| Index: src/type-feedback-vector.cc
|
| diff --git a/src/type-feedback-vector.cc b/src/type-feedback-vector.cc
|
| index 04459acf1556eaa0953320d42244635dae041d9a..ac584ad8a79dcbc42200258f8887f72f502b183a 100644
|
| --- a/src/type-feedback-vector.cc
|
| +++ b/src/type-feedback-vector.cc
|
| @@ -327,50 +327,6 @@ void TypeFeedbackVector::ClearSlotsImpl(SharedFunctionInfo* shared,
|
|
|
|
|
| // static
|
| -void TypeFeedbackVector::ClearAllKeyedStoreICs(Isolate* isolate) {
|
| - SharedFunctionInfo::Iterator iterator(isolate);
|
| - SharedFunctionInfo* shared;
|
| - while ((shared = iterator.Next())) {
|
| - if (!shared->OptimizedCodeMapIsCleared()) {
|
| - FixedArray* optimized_code_map = shared->optimized_code_map();
|
| - int length = optimized_code_map->length();
|
| - for (int i = SharedFunctionInfo::kEntriesStart; i < length;
|
| - i += SharedFunctionInfo::kEntryLength) {
|
| - WeakCell* cell = WeakCell::cast(
|
| - optimized_code_map->get(i + SharedFunctionInfo::kLiteralsOffset));
|
| - if (cell->value()->IsLiteralsArray()) {
|
| - TypeFeedbackVector* vector =
|
| - LiteralsArray::cast(cell->value())->feedback_vector();
|
| - vector->ClearKeyedStoreICs(shared);
|
| - }
|
| - }
|
| - }
|
| - }
|
| -}
|
| -
|
| -
|
| -void TypeFeedbackVector::ClearKeyedStoreICs(SharedFunctionInfo* shared) {
|
| - Isolate* isolate = GetIsolate();
|
| -
|
| - Code* host = shared->code();
|
| - Object* uninitialized_sentinel =
|
| - TypeFeedbackVector::RawUninitializedSentinel(isolate);
|
| -
|
| - TypeFeedbackMetadataIterator iter(metadata());
|
| - while (iter.HasNext()) {
|
| - FeedbackVectorSlot slot = iter.Next();
|
| - FeedbackVectorSlotKind kind = iter.kind();
|
| - if (kind != FeedbackVectorSlotKind::KEYED_STORE_IC) continue;
|
| - Object* obj = Get(slot);
|
| - if (obj != uninitialized_sentinel) {
|
| - KeyedStoreICNexus nexus(this, slot);
|
| - nexus.Clear(host);
|
| - }
|
| - }
|
| -}
|
| -
|
| -
|
| -// static
|
| Handle<TypeFeedbackVector> TypeFeedbackVector::DummyVector(Isolate* isolate) {
|
| return isolate->factory()->dummy_vector();
|
| }
|
| @@ -760,10 +716,9 @@ void KeyedStoreICNexus::ConfigurePolymorphic(Handle<Name> name,
|
| InstallHandlers(array, maps, handlers);
|
| }
|
|
|
| -
|
| void KeyedStoreICNexus::ConfigurePolymorphic(MapHandleList* maps,
|
| MapHandleList* transitioned_maps,
|
| - CodeHandleList* handlers) {
|
| + List<Handle<Object>>* handlers) {
|
| int receiver_count = maps->length();
|
| DCHECK(receiver_count > 1);
|
| Handle<FixedArray> array = EnsureArrayOfSize(receiver_count * 3);
|
| @@ -960,7 +915,14 @@ KeyedAccessStoreMode KeyedStoreICNexus::GetKeyedAccessStoreMode() const {
|
| FindHandlers(&handlers, maps.length());
|
| for (int i = 0; i < handlers.length(); i++) {
|
| // The first handler that isn't the slow handler will have the bits we need.
|
| - Handle<Code> handler = Handle<Code>::cast(handlers.at(i));
|
| + Handle<Object> maybe_code_handler = handlers.at(i);
|
| + Handle<Code> handler;
|
| + if (maybe_code_handler->IsTuple2()) {
|
| + Handle<Tuple2> data_handler = Handle<Tuple2>::cast(maybe_code_handler);
|
| + handler = handle(Code::cast(data_handler->value2()));
|
| + } else {
|
| + handler = Handle<Code>::cast(maybe_code_handler);
|
| + }
|
| CodeStub::Major major_key = CodeStub::MajorKeyFromKey(handler->stub_key());
|
| uint32_t minor_key = CodeStub::MinorKeyFromKey(handler->stub_key());
|
| CHECK(major_key == CodeStub::KeyedStoreSloppyArguments ||
|
|
|
Chromium Code Reviews
Issue 2534613002:
[ic] Use validity cells to protect keyed element stores against object's prototype chain modificati… (Closed)
