src/compiler/js-builtin-reducer.cc - Issue 2511223003: [turbofan] Properly optimize instanceof (even in the presence of @@hasInstance).

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/compiler/js-builtin-reducer.cc

Issue 2511223003: [turbofan] Properly optimize instanceof (even in the presence of @@hasInstance). (Closed)

Patch Set: Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/compiler/js-builtin-reducer.cc

diff --git a/src/compiler/js-builtin-reducer.cc b/src/compiler/js-builtin-reducer.cc

index a7e05b8bfeebc027a180b3976a6d55b909986c62..dc6eb1464f21ba2a8c211f6245ce2ba7d3302fa0 100644

--- a/src/compiler/js-builtin-reducer.cc

+++ b/src/compiler/js-builtin-reducer.cc

@@ -962,6 +962,34 @@ Reduction JSBuiltinReducer::ReduceDateGetTime(Node* node) {

return NoChange();

}

+// ES6 section 19.2.3.6 Function.prototype [ @@hasInstance ] ( V )

+Reduction JSBuiltinReducer::ReduceFunctionHasInstance(Node* node) {

+ Node* receiver = NodeProperties::GetValueInput(node, 1);

+ Node* object = (node->op()->ValueInputCount() >= 3)

+ ? NodeProperties::GetValueInput(node, 2)

+ : jsgraph()->UndefinedConstant();

+ Node* context = NodeProperties::GetContextInput(node);

+ Node* frame_state = NodeProperties::GetFrameStateInput(node);

+ Node* effect = NodeProperties::GetEffectInput(node);

+ Node* control = NodeProperties::GetControlInput(node);

+ // TODO(turbofan): If JSOrdinaryToInstance raises an exception, the

+ // stack trace doesn't contain the @@hasInstance call; we have the

+ // corresponding bug in the baseline case. Some massaging of the frame

+ // state would be necessary here.

+ // Morph this {node} into a JSOrdinaryHasInstance node.

+ node->ReplaceInput(0, receiver);

+ node->ReplaceInput(1, object);

+ node->ReplaceInput(2, context);

+ node->ReplaceInput(3, frame_state);

+ node->ReplaceInput(4, effect);

+ node->ReplaceInput(5, control);

+ node->TrimInputCount(6);

+ NodeProperties::ChangeOp(node, javascript()->OrdinaryHasInstance());

+ return Changed(node);

// ES6 section 18.2.2 isFinite ( number )

Reduction JSBuiltinReducer::ReduceGlobalIsFinite(Node* node) {

JSCallReduction r(node);

@@ -1845,6 +1873,9 @@ Reduction JSBuiltinReducer::Reduce(Node* node) {

return ReduceArrayPush(node);

case kDateGetTime:

return ReduceDateGetTime(node);

+ case kFunctionHasInstance:

+ return ReduceFunctionHasInstance(node);

+ break;

case kGlobalIsFinite:

reduction = ReduceGlobalIsFinite(node);

break;

« no previous file with comments | « src/compiler/js-builtin-reducer.h ('k') | src/compiler/js-generic-lowering.cc » ('j') | src/compiler/js-native-context-specialization.cc » ('J')