src/builtins/builtins-constructor.cc - Issue 2445333002: Ensure slow properties for simple {__proto__:null} literals.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/builtins/builtins-constructor.cc

Issue 2445333002: Ensure slow properties for simple {__proto__:null} literals. (Closed)

Patch Set: addressing nits Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: src/builtins/builtins-constructor.cc

diff --git a/src/builtins/builtins-constructor.cc b/src/builtins/builtins-constructor.cc

index 0d303c90c156b3dad8c11e8dc70469bfe49ea05a..ae6dd2d6e1ce51df9905e66b162430705fef092b 100644

--- a/src/builtins/builtins-constructor.cc

+++ b/src/builtins/builtins-constructor.cc

@@ -714,7 +714,6 @@ Node* ConstructorBuiltinsAssembler::EmitFastCloneShallowObject(

offset.Bind(IntPtrAdd(offset.value(), IntPtrConstant(kPointerSize)));

GotoIfNot(IntPtrGreaterThanOrEqual(offset.value(), end_offset), &loop_body);

}

if (FLAG_allocation_site_pretenuring) {

Node* memento = InnerAllocate(copy, object_size);

StoreMapNoWriteBarrier(memento, Heap::kAllocationMementoMapRootIndex);

@@ -729,6 +728,24 @@ Node* ConstructorBuiltinsAssembler::EmitFastCloneShallowObject(

memento_create_count);

}

+ // Directly copy over the property store for dict-mode boilerplates.

+ Label dict_properties(this), done(this);

+ Branch(IsDictionaryMap(boilerplate_map), &dict_properties, &done);

+ Bind(&dict_properties);

+ {

+ Comment("Copy boilderplate property dict");

+ Node* boilerplate_properties = LoadProperties(boilerplate);

+ // TODO(cbruni): Use inner allocate for name dictionary

+ Node* properties = AllocateNameDictionary(

+ SmiUntag(GetCapacity<NameDictionary>(boilerplate_properties)));

+ CopyFixedArrayElements(FAST_ELEMENTS, boilerplate_properties, properties,

+ LoadFixedArrayBaseLength(boilerplate_properties),

+ SKIP_WRITE_BARRIER, SMI_PARAMETERS);

Toon Verwaest 2017/03/14 13:27:47 With black allocation I'm not sure this is safe if

Camillo Bruni 2017/03/17 16:40:55 Adding separate helper to make the contract cleare

+ StoreObjectField(copy, JSObject::kPropertiesOffset, properties);

+ Goto(&done);

+ }

+ Bind(&done);

// TODO(verwaest): Allocate and fill in double boxes.

return copy;

}