From c79fa4187066b5305c43092b22da358daf3e6a6e Mon Sep 17 00:00:00 2001 From: Yang Guo Date: Wed, 5 Sep 2018 15:05:39 +0200 Subject: [PATCH] Use unsigned comparison for stack checks We use signed comparison when we compare the difference between SP and stack limit to the size we are going to push, but need to use unsigned comparison when we compare SP and stack limit directly. R=mvstanton@chromium.org Bug: chromium:876210 Change-Id: I3ca5233677c42aebadb78920592a7c6d8e33a825 Reviewed-on: https://chromium-review.googlesource.com/1206870 Reviewed-by: Michael Stanton Commit-Queue: Yang Guo Cr-Commit-Position: refs/heads/master@{#55675} --- src/builtins/arm/builtins-arm.cc | 2 +- src/builtins/arm64/builtins-arm64.cc | 2 +- src/builtins/ia32/builtins-ia32.cc | 2 +- src/builtins/mips/builtins-mips.cc | 4 ++-- src/builtins/mips64/builtins-mips64.cc | 4 ++-- src/builtins/x64/builtins-x64.cc | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/builtins/arm/builtins-arm.cc b/src/builtins/arm/builtins-arm.cc index c18811a4b6..f11c0e37bc 100644 --- a/src/builtins/arm/builtins-arm.cc +++ b/src/builtins/arm/builtins-arm.cc @@ -1860,7 +1860,7 @@ void Generate_PushBoundArguments(MacroAssembler* masm) { // (i.e. debug break and preemption) here, so check the "real stack // limit". __ CompareRoot(sp, Heap::kRealStackLimitRootIndex); - __ b(gt, &done); // Signed comparison. + __ b(hs, &done); // Restore the stack pointer. __ add(sp, sp, Operand(r4, LSL, kPointerSizeLog2)); { diff --git a/src/builtins/arm64/builtins-arm64.cc b/src/builtins/arm64/builtins-arm64.cc index 61fee9013b..b508422009 100644 --- a/src/builtins/arm64/builtins-arm64.cc +++ b/src/builtins/arm64/builtins-arm64.cc @@ -2217,7 +2217,7 @@ void Generate_PushBoundArguments(MacroAssembler* masm) { __ Sub(x10, sp, x10); // Check if the arguments will overflow the stack. __ Cmp(x10, Operand(bound_argc, LSL, kPointerSizeLog2)); - __ B(gt, &done); // Signed comparison. + __ B(hs, &done); __ TailCallRuntime(Runtime::kThrowStackOverflow); __ Bind(&done); } diff --git a/src/builtins/ia32/builtins-ia32.cc b/src/builtins/ia32/builtins-ia32.cc index 297e137268..29929c93c9 100644 --- a/src/builtins/ia32/builtins-ia32.cc +++ b/src/builtins/ia32/builtins-ia32.cc @@ -1992,7 +1992,7 @@ void Generate_PushBoundArguments(MacroAssembler* masm) { // (i.e. debug break and preemption) here, so check the "real stack // limit". __ CompareRoot(esp, ecx, Heap::kRealStackLimitRootIndex); - __ j(greater, &done, Label::kNear); // Signed comparison. + __ j(above_equal, &done, Label::kNear); // Restore the stack pointer. __ lea(esp, Operand(esp, ebx, times_pointer_size, 0)); { diff --git a/src/builtins/mips/builtins-mips.cc b/src/builtins/mips/builtins-mips.cc index 0c892c960f..23284a2b07 100644 --- a/src/builtins/mips/builtins-mips.cc +++ b/src/builtins/mips/builtins-mips.cc @@ -1864,7 +1864,7 @@ void Builtins::Generate_CallBoundFunctionImpl(MacroAssembler* masm) { // Check the stack for overflow. We are not trying to catch interruptions // (i.e. debug break and preemption) here, so check the "real stack limit". __ LoadRoot(kScratchReg, Heap::kRealStackLimitRootIndex); - __ Branch(&done, gt, sp, Operand(kScratchReg)); // Signed comparison. + __ Branch(&done, hs, sp, Operand(kScratchReg)); // Restore the stack pointer. __ Addu(sp, sp, Operand(t1)); { @@ -2022,7 +2022,7 @@ void Builtins::Generate_ConstructBoundFunction(MacroAssembler* masm) { // Check the stack for overflow. We are not trying to catch interruptions // (i.e. debug break and preemption) here, so check the "real stack limit". __ LoadRoot(kScratchReg, Heap::kRealStackLimitRootIndex); - __ Branch(&done, gt, sp, Operand(kScratchReg)); // Signed comparison. + __ Branch(&done, hs, sp, Operand(kScratchReg)); // Restore the stack pointer. __ Addu(sp, sp, Operand(t1)); { diff --git a/src/builtins/mips64/builtins-mips64.cc b/src/builtins/mips64/builtins-mips64.cc index d59f7c0ce5..bc8a3d8037 100644 --- a/src/builtins/mips64/builtins-mips64.cc +++ b/src/builtins/mips64/builtins-mips64.cc @@ -1884,7 +1884,7 @@ void Builtins::Generate_CallBoundFunctionImpl(MacroAssembler* masm) { // Check the stack for overflow. We are not trying to catch interruptions // (i.e. debug break and preemption) here, so check the "real stack limit". __ LoadRoot(kScratchReg, Heap::kRealStackLimitRootIndex); - __ Branch(&done, gt, sp, Operand(kScratchReg)); // Signed comparison. + __ Branch(&done, hs, sp, Operand(kScratchReg)); // Restore the stack pointer. __ Daddu(sp, sp, Operand(a5)); { @@ -2038,7 +2038,7 @@ void Builtins::Generate_ConstructBoundFunction(MacroAssembler* masm) { // Check the stack for overflow. We are not trying to catch interruptions // (i.e. debug break and preemption) here, so check the "real stack limit". __ LoadRoot(kScratchReg, Heap::kRealStackLimitRootIndex); - __ Branch(&done, gt, sp, Operand(kScratchReg)); // Signed comparison. + __ Branch(&done, hs, sp, Operand(kScratchReg)); // Restore the stack pointer. __ Daddu(sp, sp, Operand(a5)); { diff --git a/src/builtins/x64/builtins-x64.cc b/src/builtins/x64/builtins-x64.cc index 5c2094105c..544cadaf9e 100644 --- a/src/builtins/x64/builtins-x64.cc +++ b/src/builtins/x64/builtins-x64.cc @@ -2050,7 +2050,7 @@ void Generate_PushBoundArguments(MacroAssembler* masm) { // (i.e. debug break and preemption) here, so check the "real stack // limit". __ CompareRoot(rsp, Heap::kRealStackLimitRootIndex); - __ j(greater, &done, Label::kNear); // Signed comparison. + __ j(above_equal, &done, Label::kNear); // Restore the stack pointer. __ leap(rsp, Operand(rsp, rbx, times_pointer_size, 0)); {