Mercurial > hg > truffle
comparison src/cpu/x86/vm/templateTable_x86_32.cpp @ 13034:ea79ab313e98
8027252: Crash in interpreter because get_unsigned_2_byte_index_at_bcp reads 4 bytes
Summary: Use 2-byte loads to load indexes from the byte code stream to avoid out of bounds reads.
Reviewed-by: coleenp, sspitsyn
| author | mgerdin |
|---|---|
| date | Wed, 30 Oct 2013 15:35:25 +0100 |
| parents | d13d7aba8c12 |
| children | 42790b7e4d48 |
comparison
equal
deleted
inserted
replaced
| 13002:1a04de1aaedb | 13034:ea79ab313e98 |
|---|---|
| 556 __ movptr(rax, aaddress(rbx)); | 556 __ movptr(rax, aaddress(rbx)); |
| 557 } | 557 } |
| 558 | 558 |
| 559 | 559 |
| 560 void TemplateTable::locals_index_wide(Register reg) { | 560 void TemplateTable::locals_index_wide(Register reg) { |
| 561 __ movl(reg, at_bcp(2)); | 561 __ load_unsigned_short(reg, at_bcp(2)); |
| 562 __ bswapl(reg); | 562 __ bswapl(reg); |
| 563 __ shrl(reg, 16); | 563 __ shrl(reg, 16); |
| 564 __ negptr(reg); | 564 __ negptr(reg); |
| 565 } | 565 } |
| 566 | 566 |
| 1550 InvocationCounter::counter_offset(); | 1550 InvocationCounter::counter_offset(); |
| 1551 const ByteSize inv_offset = MethodCounters::invocation_counter_offset() + | 1551 const ByteSize inv_offset = MethodCounters::invocation_counter_offset() + |
| 1552 InvocationCounter::counter_offset(); | 1552 InvocationCounter::counter_offset(); |
| 1553 | 1553 |
| 1554 // Load up EDX with the branch displacement | 1554 // Load up EDX with the branch displacement |
| 1555 __ movl(rdx, at_bcp(1)); | 1555 if (is_wide) { |
| 1556 __ movl(rdx, at_bcp(1)); | |
| 1557 } else { | |
| 1558 __ load_signed_short(rdx, at_bcp(1)); | |
| 1559 } | |
| 1556 __ bswapl(rdx); | 1560 __ bswapl(rdx); |
| 1557 if (!is_wide) __ sarl(rdx, 16); | 1561 if (!is_wide) __ sarl(rdx, 16); |
| 1558 LP64_ONLY(__ movslq(rdx, rdx)); | 1562 LP64_ONLY(__ movslq(rdx, rdx)); |
| 1559 | 1563 |
| 1560 | 1564 |