Reviewers: Toon Verwaest,
Message:
Committed patchset #1 manually as r20321 (presubmit successful).
Description:
Reland "Fix property enum cache creation to include only own properties"
Reland r20308 (reverted by r20310).
[email protected]
Committed: https://code.google.com/p/v8/source/detail?r=20321
Please review this at https://codereview.chromium.org/216383003/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+42, -23 lines):
M src/handles.cc
A test/mjsunit/regress/regress-enum-prop-keys-cache-size.js
Index: src/handles.cc
diff --git a/src/handles.cc b/src/handles.cc
index
398a68265cdf1c65d2b98a4d459ab972bbe34cef..c30153739ac027cf281bd035b0734f7b80d69aae
100644
--- a/src/handles.cc
+++ b/src/handles.cc
@@ -627,20 +627,21 @@ Handle<FixedArray>
GetEnumPropertyKeys(Handle<JSObject> object,
bool cache_result) {
Isolate* isolate = object->GetIsolate();
if (object->HasFastProperties()) {
- if (object->map()->instance_descriptors()->HasEnumCache()) {
- int own_property_count = object->map()->EnumLength();
- // If we have an enum cache, but the enum length of the given map is
set
- // to kInvalidEnumCache, this means that the map itself has never
used the
- // present enum cache. The first step to using the cache is to set
the
- // enum length of the map by counting the number of own descriptors
that
- // are not DONT_ENUM or SYMBOLIC.
- if (own_property_count == kInvalidEnumCacheSentinel) {
- own_property_count = object->map()->NumberOfDescribedProperties(
- OWN_DESCRIPTORS, DONT_SHOW);
-
- if (cache_result) object->map()->SetEnumLength(own_property_count);
- }
+ int own_property_count = object->map()->EnumLength();
+ // If the enum length of the given map is set to kInvalidEnumCache,
this
+ // means that the map itself has never used the present enum cache. The
+ // first step to using the cache is to set the enum length of the map
by
+ // counting the number of own descriptors that are not DONT_ENUM or
+ // SYMBOLIC.
+ if (own_property_count == kInvalidEnumCacheSentinel) {
+ own_property_count = object->map()->NumberOfDescribedProperties(
+ OWN_DESCRIPTORS, DONT_SHOW);
+ } else {
+ ASSERT(own_property_count ==
object->map()->NumberOfDescribedProperties(
+ OWN_DESCRIPTORS, DONT_SHOW));
+ }
+ if (object->map()->instance_descriptors()->HasEnumCache()) {
DescriptorArray* desc = object->map()->instance_descriptors();
Handle<FixedArray> keys(desc->GetEnumCache(), isolate);
@@ -649,6 +650,7 @@ Handle<FixedArray> GetEnumPropertyKeys(Handle<JSObject>
object,
// enum cache was generated for a previous (smaller) version of the
// Descriptor Array. In that case we regenerate the enum cache.
if (own_property_count <= keys->length()) {
+ if (cache_result) object->map()->SetEnumLength(own_property_count);
isolate->counters()->enum_cache_hits()->Increment();
return ReduceFixedArrayTo(keys, own_property_count);
}
@@ -663,23 +665,22 @@ Handle<FixedArray>
GetEnumPropertyKeys(Handle<JSObject> object,
}
isolate->counters()->enum_cache_misses()->Increment();
- int num_enum = map->NumberOfDescribedProperties(ALL_DESCRIPTORS,
DONT_SHOW);
- Handle<FixedArray> storage =
isolate->factory()->NewFixedArray(num_enum);
- Handle<FixedArray> indices =
isolate->factory()->NewFixedArray(num_enum);
+ Handle<FixedArray> storage = isolate->factory()->NewFixedArray(
+ own_property_count);
+ Handle<FixedArray> indices = isolate->factory()->NewFixedArray(
+ own_property_count);
Handle<DescriptorArray> descs =
Handle<DescriptorArray>(object->map()->instance_descriptors(),
isolate);
- int real_size = map->NumberOfOwnDescriptors();
- int enum_size = 0;
+ int size = map->NumberOfOwnDescriptors();
int index = 0;
- for (int i = 0; i < descs->number_of_descriptors(); i++) {
+ for (int i = 0; i < size; i++) {
PropertyDetails details = descs->GetDetails(i);
Object* key = descs->GetKey(i);
if (!(details.IsDontEnum() || key->IsSymbol())) {
- if (i < real_size) ++enum_size;
storage->set(index, key);
if (!indices.is_null()) {
if (details.type() != FIELD) {
@@ -706,10 +707,9 @@ Handle<FixedArray>
GetEnumPropertyKeys(Handle<JSObject> object,
indices.is_null() ? Object::cast(Smi::FromInt(0))
: Object::cast(*indices));
if (cache_result) {
- object->map()->SetEnumLength(enum_size);
+ object->map()->SetEnumLength(own_property_count);
}
-
- return ReduceFixedArrayTo(storage, enum_size);
+ return storage;
} else {
Handle<NameDictionary> dictionary(object->property_dictionary());
int length = dictionary->NumberOfEnumElements();
Index: test/mjsunit/regress/regress-enum-prop-keys-cache-size.js
diff --git a/test/mjsunit/regress/regress-enum-prop-keys-cache-size.js
b/test/mjsunit/regress/regress-enum-prop-keys-cache-size.js
new file mode 100644
index
0000000000000000000000000000000000000000..1227500eeaf45b7b696ab6b6f3a7e87275569a27
--- /dev/null
+++ b/test/mjsunit/regress/regress-enum-prop-keys-cache-size.js
@@ -0,0 +1,19 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --allow-natives-syntax --stress-compaction
+
+%SetAllocationTimeout(100000, 100000);
+
+var x = {};
+x.a = 1;
+x.b = 2;
+x = {};
+
+var y = {};
+y.a = 1;
+
+%SetAllocationTimeout(100000, 0);
+
+for (var z in y) { }
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
