Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(431)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/x64/code-stubs-x64.cc

Issue 1521953002: [proxies] fix access issue when having proxies on the prototype-chain of global objects. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: ppc code mess Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« src/prototype.h ('K') | « src/prototype.h ('k') | src/x87/code-stubs-x87.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 the V8 project authors. All rights reserved. 1 // Copyright 2013 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #if V8_TARGET_ARCH_X64 5 #if V8_TARGET_ARCH_X64
6 6
7 #include "src/bootstrapper.h" 7 #include "src/bootstrapper.h"
8 #include "src/code-stubs.h" 8 #include "src/code-stubs.h"
9 #include "src/codegen.h" 9 #include "src/codegen.h"
10 #include "src/ic/handler-compiler.h" 10 #include "src/ic/handler-compiler.h"
(...skipping 2499 matching lines...) Expand 10 before | Expand all | Expand 10 after
2510 __ bind(&function_prototype_valid); 2510 __ bind(&function_prototype_valid);
2511 __ AssertNotSmi(function_prototype); 2511 __ AssertNotSmi(function_prototype);
2512 2512
2513 // Update the global instanceof cache with the current {object} map and 2513 // Update the global instanceof cache with the current {object} map and
2514 // {function}. The cached answer will be set when it is known below. 2514 // {function}. The cached answer will be set when it is known below.
2515 __ StoreRoot(function, Heap::kInstanceofCacheFunctionRootIndex); 2515 __ StoreRoot(function, Heap::kInstanceofCacheFunctionRootIndex);
2516 __ StoreRoot(object_map, Heap::kInstanceofCacheMapRootIndex); 2516 __ StoreRoot(object_map, Heap::kInstanceofCacheMapRootIndex);
2517 2517
2518 // Loop through the prototype chain looking for the {function} prototype. 2518 // Loop through the prototype chain looking for the {function} prototype.
2519 // Assume true, and change to false if not found. 2519 // Assume true, and change to false if not found.
2520 Label done, loop, proxy_case; 2520 Label done, loop, fast_runtime_fallback;
2521 __ LoadRoot(rax, Heap::kTrueValueRootIndex); 2521 __ LoadRoot(rax, Heap::kTrueValueRootIndex);
2522 __ bind(&loop); 2522 __ bind(&loop);
2523
2524 __ testb(FieldOperand(object_map, Map::kBitFieldOffset),
2525 Immediate(1 << Map::kIsAccessCheckNeeded));
2526 __ j(not_zero, &fast_runtime_fallback, Label::kNear);
2523 __ CmpInstanceType(object_map, JS_PROXY_TYPE); 2527 __ CmpInstanceType(object_map, JS_PROXY_TYPE);
2524 __ j(equal, &proxy_case, Label::kNear); 2528 __ j(equal, &fast_runtime_fallback, Label::kNear);
2529
2525 __ movp(object, FieldOperand(object_map, Map::kPrototypeOffset)); 2530 __ movp(object, FieldOperand(object_map, Map::kPrototypeOffset));
2526 __ cmpp(object, function_prototype); 2531 __ cmpp(object, function_prototype);
2527 __ j(equal, &done, Label::kNear); 2532 __ j(equal, &done, Label::kNear);
2528 __ CompareRoot(object, Heap::kNullValueRootIndex); 2533 __ CompareRoot(object, Heap::kNullValueRootIndex);
2529 __ movp(object_map, FieldOperand(object, HeapObject::kMapOffset)); 2534 __ movp(object_map, FieldOperand(object, HeapObject::kMapOffset));
2530 __ j(not_equal, &loop); 2535 __ j(not_equal, &loop);
2531 __ LoadRoot(rax, Heap::kFalseValueRootIndex); 2536 __ LoadRoot(rax, Heap::kFalseValueRootIndex);
2532 __ bind(&done); 2537 __ bind(&done);
2533 __ StoreRoot(rax, Heap::kInstanceofCacheAnswerRootIndex); 2538 __ StoreRoot(rax, Heap::kInstanceofCacheAnswerRootIndex);
2534 __ ret(0); 2539 __ ret(0);
2535 2540
2536 // Proxy-case: Call the %HasInPrototypeChain runtime function. 2541 // Found Proxy or access check needed: Call the runtime.
2537 __ bind(&proxy_case); 2542 __ bind(&fast_runtime_fallback);
2538 __ PopReturnAddressTo(kScratchRegister); 2543 __ PopReturnAddressTo(kScratchRegister);
2539 __ Push(object); 2544 __ Push(object);
2540 __ Push(function_prototype); 2545 __ Push(function_prototype);
2541 __ PushReturnAddressFrom(kScratchRegister); 2546 __ PushReturnAddressFrom(kScratchRegister);
2542 // Invalidate the instanceof cache. 2547 // Invalidate the instanceof cache.
2543 __ Move(rax, Smi::FromInt(0)); 2548 __ Move(rax, Smi::FromInt(0));
2544 __ StoreRoot(rax, Heap::kInstanceofCacheFunctionRootIndex); 2549 __ StoreRoot(rax, Heap::kInstanceofCacheFunctionRootIndex);
2545 __ TailCallRuntime(Runtime::kHasInPrototypeChain, 2, 1); 2550 __ TailCallRuntime(Runtime::kHasInPrototypeChain, 2, 1);
2546 2551
2547 // Slow-case: Call the %InstanceOf runtime function. 2552 // Slow-case: Call the %InstanceOf runtime function.
(...skipping 2845 matching lines...) Expand 10 before | Expand all | Expand 10 after
5393 kStackSpace, nullptr, return_value_operand, NULL); 5398 kStackSpace, nullptr, return_value_operand, NULL);
5394 } 5399 }
5395 5400
5396 5401
5397 #undef __ 5402 #undef __
5398 5403
5399 } // namespace internal 5404 } // namespace internal
5400 } // namespace v8 5405 } // namespace v8
5401 5406
5402 #endif // V8_TARGET_ARCH_X64 5407 #endif // V8_TARGET_ARCH_X64
OLDNEW
« src/prototype.h ('K') | « src/prototype.h ('k') | src/x87/code-stubs-x87.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698