| Index: src/x64/lithium-codegen-x64.cc
|
| diff --git a/src/x64/lithium-codegen-x64.cc b/src/x64/lithium-codegen-x64.cc
|
| index 054dd606a2241afd811b4ced43118ce2ff100530..a66f1e95f98ce07b5bb11fbab9592f890f6f3588 100644
|
| --- a/src/x64/lithium-codegen-x64.cc
|
| +++ b/src/x64/lithium-codegen-x64.cc
|
| @@ -483,7 +483,7 @@ void LCodeGen::WriteTranslation(LEnvironment* environment,
|
| pushed_arguments_index,
|
| pushed_arguments_count);
|
| bool has_closure_id = !info()->closure().is_null() &&
|
| - *info()->closure() != *environment->closure();
|
| + !info()->closure().is_identical_to(environment->closure());
|
| int closure_id = has_closure_id
|
| ? DefineDeoptimizationLiteral(environment->closure())
|
| : Translation::kSelfLiteralId;
|
| @@ -800,10 +800,13 @@ void LCodeGen::PopulateDeoptimizationData(Handle<Code> code) {
|
|
|
| Handle<FixedArray> literals =
|
| factory()->NewFixedArray(deoptimization_literals_.length(), TENURED);
|
| - for (int i = 0; i < deoptimization_literals_.length(); i++) {
|
| - literals->set(i, *deoptimization_literals_[i]);
|
| + { ALLOW_HANDLE_DEREF(isolate(),
|
| + "copying a ZoneList of handles into a FixedArray");
|
| + for (int i = 0; i < deoptimization_literals_.length(); i++) {
|
| + literals->set(i, *deoptimization_literals_[i]);
|
| + }
|
| + data->SetLiteralArray(*literals);
|
| }
|
| - data->SetLiteralArray(*literals);
|
|
|
| data->SetOsrAstId(Smi::FromInt(info_->osr_ast_id().ToInt()));
|
| data->SetOsrPcOffset(Smi::FromInt(osr_pc_offset_));
|
| @@ -1557,6 +1560,7 @@ void LCodeGen::DoConstantD(LConstantD* instr) {
|
|
|
| void LCodeGen::DoConstantT(LConstantT* instr) {
|
| Handle<Object> value = instr->value();
|
| + ALLOW_HANDLE_DEREF(isolate(), "smi check");
|
| if (value->IsSmi()) {
|
| __ Move(ToRegister(instr->result()), value);
|
| } else {
|
| @@ -3313,12 +3317,15 @@ void LCodeGen::DoGlobalReceiver(LGlobalReceiver* instr) {
|
|
|
|
|
| void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
|
| + int formal_parameter_count,
|
| int arity,
|
| LInstruction* instr,
|
| CallKind call_kind,
|
| RDIState rdi_state) {
|
| - bool can_invoke_directly = !function->NeedsArgumentsAdaption() ||
|
| - function->shared()->formal_parameter_count() == arity;
|
| + bool dont_adapt_arguments =
|
| + formal_parameter_count == SharedFunctionInfo::kDontAdaptArgumentsSentinel;
|
| + bool can_invoke_directly =
|
| + dont_adapt_arguments || formal_parameter_count == arity;
|
|
|
| LPointerMap* pointers = instr->pointer_map();
|
| RecordPosition(pointers->position());
|
| @@ -3333,13 +3340,13 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
|
|
|
| // Set rax to arguments count if adaption is not needed. Assumes that rax
|
| // is available to write to at this point.
|
| - if (!function->NeedsArgumentsAdaption()) {
|
| + if (dont_adapt_arguments) {
|
| __ Set(rax, arity);
|
| }
|
|
|
| // Invoke function.
|
| __ SetCallKind(rcx, call_kind);
|
| - if (*function == *info()->closure()) {
|
| + if (function.is_identical_to(info()->closure())) {
|
| __ CallSelf();
|
| } else {
|
| __ call(FieldOperand(rdi, JSFunction::kCodeEntryOffset));
|
| @@ -3352,7 +3359,9 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
|
| SafepointGenerator generator(
|
| this, pointers, Safepoint::kLazyDeopt);
|
| ParameterCount count(arity);
|
| - __ InvokeFunction(function, count, CALL_FUNCTION, generator, call_kind);
|
| + ParameterCount expected(formal_parameter_count);
|
| + __ InvokeFunction(
|
| + function, expected, count, CALL_FUNCTION, generator, call_kind);
|
| }
|
|
|
| // Restore context.
|
| @@ -3362,7 +3371,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
|
|
|
| void LCodeGen::DoCallConstantFunction(LCallConstantFunction* instr) {
|
| ASSERT(ToRegister(instr->result()).is(rax));
|
| - CallKnownFunction(instr->function(),
|
| + CallKnownFunction(instr->hydrogen()->function(),
|
| + instr->hydrogen()->formal_parameter_count(),
|
| instr->arity(),
|
| instr,
|
| CALL_AS_METHOD,
|
| @@ -3802,7 +3812,8 @@ void LCodeGen::DoInvokeFunction(LInvokeFunction* instr) {
|
| ASSERT(ToRegister(instr->function()).is(rdi));
|
| ASSERT(instr->HasPointerMap());
|
|
|
| - if (instr->known_function().is_null()) {
|
| + Handle<JSFunction> known_function = instr->hydrogen()->known_function();
|
| + if (known_function.is_null()) {
|
| LPointerMap* pointers = instr->pointer_map();
|
| RecordPosition(pointers->position());
|
| SafepointGenerator generator(this, pointers, Safepoint::kLazyDeopt);
|
| @@ -3810,7 +3821,8 @@ void LCodeGen::DoInvokeFunction(LInvokeFunction* instr) {
|
| __ InvokeFunction(rdi, count, CALL_FUNCTION, generator, CALL_AS_METHOD);
|
| __ movq(rsi, Operand(rbp, StandardFrameConstants::kContextOffset));
|
| } else {
|
| - CallKnownFunction(instr->known_function(),
|
| + CallKnownFunction(known_function,
|
| + instr->hydrogen()->formal_parameter_count(),
|
| instr->arity(),
|
| instr,
|
| CALL_AS_METHOD,
|
| @@ -3869,7 +3881,8 @@ void LCodeGen::DoCallGlobal(LCallGlobal* instr) {
|
|
|
| void LCodeGen::DoCallKnownGlobal(LCallKnownGlobal* instr) {
|
| ASSERT(ToRegister(instr->result()).is(rax));
|
| - CallKnownFunction(instr->target(),
|
| + CallKnownFunction(instr->hydrogen()->target(),
|
| + instr->hydrogen()->formal_parameter_count(),
|
| instr->arity(),
|
| instr,
|
| CALL_AS_FUNCTION,
|
| @@ -4870,6 +4883,7 @@ void LCodeGen::DoCheckInstanceType(LCheckInstanceType* instr) {
|
| void LCodeGen::DoCheckFunction(LCheckFunction* instr) {
|
| Register reg = ToRegister(instr->value());
|
| Handle<JSFunction> target = instr->hydrogen()->target();
|
| + ALLOW_HANDLE_DEREF(isolate(), "using raw address");
|
| if (isolate()->heap()->InNewSpace(*target)) {
|
| Handle<JSGlobalPropertyCell> cell =
|
| isolate()->factory()->NewJSGlobalPropertyCell(target);
|
| @@ -4998,16 +5012,12 @@ void LCodeGen::DoAllocateObject(LAllocateObject* instr) {
|
| Register result = ToRegister(instr->result());
|
| Register scratch = ToRegister(instr->temp());
|
| Handle<JSFunction> constructor = instr->hydrogen()->constructor();
|
| - Handle<Map> initial_map(constructor->initial_map());
|
| + Handle<Map> initial_map = instr->hydrogen()->constructor_initial_map();
|
| int instance_size = initial_map->instance_size();
|
| ASSERT(initial_map->pre_allocated_property_fields() +
|
| initial_map->unused_property_fields() -
|
| initial_map->inobject_properties() == 0);
|
|
|
| - // Allocate memory for the object. The initial map might change when
|
| - // the constructor's prototype changes, but instance size and property
|
| - // counts remain unchanged (if slack tracking finished).
|
| - ASSERT(!constructor->shared()->IsInobjectSlackTrackingInProgress());
|
| __ Allocate(instance_size, result, no_reg, scratch, deferred->entry(),
|
| TAG_OBJECT);
|
|
|
| @@ -5058,8 +5068,7 @@ void LCodeGen::DoAllocateObject(LAllocateObject* instr) {
|
|
|
| void LCodeGen::DoDeferredAllocateObject(LAllocateObject* instr) {
|
| Register result = ToRegister(instr->result());
|
| - Handle<JSFunction> constructor = instr->hydrogen()->constructor();
|
| - Handle<Map> initial_map(constructor->initial_map());
|
| + Handle<Map> initial_map = instr->hydrogen()->constructor_initial_map();
|
| int instance_size = initial_map->instance_size();
|
|
|
| // TODO(3095996): Get rid of this. For now, we need to make the
|
| @@ -5135,7 +5144,7 @@ void LCodeGen::DoDeferredAllocate(LAllocate* instr) {
|
|
|
|
|
| void LCodeGen::DoArrayLiteral(LArrayLiteral* instr) {
|
| - Handle<FixedArray> literals(instr->environment()->closure()->literals());
|
| + Handle<FixedArray> literals = instr->hydrogen()->literals();
|
| ElementsKind boilerplate_elements_kind =
|
| instr->hydrogen()->boilerplate_elements_kind();
|
| AllocationSiteMode allocation_site_mode =
|
| @@ -5195,7 +5204,7 @@ void LCodeGen::DoArrayLiteral(LArrayLiteral* instr) {
|
|
|
|
|
| void LCodeGen::DoObjectLiteral(LObjectLiteral* instr) {
|
| - Handle<FixedArray> literals(instr->environment()->closure()->literals());
|
| + Handle<FixedArray> literals = instr->hydrogen()->literals();
|
| Handle<FixedArray> constant_properties =
|
| instr->hydrogen()->constant_properties();
|
|
|
| @@ -5208,7 +5217,7 @@ void LCodeGen::DoObjectLiteral(LObjectLiteral* instr) {
|
|
|
| // Set up the parameters to the stub/runtime call and pick the right
|
| // runtime function or stub to call.
|
| - int properties_count = constant_properties->length() / 2;
|
| + int properties_count = instr->hydrogen()->constant_properties_length() / 2;
|
| if (instr->hydrogen()->depth() > 1) {
|
| __ PushHeapObject(literals);
|
| __ Push(Smi::FromInt(instr->hydrogen()->literal_index()));
|
| @@ -5293,19 +5302,17 @@ void LCodeGen::DoRegExpLiteral(LRegExpLiteral* instr) {
|
| void LCodeGen::DoFunctionLiteral(LFunctionLiteral* instr) {
|
| // Use the fast case closure allocation code that allocates in new
|
| // space for nested functions that don't need literals cloning.
|
| - Handle<SharedFunctionInfo> shared_info = instr->shared_info();
|
| bool pretenure = instr->hydrogen()->pretenure();
|
| - if (!pretenure && shared_info->num_literals() == 0) {
|
| - FastNewClosureStub stub(shared_info->language_mode(),
|
| - shared_info->is_generator());
|
| - __ Push(shared_info);
|
| + if (!pretenure && instr->hydrogen()->has_no_literals()) {
|
| + FastNewClosureStub stub(instr->hydrogen()->language_mode(),
|
| + instr->hydrogen()->is_generator());
|
| + __ Push(instr->hydrogen()->shared_info());
|
| CallCode(stub.GetCode(isolate()), RelocInfo::CODE_TARGET, instr);
|
| } else {
|
| __ push(rsi);
|
| - __ Push(shared_info);
|
| - __ PushRoot(pretenure ?
|
| - Heap::kTrueValueRootIndex :
|
| - Heap::kFalseValueRootIndex);
|
| + __ Push(instr->hydrogen()->shared_info());
|
| + __ PushRoot(pretenure ? Heap::kTrueValueRootIndex :
|
| + Heap::kFalseValueRootIndex);
|
| CallRuntime(Runtime::kNewClosure, 3, instr);
|
| }
|
| }
|
| @@ -5322,6 +5329,7 @@ void LCodeGen::EmitPushTaggedOperand(LOperand* operand) {
|
| ASSERT(!operand->IsDoubleRegister());
|
| if (operand->IsConstantOperand()) {
|
| Handle<Object> object = ToHandle(LConstantOperand::cast(operand));
|
| + ALLOW_HANDLE_DEREF(isolate(), "smi check");
|
| if (object->IsSmi()) {
|
| __ Push(Handle<Smi>::cast(object));
|
| } else {
|
|
|
Chromium Code Reviews
Issue 14403015:
Disallow dereferencing deferred handles when generating optimized code. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge