Mercurial > hg > truffle
comparison src/cpu/x86/vm/templateTable_x86_64.cpp @ 13034:ea79ab313e98
8027252: Crash in interpreter because get_unsigned_2_byte_index_at_bcp reads 4 bytes
Summary: Use 2-byte loads to load indexes from the byte code stream to avoid out of bounds reads.
Reviewed-by: coleenp, sspitsyn
| author | mgerdin |
|---|---|
| date | Wed, 30 Oct 2013 15:35:25 +0100 |
| parents | d13d7aba8c12 |
| children | 42790b7e4d48 |
comparison
equal
deleted
inserted
replaced
| 13002:1a04de1aaedb | 13034:ea79ab313e98 |
|---|---|
| 566 locals_index(rbx); | 566 locals_index(rbx); |
| 567 __ movptr(rax, aaddress(rbx)); | 567 __ movptr(rax, aaddress(rbx)); |
| 568 } | 568 } |
| 569 | 569 |
| 570 void TemplateTable::locals_index_wide(Register reg) { | 570 void TemplateTable::locals_index_wide(Register reg) { |
| 571 __ movl(reg, at_bcp(2)); | 571 __ load_unsigned_short(reg, at_bcp(2)); |
| 572 __ bswapl(reg); | 572 __ bswapl(reg); |
| 573 __ shrl(reg, 16); | 573 __ shrl(reg, 16); |
| 574 __ negptr(reg); | 574 __ negptr(reg); |
| 575 } | 575 } |
| 576 | 576 |
| 1573 InvocationCounter::counter_offset(); | 1573 InvocationCounter::counter_offset(); |
| 1574 const ByteSize inv_offset = MethodCounters::invocation_counter_offset() + | 1574 const ByteSize inv_offset = MethodCounters::invocation_counter_offset() + |
| 1575 InvocationCounter::counter_offset(); | 1575 InvocationCounter::counter_offset(); |
| 1576 | 1576 |
| 1577 // Load up edx with the branch displacement | 1577 // Load up edx with the branch displacement |
| 1578 __ movl(rdx, at_bcp(1)); | 1578 if (is_wide) { |
| 1579 __ movl(rdx, at_bcp(1)); | |
| 1580 } else { | |
| 1581 __ load_signed_short(rdx, at_bcp(1)); | |
| 1582 } | |
| 1579 __ bswapl(rdx); | 1583 __ bswapl(rdx); |
| 1580 | 1584 |
| 1581 if (!is_wide) { | 1585 if (!is_wide) { |
| 1582 __ sarl(rdx, 16); | 1586 __ sarl(rdx, 16); |
| 1583 } | 1587 } |