From 2c64592065e7e3019441772cab429ea503a7d981 Mon Sep 17 00:00:00 2001 From: "mstarzinger@chromium.org" Date: Wed, 2 May 2012 07:51:03 +0000 Subject: [PATCH] MIPS: Fix LFastLiteral to check boilerplate elements kind. Port r11470 (621f96c0) Original commit message: Fix LFastLiteral to check boilerplate elements kind. Adds a missing check that the elements kind of the boilerplate object still has the expected elements kind, unoptimized code can transition the boilerplate. Corner cases might cause the optimized code to be reentered again. BUG= TEST= Review URL: https://chromiumcodereview.appspot.com/10271018 Patch from Akos Palfi . git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/mips/lithium-codegen-mips.cc | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/mips/lithium-codegen-mips.cc b/src/mips/lithium-codegen-mips.cc index c0323e3..ccda526 100644 --- a/src/mips/lithium-codegen-mips.cc +++ b/src/mips/lithium-codegen-mips.cc @@ -4603,6 +4603,23 @@ void LCodeGen::EmitDeepCopy(Handle object, void LCodeGen::DoFastLiteral(LFastLiteral* instr) { int size = instr->hydrogen()->total_size(); + ElementsKind boilerplate_elements_kind = + instr->hydrogen()->boilerplate()->GetElementsKind(); + + // Deopt if the literal boilerplate ElementsKind is of a type different than + // the expected one. The check isn't necessary if the boilerplate has already + // been converted to FAST_ELEMENTS. + if (boilerplate_elements_kind != FAST_ELEMENTS) { + __ LoadHeapObject(a1, instr->hydrogen()->boilerplate()); + // Load map into a2. + __ lw(a2, FieldMemOperand(a1, HeapObject::kMapOffset)); + // Load the map's "bit field 2". + __ lbu(a2, FieldMemOperand(a2, Map::kBitField2Offset)); + // Retrieve elements_kind from bit field 2. + __ Ext(a2, a2, Map::kElementsKindShift, Map::kElementsKindBitCount); + DeoptimizeIf(ne, instr->environment(), a2, + Operand(boilerplate_elements_kind)); + } // Allocate all objects that are part of the literal in one big // allocation. This avoids multiple limit checks. -- 2.7.4