PPC/s390: [turbofan] Support poisoning arguments in JavaScript.

Port be4cd67c Original Commit Message: This adds support for poisoning the stack pointer and implicit register arguments like the context register and the function register in the prologue of generated code with JavaScript linkage. The speculation poison is computed similarly to the interpreter by matching expected with actual code start addresses. R=mstarzinger@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG=chromium:798964 LOG=N Change-Id: I0d015fd8a8f05982d947a4a1c0be1a825ac19d64 Reviewed-on: https://chromium-review.googlesource.com/940460Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#51621}

PPC/s390: [turbofan] Support poisoning arguments in JavaScript.
Port be4cd67c Original Commit Message: This adds support for poisoning the stack pointer and implicit register arguments like the context register and the function register in the prologue of generated code with JavaScript linkage. The speculation poison is computed similarly to the interpreter by matching expected with actual code start addresses. R=mstarzinger@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG=chromium:798964 LOG=N Change-Id: I0d015fd8a8f05982d947a4a1c0be1a825ac19d64 Reviewed-on: https://chromium-review.googlesource.com/940460Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#51621}
03caf2c2 · Junliang Yan · Commit Bot · 1ce7a7f9 · 03caf2c2 · 03caf2c2
Commit 03caf2c2 authored Feb 28, 2018 by Junliang Yan Committed by Commit Bot Feb 28, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

code-generator-ppc.cc src/compiler/ppc/code-generator-ppc.cc +6 -0

code-generator-s390.cc src/compiler/s390/code-generator-s390.cc +6 -0

No files found.
--- a/src/compiler/ppc/code-generator-ppc.cc
+++ b/src/compiler/ppc/code-generator-ppc.cc
@@ -858,6 +858,12 @@ void CodeGenerator::GenerateSpeculationPoison() {
  __ notx(kSpeculationPoisonRegister, kSpeculationPoisonRegister);
 }

+void CodeGenerator::AssembleRegisterArgumentPoisoning() {
+  __ and_(kJSFunctionRegister, kJSFunctionRegister, kSpeculationPoisonRegister);
+  __ and_(kContextRegister, kContextRegister, kSpeculationPoisonRegister);
+  __ and_(sp, sp, kSpeculationPoisonRegister);
+}
+
 // Assembles an instruction after register allocation, producing machine code.
 CodeGenerator::CodeGenResult CodeGenerator::AssembleArchInstruction(
    Instruction* instr) {

--- a/src/compiler/s390/code-generator-s390.cc
+++ b/src/compiler/s390/code-generator-s390.cc
@@ -1098,6 +1098,12 @@ void CodeGenerator::GenerateSpeculationPoison() {
  __ NotP(kSpeculationPoisonRegister, kSpeculationPoisonRegister);
 }

+void CodeGenerator::AssembleRegisterArgumentPoisoning() {
+  __ AndP(kJSFunctionRegister, kJSFunctionRegister, kSpeculationPoisonRegister);
+  __ AndP(kContextRegister, kContextRegister, kSpeculationPoisonRegister);
+  __ AndP(sp, sp, kSpeculationPoisonRegister);
+}
+
 // Assembles an instruction after register allocation, producing machine code.
 CodeGenerator::CodeGenResult CodeGenerator::AssembleArchInstruction(
    Instruction* instr) {