| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/v8.h" | 5 #include "src/v8.h" |
| 6 | 6 |
| 7 #if V8_TARGET_ARCH_IA32 | 7 #if V8_TARGET_ARCH_IA32 |
| 8 | 8 |
| 9 #include "src/ic/call-optimization.h" | 9 #include "src/ic/call-optimization.h" |
| 10 #include "src/ic/handler-compiler.h" | 10 #include "src/ic/handler-compiler.h" |
| (...skipping 481 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 492 // Go to the next object in the prototype chain. | 492 // Go to the next object in the prototype chain. |
| 493 current = prototype; | 493 current = prototype; |
| 494 current_map = handle(current->map()); | 494 current_map = handle(current->map()); |
| 495 } | 495 } |
| 496 | 496 |
| 497 DCHECK(!current_map->IsJSGlobalProxyMap()); | 497 DCHECK(!current_map->IsJSGlobalProxyMap()); |
| 498 | 498 |
| 499 // Log the check depth. | 499 // Log the check depth. |
| 500 LOG(isolate(), IntEvent("check-maps-depth", depth + 1)); | 500 LOG(isolate(), IntEvent("check-maps-depth", depth + 1)); |
| 501 | 501 |
| 502 if (depth != 0 || check == CHECK_ALL_MAPS) { | 502 if (!current_map->IsJSGlobalObjectMap() && |
| 503 (depth != 0 || check == CHECK_ALL_MAPS)) { |
| 503 // Check the holder map. | 504 // Check the holder map. |
| 504 __ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset)); | 505 __ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset)); |
| 505 Handle<WeakCell> cell = Map::WeakCellForMap(current_map); | 506 Handle<WeakCell> cell = Map::WeakCellForMap(current_map); |
| 506 __ CmpWeakValue(scratch1, cell, scratch2); | 507 __ CmpWeakValue(scratch1, cell, scratch2); |
| 507 __ j(not_equal, miss); | 508 __ j(not_equal, miss); |
| 508 } | 509 } |
| 509 | 510 |
| 510 // Return the register containing the holder. | 511 // Return the register containing the holder. |
| 511 return reg; | 512 return reg; |
| 512 } | 513 } |
| (...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 726 return GetCode(kind(), Code::FAST, name); | 727 return GetCode(kind(), Code::FAST, name); |
| 727 } | 728 } |
| 728 | 729 |
| 729 | 730 |
| 730 Register NamedStoreHandlerCompiler::value() { | 731 Register NamedStoreHandlerCompiler::value() { |
| 731 return StoreDescriptor::ValueRegister(); | 732 return StoreDescriptor::ValueRegister(); |
| 732 } | 733 } |
| 733 | 734 |
| 734 | 735 |
| 735 Handle<Code> NamedLoadHandlerCompiler::CompileLoadGlobal( | 736 Handle<Code> NamedLoadHandlerCompiler::CompileLoadGlobal( |
| 736 Handle<PropertyCell> cell, Handle<Name> name, bool is_configurable) { | 737 Handle<PropertyCell> cell, Handle<Name> name) { |
| 737 Label miss; | 738 Label miss; |
| 738 if (IC::ICUseVector(kind())) { | 739 if (IC::ICUseVector(kind())) { |
| 739 PushVectorAndSlot(); | 740 PushVectorAndSlot(); |
| 740 } | 741 } |
| 741 FrontendHeader(receiver(), name, &miss); | 742 FrontendHeader(receiver(), name, &miss); |
| 742 // Get the value from the cell. | 743 // Get the value from the cell. |
| 743 Register result = StoreDescriptor::ValueRegister(); | 744 Register result = StoreDescriptor::ValueRegister(); |
| 744 Handle<WeakCell> weak_cell = factory()->NewWeakCell(cell); | 745 Handle<WeakCell> weak_cell = factory()->NewWeakCell(cell); |
| 745 __ LoadWeakValue(result, weak_cell, &miss); | 746 __ LoadWeakValue(result, weak_cell, &miss); |
| 746 __ mov(result, FieldOperand(result, PropertyCell::kValueOffset)); | 747 __ mov(result, FieldOperand(result, PropertyCell::kValueOffset)); |
| 747 | 748 |
| 748 // Check for deleted property if property can actually be deleted. | 749 __ cmp(result, factory()->the_hole_value()); |
| 749 if (is_configurable) { | 750 __ j(equal, &miss); |
| 750 __ cmp(result, factory()->the_hole_value()); | |
| 751 __ j(equal, &miss); | |
| 752 } else if (FLAG_debug_code) { | |
| 753 __ cmp(result, factory()->the_hole_value()); | |
| 754 __ Check(not_equal, kDontDeleteCellsCannotContainTheHole); | |
| 755 } | |
| 756 | 751 |
| 757 Counters* counters = isolate()->counters(); | 752 Counters* counters = isolate()->counters(); |
| 758 __ IncrementCounter(counters->named_load_global_stub(), 1); | 753 __ IncrementCounter(counters->named_load_global_stub(), 1); |
| 759 // The code above already loads the result into the return register. | 754 // The code above already loads the result into the return register. |
| 760 if (IC::ICUseVector(kind())) { | 755 if (IC::ICUseVector(kind())) { |
| 761 DiscardVectorAndSlot(); | 756 DiscardVectorAndSlot(); |
| 762 } | 757 } |
| 763 __ ret(0); | 758 __ ret(0); |
| 764 | 759 |
| 765 FrontendFooter(name, &miss); | 760 FrontendFooter(name, &miss); |
| 766 | 761 |
| 767 // Return the generated code. | 762 // Return the generated code. |
| 768 return GetCode(kind(), Code::NORMAL, name); | 763 return GetCode(kind(), Code::NORMAL, name); |
| 769 } | 764 } |
| 770 | 765 |
| 771 | 766 |
| 772 #undef __ | 767 #undef __ |
| 773 } | 768 } |
| 774 } // namespace v8::internal | 769 } // namespace v8::internal |
| 775 | 770 |
| 776 #endif // V8_TARGET_ARCH_IA32 | 771 #endif // V8_TARGET_ARCH_IA32 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 965723002:
Ensure we can reliably check the cell for validity of global property (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master