Simplifying GenerateDictionaryNegativeLookup by making the 'extra' parameter ...

src/ia32/stub-cache-ia32.cc

 // Copyright 2006-2009 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 93 matching lines @@
 // Helper function used to check that the dictionary doesn't contain
 // the property. This function may return false negatives, so miss_label
 // must always call a backup property check that is complete.
 // This function is safe to call if the receiver has fast properties.
 // Name must be a symbol and receiver must be a heap object.
 static void GenerateDictionaryNegativeLookup(MacroAssembler* masm,
                                              Label* miss_label,
                                              Register receiver,
                                              String* name,
                                              Register r0,
-                                             Register extra) {
+                                             Register r1) {
   ASSERT(name->IsSymbol());
   __ IncrementCounter(&Counters::negative_lookups, 1);
   __ IncrementCounter(&Counters::negative_lookups_miss, 1);
 
   Label done;
   __ mov(r0, FieldOperand(receiver, HeapObject::kMapOffset));
 
   const int kInterceptorOrAccessCheckNeededMask =
       (1 << Map::kHasNamedInterceptor) | (1 << Map::kIsAccessCheckNeeded);
 
@@ skipping 28 matching lines @@
       StringDictionary::kElementsStartIndex * kPointerSize;
 
   // If names of slots in range from 1 to kProbes - 1 for the hash value are
   // not equal to the name and kProbes-th slot is not used (its name is the
   // undefined value), it guarantees the hash table doesn't contain the
   // property. It's true even if some slots represent deleted properties
   // (their names are the null value).
   for (int i = 0; i < kProbes; i++) {
     // r0 points to properties hash.
     // Compute the masked index: (hash + i + i * i) & mask.
-    if (extra.is(no_reg)) {
-      __ push(receiver);
-    }
-    Register index = extra.is(no_reg) ? receiver : extra;
+    Register index = r1;
     // Capacity is smi 2^n.
     __ mov(index, FieldOperand(properties, kCapacityOffset));
     __ dec(index);
     __ and_(Operand(index),
             Immediate(Smi::FromInt(name->Hash() +
                                    StringDictionary::GetProbeOffset(i))));
 
     // Scale the index by multiplying by the entry size.
     ASSERT(StringDictionary::kEntrySize == 3);
     __ lea(index, Operand(index, index, times_2, 0));  // index *= 3.
 
-    Register entity_name = extra.is(no_reg) ? properties : extra;
+    Register entity_name = r1;
     // Having undefined at this place means the name is not contained.
     ASSERT_EQ(kSmiTagSize, 1);
     __ mov(entity_name, Operand(properties, index, times_half_pointer_size,
                                 kElementsStartOffset - kHeapObjectTag));
     __ cmp(entity_name, Factory::undefined_value());
-    if (extra.is(no_reg)) {
-      // 'receiver' shares a register with 'entity_name'.
-      __ pop(receiver);
-    }
     if (i != kProbes - 1) {
       __ j(equal, &done, taken);
 
       // Stop if found the property.
       __ cmp(entity_name, Handle<String>(name));
       __ j(equal, miss_label, not_taken);
-
-      if (extra.is(no_reg)) {
-        // Restore the properties if their register was occupied by the name.
-        __ mov(properties, FieldOperand(receiver, JSObject::kPropertiesOffset));
-      }
     } else {
       // Give up probing if still not found the undefined value.
       __ j(not_equal, miss_label, not_taken);
     }
   }
 
   __ bind(&done);
   __ DecrementCounter(&Counters::negative_lookups_miss, 1);
 }
 
@@ skipping 311 matching lines @@
         name_(name) {}
 
   void Compile(MacroAssembler* masm,
                JSObject* object,
                JSObject* holder,
                String* name,
                LookupResult* lookup,
                Register receiver,
                Register scratch1,
                Register scratch2,
+               Register scratch3,
                Label* miss) {
     ASSERT(holder->HasNamedInterceptor());
     ASSERT(!holder->GetNamedInterceptor()->getter()->IsUndefined());
 
     // Check that the receiver isn't a smi.
     __ test(receiver, Immediate(kSmiTagMask));
     __ j(zero, miss, not_taken);
 
     CallOptimization optimization(lookup);
 
     if (optimization.is_constant_call()) {
       CompileCacheable(masm,
                        object,
                        receiver,
                        scratch1,
                        scratch2,
+                       scratch3,
                        holder,
                        lookup,
                        name,
                        optimization,
                        miss);
     } else {
       CompileRegular(masm,
                      object,
                      receiver,
                      scratch1,
                      scratch2,
+                     scratch3,
                      name,
                      holder,
                      miss);
     }
   }
 
  private:
   void CompileCacheable(MacroAssembler* masm,
                         JSObject* object,
                         Register receiver,
                         Register scratch1,
                         Register scratch2,
+                        Register scratch3,
                         JSObject* interceptor_holder,
                         LookupResult* lookup,
                         String* name,
                         const CallOptimization& optimization,
                         Label* miss_label) {
     ASSERT(optimization.is_constant_call());
     ASSERT(!lookup->holder()->IsGlobalObject());
 
     int depth1 = kInvalidProtoDepth;
     int depth2 = kInvalidProtoDepth;
@@ skipping 19 matching lines @@
       ReserveSpaceForFastApiCall(masm, scratch1);
     }
 
     // Check that the maps from receiver to interceptor's holder
     // haven't changed and thus we can invoke interceptor.
     Label miss_cleanup;
     Label* miss = can_do_fast_api_call ? &miss_cleanup : miss_label;
     Register holder =
         stub_compiler_->CheckPrototypes(object, receiver,
                                         interceptor_holder, scratch1,
-                                        scratch2, name, depth1, miss);
+                                        scratch2, scratch3, name, depth1, miss);
 
     // Invoke an interceptor and if it provides a value,
     // branch to |regular_invoke|.
     Label regular_invoke;
     LoadWithInterceptor(masm, receiver, holder, interceptor_holder,
                         &regular_invoke);
 
     // Interceptor returned nothing for this property.  Try to use cached
     // constant function.
 
     // Check that the maps from interceptor's holder to constant function's
     // holder haven't changed and thus we can use cached constant function.
     if (interceptor_holder != lookup->holder()) {
       stub_compiler_->CheckPrototypes(interceptor_holder, receiver,
                                       lookup->holder(), scratch1,
-                                      scratch2, name, depth2, miss);
+                                      scratch2, scratch3, name, depth2, miss);
     } else {
       // CheckPrototypes has a side effect of fetching a 'holder'
       // for API (object which is instanceof for the signature).  It's
       // safe to omit it here, as if present, it should be fetched
       // by the previous CheckPrototypes.
       ASSERT(depth2 == kInvalidProtoDepth);
     }
 
     // Invoke function.
     if (can_do_fast_api_call) {
@@ skipping 15 matching lines @@
     if (can_do_fast_api_call) {
       FreeSpaceForFastApiCall(masm, scratch1);
     }
   }
 
   void CompileRegular(MacroAssembler* masm,
                       JSObject* object,
                       Register receiver,
                       Register scratch1,
                       Register scratch2,
+                      Register scratch3,
                       String* name,
                       JSObject* interceptor_holder,
                       Label* miss_label) {
     Register holder =
         stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
-                                        scratch1, scratch2, name,
+                                        scratch1, scratch2, scratch3, name,
                                         miss_label);
 
     __ EnterInternalFrame();
     // Save the name_ register across the call.
     __ push(name_);
 
     PushInterceptorArguments(masm,
                              receiver,
                              holder,
                              name_,
@@ skipping 181 matching lines @@
 
 
 #undef __
 #define __ ACCESS_MASM(masm())
 
 
 Register StubCompiler::CheckPrototypes(JSObject* object,
                                        Register object_reg,
                                        JSObject* holder,
                                        Register holder_reg,
-                                       Register scratch,
+                                       Register scratch1,
+                                       Register scratch2,
                                        String* name,
                                        int save_at_depth,
-                                       Label* miss,
-                                       Register extra) {
+                                       Label* miss) {
   // Make sure there's no overlap between holder and object registers.
-  ASSERT(!scratch.is(object_reg) && !scratch.is(holder_reg));
-  ASSERT(!extra.is(object_reg) && !extra.is(holder_reg) && !extra.is(scratch));
+  ASSERT(!scratch1.is(object_reg) && !scratch1.is(holder_reg));
+  ASSERT(!scratch2.is(object_reg) && !scratch2.is(holder_reg)
+         && !scratch2.is(scratch1));
   // Keep track of the current object in register reg.
   Register reg = object_reg;
   JSObject* current = object;
   int depth = 0;
 
   if (save_at_depth == depth) {
     __ mov(Operand(esp, kPointerSize), reg);
   }
 
   // Traverse the prototype chain and check the maps in the prototype chain for
@@ skipping 19 matching lines @@
           name = String::cast(lookup_result);
         }
       }
       ASSERT(current->property_dictionary()->FindEntry(name) ==
              StringDictionary::kNotFound);
 
       GenerateDictionaryNegativeLookup(masm(),
                                        miss,
                                        reg,
                                        name,
-                                       scratch,
-                                       extra);
-      __ mov(scratch, FieldOperand(reg, HeapObject::kMapOffset));
+                                       scratch1,
+                                       scratch2);
+      __ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset));
       reg = holder_reg;  // from now the object is in holder_reg
-      __ mov(reg, FieldOperand(scratch, Map::kPrototypeOffset));
+      __ mov(reg, FieldOperand(scratch1, Map::kPrototypeOffset));
     } else if (Heap::InNewSpace(prototype)) {
       // Get the map of the current object.
-      __ mov(scratch, FieldOperand(reg, HeapObject::kMapOffset));
-      __ cmp(Operand(scratch), Immediate(Handle<Map>(current->map())));
+      __ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset));
+      __ cmp(Operand(scratch1), Immediate(Handle<Map>(current->map())));
       // Branch on the result of the map check.
       __ j(not_equal, miss, not_taken);
       // Check access rights to the global object.  This has to happen
       // after the map check so that we know that the object is
       // actually a global object.
       if (current->IsJSGlobalProxy()) {
-        __ CheckAccessGlobalProxy(reg, scratch, miss);
+        __ CheckAccessGlobalProxy(reg, scratch1, miss);
 
         // Restore scratch register to be the map of the object.
         // We load the prototype from the map in the scratch register.
-        __ mov(scratch, FieldOperand(reg, HeapObject::kMapOffset));
+        __ mov(scratch1, FieldOperand(reg, HeapObject::kMapOffset));
       }
       // The prototype is in new space; we cannot store a reference
       // to it in the code. Load it from the map.
       reg = holder_reg;  // from now the object is in holder_reg
-      __ mov(reg, FieldOperand(scratch, Map::kPrototypeOffset));
+      __ mov(reg, FieldOperand(scratch1, Map::kPrototypeOffset));
     } else {
       // Check the map of the current object.
       __ cmp(FieldOperand(reg, HeapObject::kMapOffset),
              Immediate(Handle<Map>(current->map())));
       // Branch on the result of the map check.
       __ j(not_equal, miss, not_taken);
       // Check access rights to the global object.  This has to happen
       // after the map check so that we know that the object is
       // actually a global object.
       if (current->IsJSGlobalProxy()) {
-        __ CheckAccessGlobalProxy(reg, scratch, miss);
+        __ CheckAccessGlobalProxy(reg, scratch1, miss);
       }
       // The prototype is in old space; load it directly.
       reg = holder_reg;  // from now the object is in holder_reg
       __ mov(reg, Handle<JSObject>(prototype));
     }
 
     if (save_at_depth == depth) {
       __ mov(Operand(esp, kPointerSize), reg);
     }
 
     // Go to the next object in the prototype chain.
     current = prototype;
   }
   ASSERT(current == holder);
 
   // Log the check depth.
   LOG(IntEvent("check-maps-depth", depth + 1));
 
   // Check the holder map.
   __ cmp(FieldOperand(reg, HeapObject::kMapOffset),
          Immediate(Handle<Map>(holder->map())));
   __ j(not_equal, miss, not_taken);
 
   // Perform security check for access to the global object.
   ASSERT(holder->IsJSGlobalProxy() || !holder->IsAccessCheckNeeded());
   if (holder->IsJSGlobalProxy()) {
-    __ CheckAccessGlobalProxy(reg, scratch, miss);
+    __ CheckAccessGlobalProxy(reg, scratch1, miss);
   };
 
   // If we've skipped any global objects, it's not enough to verify
   // that their maps haven't changed.  We also need to check that the
   // property cell for the property is still empty.
   Object* result = GenerateCheckPropertyCells(masm(),
                                               object,
                                               holder,
                                               name,
-                                              scratch,
+                                              scratch1,
                                               miss);
   if (result->IsFailure()) set_failure(Failure::cast(result));
 
   // Return the register containing the holder.
   return reg;
 }
 
 
 void StubCompiler::GenerateLoadField(JSObject* object,
                                      JSObject* holder,
                                      Register receiver,
                                      Register scratch1,
                                      Register scratch2,
+                                     Register scratch3,
                                      int index,
                                      String* name,
                                      Label* miss) {
   // Check that the receiver isn't a smi.
   __ test(receiver, Immediate(kSmiTagMask));
   __ j(zero, miss, not_taken);
 
   // Check the prototype chain.
   Register reg =
       CheckPrototypes(object, receiver, holder,
-                      scratch1, scratch2, name, miss);
+                      scratch1, scratch2, scratch3, name, miss);
 
   // Get the value from the properties.
   GenerateFastPropertyLoad(masm(), eax, reg, holder, index);
   __ ret(0);
 }
 
 
 bool StubCompiler::GenerateLoadCallback(JSObject* object,
                                         JSObject* holder,
                                         Register receiver,
                                         Register name_reg,
                                         Register scratch1,
                                         Register scratch2,
+                                        Register scratch3,
                                         AccessorInfo* callback,
                                         String* name,
                                         Label* miss,
                                         Failure** failure) {
   // Check that the receiver isn't a smi.
   __ test(receiver, Immediate(kSmiTagMask));
   __ j(zero, miss, not_taken);
 
   // Check that the maps haven't changed.
   Register reg =
       CheckPrototypes(object, receiver, holder,
-                      scratch1, scratch2, name, miss);
+                      scratch1, scratch2, scratch3, name, miss);
 
   Handle<AccessorInfo> callback_handle(callback);
 
   Register other = reg.is(scratch1) ? scratch2 : scratch1;
   __ EnterInternalFrame();
   __ PushHandleScope(other);
   // Push the stack address where the list of arguments ends
   __ mov(other, esp);
   __ sub(Operand(other), Immediate(2 * kPointerSize));
   __ push(other);
@@ skipping 43 matching lines @@
   __ ret(0);
   return true;
 }
 
 
 void StubCompiler::GenerateLoadConstant(JSObject* object,
                                         JSObject* holder,
                                         Register receiver,
                                         Register scratch1,
                                         Register scratch2,
+                                        Register scratch3,
                                         Object* value,
                                         String* name,
                                         Label* miss) {
   // Check that the receiver isn't a smi.
   __ test(receiver, Immediate(kSmiTagMask));
   __ j(zero, miss, not_taken);
 
   // Check that the maps haven't changed.
   Register reg =
       CheckPrototypes(object, receiver, holder,
-                      scratch1, scratch2, name, miss);
+                      scratch1, scratch2, scratch3, name, miss);
 
   // Return the constant value.
   __ mov(eax, Handle<Object>(value));
   __ ret(0);
 }
 
 
 void StubCompiler::GenerateLoadInterceptor(JSObject* object,
                                            JSObject* interceptor_holder,
                                            LookupResult* lookup,
                                            Register receiver,
                                            Register name_reg,
                                            Register scratch1,
                                            Register scratch2,
+                                           Register scratch3,
                                            String* name,
                                            Label* miss) {
   ASSERT(interceptor_holder->HasNamedInterceptor());
   ASSERT(!interceptor_holder->GetNamedInterceptor()->getter()->IsUndefined());
 
   // Check that the receiver isn't a smi.
   __ test(receiver, Immediate(kSmiTagMask));
   __ j(zero, miss, not_taken);
 
   // So far the most popular follow ups for interceptor loads are FIELD
   // and CALLBACKS, so inline only them, other cases may be added
   // later.
   bool compile_followup_inline = false;
   if (lookup->IsProperty() && lookup->IsCacheable()) {
     if (lookup->type() == FIELD) {
       compile_followup_inline = true;
     } else if (lookup->type() == CALLBACKS &&
         lookup->GetCallbackObject()->IsAccessorInfo() &&
         AccessorInfo::cast(lookup->GetCallbackObject())->getter() != NULL) {
       compile_followup_inline = true;
     }
   }
 
   if (compile_followup_inline) {
     // Compile the interceptor call, followed by inline code to load the
     // property from further up the prototype chain if the call fails.
     // Check that the maps haven't changed.
     Register holder_reg = CheckPrototypes(object, receiver, interceptor_holder,
-                                          scratch1, scratch2, name, miss);
+                                          scratch1, scratch2, scratch3,
+                                          name, miss);
     ASSERT(holder_reg.is(receiver) || holder_reg.is(scratch1));
 
     // Save necessary data before invoking an interceptor.
     // Requires a frame to make GC aware of pushed pointers.
     __ EnterInternalFrame();
 
     if (lookup->type() == CALLBACKS && !receiver.is(holder_reg)) {
       // CALLBACKS case needs a receiver to be passed into C++ callback.
       __ push(receiver);
     }
@@ skipping 27 matching lines @@
     __ LeaveInternalFrame();
 
     // Check that the maps from interceptor's holder to lookup's holder
     // haven't changed.  And load lookup's holder into holder_reg.
     if (interceptor_holder != lookup->holder()) {
       holder_reg = CheckPrototypes(interceptor_holder,
                                    holder_reg,
                                    lookup->holder(),
                                    scratch1,
                                    scratch2,
+                                   scratch3,
                                    name,
                                    miss);
     }
 
     if (lookup->type() == FIELD) {
       // We found FIELD property in prototype chain of interceptor's holder.
       // Retrieve a field from field's holder.
       GenerateFastPropertyLoad(masm(), eax, holder_reg,
                                lookup->holder(), lookup->GetFieldIndex());
       __ ret(0);
@@ skipping 20 matching lines @@
 
       ExternalReference ref =
           ExternalReference(IC_Utility(IC::kLoadCallbackProperty));
       __ TailCallExternalReference(ref, 5, 1);
     }
   } else {  // !compile_followup_inline
     // Call the runtime system to load the interceptor.
     // Check that the maps haven't changed.
     Register holder_reg =
         CheckPrototypes(object, receiver, interceptor_holder,
-                        scratch1, scratch2, name, miss);
+                        scratch1, scratch2, scratch3, name, miss);
     __ pop(scratch2);  // save old return address
     PushInterceptorArguments(masm(), receiver, holder_reg,
                              name_reg, interceptor_holder);
     __ push(scratch2);  // restore old return address
 
     ExternalReference ref = ExternalReference(
         IC_Utility(IC::kLoadPropertyWithInterceptorForLoad));
     __ TailCallExternalReference(ref, 5, 1);
   }
 }
@@ skipping 54 matching lines @@
 
   // Get the receiver from the stack.
   const int argc = arguments().immediate();
   __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
 
   // Check that the receiver isn't a smi.
   __ test(edx, Immediate(kSmiTagMask));
   __ j(zero, &miss, not_taken);
 
   // Do the right check and compute the holder register.
-  Register reg = CheckPrototypes(object, edx, holder, ebx, eax,
-                                 name, &miss, edi);
+  Register reg = CheckPrototypes(object, edx, holder, ebx, eax, edi,
+                                 name, &miss);
 
   GenerateFastPropertyLoad(masm(), edi, reg, holder, index);
 
   // Check that the function really is a function.
   __ test(edi, Immediate(kSmiTagMask));
   __ j(zero, &miss, not_taken);
   __ CmpObjectType(edi, JS_FUNCTION_TYPE, ebx);
   __ j(not_equal, &miss, not_taken);
 
   // Patch the receiver on the stack with the global proxy if
@@ skipping 41 matching lines @@
   // Get the receiver from the stack.
   const int argc = arguments().immediate();
   __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
 
   // Check that the receiver isn't a smi.
   __ test(edx, Immediate(kSmiTagMask));
   __ j(zero, &miss);
 
   CheckPrototypes(JSObject::cast(object), edx,
                   holder, ebx,
-                  eax, name, &miss, edi);
+                  eax, edi, name, &miss);
 
   if (argc == 0) {
     // Noop, return the length.
     __ mov(eax, FieldOperand(edx, JSArray::kLengthOffset));
     __ ret((argc + 1) * kPointerSize);
   } else {
     // Get the elements array of the object.
     __ mov(ebx, FieldOperand(edx, JSArray::kElementsOffset));
 
     // Check that the elements are in fast mode (not dictionary).
@@ skipping 125 matching lines @@
 
   // Get the receiver from the stack.
   const int argc = arguments().immediate();
   __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
 
   // Check that the receiver isn't a smi.
   __ test(edx, Immediate(kSmiTagMask));
   __ j(zero, &miss);
   CheckPrototypes(JSObject::cast(object), edx,
                   holder, ebx,
-                  eax, name, &miss, edi);
+                  eax, edi, name, &miss);
 
   // Get the elements array of the object.
   __ mov(ebx, FieldOperand(edx, JSArray::kElementsOffset));
 
   // Check that the elements are in fast mode (not dictionary).
   __ cmp(FieldOperand(ebx, HeapObject::kMapOffset),
          Immediate(Factory::fixed_array_map()));
   __ j(not_equal, &miss);
 
   // Get the array's length into ecx and calculate new length.
@@ skipping 54 matching lines @@
 
   Label miss;
   Label index_out_of_range;
   GenerateNameCheck(name, &miss);
 
   // Check that the maps starting from the prototype haven't changed.
   GenerateDirectLoadGlobalFunctionPrototype(masm(),
                                             Context::STRING_FUNCTION_INDEX,
                                             eax);
   CheckPrototypes(JSObject::cast(object->GetPrototype()), eax, holder,
-                  ebx, edx, name, &miss, edi);
+                  ebx, edx, edi, name, &miss);
 
   Register receiver = ebx;
   Register index = edi;
   Register scratch = edx;
   Register result = eax;
   __ mov(receiver, Operand(esp, (argc + 1) * kPointerSize));
   if (argc > 0) {
     __ mov(index, Operand(esp, (argc - 0) * kPointerSize));
   } else {
     __ Set(index, Immediate(Factory::undefined_value()));
@@ skipping 44 matching lines @@
   Label miss;
   Label index_out_of_range;
 
   GenerateNameCheck(name, &miss);
 
   // Check that the maps starting from the prototype haven't changed.
   GenerateDirectLoadGlobalFunctionPrototype(masm(),
                                             Context::STRING_FUNCTION_INDEX,
                                             eax);
   CheckPrototypes(JSObject::cast(object->GetPrototype()), eax, holder,
-                  ebx, edx, name, &miss, edi);
+                  ebx, edx, edi, name, &miss);
 
   Register receiver = eax;
   Register index = edi;
   Register scratch1 = ebx;
   Register scratch2 = edx;
   Register result = eax;
   __ mov(receiver, Operand(esp, (argc + 1) * kPointerSize));
   if (argc > 0) {
     __ mov(index, Operand(esp, (argc - 0) * kPointerSize));
   } else {
@@ skipping 84 matching lines @@
             JSObject::cast(object), holder);
       }
 
       if (depth != kInvalidProtoDepth) {
         __ IncrementCounter(&Counters::call_const_fast_api, 1);
         ReserveSpaceForFastApiCall(masm(), eax);
       }
 
       // Check that the maps haven't changed.
       CheckPrototypes(JSObject::cast(object), edx, holder,
-                      ebx, eax, name, depth, &miss, edi);
+                      ebx, eax, edi, name, depth, &miss);
 
       // Patch the receiver on the stack with the global proxy if
       // necessary.
       if (object->IsGlobalObject()) {
         ASSERT(depth == kInvalidProtoDepth);
         __ mov(edx, FieldOperand(edx, GlobalObject::kGlobalReceiverOffset));
         __ mov(Operand(esp, (argc + 1) * kPointerSize), edx);
       }
       break;
 
     case STRING_CHECK:
       if (!function->IsBuiltin()) {
         // Calling non-builtins with a value as receiver requires boxing.
         __ jmp(&miss);
       } else {
         // Check that the object is a string or a symbol.
         __ CmpObjectType(edx, FIRST_NONSTRING_TYPE, eax);
         __ j(above_equal, &miss, not_taken);
         // Check that the maps starting from the prototype haven't changed.
         GenerateDirectLoadGlobalFunctionPrototype(
             masm(), Context::STRING_FUNCTION_INDEX, eax);
         CheckPrototypes(JSObject::cast(object->GetPrototype()), eax, holder,
-                        ebx, edx, name, &miss, edi);
+                        ebx, edx, edi, name, &miss);
       }
       break;
 
     case NUMBER_CHECK: {
       if (!function->IsBuiltin()) {
         // Calling non-builtins with a value as receiver requires boxing.
         __ jmp(&miss);
       } else {
         Label fast;
         // Check that the object is a smi or a heap number.
         __ test(edx, Immediate(kSmiTagMask));
         __ j(zero, &fast, taken);
         __ CmpObjectType(edx, HEAP_NUMBER_TYPE, eax);
         __ j(not_equal, &miss, not_taken);
         __ bind(&fast);
         // Check that the maps starting from the prototype haven't changed.
         GenerateDirectLoadGlobalFunctionPrototype(
             masm(), Context::NUMBER_FUNCTION_INDEX, eax);
         CheckPrototypes(JSObject::cast(object->GetPrototype()), eax, holder,
-                        ebx, edx, name, &miss, edi);
+                        ebx, edx, edi, name, &miss);
       }
       break;
     }
 
     case BOOLEAN_CHECK: {
       if (!function->IsBuiltin()) {
         // Calling non-builtins with a value as receiver requires boxing.
         __ jmp(&miss);
       } else {
         Label fast;
         // Check that the object is a boolean.
         __ cmp(edx, Factory::true_value());
         __ j(equal, &fast, taken);
         __ cmp(edx, Factory::false_value());
         __ j(not_equal, &miss, not_taken);
         __ bind(&fast);
         // Check that the maps starting from the prototype haven't changed.
         GenerateDirectLoadGlobalFunctionPrototype(
             masm(), Context::BOOLEAN_FUNCTION_INDEX, eax);
         CheckPrototypes(JSObject::cast(object->GetPrototype()), eax, holder,
-                        ebx, edx, name, &miss, edi);
+                        ebx, edx, edi, name, &miss);
       }
       break;
     }
 
     default:
       UNREACHABLE();
   }
 
   if (depth != kInvalidProtoDepth) {
     GenerateFastApiCall(masm(), optimization, argc);
@@ skipping 39 matching lines @@
 
   CallInterceptorCompiler compiler(this, arguments(), ecx);
   compiler.Compile(masm(),
                    object,
                    holder,
                    name,
                    &lookup,
                    edx,
                    ebx,
                    edi,
+                   eax,
                    &miss);
 
   // Restore receiver.
   __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
 
   // Check that the function really is a function.
   __ test(eax, Immediate(kSmiTagMask));
   __ j(zero, &miss, not_taken);
   __ CmpObjectType(eax, JS_FUNCTION_TYPE, ebx);
   __ j(not_equal, &miss, not_taken);
@@ skipping 42 matching lines @@
 
   // If the object is the holder then we know that it's a global
   // object which can only happen for contextual calls. In this case,
   // the receiver cannot be a smi.
   if (object != holder) {
     __ test(edx, Immediate(kSmiTagMask));
     __ j(zero, &miss, not_taken);
   }
 
   // Check that the maps haven't changed.
-  CheckPrototypes(object, edx, holder, ebx, eax, name, &miss, edi);
+  CheckPrototypes(object, edx, holder, ebx, eax, edi, name, &miss);
 
   // Get the value from the cell.
   __ mov(edi, Immediate(Handle<JSGlobalPropertyCell>(cell)));
   __ mov(edi, FieldOperand(edi, JSGlobalPropertyCell::kValueOffset));
 
   // Check that the cell contains the same function.
   if (Heap::InNewSpace(function)) {
     // We can't embed a pointer to a function in new space so we have
     // to verify that the shared function info is unchanged. This has
     // the nice side effect that multiple closures based on the same
@@ skipping 255 matching lines @@
 
   // Check that the receiver isn't a smi.
   __ test(eax, Immediate(kSmiTagMask));
   __ j(zero, &miss, not_taken);
 
   ASSERT(last->IsGlobalObject() || last->HasFastProperties());
 
   // Check the maps of the full prototype chain. Also check that
   // global property cells up to (but not including) the last object
   // in the prototype chain are empty.
-  CheckPrototypes(object, eax, last, ebx, edx, name, &miss);
+  CheckPrototypes(object, eax, last, ebx, edx, edi, name, &miss);
 
   // If the last object in the prototype chain is a global object,
   // check that the global property cell is empty.
   if (last->IsGlobalObject()) {
     Object* cell = GenerateCheckPropertyCell(masm(),
                                              GlobalObject::cast(last),
                                              name,
                                              edx,
                                              &miss);
     if (cell->IsFailure()) return cell;
@@ skipping 16 matching lines @@
                                            JSObject* holder,
                                            int index,
                                            String* name) {
   // ----------- S t a t e -------------
   //  -- eax    : receiver
   //  -- ecx    : name
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
-  GenerateLoadField(object, holder, eax, ebx, edx, index, name, &miss);
+  GenerateLoadField(object, holder, eax, ebx, edx, edi, index, name, &miss);
   __ bind(&miss);
   GenerateLoadMiss(masm(), Code::LOAD_IC);
 
   // Return the generated code.
   return GetCode(FIELD, name);
 }
 
 
 Object* LoadStubCompiler::CompileLoadCallback(String* name,
                                               JSObject* object,
                                               JSObject* holder,
                                               AccessorInfo* callback) {
   // ----------- S t a t e -------------
   //  -- eax    : receiver
   //  -- ecx    : name
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
   Failure* failure = Failure::InternalError();
-  bool success = GenerateLoadCallback(object, holder, eax, ecx, ebx, edx,
+  bool success = GenerateLoadCallback(object, holder, eax, ecx, ebx, edx, edi,
                                       callback, name, &miss, &failure);
   if (!success) return failure;
 
   __ bind(&miss);
   GenerateLoadMiss(masm(), Code::LOAD_IC);
 
   // Return the generated code.
   return GetCode(CALLBACKS, name);
 }
 
 
 Object* LoadStubCompiler::CompileLoadConstant(JSObject* object,
                                               JSObject* holder,
                                               Object* value,
                                               String* name) {
   // ----------- S t a t e -------------
   //  -- eax    : receiver
   //  -- ecx    : name
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
-  GenerateLoadConstant(object, holder, eax, ebx, edx, value, name, &miss);
+  GenerateLoadConstant(object, holder, eax, ebx, edx, edi, value, name, &miss);
   __ bind(&miss);
   GenerateLoadMiss(masm(), Code::LOAD_IC);
 
   // Return the generated code.
   return GetCode(CONSTANT_FUNCTION, name);
 }
 
 
 Object* LoadStubCompiler::CompileLoadInterceptor(JSObject* receiver,
                                                  JSObject* holder,
@@ skipping 10 matching lines @@
 
   // TODO(368): Compile in the whole chain: all the interceptors in
   // prototypes and ultimate answer.
   GenerateLoadInterceptor(receiver,
                           holder,
                           &lookup,
                           eax,
                           ecx,
                           edx,
                           ebx,
+                          edi,
                           name,
                           &miss);
 
   __ bind(&miss);
   GenerateLoadMiss(masm(), Code::LOAD_IC);
 
   // Return the generated code.
   return GetCode(INTERCEPTOR, name);
 }
 
@@ skipping 12 matching lines @@
 
   // If the object is the holder then we know that it's a global
   // object which can only happen for contextual loads. In this case,
   // the receiver cannot be a smi.
   if (object != holder) {
     __ test(eax, Immediate(kSmiTagMask));
     __ j(zero, &miss, not_taken);
   }
 
   // Check that the maps haven't changed.
-  CheckPrototypes(object, eax, holder, ebx, edx, name, &miss, edi);
+  CheckPrototypes(object, eax, holder, ebx, edx, edi, name, &miss);
 
   // Get the value from the cell.
   __ mov(ebx, Immediate(Handle<JSGlobalPropertyCell>(cell)));
   __ mov(ebx, FieldOperand(ebx, JSGlobalPropertyCell::kValueOffset));
 
   // Check for deleted property if property can actually be deleted.
   if (!is_dont_delete) {
     __ cmp(ebx, Factory::the_hole_value());
     __ j(equal, &miss, not_taken);
   } else if (FLAG_debug_code) {
@@ skipping 24 matching lines @@
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
   __ IncrementCounter(&Counters::keyed_load_field, 1);
 
   // Check that the name has not changed.
   __ cmp(Operand(eax), Immediate(Handle<String>(name)));
   __ j(not_equal, &miss, not_taken);
 
-  GenerateLoadField(receiver, holder, edx, ebx, ecx, index, name, &miss);
+  GenerateLoadField(receiver, holder, edx, ebx, ecx, edi, index, name, &miss);
 
   __ bind(&miss);
   __ DecrementCounter(&Counters::keyed_load_field, 1);
   GenerateLoadMiss(masm(), Code::KEYED_LOAD_IC);
 
   // Return the generated code.
   return GetCode(FIELD, name);
 }
 
 
 Object* KeyedLoadStubCompiler::CompileLoadCallback(String* name,
                                                    JSObject* receiver,
                                                    JSObject* holder,
                                                    AccessorInfo* callback) {
   // ----------- S t a t e -------------
   //  -- eax    : key
   //  -- edx    : receiver
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
   __ IncrementCounter(&Counters::keyed_load_callback, 1);
 
   // Check that the name has not changed.
   __ cmp(Operand(eax), Immediate(Handle<String>(name)));
   __ j(not_equal, &miss, not_taken);
 
   Failure* failure = Failure::InternalError();
-  bool success = GenerateLoadCallback(receiver, holder, edx, eax, ebx, ecx,
+  bool success = GenerateLoadCallback(receiver, holder, edx, eax, ebx, ecx, edi,
                                       callback, name, &miss, &failure);
   if (!success) return failure;
 
   __ bind(&miss);
   __ DecrementCounter(&Counters::keyed_load_callback, 1);
   GenerateLoadMiss(masm(), Code::KEYED_LOAD_IC);
 
   // Return the generated code.
   return GetCode(CALLBACKS, name);
 }
 
 
 Object* KeyedLoadStubCompiler::CompileLoadConstant(String* name,
                                                    JSObject* receiver,
                                                    JSObject* holder,
                                                    Object* value) {
   // ----------- S t a t e -------------
   //  -- eax    : key
   //  -- edx    : receiver
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss;
 
   __ IncrementCounter(&Counters::keyed_load_constant_function, 1);
 
   // Check that the name has not changed.
   __ cmp(Operand(eax), Immediate(Handle<String>(name)));
   __ j(not_equal, &miss, not_taken);
 
-  GenerateLoadConstant(receiver, holder, edx, ebx, ecx,
+  GenerateLoadConstant(receiver, holder, edx, ebx, ecx, edi,
                        value, name, &miss);
   __ bind(&miss);
   __ DecrementCounter(&Counters::keyed_load_constant_function, 1);
   GenerateLoadMiss(masm(), Code::KEYED_LOAD_IC);
 
   // Return the generated code.
   return GetCode(CONSTANT_FUNCTION, name);
 }
 
 
@@ skipping 15 matching lines @@
 
   LookupResult lookup;
   LookupPostInterceptor(holder, name, &lookup);
   GenerateLoadInterceptor(receiver,
                           holder,
                           &lookup,
                           edx,
                           eax,
                           ecx,
                           ebx,
+                          edi,
                           name,
                           &miss);
   __ bind(&miss);
   __ DecrementCounter(&Counters::keyed_load_interceptor, 1);
   GenerateLoadMiss(masm(), Code::KEYED_LOAD_IC);
 
   // Return the generated code.
   return GetCode(INTERCEPTOR, name);
 }
 
@@ skipping 207 matching lines @@
   // Return the generated code.
   return GetCode();
 }
 
 
 #undef __
 
 } }  // namespace v8::internal
 
 #endif  // V8_TARGET_ARCH_IA32