review.tizen.org Git - platform/upstream/v8.git/commit

projects / platform / upstream / v8.git / commit

author	bmeurer <bmeurer@chromium.org>
	Tue, 25 Aug 2015 04:48:36 +0000 (21:48 -0700)
committer	Commit bot <commit-bot@chromium.org>
	Tue, 25 Aug 2015 04:48:54 +0000 (04:48 +0000)
commit	5d875a57fa2e65c1a4a6b50aeb23c38299c3cfbc
tree	30764e0c366e3b526102fd32f4747582791a7e07	tree \| snapshot
parent	2090c08d3ebafbabf5e2a85a58d605d60cbf6650	commit \| diff

Correctify instanceof and make it optimizable.

The previous hack with HInstanceOfKnownGlobal was not only slower,
but also very brittle and required a lot of weird hacks to support it. And
what's even more important it wasn't even correct (because a map check
on the lhs is never enough for instanceof).

The new implementation provides a sane runtime implementation
for InstanceOf plus a fast case in the InstanceOfStub, combined with
a proper specialization in the case of a known global in CrankShaft,
which does only the prototype chain walk (coupled with a code
dependency on the known global).

As a drive-by-fix: Also fix the incorrect Object.prototype.isPrototypeOf
implementation.

BUG=v8:4376
LOG=y

Review URL: https://codereview.chromium.org/1304633002

Cr-Commit-Position: refs/heads/master@{#30342}

76 files changed:

src/arm/code-stubs-arm.cc		diff \| blob \| history
src/arm/interface-descriptors-arm.cc		diff \| blob \| history
src/arm/lithium-arm.cc		diff \| blob \| history
src/arm/lithium-arm.h		diff \| blob \| history
src/arm/lithium-codegen-arm.cc		diff \| blob \| history
src/arm/lithium-codegen-arm.h		diff \| blob \| history
src/arm/macro-assembler-arm.cc		diff \| blob \| history
src/arm/macro-assembler-arm.h		diff \| blob \| history
src/arm64/code-stubs-arm64.cc		diff \| blob \| history
src/arm64/interface-descriptors-arm64.cc		diff \| blob \| history
src/arm64/lithium-arm64.cc		diff \| blob \| history
src/arm64/lithium-arm64.h		diff \| blob \| history
src/arm64/lithium-codegen-arm64.cc		diff \| blob \| history
src/arm64/lithium-codegen-arm64.h		diff \| blob \| history
src/arm64/macro-assembler-arm64.cc		diff \| blob \| history
src/arm64/macro-assembler-arm64.h		diff \| blob \| history
src/bailout-reason.h		diff \| blob \| history
src/builtins.h		diff \| blob \| history
src/code-factory.cc		diff \| blob \| history
src/code-factory.h		diff \| blob \| history
src/code-stubs.cc		diff \| blob \| history
src/code-stubs.h		diff \| blob \| history
src/compiler/js-generic-lowering.cc		diff \| blob \| history
src/full-codegen/arm/full-codegen-arm.cc		diff \| blob \| history
src/full-codegen/arm64/full-codegen-arm64.cc		diff \| blob \| history
src/full-codegen/ia32/full-codegen-ia32.cc		diff \| blob \| history
src/full-codegen/mips/full-codegen-mips.cc		diff \| blob \| history
src/full-codegen/mips64/full-codegen-mips64.cc		diff \| blob \| history
src/full-codegen/x64/full-codegen-x64.cc		diff \| blob \| history
src/hydrogen-instructions.cc		diff \| blob \| history
src/hydrogen-instructions.h		diff \| blob \| history
src/hydrogen.cc		diff \| blob \| history
src/hydrogen.h		diff \| blob \| history
src/ia32/code-stubs-ia32.cc		diff \| blob \| history
src/ia32/interface-descriptors-ia32.cc		diff \| blob \| history
src/ia32/lithium-codegen-ia32.cc		diff \| blob \| history
src/ia32/lithium-codegen-ia32.h		diff \| blob \| history
src/ia32/lithium-ia32.cc		diff \| blob \| history
src/ia32/lithium-ia32.h		diff \| blob \| history
src/ia32/macro-assembler-ia32.cc		diff \| blob \| history
src/ia32/macro-assembler-ia32.h		diff \| blob \| history
src/interface-descriptors.cc		diff \| blob \| history
src/interface-descriptors.h		diff \| blob \| history
src/mips/code-stubs-mips.cc		diff \| blob \| history
src/mips/interface-descriptors-mips.cc		diff \| blob \| history
src/mips/lithium-codegen-mips.cc		diff \| blob \| history
src/mips/lithium-codegen-mips.h		diff \| blob \| history
src/mips/lithium-mips.cc		diff \| blob \| history
src/mips/lithium-mips.h		diff \| blob \| history
src/mips/macro-assembler-mips.cc		diff \| blob \| history
src/mips/macro-assembler-mips.h		diff \| blob \| history
src/mips64/code-stubs-mips64.cc		diff \| blob \| history
src/mips64/interface-descriptors-mips64.cc		diff \| blob \| history
src/mips64/lithium-codegen-mips64.cc		diff \| blob \| history
src/mips64/lithium-codegen-mips64.h		diff \| blob \| history
src/mips64/lithium-mips64.cc		diff \| blob \| history
src/mips64/lithium-mips64.h		diff \| blob \| history
src/mips64/macro-assembler-mips64.cc		diff \| blob \| history
src/mips64/macro-assembler-mips64.h		diff \| blob \| history
src/objects.h		diff \| blob \| history
src/runtime.js		diff \| blob \| history
src/runtime/runtime-object.cc		diff \| blob \| history
src/runtime/runtime.h		diff \| blob \| history
src/v8natives.js		diff \| blob \| history
src/x64/code-stubs-x64.cc		diff \| blob \| history
src/x64/interface-descriptors-x64.cc		diff \| blob \| history
src/x64/lithium-codegen-x64.cc		diff \| blob \| history
src/x64/lithium-codegen-x64.h		diff \| blob \| history
src/x64/lithium-x64.cc		diff \| blob \| history
src/x64/lithium-x64.h		diff \| blob \| history
src/x64/macro-assembler-x64.cc		diff \| blob \| history
src/x64/macro-assembler-x64.h		diff \| blob \| history
test/mjsunit/regress/regress-4376-1.js	[new file with mode: 0644]	blob
test/mjsunit/regress/regress-4376-2.js	[new file with mode: 0644]	blob
test/mjsunit/regress/regress-4376-3.js	[new file with mode: 0644]	blob
test/webkit/fast/js/object-prototype-properties-expected.txt		diff \| blob \| history

Domain: Web Framework / Web Engine;

RSS Atom