[v8-dev] Fix crashes by correctly guarding context extension checks.

Wed, 18 Feb 2009 06:30:14 -0800 

Reviewers: Kasper Lund,

Description:
Fix crashes by correctly guarding context extension checks.

Please review this at http://codereview.chromium.org/20456

SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/

Affected files:
   M     src/codegen-arm.cc
   M     src/codegen-ia32.cc


Index: src/codegen-arm.cc
===================================================================
--- src/codegen-arm.cc  (revision 1301)
+++ src/codegen-arm.cc  (working copy)
@@ -418,9 +418,11 @@
      }
    }
    // Check that last extension is NULL.
-  __ ldr(tmp2, ContextOperand(tmp, Context::EXTENSION_INDEX));
-  __ tst(tmp2, tmp2);
-  __ b(ne, slow);
+  if (s->num_heap_slots() > 0 && s->calls_eval()) {
+    __ ldr(tmp2, ContextOperand(tmp, Context::EXTENSION_INDEX));
+    __ tst(tmp2, tmp2);
+    __ b(ne, slow);
+  }
    __ ldr(tmp, ContextOperand(tmp, Context::FCONTEXT_INDEX));
    return ContextOperand(tmp, index);
  }
Index: src/codegen-ia32.cc
===================================================================
--- src/codegen-ia32.cc (revision 1301)
+++ src/codegen-ia32.cc (working copy)
@@ -456,7 +456,8 @@
    ASSERT(slot->type() == Slot::CONTEXT);
    int index = slot->index();
    Register context = esi;
-  for (Scope* s = scope(); s != slot->var()->scope(); s =  
s->outer_scope()) {
+  Scope* s = scope();
+  for (; s != slot->var()->scope(); s = s->outer_scope()) {
      if (s->num_heap_slots() > 0) {
        if (s->calls_eval()) {
          // Check that extension is NULL.
@@ -469,8 +470,10 @@
      }
    }
    // Check that last extension is NULL.
-  __ cmp(ContextOperand(tmp, Context::EXTENSION_INDEX), Immediate(0));
-  __ j(not_equal, slow, not_taken);
+  if (s->num_heap_slots() > 0 && s->calls_eval()) {
+    __ cmp(ContextOperand(tmp, Context::EXTENSION_INDEX), Immediate(0));
+    __ j(not_equal, slow, not_taken);
+  }
    __ mov(tmp, ContextOperand(tmp, Context::FCONTEXT_INDEX));
    return ContextOperand(tmp, index);
  }
@@ -2364,6 +2367,7 @@
        __ jmp(&done);

      } else if (slot->var()->mode() == Variable::DYNAMIC_LOCAL) {
+      __ jmp(&slow);
        Slot* potential_slot = slot->var()->local_if_not_shadowed()->slot();
        __ mov(eax,
               ContextSlotOperandCheckExtensions(potential_slot,



--~--~---------~--~----~------------~-------~--~----~
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
-~----------~----~----~----~------~----~------~--~---

Reply via email to