| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_PPC | 5 #if V8_TARGET_ARCH_PPC |
| 6 | 6 |
| 7 #include "src/base/bits.h" | 7 #include "src/base/bits.h" |
| 8 #include "src/bootstrapper.h" | 8 #include "src/bootstrapper.h" |
| 9 #include "src/code-stubs.h" | 9 #include "src/code-stubs.h" |
| 10 #include "src/codegen.h" | 10 #include "src/codegen.h" |
| (...skipping 1440 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1451 __ AssertNotSmi(function_prototype); | 1451 __ AssertNotSmi(function_prototype); |
| 1452 | 1452 |
| 1453 // Update the global instanceof cache with the current {object} map and | 1453 // Update the global instanceof cache with the current {object} map and |
| 1454 // {function}. The cached answer will be set when it is known below. | 1454 // {function}. The cached answer will be set when it is known below. |
| 1455 __ StoreRoot(function, Heap::kInstanceofCacheFunctionRootIndex); | 1455 __ StoreRoot(function, Heap::kInstanceofCacheFunctionRootIndex); |
| 1456 __ StoreRoot(object_map, Heap::kInstanceofCacheMapRootIndex); | 1456 __ StoreRoot(object_map, Heap::kInstanceofCacheMapRootIndex); |
| 1457 | 1457 |
| 1458 // Loop through the prototype chain looking for the {function} prototype. | 1458 // Loop through the prototype chain looking for the {function} prototype. |
| 1459 // Assume true, and change to false if not found. | 1459 // Assume true, and change to false if not found. |
| 1460 Register const object_instance_type = function_map; | 1460 Register const object_instance_type = function_map; |
| 1461 Register const map_bit_field = function_map; |
| 1461 Register const null = scratch; | 1462 Register const null = scratch; |
| 1462 Register const result = r3; | 1463 Register const result = r3; |
| 1463 Label done, loop, proxy_case; | 1464 |
| 1465 Label done, loop, fast_runtime_fallback; |
| 1464 __ LoadRoot(result, Heap::kTrueValueRootIndex); | 1466 __ LoadRoot(result, Heap::kTrueValueRootIndex); |
| 1465 __ LoadRoot(null, Heap::kNullValueRootIndex); | 1467 __ LoadRoot(null, Heap::kNullValueRootIndex); |
| 1466 __ bind(&loop); | 1468 __ bind(&loop); |
| 1469 |
| 1470 // Check if the object needs to be access checked. |
| 1471 __ lbz(map_bit_field, FieldMemOperand(object_map, Map::kBitFieldOffset)); |
| 1472 __ TestBit(map_bit_field, Map::kIsCallable, r0); |
| 1473 __ bne(&fast_runtime_fallback, cr0); |
| 1474 // Check if the current object is a Proxy. |
| 1467 __ CompareInstanceType(object_map, object_instance_type, JS_PROXY_TYPE); | 1475 __ CompareInstanceType(object_map, object_instance_type, JS_PROXY_TYPE); |
| 1468 __ beq(&proxy_case); | 1476 __ beq(&fast_runtime_fallback); |
| 1477 |
| 1469 __ LoadP(object, FieldMemOperand(object_map, Map::kPrototypeOffset)); | 1478 __ LoadP(object, FieldMemOperand(object_map, Map::kPrototypeOffset)); |
| 1470 __ cmp(object, function_prototype); | 1479 __ cmp(object, function_prototype); |
| 1471 __ beq(&done); | 1480 __ beq(&done); |
| 1472 __ cmp(object, null); | 1481 __ cmp(object, null); |
| 1473 __ LoadP(object_map, FieldMemOperand(object, HeapObject::kMapOffset)); | 1482 __ LoadP(object_map, FieldMemOperand(object, HeapObject::kMapOffset)); |
| 1474 __ bne(&loop); | 1483 __ bne(&loop); |
| 1475 __ LoadRoot(result, Heap::kFalseValueRootIndex); | 1484 __ LoadRoot(result, Heap::kFalseValueRootIndex); |
| 1476 __ bind(&done); | 1485 __ bind(&done); |
| 1477 __ StoreRoot(result, Heap::kInstanceofCacheAnswerRootIndex); | 1486 __ StoreRoot(result, Heap::kInstanceofCacheAnswerRootIndex); |
| 1478 __ Ret(); | 1487 __ Ret(); |
| 1479 | 1488 |
| 1480 // Proxy-case: Call the %HasInPrototypeChain runtime function. | 1489 // Found Proxy or access check needed: Call the runtime |
| 1481 __ bind(&proxy_case); | 1490 __ bind(&fast_runtime_fallback); |
| 1482 __ Push(object, function_prototype); | 1491 __ Push(object, function_prototype); |
| 1483 // Invalidate the instanceof cache. | 1492 // Invalidate the instanceof cache. |
| 1484 __ LoadSmiLiteral(scratch, Smi::FromInt(0)); | 1493 __ LoadSmiLiteral(scratch, Smi::FromInt(0)); |
| 1485 __ StoreRoot(scratch, Heap::kInstanceofCacheFunctionRootIndex); | 1494 __ StoreRoot(scratch, Heap::kInstanceofCacheFunctionRootIndex); |
| 1486 __ TailCallRuntime(Runtime::kHasInPrototypeChain, 2, 1); | 1495 __ TailCallRuntime(Runtime::kHasInPrototypeChain, 2, 1); |
| 1487 | 1496 |
| 1488 // Slow-case: Call the %InstanceOf runtime function. | 1497 // Slow-case: Call the %InstanceOf runtime function. |
| 1489 __ bind(&slow_case); | 1498 __ bind(&slow_case); |
| 1490 __ Push(object, function); | 1499 __ Push(object, function); |
| 1491 __ TailCallRuntime(Runtime::kInstanceOf, 2, 1); | 1500 __ TailCallRuntime(Runtime::kInstanceOf, 2, 1); |
| (...skipping 4146 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5638 kStackUnwindSpace, NULL, | 5647 kStackUnwindSpace, NULL, |
| 5639 MemOperand(fp, 6 * kPointerSize), NULL); | 5648 MemOperand(fp, 6 * kPointerSize), NULL); |
| 5640 } | 5649 } |
| 5641 | 5650 |
| 5642 | 5651 |
| 5643 #undef __ | 5652 #undef __ |
| 5644 } // namespace internal | 5653 } // namespace internal |
| 5645 } // namespace v8 | 5654 } // namespace v8 |
| 5646 | 5655 |
| 5647 #endif // V8_TARGET_ARCH_PPC | 5656 #endif // V8_TARGET_ARCH_PPC |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1521953002:
[proxies] fix access issue when having proxies on the prototype-chain of global objects. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master