Status: Assigned
Owner: [email protected]
CC: [email protected], [email protected]
Labels: Type-Bug Priority-Medium
New issue 2851 by [email protected]: Tricky bug in ARM Allocate()
http://code.google.com/p/v8/issues/detail?id=2851
There is small bug in ARM Allocate() which is never exposed the way it is
called today. However, you might want to take a look, in case the callers
change their use.
Referencing line numbers from:
http://code.google.com/p/v8/source/browse/branches/bleeding_edge/src/arm/macro-assembler-arm.cc#1659
The bug would happen if passed in int 'object_size' would not fit in ARM
immediate value, AND the AllocationFlags include DOUBLE_ALIGNMENT.
The problem is you declare this alias:
1707: Register obj_size_reg = scratch2;
Load the non-immediate to obj_size_reg (scratch2):
1712: mov(obj_size_reg, obj_size_operand);
Overwrite obj_size_reg (scratch2):
1738: and_(scratch2, result, Operand(kDoubleAlignmentMask), SetCC);
before it's used at 1753.
Don't ask me how I know about this ... ;-)
There is not a simple fix, since you are out of registers, and trying to
preserve value in 'ip', which would be overwritten with a later usage of
mov(obj_size_reg,
obj_size_operand);
As I see it, the assembler 'mov' instruction could easily use register 'Rd'
as its temporary (for loading from constant pool, or whatever), but the
addmod1() helper uses only 'ip' for a temporary (likely needed for other
instructions where Rn might be same as Rd, etc.).
I not sure of all the uses/dependencies in the ARM assembler, and don't
want to break other stuff, so I'm not going to submit a CL for this.
Again, it appears you never call Allocate() with a size that doesn't fit in
immediate-constant, so this is certainly low priority.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
