Two bugfixes for hydrogen-based array constructors (issue 14642002)
2 views
Skip to first unread message
mvst...@chromium.org
Apr 30, 2013, 7:10:42 AM4/30/13
to verw...@chromium.org, v8-...@googlegroups.com
Reviewers: Toon Verwaest,
Message:
Here is the change we discussed. The cctest change, disabling incremental
marking was discussed with mstarzinger.
Thanks!
--Michael
Description:
Two bugfixes for hydrogen-based array constructors
CacheInitialJSArrayMaps needs to be able to pick up where it left off,
as it can now be called from a handlfied context.
Disable incremental marking for CCTest SetJitCodeEventHandler, as it
allocates
during compilation.
BUG=
Please review this at https://codereview.chromium.org/14642002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/objects.cc
M test/cctest/test-api.cc
Index: src/objects.cc
diff --git a/src/objects.cc b/src/objects.cc
index
502ce0657c2b67146f64b95df145f5d27c258477..94fd487aa3eef6f6016bcb153e4c69ba2e608273
100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -8922,9 +8922,14 @@ static MUST_USE_RESULT MaybeObject*
CacheInitialJSArrayMaps(
i < kFastElementsKindCount; ++i) {
Map* new_map;
ElementsKind next_kind = GetFastElementsKindFromSequenceIndex(i);
- MaybeObject* maybe_new_map =
- current_map->CopyAsElementsKind(next_kind, INSERT_TRANSITION);
- if (!maybe_new_map->To(&new_map)) return maybe_new_map;
+ if (current_map->HasElementsTransition()) {
+ new_map = current_map->elements_transition_map();
+ ASSERT(new_map->elements_kind() == next_kind);
+ } else {
+ MaybeObject* maybe_new_map =
+ current_map->CopyAsElementsKind(next_kind, INSERT_TRANSITION);
+ if (!maybe_new_map->To(&new_map)) return maybe_new_map;
+ }
maps->set(next_kind, new_map);
current_map = new_map;
}
Index: test/cctest/test-api.cc
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index
d0b986b796e61f1c2a4e90d9e3fb930e3b2ac881..255397b7a9235f2296d2d3325440f7926c7a6295
100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -12187,6 +12187,7 @@ static bool MatchPointers(void* key1, void* key2) {
TEST(SetJitCodeEventHandler) {
i::FLAG_stress_compaction = true;
+ i::FLAG_incremental_marking = false;
const char* script =
"function bar() {"
" var sum = 0;"
Message:
Here is the change we discussed. The cctest change, disabling incremental
marking was discussed with mstarzinger.
Thanks!
--Michael
Description:
Two bugfixes for hydrogen-based array constructors
CacheInitialJSArrayMaps needs to be able to pick up where it left off,
as it can now be called from a handlfied context.
Disable incremental marking for CCTest SetJitCodeEventHandler, as it
allocates
during compilation.
BUG=
Please review this at https://codereview.chromium.org/14642002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/objects.cc
M test/cctest/test-api.cc
Index: src/objects.cc
diff --git a/src/objects.cc b/src/objects.cc
index
502ce0657c2b67146f64b95df145f5d27c258477..94fd487aa3eef6f6016bcb153e4c69ba2e608273
100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -8922,9 +8922,14 @@ static MUST_USE_RESULT MaybeObject*
CacheInitialJSArrayMaps(
i < kFastElementsKindCount; ++i) {
Map* new_map;
ElementsKind next_kind = GetFastElementsKindFromSequenceIndex(i);
- MaybeObject* maybe_new_map =
- current_map->CopyAsElementsKind(next_kind, INSERT_TRANSITION);
- if (!maybe_new_map->To(&new_map)) return maybe_new_map;
+ if (current_map->HasElementsTransition()) {
+ new_map = current_map->elements_transition_map();
+ ASSERT(new_map->elements_kind() == next_kind);
+ } else {
+ MaybeObject* maybe_new_map =
+ current_map->CopyAsElementsKind(next_kind, INSERT_TRANSITION);
+ if (!maybe_new_map->To(&new_map)) return maybe_new_map;
+ }
maps->set(next_kind, new_map);
current_map = new_map;
}
Index: test/cctest/test-api.cc
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index
d0b986b796e61f1c2a4e90d9e3fb930e3b2ac881..255397b7a9235f2296d2d3325440f7926c7a6295
100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -12187,6 +12187,7 @@ static bool MatchPointers(void* key1, void* key2) {
TEST(SetJitCodeEventHandler) {
i::FLAG_stress_compaction = true;
+ i::FLAG_incremental_marking = false;
const char* script =
"function bar() {"
" var sum = 0;"
verw...@chromium.org
Apr 30, 2013, 7:50:58 AM4/30/13
to mvst...@chromium.org, v8-...@googlegroups.com
mvst...@chromium.org
Apr 30, 2013, 9:43:53 AM4/30/13
to verw...@chromium.org, v8-...@googlegroups.com
Committed patchset #2 manually as r14495 (presubmit successful).
https://codereview.chromium.org/14642002/
https://codereview.chromium.org/14642002/
Reply all
Reply to author
Forward
0 new messages