| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/compiler/js-builtin-reducer.h" | 5 #include "src/compiler/js-builtin-reducer.h" |
| 6 | 6 |
| 7 #include "src/base/bits.h" | 7 #include "src/base/bits.h" |
| 8 #include "src/code-factory.h" | 8 #include "src/code-factory.h" |
| 9 #include "src/compilation-dependencies.h" | 9 #include "src/compilation-dependencies.h" |
| 10 #include "src/compiler/access-builder.h" | 10 #include "src/compiler/access-builder.h" |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 jsgraph_(jsgraph), | 106 jsgraph_(jsgraph), |
| 107 native_context_(native_context), | 107 native_context_(native_context), |
| 108 type_cache_(TypeCache::Get()) {} | 108 type_cache_(TypeCache::Get()) {} |
| 109 | 109 |
| 110 namespace { | 110 namespace { |
| 111 | 111 |
| 112 MaybeHandle<Map> GetMapWitness(Node* node) { | 112 MaybeHandle<Map> GetMapWitness(Node* node) { |
| 113 ZoneHandleSet<Map> maps; | 113 ZoneHandleSet<Map> maps; |
| 114 Node* receiver = NodeProperties::GetValueInput(node, 1); | 114 Node* receiver = NodeProperties::GetValueInput(node, 1); |
| 115 Node* effect = NodeProperties::GetEffectInput(node); | 115 Node* effect = NodeProperties::GetEffectInput(node); |
| 116 if (NodeProperties::InferReceiverMaps(receiver, effect, &maps)) { | 116 NodeProperties::InferReceiverMapsResult result = |
| 117 if (maps.size() == 1) return MaybeHandle<Map>(maps[0]); | 117 NodeProperties::InferReceiverMaps(receiver, effect, &maps); |
| 118 if (result == NodeProperties::kReliableReceiverMaps && maps.size() == 1) { |
| 119 return maps[0]; |
| 118 } | 120 } |
| 119 return MaybeHandle<Map>(); | 121 return MaybeHandle<Map>(); |
| 120 } | 122 } |
| 121 | 123 |
| 122 // TODO(turbofan): This was copied from Crankshaft, might be too restrictive. | 124 // TODO(turbofan): This was copied from Crankshaft, might be too restrictive. |
| 123 bool IsReadOnlyLengthDescriptor(Handle<Map> jsarray_map) { | 125 bool IsReadOnlyLengthDescriptor(Handle<Map> jsarray_map) { |
| 124 DCHECK(!jsarray_map->is_dictionary_map()); | 126 DCHECK(!jsarray_map->is_dictionary_map()); |
| 125 Isolate* isolate = jsarray_map->GetIsolate(); | 127 Isolate* isolate = jsarray_map->GetIsolate(); |
| 126 Handle<Name> length_string = isolate->factory()->length_string(); | 128 Handle<Name> length_string = isolate->factory()->length_string(); |
| 127 DescriptorArray* descriptors = jsarray_map->instance_descriptors(); | 129 DescriptorArray* descriptors = jsarray_map->instance_descriptors(); |
| (...skipping 2216 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2344 return jsgraph()->simplified(); | 2346 return jsgraph()->simplified(); |
| 2345 } | 2347 } |
| 2346 | 2348 |
| 2347 JSOperatorBuilder* JSBuiltinReducer::javascript() const { | 2349 JSOperatorBuilder* JSBuiltinReducer::javascript() const { |
| 2348 return jsgraph()->javascript(); | 2350 return jsgraph()->javascript(); |
| 2349 } | 2351 } |
| 2350 | 2352 |
| 2351 } // namespace compiler | 2353 } // namespace compiler |
| 2352 } // namespace internal | 2354 } // namespace internal |
| 2353 } // namespace v8 | 2355 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2839873004:
[turbofan] Fix buggy implicit coercion in GetMapWitness. (Closed)
