Revision: 10304
Author: [email protected]
Date: Tue Dec 27 02:09:42 2011
Log: Version 3.8.3
Avoid embedding new space objects into code objects in the lithium gap
resolver. (chromium:108296)
Bug fixes and performance optimizations on all platforms.
http://code.google.com/p/v8/source/detail?r=10304
Added:
/trunk/test/mjsunit/regress/regress-108296.js
Modified:
/trunk/ChangeLog
/trunk/src/arm/lithium-arm.cc
/trunk/src/arm/lithium-codegen-arm.cc
/trunk/src/arm/lithium-codegen-arm.h
/trunk/src/arm/lithium-gap-resolver-arm.cc
/trunk/src/arm/macro-assembler-arm.h
/trunk/src/debug.cc
/trunk/src/flag-definitions.h
/trunk/src/heap.cc
/trunk/src/hydrogen-instructions.h
/trunk/src/hydrogen.cc
/trunk/src/ia32/lithium-codegen-ia32.cc
/trunk/src/ia32/lithium-codegen-ia32.h
/trunk/src/ia32/lithium-gap-resolver-ia32.cc
/trunk/src/ia32/lithium-ia32.cc
/trunk/src/ia32/macro-assembler-ia32.h
/trunk/src/mips/ic-mips.cc
/trunk/src/mips/lithium-codegen-mips.cc
/trunk/src/mips/lithium-mips.cc
/trunk/src/objects.cc
/trunk/src/string-search.h
/trunk/src/version.cc
/trunk/src/x64/lithium-codegen-x64.cc
/trunk/src/x64/lithium-gap-resolver-x64.cc
/trunk/src/x64/lithium-x64.cc
/trunk/src/x64/macro-assembler-x64.h
/trunk/test/cctest/test-api.cc
=======================================
--- /dev/null
+++ /trunk/test/mjsunit/regress/regress-108296.js Tue Dec 27 02:09:42 2011
@@ -0,0 +1,52 @@
+// Copyright 2011 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Flags: --allow-natives-syntax
+
+// This test checks that young immediates embedded into code objects
+// are referenced through a cell.
+
+function f (k, a, b) {
+ // Create control flow for a.foo. Control flow resolution will
+ // be generated as a part of a gap move. Gap move operate on immediates
as
+ // a.foo is a CONSTANT_FUNCTION.
+ var x = k ? a.foo : a.foo;
+ return x.prototype;
+}
+
+var a = { };
+
+// Make sure that foo is a CONSTANT_FUNCTION but not be pretenured.
+a.foo = (function () { return function () {}; })();
+
+// Ensure that both branches of ternary operator have monomorphic type
feedback.
+f(true, a, a);
+f(true, a, a);
+f(false, a, a);
+f(false, a, a);
+%OptimizeFunctionOnNextCall(f);
+f(true, a, a);
=======================================
--- /trunk/ChangeLog Wed Dec 21 00:29:34 2011
+++ /trunk/ChangeLog Tue Dec 27 02:09:42 2011
@@ -1,3 +1,11 @@
+2011-12-27: Version 3.8.3
+
+ Avoid embedding new space objects into code objects in the lithium
gap
+ resolver. (chromium:108296)
+
+ Bug fixes and performance optimizations on all platforms.
+
+
2011-12-21: Version 3.8.2
Add max optimization flag to v8 gyp build to ensure V8 is always
built
=======================================
--- /trunk/src/arm/lithium-arm.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/arm/lithium-arm.cc Tue Dec 27 02:09:42 2011
@@ -1938,8 +1938,7 @@
LOperand* key = needs_write_barrier
? UseTempRegister(instr->key())
: UseRegisterOrConstantAtStart(instr->key());
-
- return AssignEnvironment(new LStoreKeyedFastElement(obj, key, val));
+ return new LStoreKeyedFastElement(obj, key, val);
}
=======================================
--- /trunk/src/arm/lithium-codegen-arm.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/arm/lithium-codegen-arm.cc Tue Dec 27 02:09:42 2011
@@ -383,6 +383,18 @@
UNREACHABLE();
return dbl_scratch;
}
+
+
+Handle<Object> LCodeGen::ToHandle(LConstantOperand* op) const {
+ Handle<Object> literal = chunk_->LookupLiteral(op);
+ ASSERT(chunk_->LookupLiteralRepresentation(op).IsTagged());
+ return literal;
+}
+
+
+bool LCodeGen::IsInteger32(LConstantOperand* op) const {
+ return chunk_->LookupLiteralRepresentation(op).IsInteger32();
+}
int LCodeGen::ToInteger32(LConstantOperand* op) const {
@@ -3403,13 +3415,6 @@
Register elements = ToRegister(instr->object());
Register key = instr->key()->IsRegister() ? ToRegister(instr->key()) :
no_reg;
Register scratch = scratch0();
-
- // This instruction cannot handle the FAST_SMI_ONLY_ELEMENTS ->
FAST_ELEMENTS
- // conversion, so it deopts in that case.
- if (instr->hydrogen()->ValueNeedsSmiCheck()) {
- __ tst(value, Operand(kSmiTagMask));
- DeoptimizeIf(ne, instr->environment());
- }
// Do the store.
if (instr->key()->IsConstantOperand()) {
=======================================
--- /trunk/src/arm/lithium-codegen-arm.h Tue Nov 29 06:28:56 2011
+++ /trunk/src/arm/lithium-codegen-arm.h Tue Dec 27 02:09:42 2011
@@ -93,6 +93,9 @@
// Returns a MemOperand pointing to the high word of a DoubleStackSlot.
MemOperand ToHighMemOperand(LOperand* op) const;
+ bool IsInteger32(LConstantOperand* op) const;
+ Handle<Object> ToHandle(LConstantOperand* op) const;
+
// Try to generate code for the entire chunk, but it may fail if the
// chunk contains constructs we cannot handle. Returns true if the
// code generation attempt succeeded.
=======================================
--- /trunk/src/arm/lithium-gap-resolver-arm.cc Wed Aug 24 05:02:41 2011
+++ /trunk/src/arm/lithium-gap-resolver-arm.cc Tue Dec 27 02:09:42 2011
@@ -248,13 +248,24 @@
}
} else if (source->IsConstantOperand()) {
- Operand source_operand = cgen_->ToOperand(source);
+ LConstantOperand* constant_source = LConstantOperand::cast(source);
if (destination->IsRegister()) {
- __ mov(cgen_->ToRegister(destination), source_operand);
+ Register dst = cgen_->ToRegister(destination);
+ if (cgen_->IsInteger32(constant_source)) {
+ __ mov(dst, Operand(cgen_->ToInteger32(constant_source)));
+ } else {
+ __ LoadObject(dst, cgen_->ToHandle(constant_source));
+ }
} else {
ASSERT(destination->IsStackSlot());
ASSERT(!in_cycle_); // Constant moves happen after all cycles are
gone.
- __ mov(kSavedValueRegister, source_operand);
+ if (cgen_->IsInteger32(constant_source)) {
+ __ mov(kSavedValueRegister,
+ Operand(cgen_->ToInteger32(constant_source)));
+ } else {
+ __ LoadObject(kSavedValueRegister,
+ cgen_->ToHandle(constant_source));
+ }
__ str(kSavedValueRegister, cgen_->ToMemOperand(destination));
}
=======================================
--- /trunk/src/arm/macro-assembler-arm.h Tue Dec 13 00:07:27 2011
+++ /trunk/src/arm/macro-assembler-arm.h Tue Dec 27 02:09:42 2011
@@ -168,6 +168,14 @@
void LoadHeapObject(Register dst, Handle<HeapObject> object);
+ void LoadObject(Register result, Handle<Object> object) {
+ if (object->IsHeapObject()) {
+ LoadHeapObject(result, Handle<HeapObject>::cast(object));
+ } else {
+ Move(result, object);
+ }
+ }
+
//
---------------------------------------------------------------------------
// GC Support
=======================================
--- /trunk/src/debug.cc Tue Dec 13 00:07:27 2011
+++ /trunk/src/debug.cc Tue Dec 27 02:09:42 2011
@@ -1146,7 +1146,7 @@
Handle<DebugInfo> debug_info = GetDebugInfo(shared);
// Source positions starts with zero.
- ASSERT(source_position >= 0);
+ ASSERT(*source_position >= 0);
// Find the break point and change it.
BreakLocationIterator it(debug_info, SOURCE_BREAK_LOCATIONS);
=======================================
--- /trunk/src/flag-definitions.h Mon Dec 19 04:13:11 2011
+++ /trunk/src/flag-definitions.h Tue Dec 27 02:09:42 2011
@@ -564,8 +564,10 @@
DEFINE_implication(print_all_code, print_code_verbose)
DEFINE_implication(print_all_code, print_builtin_code)
DEFINE_implication(print_all_code, print_code_stubs)
-DEFINE_implication(print_all_code, trace_codegen)
DEFINE_implication(print_all_code, code_comments)
+#ifdef DEBUG
+DEFINE_implication(print_all_code, trace_codegen)
+#endif
#endif
// Cleanup...
=======================================
--- /trunk/src/heap.cc Mon Dec 19 04:13:11 2011
+++ /trunk/src/heap.cc Tue Dec 27 02:09:42 2011
@@ -463,6 +463,8 @@
}
mark_compact_collector()->SetFlags(kNoGCFlags);
new_space_.Shrink();
+ UncommitFromSpace();
+ Shrink();
incremental_marking()->UncommitMarkingDeque();
}
=======================================
--- /trunk/src/hydrogen-instructions.h Mon Dec 19 04:13:11 2011
+++ /trunk/src/hydrogen-instructions.h Tue Dec 27 02:09:42 2011
@@ -3932,10 +3932,6 @@
return StoringValueNeedsWriteBarrier(value());
}
}
-
- bool ValueNeedsSmiCheck() {
- return value_is_smi();
- }
virtual void PrintDataTo(StringStream* stream);
=======================================
--- /trunk/src/hydrogen.cc Mon Dec 19 04:13:11 2011
+++ /trunk/src/hydrogen.cc Tue Dec 27 02:09:42 2011
@@ -3513,6 +3513,9 @@
switch (boilerplate_elements_kind) {
case FAST_SMI_ONLY_ELEMENTS:
+ // Smi-only arrays need a smi check.
+ AddInstruction(new(zone()) HCheckSmi(value));
+ // Fall through.
case FAST_ELEMENTS:
AddInstruction(new(zone()) HStoreKeyedFastElement(
elements,
@@ -4223,12 +4226,20 @@
bool is_store) {
if (is_store) {
ASSERT(val != NULL);
- if (elements_kind == FAST_DOUBLE_ELEMENTS) {
- return new(zone()) HStoreKeyedFastDoubleElement(
- elements, checked_key, val);
- } else { // FAST_ELEMENTS or FAST_SMI_ONLY_ELEMENTS.
- return new(zone()) HStoreKeyedFastElement(
- elements, checked_key, val, elements_kind);
+ switch (elements_kind) {
+ case FAST_DOUBLE_ELEMENTS:
+ return new(zone()) HStoreKeyedFastDoubleElement(
+ elements, checked_key, val);
+ case FAST_SMI_ONLY_ELEMENTS:
+ // Smi-only arrays need a smi check.
+ AddInstruction(new(zone()) HCheckSmi(val));
+ // Fall through.
+ case FAST_ELEMENTS:
+ return new(zone()) HStoreKeyedFastElement(
+ elements, checked_key, val, elements_kind);
+ default:
+ UNREACHABLE();
+ return NULL;
}
}
// It's an element load (!is_store).
@@ -4399,9 +4410,6 @@
if (elements_kind == FAST_SMI_ONLY_ELEMENTS ||
elements_kind == FAST_ELEMENTS ||
elements_kind == FAST_DOUBLE_ELEMENTS) {
- if (is_store && elements_kind == FAST_SMI_ONLY_ELEMENTS) {
- AddInstruction(new(zone()) HCheckSmi(val));
- }
if (is_store && elements_kind != FAST_DOUBLE_ELEMENTS) {
AddInstruction(new(zone()) HCheckMap(
elements, isolate()->factory()->fixed_array_map(),
=======================================
--- /trunk/src/ia32/lithium-codegen-ia32.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/ia32/lithium-codegen-ia32.cc Tue Dec 27 02:09:42 2011
@@ -354,18 +354,8 @@
}
-Immediate LCodeGen::ToImmediate(LOperand* op) {
- LConstantOperand* const_op = LConstantOperand::cast(op);
- Handle<Object> literal = chunk_->LookupLiteral(const_op);
- Representation r = chunk_->LookupLiteralRepresentation(const_op);
- if (r.IsInteger32()) {
- ASSERT(literal->IsNumber());
- return Immediate(static_cast<int32_t>(literal->Number()));
- } else if (r.IsDouble()) {
- Abort("unsupported double immediate");
- }
- ASSERT(r.IsTagged());
- return Immediate(literal);
+bool LCodeGen::IsInteger32(LConstantOperand* op) const {
+ return chunk_->LookupLiteralRepresentation(op).IsInteger32();
}
@@ -1167,7 +1157,7 @@
ASSERT(left->Equals(instr->result()));
if (right->IsConstantOperand()) {
- __ sub(ToOperand(left), ToImmediate(right));
+ __ sub(ToOperand(left), ToInteger32Immediate(right));
} else {
__ sub(ToRegister(left), ToOperand(right));
}
@@ -1306,7 +1296,7 @@
ASSERT(left->Equals(instr->result()));
if (right->IsConstantOperand()) {
- __ add(ToOperand(left), ToImmediate(right));
+ __ add(ToOperand(left), ToInteger32Immediate(right));
} else {
__ add(ToRegister(left), ToOperand(right));
}
@@ -1578,9 +1568,9 @@
__ j(parity_even, chunk_->GetAssemblyLabel(false_block));
} else {
if (right->IsConstantOperand()) {
- __ cmp(ToRegister(left), ToImmediate(right));
+ __ cmp(ToRegister(left), ToInteger32Immediate(right));
} else if (left->IsConstantOperand()) {
- __ cmp(ToOperand(right), ToImmediate(left));
+ __ cmp(ToOperand(right), ToInteger32Immediate(left));
// We transposed the operands. Reverse the condition.
cc = ReverseCondition(cc);
} else {
@@ -3261,7 +3251,7 @@
void LCodeGen::DoBoundsCheck(LBoundsCheck* instr) {
if (instr->index()->IsConstantOperand()) {
__ cmp(ToOperand(instr->length()),
- ToImmediate(LConstantOperand::cast(instr->index())));
+ Immediate(ToInteger32(LConstantOperand::cast(instr->index()))));
DeoptimizeIf(below_equal, instr->environment());
} else {
__ cmp(ToRegister(instr->index()), ToOperand(instr->length()));
@@ -3314,13 +3304,6 @@
Register value = ToRegister(instr->value());
Register elements = ToRegister(instr->object());
Register key = instr->key()->IsRegister() ? ToRegister(instr->key()) :
no_reg;
-
- // This instruction cannot handle the FAST_SMI_ONLY_ELEMENTS ->
FAST_ELEMENTS
- // conversion, so it deopts in that case.
- if (instr->hydrogen()->ValueNeedsSmiCheck()) {
- __ test(value, Immediate(kSmiTagMask));
- DeoptimizeIf(not_zero, instr->environment());
- }
// Do the store.
if (instr->key()->IsConstantOperand()) {
=======================================
--- /trunk/src/ia32/lithium-codegen-ia32.h Tue Dec 13 00:07:27 2011
+++ /trunk/src/ia32/lithium-codegen-ia32.h Tue Dec 27 02:09:42 2011
@@ -78,7 +78,13 @@
Operand ToOperand(LOperand* op) const;
Register ToRegister(LOperand* op) const;
XMMRegister ToDoubleRegister(LOperand* op) const;
- Immediate ToImmediate(LOperand* op);
+
+ bool IsInteger32(LConstantOperand* op) const;
+ Immediate ToInteger32Immediate(LOperand* op) const {
+ return Immediate(ToInteger32(LConstantOperand::cast(op)));
+ }
+
+ Handle<Object> ToHandle(LConstantOperand* op) const;
// The operand denoting the second word (the one with a higher address)
of
// a double stack slot.
@@ -225,7 +231,7 @@
Register ToRegister(int index) const;
XMMRegister ToDoubleRegister(int index) const;
int ToInteger32(LConstantOperand* op) const;
- Handle<Object> ToHandle(LConstantOperand* op) const;
+
double ToDouble(LConstantOperand* op) const;
Operand BuildFastArrayOperand(LOperand* elements_pointer,
LOperand* key,
=======================================
--- /trunk/src/ia32/lithium-gap-resolver-ia32.cc Mon Jul 11 04:41:22 2011
+++ /trunk/src/ia32/lithium-gap-resolver-ia32.cc Tue Dec 27 02:09:42 2011
@@ -303,14 +303,24 @@
}
} else if (source->IsConstantOperand()) {
- ASSERT(destination->IsRegister() || destination->IsStackSlot());
- Immediate src = cgen_->ToImmediate(source);
+ LConstantOperand* constant_source = LConstantOperand::cast(source);
if (destination->IsRegister()) {
Register dst = cgen_->ToRegister(destination);
- __ Set(dst, src);
+ if (cgen_->IsInteger32(constant_source)) {
+ __ Set(dst, cgen_->ToInteger32Immediate(constant_source));
+ } else {
+ __ LoadObject(dst, cgen_->ToHandle(constant_source));
+ }
} else {
+ ASSERT(destination->IsStackSlot());
Operand dst = cgen_->ToOperand(destination);
- __ Set(dst, src);
+ if (cgen_->IsInteger32(constant_source)) {
+ __ Set(dst, cgen_->ToInteger32Immediate(constant_source));
+ } else {
+ Register tmp = EnsureTempRegister();
+ __ LoadObject(tmp, cgen_->ToHandle(constant_source));
+ __ mov(dst, tmp);
+ }
}
} else if (source->IsDoubleRegister()) {
=======================================
--- /trunk/src/ia32/lithium-ia32.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/ia32/lithium-ia32.cc Tue Dec 27 02:09:42 2011
@@ -2023,8 +2023,7 @@
LOperand* key = needs_write_barrier
? UseTempRegister(instr->key())
: UseRegisterOrConstantAtStart(instr->key());
-
- return AssignEnvironment(new(zone()) LStoreKeyedFastElement(obj, key,
val));
+ return new(zone()) LStoreKeyedFastElement(obj, key, val);
}
=======================================
--- /trunk/src/ia32/macro-assembler-ia32.h Mon Dec 19 04:13:11 2011
+++ /trunk/src/ia32/macro-assembler-ia32.h Tue Dec 27 02:09:42 2011
@@ -240,6 +240,14 @@
void LoadHeapObject(Register result, Handle<HeapObject> object);
void PushHeapObject(Handle<HeapObject> object);
+ void LoadObject(Register result, Handle<Object> object) {
+ if (object->IsHeapObject()) {
+ LoadHeapObject(result, Handle<HeapObject>::cast(object));
+ } else {
+ Set(result, Immediate(object));
+ }
+ }
+
//
---------------------------------------------------------------------------
// JavaScript invokes
=======================================
--- /trunk/src/mips/ic-mips.cc Mon Dec 19 04:13:11 2011
+++ /trunk/src/mips/ic-mips.cc Tue Dec 27 02:09:42 2011
@@ -868,22 +868,26 @@
// -- lr : return address
// -----------------------------------
Label slow, notin;
+ // Store address is returned in register (of MemOperand) mapped_location.
MemOperand mapped_location =
GenerateMappedArgumentsLookup(masm, a2, a1, a3, t0, t1, ¬in,
&slow);
__ sw(a0, mapped_location);
- __ Addu(t2, a3, t1);
__ mov(t5, a0);
- __ RecordWrite(a3, t2, t5, kRAHasNotBeenSaved, kDontSaveFPRegs);
+ ASSERT_EQ(mapped_location.offset(), 0);
+ __ RecordWrite(a3, mapped_location.rm(), t5,
+ kRAHasNotBeenSaved, kDontSaveFPRegs);
__ Ret(USE_DELAY_SLOT);
__ mov(v0, a0); // (In delay slot) return the value stored in v0.
__ bind(¬in);
// The unmapped lookup expects that the parameter map is in a3.
+ // Store address is returned in register (of MemOperand)
unmapped_location.
MemOperand unmapped_location =
GenerateUnmappedArgumentsLookup(masm, a1, a3, t0, &slow);
__ sw(a0, unmapped_location);
- __ Addu(t2, a3, t0);
__ mov(t5, a0);
- __ RecordWrite(a3, t2, t5, kRAHasNotBeenSaved, kDontSaveFPRegs);
+ ASSERT_EQ(unmapped_location.offset(), 0);
+ __ RecordWrite(a3, unmapped_location.rm(), t5,
+ kRAHasNotBeenSaved, kDontSaveFPRegs);
__ Ret(USE_DELAY_SLOT);
__ mov(v0, a0); // (In delay slot) return the value stored in v0.
__ bind(&slow);
=======================================
--- /trunk/src/mips/lithium-codegen-mips.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/mips/lithium-codegen-mips.cc Tue Dec 27 02:09:42 2011
@@ -3310,13 +3310,6 @@
Register elements = ToRegister(instr->object());
Register key = instr->key()->IsRegister() ? ToRegister(instr->key()) :
no_reg;
Register scratch = scratch0();
-
- // This instruction cannot handle the FAST_SMI_ONLY_ELEMENTS ->
FAST_ELEMENTS
- // conversion, so it deopts in that case.
- if (instr->hydrogen()->ValueNeedsSmiCheck()) {
- __ And(at, value, Operand(kSmiTagMask));
- DeoptimizeIf(ne, instr->environment(), at, Operand(zero_reg));
- }
// Do the store.
if (instr->key()->IsConstantOperand()) {
=======================================
--- /trunk/src/mips/lithium-mips.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/mips/lithium-mips.cc Tue Dec 27 02:09:42 2011
@@ -1941,8 +1941,7 @@
LOperand* key = needs_write_barrier
? UseTempRegister(instr->key())
: UseRegisterOrConstantAtStart(instr->key());
-
- return AssignEnvironment(new LStoreKeyedFastElement(obj, key, val));
+ return new LStoreKeyedFastElement(obj, key, val);
}
=======================================
--- /trunk/src/objects.cc Mon Dec 19 04:13:11 2011
+++ /trunk/src/objects.cc Tue Dec 27 02:09:42 2011
@@ -4352,7 +4352,7 @@
} else {
// Lookup the name.
LookupResult result(heap->isolate());
- LocalLookup(name, &result);
+ LocalLookupRealNamedProperty(name, &result);
if (result.IsProperty()) {
// TODO(mstarzinger): We should check for result.IsDontDelete() here
once
// we only call into the runtime once to set both getter and setter.
=======================================
--- /trunk/src/string-search.h Tue Nov 29 06:28:56 2011
+++ /trunk/src/string-search.h Tue Dec 27 02:09:42 2011
@@ -369,6 +369,10 @@
shift_table[pattern_length] = 1;
suffix_table[pattern_length] = pattern_length + 1;
+ if (pattern_length <= start) {
+ return;
+ }
+
// Find suffixes.
PatternChar last_char = pattern[pattern_length - 1];
int suffix = pattern_length + 1;
=======================================
--- /trunk/src/version.cc Wed Dec 21 23:19:34 2011
+++ /trunk/src/version.cc Tue Dec 27 02:09:42 2011
@@ -34,8 +34,8 @@
// cannot be changed without changing the SCons build script.
#define MAJOR_VERSION 3
#define MINOR_VERSION 8
-#define BUILD_NUMBER 2
-#define PATCH_LEVEL 1
+#define BUILD_NUMBER 3
+#define PATCH_LEVEL 0
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
#define IS_CANDIDATE_VERSION 0
=======================================
--- /trunk/src/x64/lithium-codegen-x64.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/x64/lithium-codegen-x64.cc Tue Dec 27 02:09:42 2011
@@ -3199,13 +3199,6 @@
Register value = ToRegister(instr->value());
Register elements = ToRegister(instr->object());
Register key = instr->key()->IsRegister() ? ToRegister(instr->key()) :
no_reg;
-
- // This instruction cannot handle the FAST_SMI_ONLY_ELEMENTS ->
FAST_ELEMENTS
- // conversion, so it deopts in that case.
- if (instr->hydrogen()->ValueNeedsSmiCheck()) {
- Condition cc = masm()->CheckSmi(value);
- DeoptimizeIf(NegateCondition(cc), instr->environment());
- }
// Do the store.
if (instr->key()->IsConstantOperand()) {
=======================================
--- /trunk/src/x64/lithium-gap-resolver-x64.cc Mon Apr 18 08:51:38 2011
+++ /trunk/src/x64/lithium-gap-resolver-x64.cc Tue Dec 27 02:09:42 2011
@@ -198,7 +198,7 @@
if (cgen_->IsInteger32Constant(constant_source)) {
__ movl(dst, Immediate(cgen_->ToInteger32(constant_source)));
} else {
- __ Move(dst, cgen_->ToHandle(constant_source));
+ __ LoadObject(dst, cgen_->ToHandle(constant_source));
}
} else {
ASSERT(destination->IsStackSlot());
@@ -207,7 +207,8 @@
// Allow top 32 bits of an untagged Integer32 to be arbitrary.
__ movl(dst, Immediate(cgen_->ToInteger32(constant_source)));
} else {
- __ Move(dst, cgen_->ToHandle(constant_source));
+ __ LoadObject(kScratchRegister, cgen_->ToHandle(constant_source));
+ __ movq(dst, kScratchRegister);
}
}
=======================================
--- /trunk/src/x64/lithium-x64.cc Wed Dec 21 00:29:34 2011
+++ /trunk/src/x64/lithium-x64.cc Tue Dec 27 02:09:42 2011
@@ -1929,8 +1929,7 @@
LOperand* key = needs_write_barrier
? UseTempRegister(instr->key())
: UseRegisterOrConstantAtStart(instr->key());
-
- return AssignEnvironment(new LStoreKeyedFastElement(obj, key, val));
+ return new LStoreKeyedFastElement(obj, key, val);
}
=======================================
--- /trunk/src/x64/macro-assembler-x64.h Tue Dec 13 00:07:27 2011
+++ /trunk/src/x64/macro-assembler-x64.h Tue Dec 27 02:09:42 2011
@@ -789,6 +789,14 @@
void LoadHeapObject(Register result, Handle<HeapObject> object);
void PushHeapObject(Handle<HeapObject> object);
+ void LoadObject(Register result, Handle<Object> object) {
+ if (object->IsHeapObject()) {
+ LoadHeapObject(result, Handle<HeapObject>::cast(object));
+ } else {
+ Move(result, object);
+ }
+ }
+
// Load a global cell into a register.
void LoadGlobalCell(Register dst, Handle<JSGlobalPropertyCell> cell);
=======================================
--- /trunk/test/cctest/test-api.cc Tue Dec 13 00:07:27 2011
+++ /trunk/test/cctest/test-api.cc Tue Dec 27 02:09:42 2011
@@ -1423,6 +1423,40 @@
THREADED_TEST(SwitchFromInterceptorToAccessor) {
v8::HandleScope scope;
+ Handle<FunctionTemplate> templ = FunctionTemplate::New();
+ AddAccessor(templ, v8_str("age"),
+ SimpleAccessorGetter, SimpleAccessorSetter);
+ AddInterceptor(templ, InterceptorGetter, InterceptorSetter);
+ LocalContext env;
+ env->Global()->Set(v8_str("Obj"), templ->GetFunction());
+ CompileRun("var obj = new Obj;"
+ "function setAge(i){ obj.age = i; };"
+ "for(var i = 0; i <= 10000; i++) setAge(i);");
+ // All i < 10000 go to the interceptor.
+ ExpectInt32("obj.interceptor_age", 9999);
+ // The last i goes to the accessor.
+ ExpectInt32("obj.accessor_age", 10000);
+}
+
+THREADED_TEST(SwitchFromAccessorToInterceptor) {
+ v8::HandleScope scope;
+ Handle<FunctionTemplate> templ = FunctionTemplate::New();
+ AddAccessor(templ, v8_str("age"),
+ SimpleAccessorGetter, SimpleAccessorSetter);
+ AddInterceptor(templ, InterceptorGetter, InterceptorSetter);
+ LocalContext env;
+ env->Global()->Set(v8_str("Obj"), templ->GetFunction());
+ CompileRun("var obj = new Obj;"
+ "function setAge(i){ obj.age = i; };"
+ "for(var i = 20000; i >= 9999; i--) setAge(i);");
+ // All i >= 10000 go to the accessor.
+ ExpectInt32("obj.accessor_age", 10000);
+ // The last i goes to the interceptor.
+ ExpectInt32("obj.interceptor_age", 9999);
+}
+
+THREADED_TEST(SwitchFromInterceptorToAccessorWithInheritance) {
+ v8::HandleScope scope;
Handle<FunctionTemplate> parent = FunctionTemplate::New();
Handle<FunctionTemplate> child = FunctionTemplate::New();
child->Inherit(parent);
@@ -1440,7 +1474,7 @@
ExpectInt32("child.accessor_age", 10000);
}
-THREADED_TEST(SwitchFromAccessorToInterceptor) {
+THREADED_TEST(SwitchFromAccessorToInterceptorWithInheritance) {
v8::HandleScope scope;
Handle<FunctionTemplate> parent = FunctionTemplate::New();
Handle<FunctionTemplate> child = FunctionTemplate::New();
@@ -1458,6 +1492,54 @@
// The last i goes to the interceptor.
ExpectInt32("child.interceptor_age", 9999);
}
+
+THREADED_TEST(SwitchFromInterceptorToJSAccessor) {
+ v8::HandleScope scope;
+ Handle<FunctionTemplate> templ = FunctionTemplate::New();
+ AddInterceptor(templ, InterceptorGetter, InterceptorSetter);
+ LocalContext env;
+ env->Global()->Set(v8_str("Obj"), templ->GetFunction());
+ CompileRun("var obj = new Obj;"
+ "function setter(i) { this.accessor_age = i; };"
+ "function getter() { return this.accessor_age; };"
+ "function setAge(i) { obj.age = i; };"
+ "Object.defineProperty(obj, 'age', { get:getter, set:setter
});"
+ "for(var i = 0; i <= 10000; i++) setAge(i);");
+ // All i < 10000 go to the interceptor.
+ ExpectInt32("obj.interceptor_age", 9999);
+ // The last i goes to the JavaScript accessor.
+ ExpectInt32("obj.accessor_age", 10000);
+ // The installed JavaScript getter is still intact.
+ // This last part is a regression test for issue 1651 and relies on the
fact
+ // that both interceptor and accessor are being installed on the same
object.
+ ExpectInt32("obj.age", 10000);
+ ExpectBoolean("obj.hasOwnProperty('age')", true);
+ ExpectUndefined("Object.getOwnPropertyDescriptor(obj, 'age').value");
+}
+
+THREADED_TEST(SwitchFromJSAccessorToInterceptor) {
+ v8::HandleScope scope;
+ Handle<FunctionTemplate> templ = FunctionTemplate::New();
+ AddInterceptor(templ, InterceptorGetter, InterceptorSetter);
+ LocalContext env;
+ env->Global()->Set(v8_str("Obj"), templ->GetFunction());
+ CompileRun("var obj = new Obj;"
+ "function setter(i) { this.accessor_age = i; };"
+ "function getter() { return this.accessor_age; };"
+ "function setAge(i) { obj.age = i; };"
+ "Object.defineProperty(obj, 'age', { get:getter, set:setter
});"
+ "for(var i = 20000; i >= 9999; i--) setAge(i);");
+ // All i >= 10000 go to the accessor.
+ ExpectInt32("obj.accessor_age", 10000);
+ // The last i goes to the interceptor.
+ ExpectInt32("obj.interceptor_age", 9999);
+ // The installed JavaScript getter is still intact.
+ // This last part is a regression test for issue 1651 and relies on the
fact
+ // that both interceptor and accessor are being installed on the same
object.
+ ExpectInt32("obj.age", 10000);
+ ExpectBoolean("obj.hasOwnProperty('age')", true);
+ ExpectUndefined("Object.getOwnPropertyDescriptor(obj, 'age').value");
+}
THREADED_TEST(SwitchFromInterceptorToProperty) {
v8::HandleScope scope;
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
