Mercurial > hg > truffle
comparison src/cpu/x86/vm/x86_64.ad @ 2320:41d4973cf100
6942326: x86 code in string_indexof() could read beyond reserved heap space
Summary: copy small (<8) strings on stack if str+16 crosses a page boundary and load from stack into XMM. Back up pointer when loading string's tail.
Reviewed-by: never
author | kvn |
---|---|
date | Sat, 26 Feb 2011 12:10:54 -0800 |
parents | 6bbaedb03534 |
children | 7e88bdae86ec |
comparison
equal
deleted
inserted
replaced
2319:8190d4b75e09 | 2320:41d4973cf100 |
---|---|
1 // | 1 // |
2 // Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. | 2 // Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. |
3 // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | 3 // DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 // | 4 // |
5 // This code is free software; you can redistribute it and/or modify it | 5 // This code is free software; you can redistribute it and/or modify it |
6 // under the terms of the GNU General Public License version 2 only, as | 6 // under the terms of the GNU General Public License version 2 only, as |
7 // published by the Free Software Foundation. | 7 // published by the Free Software Foundation. |
11596 $tmp1$$XMMRegister); | 11596 $tmp1$$XMMRegister); |
11597 %} | 11597 %} |
11598 ins_pipe( pipe_slow ); | 11598 ins_pipe( pipe_slow ); |
11599 %} | 11599 %} |
11600 | 11600 |
11601 // fast search of substring with known size. | |
11602 instruct string_indexof_con(rdi_RegP str1, rdx_RegI cnt1, rsi_RegP str2, immI int_cnt2, | |
11603 rbx_RegI result, regD vec, rax_RegI cnt2, rcx_RegI tmp, rFlagsReg cr) | |
11604 %{ | |
11605 predicate(UseSSE42Intrinsics); | |
11606 match(Set result (StrIndexOf (Binary str1 cnt1) (Binary str2 int_cnt2))); | |
11607 effect(TEMP vec, USE_KILL str1, USE_KILL str2, USE_KILL cnt1, KILL cnt2, KILL tmp, KILL cr); | |
11608 | |
11609 format %{ "String IndexOf $str1,$cnt1,$str2,$int_cnt2 -> $result // KILL $vec, $cnt1, $cnt2, $tmp" %} | |
11610 ins_encode %{ | |
11611 int icnt2 = (int)$int_cnt2$$constant; | |
11612 if (icnt2 >= 8) { | |
11613 // IndexOf for constant substrings with size >= 8 elements | |
11614 // which don't need to be loaded through stack. | |
11615 __ string_indexofC8($str1$$Register, $str2$$Register, | |
11616 $cnt1$$Register, $cnt2$$Register, | |
11617 icnt2, $result$$Register, | |
11618 $vec$$XMMRegister, $tmp$$Register); | |
11619 } else { | |
11620 // Small strings are loaded through stack if they cross page boundary. | |
11621 __ string_indexof($str1$$Register, $str2$$Register, | |
11622 $cnt1$$Register, $cnt2$$Register, | |
11623 icnt2, $result$$Register, | |
11624 $vec$$XMMRegister, $tmp$$Register); | |
11625 } | |
11626 %} | |
11627 ins_pipe( pipe_slow ); | |
11628 %} | |
11629 | |
11601 instruct string_indexof(rdi_RegP str1, rdx_RegI cnt1, rsi_RegP str2, rax_RegI cnt2, | 11630 instruct string_indexof(rdi_RegP str1, rdx_RegI cnt1, rsi_RegP str2, rax_RegI cnt2, |
11602 rbx_RegI result, regD tmp1, rcx_RegI tmp2, rFlagsReg cr) | 11631 rbx_RegI result, regD vec, rcx_RegI tmp, rFlagsReg cr) |
11603 %{ | 11632 %{ |
11604 predicate(UseSSE42Intrinsics); | 11633 predicate(UseSSE42Intrinsics); |
11605 match(Set result (StrIndexOf (Binary str1 cnt1) (Binary str2 cnt2))); | 11634 match(Set result (StrIndexOf (Binary str1 cnt1) (Binary str2 cnt2))); |
11606 effect(TEMP tmp1, USE_KILL str1, USE_KILL str2, USE_KILL cnt1, USE_KILL cnt2, KILL tmp2, KILL cr); | 11635 effect(TEMP vec, USE_KILL str1, USE_KILL str2, USE_KILL cnt1, USE_KILL cnt2, KILL tmp, KILL cr); |
11607 | 11636 |
11608 format %{ "String IndexOf $str1,$cnt1,$str2,$cnt2 -> $result // KILL $tmp1, $tmp2" %} | 11637 format %{ "String IndexOf $str1,$cnt1,$str2,$cnt2 -> $result // KILL all" %} |
11609 ins_encode %{ | 11638 ins_encode %{ |
11610 __ string_indexof($str1$$Register, $str2$$Register, | 11639 __ string_indexof($str1$$Register, $str2$$Register, |
11611 $cnt1$$Register, $cnt2$$Register, $result$$Register, | 11640 $cnt1$$Register, $cnt2$$Register, |
11612 $tmp1$$XMMRegister, $tmp2$$Register); | 11641 (-1), $result$$Register, |
11642 $vec$$XMMRegister, $tmp$$Register); | |
11613 %} | 11643 %} |
11614 ins_pipe( pipe_slow ); | 11644 ins_pipe( pipe_slow ); |
11615 %} | 11645 %} |
11616 | 11646 |
11617 // fast string equals | 11647 // fast string equals |