Landing for Justin Schuh.

This switches out the existing constant splitting with masking that works like this:

1. Generate a random 32-bit value at compilation time.
2. XOR the 32-bit constant with the random value.
3. Emit the resulting immediate value along with the XOR operation to generate the original value.

BUG=http://code.google.com/p/v8/issues/detail?id=908

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5734 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/flag-definitions.h b/src/flag-definitions.h
index 2474c62..54501ec 100644 (file)
--- a/src/flag-definitions.h
+++ b/src/flag-definitions.h
@@ -140,6 +140,9 @@ DEFINE_bool(stack_trace_on_abort, true,
 // codegen-ia32.cc / codegen-arm.cc
 DEFINE_bool(trace, false, "trace function calls")
 DEFINE_bool(defer_negation, true, "defer negation operation")
+DEFINE_bool(mask_constants_with_cookie,
+            true,
+            "use random jit cookie to mask large constants")
 
 // codegen.cc
 DEFINE_bool(lazy, true, "use lazy compilation")

diff --git a/src/ia32/codegen-ia32.cc b/src/ia32/codegen-ia32.cc
index c52e3bf..6d23dd7 100644 (file)
--- a/src/ia32/codegen-ia32.cc
+++ b/src/ia32/codegen-ia32.cc
@@ -153,7 +153,8 @@ CodeGenerator::CodeGenerator(MacroAssembler* masm)
       in_safe_int32_mode_(false),
       safe_int32_mode_enabled_(true),
       function_return_is_shadowed_(false),
-      in_spilled_code_(false) {
+      in_spilled_code_(false),
+      jit_cookie_((FLAG_mask_constants_with_cookie) ? V8::Random() : 0) {
 }
 
 
@@ -5363,16 +5364,16 @@ void CodeGenerator::VisitLiteral(Literal* node) {
 void CodeGenerator::PushUnsafeSmi(Handle<Object> value) {
   ASSERT(value->IsSmi());
   int bits = reinterpret_cast<int>(*value);
-  __ push(Immediate(bits & 0x0000FFFF));
-  __ or_(Operand(esp, 0), Immediate(bits & 0xFFFF0000));
+  __ push(Immediate(bits ^ jit_cookie_));
+  __ xor_(Operand(esp, 0), Immediate(jit_cookie_));
 }
 
 
 void CodeGenerator::StoreUnsafeSmiToLocal(int offset, Handle<Object> value) {
   ASSERT(value->IsSmi());
   int bits = reinterpret_cast<int>(*value);
-  __ mov(Operand(ebp, offset), Immediate(bits & 0x0000FFFF));
-  __ or_(Operand(ebp, offset), Immediate(bits & 0xFFFF0000));
+  __ mov(Operand(ebp, offset), Immediate(bits ^ jit_cookie_));
+  __ xor_(Operand(ebp, offset), Immediate(jit_cookie_));
 }
 
 
@@ -5380,8 +5381,8 @@ void CodeGenerator::MoveUnsafeSmi(Register target, Handle<Object> value) {
   ASSERT(target.is_valid());
   ASSERT(value->IsSmi());
   int bits = reinterpret_cast<int>(*value);
-  __ Set(target, Immediate(bits & 0x0000FFFF));
-  __ or_(target, bits & 0xFFFF0000);
+  __ Set(target, Immediate(bits ^ jit_cookie_));
+  __ xor_(target, jit_cookie_);
 }
 
 

diff --git a/src/ia32/codegen-ia32.h b/src/ia32/codegen-ia32.h
index b072409..4594b19 100644 (file)
--- a/src/ia32/codegen-ia32.h
+++ b/src/ia32/codegen-ia32.h
@@ -785,6 +785,11 @@ class CodeGenerator: public AstVisitor {
   // in a spilled state.
   bool in_spilled_code_;
 
+  // A cookie that is used for JIT IMM32 Encoding.  Initialized to a
+  // random number when the command-line
+  // FLAG_mask_constants_with_cookie is true, zero otherwise.
+  int jit_cookie_;
+
   friend class VirtualFrame;
   friend class JumpTarget;
   friend class Reference;