(119): avoid push(holder_reg)/pop(holder_reg)
push(holder_reg);
// Check that the security token in the calling global object is
// compatible with the security token in the receiving global
// object.
mov(holder_reg,
mov(scratch2,
FieldOperand(holder_reg, JSGlobalProxy::kNativeContextOffset));
// Check the context is a native context.
if (emit_debug_code()) {
cmp(holder_reg, isolate()->factory()->null_value());
cmp(scratch2, isolate()->factory()->null_value());
Check(not_equal, "JSGlobalProxy::context() should not be null.");
push(holder_reg);
// Read the first word and compare to native_context_map(),
mov(holder_reg, FieldOperand(holder_reg, HeapObject::kMapOffset));
cmp(holder_reg, isolate()->factory()->native_context_map());
cmp(FieldOperand(scratch2, HeapObject::kMapOffset),
isolate()->factory()->native_context_map());
Check(equal, "JSGlobalObject::native_context should be a native context.");
pop(holder_reg);
}
int token_offset = Context::kHeaderSize +
Context::SECURITY_TOKEN_INDEX * kPointerSize;
mov(scratch, FieldOperand(scratch, token_offset));
cmp(scratch, FieldOperand(holder_reg, token_offset));
pop(holder_reg);
mov(scratch1, FieldOperand(scratch1, token_offset));
cmp(scratch1, FieldOperand(scratch2, token_offset));
j(not_equal, miss);
bind(&same_contexts);

View File

@ -548,7 +548,8 @@ class MacroAssembler: public Assembler {
// on access to global objects across environments. The holder register
// is left untouched, but the scratch register is clobbered.
void CheckAccessGlobalProxy(Register holder_reg,
Register scratch,
Register scratch1,
Register scratch2,
Label* miss);
void GetNumberHash(Register r0, Register scratch);

View File

@ -748,7 +748,7 @@ void StubCompiler::GenerateStoreField(MacroAssembler* masm,
// Perform global security token check if needed.
if (object->IsJSGlobalProxy()) {
__ CheckAccessGlobalProxy(receiver_reg, scratch1, miss_label);
__ CheckAccessGlobalProxy(receiver_reg, scratch1, scratch2, miss_label);
}
// Check that we are allowed to write this.
@ -972,10 +972,6 @@ Register StubCompiler::CheckPrototypes(Handle<JSObject> object,
} else {
bool in_new_space = heap()->InNewSpace(*prototype);
Handle<Map> current_map(current->map());
if (in_new_space) {
// Save the map in scratch1 for later.
__ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset));
}
if (!current.is_identical_to(first) || check == CHECK_ALL_MAPS) {
__ CheckMap(reg, current_map, miss, DONT_DO_SMI_CHECK,
ALLOW_ELEMENT_TRANSITION_MAPS);
@ -985,8 +981,14 @@ Register StubCompiler::CheckPrototypes(Handle<JSObject> object,
// the map check so that we know that the object is actually a global
// object.
if (current->IsJSGlobalProxy()) {
__ CheckAccessGlobalProxy(reg, scratch2, miss);
__ CheckAccessGlobalProxy(reg, scratch1, scratch2, miss);
}
if (in_new_space) {
// Save the map in scratch1 for later.
__ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset));
}
reg = holder_reg; // From now on the object will be in holder_reg.
if (in_new_space) {
@ -1020,7 +1022,7 @@ Register StubCompiler::CheckPrototypes(Handle<JSObject> object,
// Perform security check for access to the global object.
ASSERT(holder->IsJSGlobalProxy() || !holder->IsAccessCheckNeeded());
if (holder->IsJSGlobalProxy()) {
__ CheckAccessGlobalProxy(reg, scratch1, miss);
__ CheckAccessGlobalProxy(reg, scratch1, scratch2, miss);
}
// If we've skipped any global objects, it's not enough to verify that
@ -2657,7 +2659,7 @@ Handle<Code> StoreStubCompiler::CompileStoreInterceptor(
// Perform global security token check if needed.
if (object->IsJSGlobalProxy()) {
__ CheckAccessGlobalProxy(edx, ebx, &miss);
__ CheckAccessGlobalProxy(receiver(), scratch1(), scratch2(), &miss);
}
// Stub never generated for non-global objects that require access

View File

@ -369,7 +369,6 @@ void MacroAssembler::CheckAccessGlobalProxy(Register holder_reg,
// Check the context is a native context.
if (emit_debug_code()) {
// TODO(119): Avoid push(holder_reg)/pop(holder_reg).
push(holder_reg); // Temporarily save holder on the stack.
// Read the first word and compare to the native_context_map.
lw(holder_reg, FieldMemOperand(scratch, HeapObject::kMapOffset));
@ -385,7 +384,6 @@ void MacroAssembler::CheckAccessGlobalProxy(Register holder_reg,
// Check the context is a native context.
if (emit_debug_code()) {
// TODO(119): Avoid push(holder_reg)/pop(holder_reg).
push(holder_reg); // Temporarily save holder on the stack.
mov(holder_reg, at); // Move at to its holding place.
LoadRoot(at, Heap::kNullValueRootIndex);