src/x64/lithium-codegen-x64.cc - Issue 10542137: Fix r11780 to avoid bugs where near branches are used to labels that are out of range.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/x64/lithium-codegen-x64.cc

Issue 10542137: Fix r11780 to avoid bugs where near branches are used to labels that are out of range. (Closed) Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/

Patch Set: '' Created 8 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/x64/lithium-codegen-x64.cc

===================================================================

--- src/x64/lithium-codegen-x64.cc (revision 11789)

+++ src/x64/lithium-codegen-x64.cc (working copy)

@@ -2233,6 +2233,18 @@

}

+// Check for cases where EmitLoadFieldOrConstantFunction needs to walk the

+// prototype chain, which causes unbounded code generation.

+static bool CompactEmit(

+ SmallMapList* list, Handle<String> name, int i, Isolate* isolate) {

+ LookupResult lookup(isolate);

+ Handle<Map> map = list->at(i);

+ map->LookupInDescriptors(NULL, *name, &lookup);

+ return lookup.IsFound() &&

+ (lookup.type() == FIELD || lookup.type() == CONSTANT_FUNCTION);

void LCodeGen::DoLoadNamedFieldPolymorphic(LLoadNamedFieldPolymorphic* instr) {

@@ -2246,16 +2258,10 @@

}

Handle<String> name = instr->hydrogen()->name();

Label done;

- bool compact_code = true;

+ bool all_are_compact = true;

for (int i = 0; i < map_count; ++i) {

- LookupResult lookup(isolate());

- Handle<Map> map = instr->hydrogen()->types()->at(i);

- map->LookupInDescriptors(NULL, *name, &lookup);

- if (!lookup.IsFound() ||

- (lookup.type() != FIELD && lookup.type() != CONSTANT_FUNCTION)) {

- // The two cases above cause a bounded amount of code to be emitted. This

- // is not necessarily the case for other lookup results.

- compact_code = false;

+ if (!CompactEmit(instr->hydrogen()->types(), name, i, isolate())) {

+ all_are_compact = false;

break;

}

@@ -2271,11 +2277,13 @@

result, object, map, name, instr->environment());

} else {

Label next;

- __ j(not_equal, &next, Label::kNear);

+ bool compact = all_are_compact ? true :

+ CompactEmit(instr->hydrogen()->types(), name, i, isolate());

+ __ j(not_equal, &next, compact ? Label::kNear : Label::kFar);

__ bind(&check_passed);

EmitLoadFieldOrConstantFunction(

result, object, map, name, instr->environment());

- __ jmp(&done, compact_code ? Label::kNear: Label::kFar);

+ __ jmp(&done, all_are_compact ? Label::kNear : Label::kFar);

__ bind(&next);

}

« no previous file with comments | « src/ia32/lithium-codegen-ia32.cc ('k') | test/mjsunit/regress/regress-deep-proto.js » ('j') | no next file with comments »