Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(285)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/crankshaft/hydrogen.cc

Issue 2449243004: Merged: [compiler] Properly validate stable map assumption for globals. (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/compiler/js-global-object-specialization.cc ('k') | src/runtime/runtime-utils.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 the V8 project authors. All rights reserved. 1 // Copyright 2013 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/crankshaft/hydrogen.h" 5 #include "src/crankshaft/hydrogen.h"
6 6
7 #include <memory> 7 #include <memory>
8 #include <sstream> 8 #include <sstream>
9 9
10 #include "src/allocation-site-scopes.h" 10 #include "src/allocation-site-scopes.h"
(...skipping 6742 matching lines...) Expand 10 before | Expand all | Expand 10 after
6753 } 6753 }
6754 } 6754 }
6755 HConstant* cell_constant = Add<HConstant>(cell); 6755 HConstant* cell_constant = Add<HConstant>(cell);
6756 auto access = HObjectAccess::ForPropertyCellValue(); 6756 auto access = HObjectAccess::ForPropertyCellValue();
6757 if (cell_type == PropertyCellType::kConstantType) { 6757 if (cell_type == PropertyCellType::kConstantType) {
6758 switch (cell->GetConstantType()) { 6758 switch (cell->GetConstantType()) {
6759 case PropertyCellConstantType::kSmi: 6759 case PropertyCellConstantType::kSmi:
6760 access = access.WithRepresentation(Representation::Smi()); 6760 access = access.WithRepresentation(Representation::Smi());
6761 break; 6761 break;
6762 case PropertyCellConstantType::kStableMap: { 6762 case PropertyCellConstantType::kStableMap: {
6763 // The map may no longer be stable, deopt if it's ever different from 6763 // First check that the previous value of the {cell} still has the
6764 // what is currently there, which will allow for restablization. 6764 // map that we are about to check the new {value} for. If not, then
6765 Handle<Map> map(HeapObject::cast(cell->value())->map()); 6765 // the stable map assumption was invalidated and we cannot continue
6766 // with the optimized code.
6767 Handle<HeapObject> cell_value(HeapObject::cast(cell->value()));
6768 Handle<Map> cell_value_map(cell_value->map());
6769 if (!cell_value_map->is_stable()) {
6770 return Bailout(kUnstableConstantTypeHeapObject);
6771 }
6772 top_info()->dependencies()->AssumeMapStable(cell_value_map);
6773 // Now check that the new {value} is a HeapObject with the same map.
6766 Add<HCheckHeapObject>(value); 6774 Add<HCheckHeapObject>(value);
6767 value = Add<HCheckMaps>(value, map); 6775 value = Add<HCheckMaps>(value, cell_value_map);
6768 access = access.WithRepresentation(Representation::HeapObject()); 6776 access = access.WithRepresentation(Representation::HeapObject());
6769 break; 6777 break;
6770 } 6778 }
6771 } 6779 }
6772 } 6780 }
6773 HInstruction* instr = Add<HStoreNamedField>(cell_constant, access, value); 6781 HInstruction* instr = Add<HStoreNamedField>(cell_constant, access, value);
6774 instr->ClearChangesFlag(kInobjectFields); 6782 instr->ClearChangesFlag(kInobjectFields);
6775 instr->SetChangesFlag(kGlobalVars); 6783 instr->SetChangesFlag(kGlobalVars);
6776 if (instr->HasObservableSideEffects()) { 6784 if (instr->HasObservableSideEffects()) {
6777 Add<HSimulate>(ast_id, REMOVABLE_SIMULATE); 6785 Add<HSimulate>(ast_id, REMOVABLE_SIMULATE);
(...skipping 6500 matching lines...) Expand 10 before | Expand all | Expand 10 after
13278 isolate()->GetHTracer()->TraceHydrogen(name(), graph_); 13286 isolate()->GetHTracer()->TraceHydrogen(name(), graph_);
13279 } 13287 }
13280 13288
13281 #ifdef DEBUG 13289 #ifdef DEBUG
13282 graph_->Verify(false); // No full verify. 13290 graph_->Verify(false); // No full verify.
13283 #endif 13291 #endif
13284 } 13292 }
13285 13293
13286 } // namespace internal 13294 } // namespace internal
13287 } // namespace v8 13295 } // namespace v8
OLDNEW
« no previous file with comments | « src/compiler/js-global-object-specialization.cc ('k') | src/runtime/runtime-utils.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698