MIPS[64]: Check for stack overflow when pushing arguments in JSConstructStubGeneric.

Addition to d0562944. Bug: chromium:896326 Change-Id: Ie76f6be778e963ad5205a99853f491b164dddf9a Reviewed-on: https://chromium-review.googlesource.com/c/1349269Reviewed-by: Predrag Rudic <prudic@wavecomp.com> Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com> Commit-Queue: Sreten Kovacevic <skovacevic@wavecomp.com> Cr-Commit-Position: refs/heads/master@{#57825}

MIPS[64]: Check for stack overflow when pushing arguments in JSConstructStubGeneric.
Addition to d0562944. Bug: chromium:896326 Change-Id: Ie76f6be778e963ad5205a99853f491b164dddf9a Reviewed-on: https://chromium-review.googlesource.com/c/1349269Reviewed-by: Predrag Rudic <prudic@wavecomp.com> Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com> Commit-Queue: Sreten Kovacevic <skovacevic@wavecomp.com> Cr-Commit-Position: refs/heads/master@{#57825}
75a0133d · Aleksandar Rikalo · Commit Bot · 1abc28e3 · 75a0133d · 75a0133d
Commit 75a0133d authored Nov 23, 2018 by Aleksandar Rikalo Committed by Commit Bot Nov 26, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 58 additions and 33 deletions

builtins-mips.cc src/builtins/mips/builtins-mips.cc +29 -17

builtins-mips64.cc src/builtins/mips64/builtins-mips64.cc +29 -16

No files found.
--- a/src/builtins/mips/builtins-mips.cc
+++ b/src/builtins/mips/builtins-mips.cc
@@ -156,6 +156,22 @@ void Generate_JSBuiltinsConstructStubHelper(MacroAssembler* masm) {
  __ Ret();
 }

+static void Generate_StackOverflowCheck(MacroAssembler* masm, Register num_args,
+                                        Register scratch1, Register scratch2,
+                                        Label* stack_overflow) {
+  // Check the stack for overflow. We are not trying to catch
+  // interruptions (e.g. debug break and preemption) here, so the "real stack
+  // limit" is checked.
+  __ LoadRoot(scratch1, RootIndex::kRealStackLimit);
+  // Make scratch1 the space we have left. The stack might already be overflowed
+  // here which will cause scratch1 to become negative.
+  __ subu(scratch1, sp, scratch1);
+  // Check if the arguments will overflow the stack.
+  __ sll(scratch2, num_args, kPointerSizeLog2);
+  // Signed comparison.
+  __ Branch(stack_overflow, le, scratch1, Operand(scratch2));
+}
+
 }  // namespace

 // The construct stub for ES5 constructor functions and ES6 class constructors.
@@ -242,6 +258,19 @@ void Builtins::Generate_JSConstructStubGeneric(MacroAssembler* masm) {
    // Set up pointer to last argument.
    __ Addu(t2, fp, Operand(StandardFrameConstants::kCallerSPOffset));

+    Label enough_stack_space, stack_overflow;
+    Generate_StackOverflowCheck(masm, a0, t0, t1, &stack_overflow);
+    __ Branch(&enough_stack_space);
+
+    __ bind(&stack_overflow);
+    // Restore the context from the frame.
+    __ lw(cp, MemOperand(fp, ConstructFrameConstants::kContextOffset));
+    __ CallRuntime(Runtime::kThrowStackOverflow);
+    // Unreachable code.
+    __ break_(0xCC);
+
+    __ bind(&enough_stack_space);
+
    // Copy arguments and receiver to the expression stack.
    Label loop, entry;
    __ mov(t3, a0);
@@ -925,23 +954,6 @@ void Builtins::Generate_InterpreterEntryTrampoline(MacroAssembler* masm) {
  __ Jump(ra);
 }

-
-static void Generate_StackOverflowCheck(MacroAssembler* masm, Register num_args,
-                                        Register scratch1, Register scratch2,
-                                        Label* stack_overflow) {
-  // Check the stack for overflow. We are not trying to catch
-  // interruptions (e.g. debug break and preemption) here, so the "real stack
-  // limit" is checked.
-  __ LoadRoot(scratch1, RootIndex::kRealStackLimit);
-  // Make scratch1 the space we have left. The stack might already be overflowed
-  // here which will cause scratch1 to become negative.
-  __ subu(scratch1, sp, scratch1);
-  // Check if the arguments will overflow the stack.
-  __ sll(scratch2, num_args, kPointerSizeLog2);
-  // Signed comparison.
-  __ Branch(stack_overflow, le, scratch1, Operand(scratch2));
-}
-
 static void Generate_InterpreterPushArgs(MacroAssembler* masm,
                                         Register num_args, Register index,
                                         Register scratch, Register scratch2) {

--- a/src/builtins/mips64/builtins-mips64.cc
+++ b/src/builtins/mips64/builtins-mips64.cc
@@ -156,6 +156,22 @@ void Generate_JSBuiltinsConstructStubHelper(MacroAssembler* masm) {
  __ Ret();
 }

+static void Generate_StackOverflowCheck(MacroAssembler* masm, Register num_args,
+                                        Register scratch1, Register scratch2,
+                                        Label* stack_overflow) {
+  // Check the stack for overflow. We are not trying to catch
+  // interruptions (e.g. debug break and preemption) here, so the "real stack
+  // limit" is checked.
+  __ LoadRoot(scratch1, RootIndex::kRealStackLimit);
+  // Make scratch1 the space we have left. The stack might already be overflowed
+  // here which will cause scratch1 to become negative.
+  __ dsubu(scratch1, sp, scratch1);
+  // Check if the arguments will overflow the stack.
+  __ dsll(scratch2, num_args, kPointerSizeLog2);
+  // Signed comparison.
+  __ Branch(stack_overflow, le, scratch1, Operand(scratch2));
+}
+
 }  // namespace

 // The construct stub for ES5 constructor functions and ES6 class constructors.
@@ -242,6 +258,19 @@ void Builtins::Generate_JSConstructStubGeneric(MacroAssembler* masm) {
    // Set up pointer to last argument.
    __ Daddu(t2, fp, Operand(StandardFrameConstants::kCallerSPOffset));

+    Label enough_stack_space, stack_overflow;
+    Generate_StackOverflowCheck(masm, a0, t0, t1, &stack_overflow);
+    __ Branch(&enough_stack_space);
+
+    __ bind(&stack_overflow);
+    // Restore the context from the frame.
+    __ Ld(cp, MemOperand(fp, ConstructFrameConstants::kContextOffset));
+    __ CallRuntime(Runtime::kThrowStackOverflow);
+    // Unreachable code.
+    __ break_(0xCC);
+
+    __ bind(&enough_stack_space);
+
    // Copy arguments and receiver to the expression stack.
    Label loop, entry;
    __ mov(t3, a0);
@@ -925,22 +954,6 @@ void Builtins::Generate_InterpreterEntryTrampoline(MacroAssembler* masm) {
  __ Jump(ra);
 }

-static void Generate_StackOverflowCheck(MacroAssembler* masm, Register num_args,
-                                        Register scratch1, Register scratch2,
-                                        Label* stack_overflow) {
-  // Check the stack for overflow. We are not trying to catch
-  // interruptions (e.g. debug break and preemption) here, so the "real stack
-  // limit" is checked.
-  __ LoadRoot(scratch1, RootIndex::kRealStackLimit);
-  // Make scratch1 the space we have left. The stack might already be overflowed
-  // here which will cause scratch1 to become negative.
-  __ dsubu(scratch1, sp, scratch1);
-  // Check if the arguments will overflow the stack.
-  __ dsll(scratch2, num_args, kPointerSizeLog2);
-  // Signed comparison.
-  __ Branch(stack_overflow, le, scratch1, Operand(scratch2));
-}
-
 static void Generate_InterpreterPushArgs(MacroAssembler* masm,
                                         Register num_args, Register index,
                                         Register scratch, Register scratch2) {