Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/full-codegen/x64/full-codegen-x64.cc

Issue 1358393004: Remove crash-hunting instrumentation that has served its purpose. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: remove unused variable Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/builtins.cc ('k') | src/hydrogen.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #if V8_TARGET_ARCH_X64 5 #if V8_TARGET_ARCH_X64
6 6
7 #include "src/code-factory.h" 7 #include "src/code-factory.h"
8 #include "src/code-stubs.h" 8 #include "src/code-stubs.h"
9 #include "src/codegen.h" 9 #include "src/codegen.h"
10 #include "src/compiler.h" 10 #include "src/compiler.h"
(...skipping 2224 matching lines...) Expand 10 before | Expand all | Expand 10 after
2235 done ? Heap::kTrueValueRootIndex : Heap::kFalseValueRootIndex); 2235 done ? Heap::kTrueValueRootIndex : Heap::kFalseValueRootIndex);
2236 STATIC_ASSERT(JSIteratorResult::kSize == 5 * kPointerSize); 2236 STATIC_ASSERT(JSIteratorResult::kSize == 5 * kPointerSize);
2237 } 2237 }
2238 2238
2239 2239
2240 void FullCodeGenerator::EmitNamedPropertyLoad(Property* prop) { 2240 void FullCodeGenerator::EmitNamedPropertyLoad(Property* prop) {
2241 SetExpressionPosition(prop); 2241 SetExpressionPosition(prop);
2242 Literal* key = prop->key()->AsLiteral(); 2242 Literal* key = prop->key()->AsLiteral();
2243 DCHECK(!prop->IsSuperAccess()); 2243 DCHECK(!prop->IsSuperAccess());
2244 2244
2245 // See comment below.
2246 if (FeedbackVector()->GetIndex(prop->PropertyFeedbackSlot()) == 6) {
2247 __ Push(LoadDescriptor::ReceiverRegister());
2248 }
2249
2250 __ Move(LoadDescriptor::NameRegister(), key->value()); 2245 __ Move(LoadDescriptor::NameRegister(), key->value());
2251 __ Move(LoadDescriptor::SlotRegister(), 2246 __ Move(LoadDescriptor::SlotRegister(),
2252 SmiFromSlot(prop->PropertyFeedbackSlot())); 2247 SmiFromSlot(prop->PropertyFeedbackSlot()));
2253 CallLoadIC(NOT_INSIDE_TYPEOF, language_mode()); 2248 CallLoadIC(NOT_INSIDE_TYPEOF, language_mode());
2254
2255 // Sanity check: The loaded value must be a JS-exposed kind of object,
2256 // not something internal (like a Map, or FixedArray). Check this here
2257 // to chase after a rare but recurring crash bug. It seems to always
2258 // occur for functions beginning with "this.foo.bar()", so be selective
2259 // and only insert the check for the first LoadIC (identified by slot).
2260 // TODO(chromium:527994): Remove this when we have a few crash reports.
2261 // Don't forget to remove the Push() above as well!
2262 if (FeedbackVector()->GetIndex(prop->PropertyFeedbackSlot()) == 6) {
2263 __ Pop(LoadDescriptor::ReceiverRegister());
2264
2265 Label ok, sound_alarm;
2266 __ JumpIfSmi(rax, &ok, Label::kNear);
2267 __ movp(rbx, FieldOperand(rax, HeapObject::kMapOffset));
2268 __ CompareRoot(rbx, Heap::kMetaMapRootIndex);
2269 __ j(equal, &sound_alarm);
2270 __ CompareRoot(rbx, Heap::kFixedArrayMapRootIndex);
2271 __ j(not_equal, &ok, Label::kNear);
2272
2273 __ bind(&sound_alarm);
2274 __ Push(Smi::FromInt(0xaabbccdd));
2275 __ Push(LoadDescriptor::ReceiverRegister());
2276 __ movp(rbx, FieldOperand(LoadDescriptor::ReceiverRegister(),
2277 HeapObject::kMapOffset));
2278 __ Push(rbx);
2279 __ movp(rbx, FieldOperand(LoadDescriptor::ReceiverRegister(),
2280 JSObject::kPropertiesOffset));
2281 __ Push(rbx);
2282 __ int3();
2283
2284 __ bind(&ok);
2285 }
2286 } 2249 }
2287 2250
2288 2251
2289 void FullCodeGenerator::EmitNamedSuperPropertyLoad(Property* prop) { 2252 void FullCodeGenerator::EmitNamedSuperPropertyLoad(Property* prop) {
2290 // Stack: receiver, home_object 2253 // Stack: receiver, home_object
2291 SetExpressionPosition(prop); 2254 SetExpressionPosition(prop);
2292 Literal* key = prop->key()->AsLiteral(); 2255 Literal* key = prop->key()->AsLiteral();
2293 DCHECK(!key->value()->IsSmi()); 2256 DCHECK(!key->value()->IsSmi());
2294 DCHECK(prop->IsSuperAccess()); 2257 DCHECK(prop->IsSuperAccess());
2295 2258
(...skipping 2889 matching lines...) Expand 10 before | Expand all | Expand 10 after
5185 Assembler::target_address_at(call_target_address, 5148 Assembler::target_address_at(call_target_address,
5186 unoptimized_code)); 5149 unoptimized_code));
5187 return OSR_AFTER_STACK_CHECK; 5150 return OSR_AFTER_STACK_CHECK;
5188 } 5151 }
5189 5152
5190 5153
5191 } // namespace internal 5154 } // namespace internal
5192 } // namespace v8 5155 } // namespace v8
5193 5156
5194 #endif // V8_TARGET_ARCH_X64 5157 #endif // V8_TARGET_ARCH_X64
OLDNEW
« no previous file with comments | « src/builtins.cc ('k') | src/hydrogen.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698