Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(92)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/ic.cc

Issue 35413006: Correct handling of arrays with callbacks in the prototype chain. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: A few test updates and simpler prototype updating. Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« src/ia32/ic-ia32.cc ('K') | « src/ia32/ic-ia32.cc ('k') | src/objects.h » ('j') | src/objects.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 1941 matching lines...) Expand 10 before | Expand all | Expand 10 after
1952 // runtime to enable optimization of element hole access. 1952 // runtime to enable optimization of element hole access.
1953 Handle<HeapObject> heap_object = Handle<HeapObject>::cast(object); 1953 Handle<HeapObject> heap_object = Handle<HeapObject>::cast(object);
1954 if (heap_object->map()->IsMapInArrayPrototypeChain()) use_ic = false; 1954 if (heap_object->map()->IsMapInArrayPrototypeChain()) use_ic = false;
1955 } 1955 }
1956 1956
1957 if (use_ic) { 1957 if (use_ic) {
1958 ASSERT(!object->IsJSGlobalProxy()); 1958 ASSERT(!object->IsJSGlobalProxy());
1959 1959
1960 Handle<Code> stub = generic_stub(); 1960 Handle<Code> stub = generic_stub();
1961 if (miss_mode != MISS_FORCE_GENERIC) { 1961 if (miss_mode != MISS_FORCE_GENERIC) {
1962 if (object->IsJSObject()) { 1962 bool indexed_callbacks = false;
1963 Handle<JSObject> receiver = Handle<JSObject>::cast(object); 1963 if (object->IsJSReceiver()) {
1964 bool key_is_smi_like = key->IsSmi() || !key->ToSmi()->IsFailure(); 1964 Handle<JSReceiver> receiver = Handle<JSReceiver>::cast(object);
1965 if (receiver->elements()->map() == 1965 if (receiver->map()->has_element_callbacks() ||
1966 isolate()->heap()->non_strict_arguments_elements_map()) { 1966 receiver->MayHaveIndexedCallbacksInPrototypeChain()) {
danno 2013/10/23 12:22:11 I think you can and should combine this with the I
danno 2013/10/23 12:22:11 Why doesn't MayHaveIndexedCallbacksInPrototypeChai
mvstanton 2013/10/30 10:42:42 Done.
mvstanton 2013/10/30 10:42:42 Done.
1967 stub = non_strict_arguments_stub(); 1967 indexed_callbacks = true;
1968 } else if (key_is_smi_like && 1968 }
1969 (!target().is_identical_to(non_strict_arguments_stub()))) { 1969 }
1970 KeyedAccessStoreMode store_mode = GetStoreMode(receiver, key, value); 1970
1971 stub = StoreElementStub(receiver, store_mode); 1971 if (!indexed_callbacks) {
1972 if (object->IsJSObject()) {
1973 Handle<JSObject> receiver = Handle<JSObject>::cast(object);
1974 bool key_is_smi_like = key->IsSmi() || !key->ToSmi()->IsFailure();
1975 if (receiver->elements()->map() ==
1976 isolate()->heap()->non_strict_arguments_elements_map()) {
1977 stub = non_strict_arguments_stub();
1978 } else if (key_is_smi_like &&
1979 (!target().is_identical_to(non_strict_arguments_stub()))) {
1980 KeyedAccessStoreMode store_mode = GetStoreMode(
1981 receiver, key, value);
1982 stub = StoreElementStub(receiver, store_mode);
1983 } else {
1984 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "key not a number");
1985 }
1972 } else { 1986 } else {
1973 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "key not a number"); 1987 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "not an object");
1974 } 1988 }
1975 } else { 1989 } else {
1976 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "not an object"); 1990 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC",
1991 "indexed callbacks in prototype chain");
1977 } 1992 }
1978 } else { 1993 } else {
1979 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "force generic"); 1994 TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "force generic");
1980 } 1995 }
1981 ASSERT(!stub.is_null()); 1996 ASSERT(!stub.is_null());
1982 set_target(*stub); 1997 set_target(*stub);
1983 TRACE_IC("StoreIC", key); 1998 TRACE_IC("StoreIC", key);
1984 } 1999 }
1985 2000
1986 return Runtime::SetObjectPropertyOrFail( 2001 return Runtime::SetObjectPropertyOrFail(
(...skipping 263 matching lines...) Expand 10 before | Expand all | Expand 10 after
2250 ic.UpdateState(receiver, key); 2265 ic.UpdateState(receiver, key);
2251 return ic.Store(receiver, key, args.at<Object>(2), MISS_FORCE_GENERIC); 2266 return ic.Store(receiver, key, args.at<Object>(2), MISS_FORCE_GENERIC);
2252 } 2267 }
2253 2268
2254 2269
2255 RUNTIME_FUNCTION(MaybeObject*, ElementsTransitionAndStoreIC_Miss) { 2270 RUNTIME_FUNCTION(MaybeObject*, ElementsTransitionAndStoreIC_Miss) {
2256 HandleScope scope(isolate); 2271 HandleScope scope(isolate);
2257 ASSERT(args.length() == 4); 2272 ASSERT(args.length() == 4);
2258 KeyedStoreIC ic(IC::EXTRA_CALL_FRAME, isolate); 2273 KeyedStoreIC ic(IC::EXTRA_CALL_FRAME, isolate);
2259 Handle<Object> value = args.at<Object>(0); 2274 Handle<Object> value = args.at<Object>(0);
2275 Handle<Map> map = args.at<Map>(1);
2260 Handle<Object> key = args.at<Object>(2); 2276 Handle<Object> key = args.at<Object>(2);
2261 Handle<Object> object = args.at<Object>(3); 2277 Handle<Object> object = args.at<Object>(3);
2262 StrictModeFlag strict_mode = ic.strict_mode(); 2278 StrictModeFlag strict_mode = ic.strict_mode();
2279 if (object->IsJSObject()) {
2280 JSObject::TransitionElementsKind(Handle<JSObject>::cast(object),
2281 map->elements_kind());
2282 }
2263 return Runtime::SetObjectProperty(isolate, 2283 return Runtime::SetObjectProperty(isolate,
2264 object, 2284 object,
2265 key, 2285 key,
2266 value, 2286 value,
2267 NONE, 2287 NONE,
2268 strict_mode); 2288 strict_mode);
2269 } 2289 }
2270 2290
2271 2291
2272 const char* BinaryOpIC::GetName(TypeInfo type_info) { 2292 const char* BinaryOpIC::GetName(TypeInfo type_info) {
(...skipping 440 matching lines...) Expand 10 before | Expand all | Expand 10 after
2713 #undef ADDR 2733 #undef ADDR
2714 }; 2734 };
2715 2735
2716 2736
2717 Address IC::AddressFromUtilityId(IC::UtilityId id) { 2737 Address IC::AddressFromUtilityId(IC::UtilityId id) {
2718 return IC_utilities[id]; 2738 return IC_utilities[id];
2719 } 2739 }
2720 2740
2721 2741
2722 } } // namespace v8::internal 2742 } } // namespace v8::internal
OLDNEW
« src/ia32/ic-ia32.cc ('K') | « src/ia32/ic-ia32.cc ('k') | src/objects.h » ('j') | src/objects.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698