[ic] Remove broken DCHECK and clean up naming

The DCHECK related to a time when dictionary mode prototypes were the payload
of complex data driven handlers. Now the additional data is used to hold
entirely different kinds of objects. The DCHECK made no sense anymore. Cleaning
up the names makes this clearer.

Bug: chromium:986187
Change-Id: I7173d7d2824396c04c01acb4ceb74693ee9ce6b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1724215
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62993}
This commit is contained in:
Toon Verwaest 2019-07-30 17:35:13 +02:00 committed by Commit Bot
parent d187b07005
commit 19810c489c
2 changed files with 32 additions and 23 deletions

View File

@ -30,7 +30,7 @@ int InitPrototypeChecksImpl(Isolate* isolate, Handle<ICHandler> handler,
Handle<Smi>* smi_handler, Handle<Map> receiver_map,
Handle<JSReceiver> holder, MaybeObjectHandle data1,
MaybeObjectHandle maybe_data2) {
int checks_count = 0;
int data_size = 1;
// Holder-is-receiver case itself does not add entries unless there is an
// optional data2 value provided.
@ -51,7 +51,7 @@ int InitPrototypeChecksImpl(Isolate* isolate, Handle<ICHandler> handler,
using Bit = typename ICHandler::DoAccessCheckOnReceiverBits;
*smi_handler = SetBitFieldValue<Bit>(isolate, *smi_handler, true);
}
checks_count++;
data_size++;
} else if (receiver_map->is_dictionary_map() &&
!receiver_map->IsJSGlobalObjectMap()) {
if (!fill_handler) {
@ -67,16 +67,16 @@ int InitPrototypeChecksImpl(Isolate* isolate, Handle<ICHandler> handler,
if (fill_handler) {
// This value will go either to data2 or data3 slot depending on whether
// data2 slot is already occupied by native context.
if (checks_count == 0) {
if (data_size == 1) {
handler->set_data2(*maybe_data2);
} else {
DCHECK_EQ(1, checks_count);
DCHECK_EQ(2, data_size);
handler->set_data3(*maybe_data2);
}
}
checks_count++;
data_size++;
}
return checks_count;
return data_size;
}
// Returns 0 if the validity cell check is enough to ensure that the
@ -86,9 +86,9 @@ int InitPrototypeChecksImpl(Isolate* isolate, Handle<ICHandler> handler,
// Returns -1 if the handler has to be compiled or the number of prototype
// checks otherwise.
template <typename ICHandler>
int GetPrototypeCheckCount(
Isolate* isolate, Handle<Smi>* smi_handler, Handle<Map> receiver_map,
Handle<JSReceiver> holder, MaybeObjectHandle data1,
int GetHandlerDataSize(Isolate* isolate, Handle<Smi>* smi_handler,
Handle<Map> receiver_map, Handle<JSReceiver> holder,
MaybeObjectHandle data1,
MaybeObjectHandle maybe_data2 = MaybeObjectHandle()) {
DCHECK_NOT_NULL(smi_handler);
return InitPrototypeChecksImpl<ICHandler, false>(isolate, Handle<ICHandler>(),
@ -121,14 +121,13 @@ Handle<Object> LoadHandler::LoadFromPrototype(Isolate* isolate,
data1 = maybe_data1;
}
int checks_count = GetPrototypeCheckCount<LoadHandler>(
int data_size = GetHandlerDataSize<LoadHandler>(
isolate, &smi_handler, receiver_map, holder, data1, maybe_data2);
Handle<Object> validity_cell =
Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate);
int data_count = 1 + checks_count;
Handle<LoadHandler> handler = isolate->factory()->NewLoadHandler(data_count);
Handle<LoadHandler> handler = isolate->factory()->NewLoadHandler(data_size);
handler->set_smi_handler(*smi_handler);
handler->set_validity_cell(*validity_cell);
@ -144,19 +143,18 @@ Handle<Object> LoadHandler::LoadFullChain(Isolate* isolate,
Handle<Smi> smi_handler) {
Handle<JSReceiver> end; // null handle, means full prototype chain lookup.
MaybeObjectHandle data1 = holder;
int checks_count = GetPrototypeCheckCount<LoadHandler>(
isolate, &smi_handler, receiver_map, end, data1);
int data_size = GetHandlerDataSize<LoadHandler>(isolate, &smi_handler,
receiver_map, end, data1);
Handle<Object> validity_cell =
Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate);
if (validity_cell->IsSmi()) {
DCHECK_EQ(0, checks_count);
DCHECK_EQ(1, data_size);
// Lookup on receiver isn't supported in case of a simple smi handler.
if (!LookupOnReceiverBits::decode(smi_handler->value())) return smi_handler;
}
int data_count = 1 + checks_count;
Handle<LoadHandler> handler = isolate->factory()->NewLoadHandler(data_count);
Handle<LoadHandler> handler = isolate->factory()->NewLoadHandler(data_size);
handler->set_smi_handler(*smi_handler);
handler->set_validity_cell(*validity_cell);
@ -251,16 +249,13 @@ Handle<Object> StoreHandler::StoreThroughPrototype(
data1 = maybe_data1;
}
int checks_count = GetPrototypeCheckCount<StoreHandler>(
int data_size = GetHandlerDataSize<StoreHandler>(
isolate, &smi_handler, receiver_map, holder, data1, maybe_data2);
Handle<Object> validity_cell =
Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate);
DCHECK_IMPLIES(validity_cell->IsSmi(), checks_count == 0);
int data_count = 1 + checks_count;
Handle<StoreHandler> handler =
isolate->factory()->NewStoreHandler(data_count);
Handle<StoreHandler> handler = isolate->factory()->NewStoreHandler(data_size);
handler->set_smi_handler(*smi_handler);
handler->set_validity_cell(*validity_cell);

View File

@ -0,0 +1,14 @@
// Copyright 2019 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --expose-gc
var obj = {}
obj.__proto__ = null;
Object.defineProperty(obj, "prop", {
set: gc
});
for (var i = 0; i < 100 ; ++i) {
obj["prop"] = 0;
}