Revert keyed load cache probing in generated code....

src/ia32/ic-ia32.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 30 matching lines @@
 //
 
 #define __ ACCESS_MASM(masm)
 
 
 // Helper function used to load a property from a dictionary backing storage.
 // This function may return false negatives, so miss_label
 // must always call a backup property load that is complete.
 // This function is safe to call if the receiver has fast properties,
 // or if name is not a symbol, and will jump to the miss_label in that case.
-static void GenerateDictionaryLoad(MacroAssembler* masm,
-                                   Label* miss_label,
-                                   Register r0,
-                                   Register r1,
-                                   Register r2,
-                                   Register name,
-                                   DictionaryCheck check_dictionary) {
+static void GenerateDictionaryLoad(MacroAssembler* masm, Label* miss_label,
+                                   Register r0, Register r1, Register r2,
+                                   Register name) {
   // Register use:
   //
   // r0   - used to hold the property dictionary.
   //
   // r1   - initially the receiver
   //      - used for the index into the property dictionary
   //      - holds the result on exit.
   //
   // r2   - used to hold the capacity of the property dictionary.
   //
@@ skipping 15 matching lines @@
   __ movzx_b(r0, FieldOperand(r0, Map::kInstanceTypeOffset));
   __ cmp(r0, JS_GLOBAL_PROXY_TYPE);
   __ j(equal, miss_label, not_taken);
 
   // Possible work-around for http://crbug.com/16276.
   __ cmp(r0, JS_GLOBAL_OBJECT_TYPE);
   __ j(equal, miss_label, not_taken);
   __ cmp(r0, JS_BUILTINS_OBJECT_TYPE);
   __ j(equal, miss_label, not_taken);
 
-  // Load properties array.
+  // Check that the properties array is a dictionary.
   __ mov(r0, FieldOperand(r1, JSObject::kPropertiesOffset));
-
-  // Check that the properties array is a dictionary.
-  if (check_dictionary == CHECK_DICTIONARY) {
-    __ cmp(FieldOperand(r0, HeapObject::kMapOffset),
-           Immediate(Factory::hash_table_map()));
-    __ j(not_equal, miss_label);
-  }
+  __ cmp(FieldOperand(r0, HeapObject::kMapOffset),
+         Immediate(Factory::hash_table_map()));
+  __ j(not_equal, miss_label);
 
   // Compute the capacity mask.
   const int kCapacityOffset =
       StringDictionary::kHeaderSize +
       StringDictionary::kCapacityIndex * kPointerSize;
   __ mov(r2, FieldOperand(r0, kCapacityOffset));
   __ shr(r2, kSmiTagSize);  // convert smi to int
   __ dec(r2);
 
   // Generate an unrolled loop that performs a few probes before
@@ skipping 112 matching lines @@
   StubCompiler::GenerateLoadMiss(masm, Code::LOAD_IC);
 }
 
 
 void KeyedLoadIC::GenerateGeneric(MacroAssembler* masm) {
   // ----------- S t a t e -------------
   //  -- esp[0] : return address
   //  -- esp[4] : name
   //  -- esp[8] : receiver
   // -----------------------------------
-  Label slow, check_string, index_int, index_string;
-  Label check_pixel_array, probe_dictionary;
+  Label slow, check_string, index_int, index_string, check_pixel_array;
 
   // Load name and receiver.
   __ mov(eax, Operand(esp, kPointerSize));
   __ mov(ecx, Operand(esp, 2 * kPointerSize));
 
   // Check that the object isn't a smi.
   __ test(ecx, Immediate(kSmiTagMask));
   __ j(zero, &slow, not_taken);
 
   // Get the map of the receiver.
@@ skipping 58 matching lines @@
   __ bind(&check_string);
   // The key is not a smi.
   // Is it a string?
   __ CmpObjectType(eax, FIRST_NONSTRING_TYPE, edx);
   __ j(above_equal, &slow);
   // Is the string an array index, with cached numeric value?
   __ mov(ebx, FieldOperand(eax, String::kHashFieldOffset));
   __ test(ebx, Immediate(String::kIsArrayIndexMask));
   __ j(not_zero, &index_string, not_taken);
 
-  // Is the string a symbol?
+  // If the string is a symbol, do a quick inline probe of the receiver's
+  // dictionary, if it exists.
   __ movzx_b(ebx, FieldOperand(edx, Map::kInstanceTypeOffset));
   __ test(ebx, Immediate(kIsSymbolMask));
   __ j(zero, &slow, not_taken);
-
-  // If the receiver is a fast-case object, check the keyed lookup
-  // cache. Otherwise probe the dictionary leaving result in ecx.
-  __ mov(ebx, FieldOperand(ecx, JSObject::kPropertiesOffset));
-  __ cmp(FieldOperand(ebx, HeapObject::kMapOffset),
-         Immediate(Factory::hash_table_map()));
-  __ j(equal, &probe_dictionary);
-
-  // Load the map of the receiver, compute the keyed lookup cache hash
-  // based on 32 bits of the map pointer and the string hash.
-  __ mov(ebx, FieldOperand(ecx, HeapObject::kMapOffset));
-  __ mov(edx, ebx);
-  __ shr(edx, KeyedLookupCache::kMapHashShift);
-  __ mov(eax, FieldOperand(eax, String::kHashFieldOffset));
-  __ shr(eax, String::kHashShift);
-  __ xor_(edx, Operand(eax));
-  __ and_(edx, KeyedLookupCache::kCapacityMask);
-
-  // Load the key (consisting of map and symbol) from the cache and
-  // check for match.
-  ExternalReference cache_keys
-      = ExternalReference::keyed_lookup_cache_keys();
-  __ cmp(ebx, Operand::StaticArray(edx, two_times_pointer_size, cache_keys));
-  __ j(not_equal, &slow);
-  __ mov(edi, Operand::StaticArray(edx,
-                                   two_times_pointer_size,
-                                   cache_keys,
-                                   kPointerSize));
-  __ cmp(edi, Operand(esp, kPointerSize));
-  __ j(not_equal, &slow);
-
-  // Get field offset and check that it is an in-object property.
-  ExternalReference cache_field_offsets
-      = ExternalReference::keyed_lookup_cache_field_offsets();
-  __ mov(eax,
-         Operand::StaticArray(edx, times_pointer_size, cache_field_offsets));
-  __ movzx_b(edx, FieldOperand(ebx, Map::kInObjectPropertiesOffset));
-  __ cmp(eax, Operand(edx));
-  __ j(above_equal, &slow);
-
-  // Load in-object property.
-  __ sub(eax, Operand(edx));
-  __ movzx_b(edx, FieldOperand(ebx, Map::kInstanceSizeOffset));
-  __ add(eax, Operand(edx));
-  __ mov(eax, FieldOperand(ecx, eax, times_pointer_size, 0));
-  __ ret(0);
-
-  // Do a quick inline probe of the receiver's dictionary, if it
-  // exists.
-  __ bind(&probe_dictionary);
-  GenerateDictionaryLoad(masm,
-                         &slow,
-                         ebx,
-                         ecx,
-                         edx,
-                         eax,
-                         DICTIONARY_CHECK_DONE);
+  // Probe the dictionary leaving result in ecx.
+  GenerateDictionaryLoad(masm, &slow, ebx, ecx, edx, eax);
   GenerateCheckNonObjectOrLoaded(masm, &slow, ecx, edx);
   __ mov(eax, Operand(ecx));
   __ IncrementCounter(&Counters::keyed_load_generic_symbol, 1);
   __ ret(0);
-
   // If the hash field contains an array index pick it out. The assert checks
   // that the constants for the maximum number of digits for an array index
   // cached in the hash field and the number of bits reserved for it does not
   // conflict.
   ASSERT(TenToThe(String::kMaxCachedArrayIndexLength) <
          (1 << String::kArrayIndexValueBits));
   __ bind(&index_string);
   __ mov(eax, Operand(ebx));
   __ and_(eax, String::kArrayIndexHashMask);
   __ shr(eax, String::kHashShift);
@@ skipping 552 matching lines @@
   __ bind(&miss);
   Generate(masm, argc, ExternalReference(IC_Utility(kCallIC_Miss)));
 }
 
 
 static void GenerateNormalHelper(MacroAssembler* masm,
                                  int argc,
                                  bool is_global_object,
                                  Label* miss) {
   // Search dictionary - put result in register edx.
-  GenerateDictionaryLoad(masm, miss, eax, edx, ebx, ecx, CHECK_DICTIONARY);
+  GenerateDictionaryLoad(masm, miss, eax, edx, ebx, ecx);
 
   // Move the result to register edi and check that it isn't a smi.
   __ mov(edi, Operand(edx));
   __ test(edx, Immediate(kSmiTagMask));
   __ j(zero, miss, not_taken);
 
   // Check that the value is a JavaScript function.
   __ CmpObjectType(edx, JS_FUNCTION_TYPE, edx);
   __ j(not_equal, miss, not_taken);
 
@@ skipping 182 matching lines @@
   __ cmp(edx, JS_GLOBAL_PROXY_TYPE);
   __ j(equal, &global, not_taken);
 
   // Check for non-global object that requires access check.
   __ movzx_b(ebx, FieldOperand(ebx, Map::kBitFieldOffset));
   __ test(ebx, Immediate(1 << Map::kIsAccessCheckNeeded));
   __ j(not_zero, &miss, not_taken);
 
   // Search the dictionary placing the result in eax.
   __ bind(&probe);
-  GenerateDictionaryLoad(masm, &miss, edx, eax, ebx, ecx, CHECK_DICTIONARY);
+  GenerateDictionaryLoad(masm, &miss, edx, eax, ebx, ecx);
   GenerateCheckNonObjectOrLoaded(masm, &miss, eax, edx);
   __ ret(0);
 
   // Global object access: Check access rights.
   __ bind(&global);
   __ CheckAccessGlobalProxy(eax, edx, &miss);
   __ jmp(&probe);
 
   // Cache miss: Restore receiver from stack and jump to runtime.
   __ bind(&miss);
@@ skipping 260 matching lines @@
 
   // Do tail-call to runtime routine.
   __ TailCallRuntime(
       ExternalReference(IC_Utility(kSharedStoreIC_ExtendStorage)), 3, 1);
 }
 
 #undef __
 
 
 } }  // namespace v8::internal