Reviewers: danno, mvstanton, paul.l..., gergely.kis.imgtec,
akos.palfi.imgtec, dusmil.imgtec,
Description:
MIPS: CallIC customization stubs must accept that a vector slot is cleared.
Port r22668 (7be1212)
Original commit message:
The CallIC Array custom IC stub read from the type vector, expecting
to get an AllocationSite. But there are paths in the system where a
type vector can be re-created with default values, even though we
currently grant an exception to clearing of vector slots with
AllocationSites in them at gc time.
BUG=392114
LOG=N
Please review this at https://codereview.chromium.org/420793003/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+26, -8 lines):
M src/mips/code-stubs-mips.cc
M src/mips64/code-stubs-mips64.cc
Index: src/mips/code-stubs-mips.cc
diff --git a/src/mips/code-stubs-mips.cc b/src/mips/code-stubs-mips.cc
index
382ac38c3c9d0abda70dcab897864b8859cb7b07..4774c946cbb185b0675d08d2467e777170af4140
100644
--- a/src/mips/code-stubs-mips.cc
+++ b/src/mips/code-stubs-mips.cc
@@ -3094,9 +3094,14 @@ void CallIC_ArrayStub::Generate(MacroAssembler*
masm) {
__ li(a0, Operand(arg_count()));
__ sll(at, a3, kPointerSizeLog2 - kSmiTagSize);
__ Addu(at, a2, Operand(at));
- __ lw(a2, FieldMemOperand(at, FixedArray::kHeaderSize));
- // Verify that a2 contains an AllocationSite
- __ AssertUndefinedOrAllocationSite(a2, at);
+ __ lw(t0, FieldMemOperand(at, FixedArray::kHeaderSize));
+
+ // Verify that t0 contains an AllocationSite
+ __ lw(t1, FieldMemOperand(t0, HeapObject::kMapOffset));
+ __ LoadRoot(at, Heap::kAllocationSiteMapRootIndex);
+ __ Branch(&miss, ne, t1, Operand(at));
+
+ __ mov(a2, t0);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -3163,7 +3168,11 @@ void CallICStub::Generate(MacroAssembler* masm) {
__ Branch(&miss, eq, t0, Operand(at));
if (!FLAG_trace_ic) {
- // We are going megamorphic, and we don't want to visit the runtime.
+ // We are going megamorphic. If the feedback is a JSFunction, it is
fine
+ // to handle it here. More complex cases are dealt with in the runtime.
+ __ AssertNotSmi(t0);
+ __ GetObjectType(t0, t1, t1);
+ __ Branch(&miss, ne, t1, Operand(JS_FUNCTION_TYPE));
__ sll(t0, a3, kPointerSizeLog2 - kSmiTagSize);
__ Addu(t0, a2, Operand(t0));
__ LoadRoot(at, Heap::kMegamorphicSymbolRootIndex);
Index: src/mips64/code-stubs-mips64.cc
diff --git a/src/mips64/code-stubs-mips64.cc
b/src/mips64/code-stubs-mips64.cc
index
6205e98cddf53c2ee3237cfb79d7ddc5f9d0bdaa..9d7a12f4e4a45548d523e0cc0184a09ddf936364
100644
--- a/src/mips64/code-stubs-mips64.cc
+++ b/src/mips64/code-stubs-mips64.cc
@@ -3171,9 +3171,14 @@ void CallIC_ArrayStub::Generate(MacroAssembler*
masm) {
__ li(a0, Operand(arg_count()));
__ dsrl(at, a3, 32 - kPointerSizeLog2);
__ Daddu(at, a2, Operand(at));
- __ ld(a2, FieldMemOperand(at, FixedArray::kHeaderSize));
- // Verify that a2 contains an AllocationSite
- __ AssertUndefinedOrAllocationSite(a2, at);
+ __ ld(a4, FieldMemOperand(at, FixedArray::kHeaderSize));
+
+ // Verify that r4 contains an AllocationSite
+ __ ld(a5, FieldMemOperand(a4, HeapObject::kMapOffset));
+ __ LoadRoot(at, Heap::kAllocationSiteMapRootIndex);
+ __ Branch(&miss, ne, a5, Operand(at));
+
+ __ mov(a2, a4);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -3240,7 +3245,11 @@ void CallICStub::Generate(MacroAssembler* masm) {
__ Branch(&miss, eq, a4, Operand(at));
if (!FLAG_trace_ic) {
- // We are going megamorphic, and we don't want to visit the runtime.
+ // We are going megamorphic. If the feedback is a JSFunction, it is
fine
+ // to handle it here. More complex cases are dealt with in the runtime.
+ __ AssertNotSmi(a4);
+ __ GetObjectType(a4, a5, a5);
+ __ Branch(&miss, ne, a5, Operand(JS_FUNCTION_TYPE));
__ dsrl(a4, a3, 32 - kPointerSizeLog2);
__ Daddu(a4, a2, Operand(a4));
__ LoadRoot(at, Heap::kMegamorphicSymbolRootIndex);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
