Chromium Code Reviews Chromium Code Reviews
Issue 2445333002:
Ensure slow properties for simple {__proto__:null} literals. (Closed)
| Index: src/ast/ast.cc |
| diff --git a/src/ast/ast.cc b/src/ast/ast.cc |
| index 6aaae04ea35bab04c21e3c78ba5af333e8c70f4c..85f8ae1fe850c9413df4a3eafb4692246fc4c30f 100644 |
| --- a/src/ast/ast.cc |
| +++ b/src/ast/ast.cc |
| @@ -495,7 +495,7 @@ void ObjectLiteral::AssignFeedbackSlots(FeedbackVectorSpec* spec, |
| ObjectLiteral::Property* property = properties()->at(property_index); |
| Expression* value = property->value(); |
| - if (property->kind() != ObjectLiteral::Property::PROTOTYPE) { |
| + if (!property->IsPrototype()) { |
| if (FunctionLiteral::NeedsHomeObject(value)) { |
| property->SetSlot(spec->AddStoreICSlot(language_mode)); |
| } |
| @@ -517,7 +517,7 @@ void ObjectLiteral::CalculateEmitStore(Zone* zone) { |
| for (int i = properties()->length() - 1; i >= 0; i--) { |
| ObjectLiteral::Property* property = properties()->at(i); |
| if (property->is_computed_name()) continue; |
| - if (property->kind() == ObjectLiteral::Property::PROTOTYPE) continue; |
| + if (property->IsPrototype()) continue; |
| Literal* literal = property->key()->AsLiteral(); |
| DCHECK(!literal->IsNullLiteral()); |
| @@ -539,14 +539,12 @@ void ObjectLiteral::CalculateEmitStore(Zone* zone) { |
| bool ObjectLiteral::IsBoilerplateProperty(ObjectLiteral::Property* property) { |
| - return property != NULL && |
| - property->kind() != ObjectLiteral::Property::PROTOTYPE; |
| + return property != NULL && !property->IsPrototype(); |
| } |
| void ObjectLiteral::InitDepthAndFlags() { |
| if (depth_ > 0) return; |
| - |
| - int position = 0; |
| + uint32_t position = 0; |
| // Accumulate the value in local variables and store it at the end. |
| bool is_simple = true; |
| int depth_acc = 1; |
| @@ -555,14 +553,24 @@ void ObjectLiteral::InitDepthAndFlags() { |
| for (int i = 0; i < properties()->length(); i++) { |
| ObjectLiteral::Property* property = properties()->at(i); |
| if (!IsBoilerplateProperty(property)) { |
|
Toon Verwaest
2017/03/20 14:47:11
This is actually just property->IsPrototype(). The
Camillo Bruni
2017/04/26 11:54:46
done.
|
| + // __proto__:null has no side-effects and is set directly on the |
| + // boilerplate. |
| + if (property->IsNullPrototype()) { |
| + set_has_null_protoype(true); |
| + continue; |
| + } |
| + DCHECK(!has_null_prototype()); |
| is_simple = false; |
| continue; |
| } |
| - |
| - if (static_cast<uint32_t>(position) == boilerplate_properties_ * 2) { |
| + // Only check for __proto__:null after the first computed property name. |
| + if (position > boilerplate_properties_) { |
|
Toon Verwaest
2017/03/20 14:47:11
What about simply doing a loop:
if (position == b
Camillo Bruni
2017/04/26 11:54:46
Added separate helper method.
I will still iterate
|
| + continue; |
| + } else if (position == boilerplate_properties_) { |
| DCHECK(property->is_computed_name()); |
| is_simple = false; |
| - break; |
| + position++; |
| + continue; |
| } |
| DCHECK(!property->is_computed_name()); |
| @@ -601,13 +609,12 @@ void ObjectLiteral::InitDepthAndFlags() { |
| elements++; |
| } |
| - // Increment the position for the key and the value. |
| - position += 2; |
| + position++; |
| } |
| - bit_field_ = FastElementsField::update( |
| - bit_field_, |
| - (max_element_index <= 32) || ((2 * elements) >= max_element_index)); |
| + set_fast_elements((max_element_index <= 32) || |
| + ((2 * elements) >= max_element_index)); |
| + set_has_elements(elements > 0); |
| bit_field_ = HasElementsField::update(bit_field_, elements > 0); |
|
Toon Verwaest
2017/03/20 14:47:11
Leftover code?
Camillo Bruni
2017/04/26 11:54:46
removed.
|
| set_is_simple(is_simple); |
