| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/runtime/runtime-utils.h" | 5 #include "src/runtime/runtime-utils.h" |
| 6 | 6 |
| 7 #include "src/arguments.h" | 7 #include "src/arguments.h" |
| 8 #include "src/deoptimizer.h" | 8 #include "src/deoptimizer.h" |
| 9 #include "src/frames-inl.h" | 9 #include "src/frames-inl.h" |
| 10 #include "src/full-codegen/full-codegen.h" | 10 #include "src/full-codegen/full-codegen.h" |
| 11 #include "src/snapshot/natives.h" | 11 #include "src/snapshot/natives.h" |
| 12 | 12 |
| 13 namespace v8 { | 13 namespace v8 { |
| 14 namespace internal { | 14 namespace internal { |
| 15 | 15 |
| 16 RUNTIME_FUNCTION(Runtime_DeoptimizeFunction) { | 16 RUNTIME_FUNCTION(Runtime_DeoptimizeFunction) { |
| 17 HandleScope scope(isolate); | 17 HandleScope scope(isolate); |
| 18 DCHECK(args.length() == 1); | 18 DCHECK(args.length() == 1); |
| 19 CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); | 19 |
| 20 // This function is used by fuzzers to get coverage in compiler. |
| 21 // Ignore calls on non-function objects to avoid runtime errors. |
| 22 CONVERT_ARG_HANDLE_CHECKED(Object, function_object, 0); |
| 23 // If it is not a JSFunction, just return. |
| 24 if (!function_object->IsJSFunction()) { |
| 25 return isolate->heap()->undefined_value(); |
| 26 } |
| 27 Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); |
| 28 |
| 20 if (!function->IsOptimized()) return isolate->heap()->undefined_value(); | 29 if (!function->IsOptimized()) return isolate->heap()->undefined_value(); |
| 21 | 30 |
| 22 // TODO(turbofan): Deoptimization is not supported yet. | 31 // TODO(turbofan): Deoptimization is not supported yet. |
| 23 if (function->code()->is_turbofanned() && | 32 if (function->code()->is_turbofanned() && |
| 24 function->shared()->asm_function() && !FLAG_turbo_asm_deoptimization) { | 33 function->shared()->asm_function() && !FLAG_turbo_asm_deoptimization) { |
| 25 return isolate->heap()->undefined_value(); | 34 return isolate->heap()->undefined_value(); |
| 26 } | 35 } |
| 27 | 36 |
| 28 Deoptimizer::DeoptimizeFunction(*function); | 37 Deoptimizer::DeoptimizeFunction(*function); |
| 29 | 38 |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 77 SealHandleScope shs(isolate); | 86 SealHandleScope shs(isolate); |
| 78 DCHECK(args.length() == 0); | 87 DCHECK(args.length() == 0); |
| 79 return isolate->heap()->ToBoolean( | 88 return isolate->heap()->ToBoolean( |
| 80 isolate->concurrent_recompilation_enabled()); | 89 isolate->concurrent_recompilation_enabled()); |
| 81 } | 90 } |
| 82 | 91 |
| 83 | 92 |
| 84 RUNTIME_FUNCTION(Runtime_OptimizeFunctionOnNextCall) { | 93 RUNTIME_FUNCTION(Runtime_OptimizeFunctionOnNextCall) { |
| 85 HandleScope scope(isolate); | 94 HandleScope scope(isolate); |
| 86 RUNTIME_ASSERT(args.length() == 1 || args.length() == 2); | 95 RUNTIME_ASSERT(args.length() == 1 || args.length() == 2); |
| 87 CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); | 96 |
| 97 // This function is used by fuzzers to get coverage for optimizations |
| 98 // in compiler. Ignore calls on non-function objects to avoid runtime errors. |
| 99 CONVERT_ARG_HANDLE_CHECKED(Object, function_object, 0); |
| 100 // If it is not a JSFunction, just return. |
| 101 if (!function_object->IsJSFunction()) { |
| 102 return isolate->heap()->undefined_value(); |
| 103 } |
| 104 Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); |
| 105 |
| 88 // The following assertion was lifted from the DCHECK inside | 106 // The following assertion was lifted from the DCHECK inside |
| 89 // JSFunction::MarkForOptimization(). | 107 // JSFunction::MarkForOptimization(). |
| 90 RUNTIME_ASSERT(function->shared()->allows_lazy_compilation() || | 108 RUNTIME_ASSERT(function->shared()->allows_lazy_compilation() || |
| 91 (function->code()->kind() == Code::FUNCTION && | 109 (function->code()->kind() == Code::FUNCTION && |
| 92 !function->shared()->optimization_disabled())); | 110 !function->shared()->optimization_disabled())); |
| 93 | 111 |
| 94 // If the function is already optimized, just return. | 112 // If the function is already optimized, just return. |
| 95 if (function->IsOptimized()) return isolate->heap()->undefined_value(); | 113 if (function->IsOptimized()) return isolate->heap()->undefined_value(); |
| 96 | 114 |
| 97 function->MarkForOptimization(); | 115 function->MarkForOptimization(); |
| (...skipping 400 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 498 RUNTIME_FUNCTION(Runtime_HasFixed##Type##Elements) { \ | 516 RUNTIME_FUNCTION(Runtime_HasFixed##Type##Elements) { \ |
| 499 CONVERT_ARG_CHECKED(JSObject, obj, 0); \ | 517 CONVERT_ARG_CHECKED(JSObject, obj, 0); \ |
| 500 return isolate->heap()->ToBoolean(obj->HasFixed##Type##Elements()); \ | 518 return isolate->heap()->ToBoolean(obj->HasFixed##Type##Elements()); \ |
| 501 } | 519 } |
| 502 | 520 |
| 503 TYPED_ARRAYS(FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION) | 521 TYPED_ARRAYS(FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION) |
| 504 | 522 |
| 505 #undef FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION | 523 #undef FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION |
| 506 } // namespace internal | 524 } // namespace internal |
| 507 } // namespace v8 | 525 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1883603002:
OptimizeFunctionOnNextCall and DeoptimizeFunction ignore calls on non-JSFunction objects. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master