[v8-dev] Version 4.3.61.29 (cherry-pick) (issue 1186043002 by [email protected])

Sun, 14 Jun 2015 19:33:07 -0700 

Reviewers: mvstanton,

Description:
Version 4.3.61.29 (cherry-pick)

Merged 9bf64f7e614d55766385c122a99c1e7070cd9d2b

X87: Ensure object literal element boilerplates aren't modified.

[email protected]
BUG=

Please review this at https://codereview.chromium.org/1186043002/

Base URL: https://chromium.googlesource.com/v8/[email protected]

Affected files (+12, -28 lines):
  M include/v8-version.h
  M src/x87/full-codegen-x87.cc


Index: include/v8-version.h
diff --git a/include/v8-version.h b/include/v8-version.h
index a6ed677677b0140fa1a01a13da3d9506e54a176c..c05a912d52f1f0668f56c7ba7ff6241be453131f 100644 
--- a/include/v8-version.h
+++ b/include/v8-version.h
@@ -11,7 +11,7 @@
 #define V8_MAJOR_VERSION 4
 #define V8_MINOR_VERSION 3
 #define V8_BUILD_NUMBER 61
-#define V8_PATCH_LEVEL 28
+#define V8_PATCH_LEVEL 29

 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
Index: src/x87/full-codegen-x87.cc
diff --git a/src/x87/full-codegen-x87.cc b/src/x87/full-codegen-x87.cc
index 59ff09f2db8f35e8821b5554064bd757c6eeded7..64dd9ab192200795a4f8760bbe6cbf93dbb79073 100644 
--- a/src/x87/full-codegen-x87.cc
+++ b/src/x87/full-codegen-x87.cc
@@ -1611,17 +1611,10 @@ void FullCodeGenerator::VisitObjectLiteral(ObjectLiteral* expr) { 

   expr->BuildConstantProperties(isolate());
   Handle<FixedArray> constant_properties = expr->constant_properties();
-  int flags = expr->fast_elements()
-      ? ObjectLiteral::kFastElements
-      : ObjectLiteral::kNoFlags;
-  flags |= expr->has_function()
-      ? ObjectLiteral::kHasFunction
-      : ObjectLiteral::kNoFlags;
-  int properties_count = constant_properties->length() / 2;
-  if (expr->may_store_doubles() || expr->depth() > 1 ||
-      masm()->serializer_enabled() ||
-      flags != ObjectLiteral::kFastElements ||
- properties_count > FastCloneShallowObjectStub::kMaximumClonedProperties) { 
+  int flags = expr->ComputeFlags();
+ // If any of the keys would store to the elements array, then we shouldn't 
+  // allow it.
+  if (MustCreateObjectLiteralWithRuntime(expr)) {
     __ mov(edi, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset));
     __ push(FieldOperand(edi, JSFunction::kLiteralsOffset));
     __ push(Immediate(Smi::FromInt(expr->literal_index())));
@@ -1634,7 +1627,7 @@ void FullCodeGenerator::VisitObjectLiteral(ObjectLiteral* expr) { 
     __ mov(ebx, Immediate(Smi::FromInt(expr->literal_index())));
     __ mov(ecx, Immediate(constant_properties));
     __ mov(edx, Immediate(Smi::FromInt(flags)));
-    FastCloneShallowObjectStub stub(isolate(), properties_count);
+    FastCloneShallowObjectStub stub(isolate(), expr->properties_count());
     __ CallStub(&stub);
   }
   PrepareForBailoutForId(expr->CreateLiteralId(), TOS_REG);
@@ -1813,20 +1806,9 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) { 
   Comment cmnt(masm_, "[ ArrayLiteral");

   expr->BuildConstantElements(isolate());
-  int flags = expr->depth() == 1
-      ? ArrayLiteral::kShallowElements
-      : ArrayLiteral::kNoFlags;
-
-  ZoneList<Expression*>* subexprs = expr->values();
-  int length = subexprs->length();
   Handle<FixedArray> constant_elements = expr->constant_elements();
-  DCHECK_EQ(2, constant_elements->length());
-  ElementsKind constant_elements_kind =
- static_cast<ElementsKind>(Smi::cast(constant_elements->get(0))->value()); 
   bool has_constant_fast_elements =
-      IsFastObjectElementsKind(constant_elements_kind);
-  Handle<FixedArrayBase> constant_elements_values(
-      FixedArrayBase::cast(constant_elements->get(1)));
+      IsFastObjectElementsKind(expr->constant_elements_kind());

   AllocationSiteMode allocation_site_mode = TRACK_ALLOCATION_SITE;
   if (has_constant_fast_elements && !FLAG_allocation_site_pretenuring) {
@@ -1835,12 +1817,12 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) { 
     allocation_site_mode = DONT_TRACK_ALLOCATION_SITE;
   }
- if (expr->depth() > 1 || length > JSObject::kInitialMaxFastElementArray) { 
+  if (MustCreateArrayLiteralWithRuntime(expr)) {
     __ mov(ebx, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset));
     __ push(FieldOperand(ebx, JSFunction::kLiteralsOffset));
     __ push(Immediate(Smi::FromInt(expr->literal_index())));
     __ push(Immediate(constant_elements));
-    __ push(Immediate(Smi::FromInt(flags)));
+    __ push(Immediate(Smi::FromInt(expr->ComputeFlags())));
     __ CallRuntime(Runtime::kCreateArrayLiteral, 4);
   } else {
     __ mov(ebx, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset));
@@ -1853,6 +1835,8 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) { 
   PrepareForBailoutForId(expr->CreateLiteralId(), TOS_REG);

   bool result_saved = false;  // Is the result saved to the stack?
+  ZoneList<Expression*>* subexprs = expr->values();
+  int length = subexprs->length();

   // Emit code to evaluate all the non-constant subexpressions and to store
   // them into the newly cloned array.
@@ -1869,7 +1853,7 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) { 
     }
     VisitForAccumulatorValue(subexpr);

-    if (IsFastObjectElementsKind(constant_elements_kind)) {
+    if (has_constant_fast_elements) {
       // Fast-case array literal with ElementsKind of FAST_*_ELEMENTS, they
       // cannot transition and don't need to call the runtime stub.
       int offset = FixedArray::kHeaderSize + (i * kPointerSize);


--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to