Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(246)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/isolate.cc

Issue 1100083002: Don't MISS if you read the hole from certain FastHoley arrays. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: REBASE and fix arm64 compilation. Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/isolate.h ('k') | src/mips/lithium-codegen-mips.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdlib.h> 5 #include <stdlib.h>
6 6
7 #include <fstream> // NOLINT(readability/streams) 7 #include <fstream> // NOLINT(readability/streams)
8 #include <sstream> 8 #include <sstream>
9 9
10 #include "src/v8.h" 10 #include "src/v8.h"
(...skipping 2357 matching lines...) Expand 10 before | Expand all | Expand 10 after
2368 2368
2369 bool Isolate::use_crankshaft() const { 2369 bool Isolate::use_crankshaft() const {
2370 return FLAG_crankshaft && 2370 return FLAG_crankshaft &&
2371 !serializer_enabled_ && 2371 !serializer_enabled_ &&
2372 CpuFeatures::SupportsCrankshaft(); 2372 CpuFeatures::SupportsCrankshaft();
2373 } 2373 }
2374 2374
2375 2375
2376 bool Isolate::IsFastArrayConstructorPrototypeChainIntact() { 2376 bool Isolate::IsFastArrayConstructorPrototypeChainIntact() {
2377 PropertyCell* no_elements_cell = heap()->array_protector(); 2377 PropertyCell* no_elements_cell = heap()->array_protector();
2378 bool cell_reports_intact = no_elements_cell->value()->IsSmi() && 2378 bool cell_reports_intact =
2379 Smi::cast(no_elements_cell->value())->value() == 1; 2379 no_elements_cell->value()->IsSmi() &&
2380 Smi::cast(no_elements_cell->value())->value() == kArrayProtectorValid;
2380 2381
2381 #ifdef DEBUG 2382 #ifdef DEBUG
2382 Map* root_array_map = 2383 Map* root_array_map =
2383 get_initial_js_array_map(GetInitialFastElementsKind()); 2384 get_initial_js_array_map(GetInitialFastElementsKind());
2384 Context* native_context = context()->native_context(); 2385 Context* native_context = context()->native_context();
2385 JSObject* initial_array_proto = JSObject::cast( 2386 JSObject* initial_array_proto = JSObject::cast(
2386 native_context->get(Context::INITIAL_ARRAY_PROTOTYPE_INDEX)); 2387 native_context->get(Context::INITIAL_ARRAY_PROTOTYPE_INDEX));
2387 JSObject* initial_object_proto = JSObject::cast( 2388 JSObject* initial_object_proto = JSObject::cast(
2388 native_context->get(Context::INITIAL_OBJECT_PROTOTYPE_INDEX)); 2389 native_context->get(Context::INITIAL_OBJECT_PROTOTYPE_INDEX));
2389 2390
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
2430 void Isolate::UpdateArrayProtectorOnSetElement(Handle<JSObject> object) { 2431 void Isolate::UpdateArrayProtectorOnSetElement(Handle<JSObject> object) {
2431 if (IsFastArrayConstructorPrototypeChainIntact() && 2432 if (IsFastArrayConstructorPrototypeChainIntact() &&
2432 object->map()->is_prototype_map()) { 2433 object->map()->is_prototype_map()) {
2433 Object* context = heap()->native_contexts_list(); 2434 Object* context = heap()->native_contexts_list();
2434 while (!context->IsUndefined()) { 2435 while (!context->IsUndefined()) {
2435 Context* current_context = Context::cast(context); 2436 Context* current_context = Context::cast(context);
2436 if (current_context->get(Context::INITIAL_OBJECT_PROTOTYPE_INDEX) == 2437 if (current_context->get(Context::INITIAL_OBJECT_PROTOTYPE_INDEX) ==
2437 *object || 2438 *object ||
2438 current_context->get(Context::INITIAL_ARRAY_PROTOTYPE_INDEX) == 2439 current_context->get(Context::INITIAL_ARRAY_PROTOTYPE_INDEX) ==
2439 *object) { 2440 *object) {
2440 PropertyCell::SetValueWithInvalidation(factory()->array_protector(), 2441 PropertyCell::SetValueWithInvalidation(
2441 handle(Smi::FromInt(0), this)); 2442 factory()->array_protector(),
2443 handle(Smi::FromInt(kArrayProtectorInvalid), this));
2442 break; 2444 break;
2443 } 2445 }
2444 context = current_context->get(Context::NEXT_CONTEXT_LINK); 2446 context = current_context->get(Context::NEXT_CONTEXT_LINK);
2445 } 2447 }
2446 } 2448 }
2447 } 2449 }
2448 2450
2449 2451
2450 bool Isolate::IsAnyInitialArrayPrototype(Handle<JSArray> array) { 2452 bool Isolate::IsAnyInitialArrayPrototype(Handle<JSArray> array) {
2451 if (array->map()->is_prototype_map()) { 2453 if (array->map()->is_prototype_map()) {
(...skipping 300 matching lines...) Expand 10 before | Expand all | Expand 10 after
2752 if (prev_ && prev_->Intercept(flag)) return true; 2754 if (prev_ && prev_->Intercept(flag)) return true;
2753 // Then check whether this scope intercepts. 2755 // Then check whether this scope intercepts.
2754 if ((flag & intercept_mask_)) { 2756 if ((flag & intercept_mask_)) {
2755 intercepted_flags_ |= flag; 2757 intercepted_flags_ |= flag;
2756 return true; 2758 return true;
2757 } 2759 }
2758 return false; 2760 return false;
2759 } 2761 }
2760 2762
2761 } } // namespace v8::internal 2763 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/isolate.h ('k') | src/mips/lithium-codegen-mips.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698