| Index: src/ia32/code-stubs-ia32.cc
|
| ===================================================================
|
| --- src/ia32/code-stubs-ia32.cc (revision 6041)
|
| +++ src/ia32/code-stubs-ia32.cc (working copy)
|
| @@ -5040,76 +5040,125 @@
|
|
|
|
|
| void InstanceofStub::Generate(MacroAssembler* masm) {
|
| - // Get the object - go slow case if it's a smi.
|
| - Label slow;
|
| - __ mov(eax, Operand(esp, 2 * kPointerSize)); // 2 ~ return address, function
|
| - __ test(eax, Immediate(kSmiTagMask));
|
| - __ j(zero, &slow, not_taken);
|
| + // Fixed register usage throughout the stub.
|
| + Register object = eax; // Object (lhs).
|
| + Register map = ebx; // Map of the object.
|
| + Register function = edx; // Function (rhs).
|
| + Register prototype = edi; // Prototype of the function.
|
| + Register scratch = ecx;
|
|
|
| + // Get the object and function - they are always both needed.
|
| + Label slow, not_js_object;
|
| + if (!args_in_registers()) {
|
| + __ mov(object, Operand(esp, 2 * kPointerSize));
|
| + __ mov(function, Operand(esp, 1 * kPointerSize));
|
| + }
|
| +
|
| // Check that the left hand is a JS object.
|
| - __ IsObjectJSObjectType(eax, eax, edx, &slow);
|
| + __ test(object, Immediate(kSmiTagMask));
|
| + __ j(zero, ¬_js_object, not_taken);
|
| + __ IsObjectJSObjectType(object, map, scratch, ¬_js_object);
|
|
|
| - // Get the prototype of the function.
|
| - __ mov(edx, Operand(esp, 1 * kPointerSize)); // 1 ~ return address
|
| - // edx is function, eax is map.
|
| -
|
| // Look up the function and the map in the instanceof cache.
|
| NearLabel miss;
|
| ExternalReference roots_address = ExternalReference::roots_address();
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheFunctionRootIndex));
|
| - __ cmp(edx, Operand::StaticArray(ecx, times_pointer_size, roots_address));
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheFunctionRootIndex));
|
| + __ cmp(function,
|
| + Operand::StaticArray(scratch, times_pointer_size, roots_address));
|
| __ j(not_equal, &miss);
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheMapRootIndex));
|
| - __ cmp(eax, Operand::StaticArray(ecx, times_pointer_size, roots_address));
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheMapRootIndex));
|
| + __ cmp(map, Operand::StaticArray(scratch, times_pointer_size, roots_address));
|
| __ j(not_equal, &miss);
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| - __ mov(eax, Operand::StaticArray(ecx, times_pointer_size, roots_address));
|
| - __ ret(2 * kPointerSize);
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| + __ mov(eax, Operand::StaticArray(scratch, times_pointer_size, roots_address));
|
| + __ IncrementCounter(&Counters::instance_of_cache, 1);
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
|
|
| __ bind(&miss);
|
| - __ TryGetFunctionPrototype(edx, ebx, ecx, &slow);
|
| + // Get the prototype of the function.
|
| + __ TryGetFunctionPrototype(function, prototype, scratch, &slow);
|
|
|
| // Check that the function prototype is a JS object.
|
| - __ test(ebx, Immediate(kSmiTagMask));
|
| + __ test(prototype, Immediate(kSmiTagMask));
|
| __ j(zero, &slow, not_taken);
|
| - __ IsObjectJSObjectType(ebx, ecx, ecx, &slow);
|
| + __ IsObjectJSObjectType(prototype, scratch, scratch, &slow);
|
|
|
| - // Register mapping:
|
| - // eax is object map.
|
| - // edx is function.
|
| - // ebx is function prototype.
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheMapRootIndex));
|
| - __ mov(Operand::StaticArray(ecx, times_pointer_size, roots_address), eax);
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheFunctionRootIndex));
|
| - __ mov(Operand::StaticArray(ecx, times_pointer_size, roots_address), edx);
|
| + // Update the golbal instanceof cache with the current map and function. The
|
| + // cached answer will be set when it is known.
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheMapRootIndex));
|
| + __ mov(Operand::StaticArray(scratch, times_pointer_size, roots_address), map);
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheFunctionRootIndex));
|
| + __ mov(Operand::StaticArray(scratch, times_pointer_size, roots_address),
|
| + function);
|
|
|
| - __ mov(ecx, FieldOperand(eax, Map::kPrototypeOffset));
|
| -
|
| - // Loop through the prototype chain looking for the function prototype.
|
| + // Loop through the prototype chain of the object looking for the function
|
| + // prototype.
|
| + __ mov(scratch, FieldOperand(map, Map::kPrototypeOffset));
|
| NearLabel loop, is_instance, is_not_instance;
|
| __ bind(&loop);
|
| - __ cmp(ecx, Operand(ebx));
|
| + __ cmp(scratch, Operand(prototype));
|
| __ j(equal, &is_instance);
|
| - __ cmp(Operand(ecx), Immediate(Factory::null_value()));
|
| + __ cmp(Operand(scratch), Immediate(Factory::null_value()));
|
| __ j(equal, &is_not_instance);
|
| - __ mov(ecx, FieldOperand(ecx, HeapObject::kMapOffset));
|
| - __ mov(ecx, FieldOperand(ecx, Map::kPrototypeOffset));
|
| + __ mov(scratch, FieldOperand(scratch, HeapObject::kMapOffset));
|
| + __ mov(scratch, FieldOperand(scratch, Map::kPrototypeOffset));
|
| __ jmp(&loop);
|
|
|
| __ bind(&is_instance);
|
| + __ IncrementCounter(&Counters::instance_of_stub_true, 1);
|
| __ Set(eax, Immediate(0));
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| - __ mov(Operand::StaticArray(ecx, times_pointer_size, roots_address), eax);
|
| - __ ret(2 * kPointerSize);
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| + __ mov(Operand::StaticArray(scratch, times_pointer_size, roots_address), eax);
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
|
|
| __ bind(&is_not_instance);
|
| + __ IncrementCounter(&Counters::instance_of_stub_false, 1);
|
| __ Set(eax, Immediate(Smi::FromInt(1)));
|
| - __ mov(ecx, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| - __ mov(Operand::StaticArray(ecx, times_pointer_size, roots_address), eax);
|
| - __ ret(2 * kPointerSize);
|
| + __ mov(scratch, Immediate(Heap::kInstanceofCacheAnswerRootIndex));
|
| + __ mov(Operand::StaticArray(scratch, times_pointer_size, roots_address), eax);
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
|
|
| + Label object_not_null, object_not_null_or_smi;
|
| + __ bind(¬_js_object);
|
| + // Before null, smi and string value checks, check that the rhs is a function
|
| + // as for a non-function rhs an exception needs to be thrown.
|
| + __ test(function, Immediate(kSmiTagMask));
|
| + __ j(zero, &slow, not_taken);
|
| + __ CmpObjectType(function, JS_FUNCTION_TYPE, scratch);
|
| + __ j(not_equal, &slow, not_taken);
|
| +
|
| + // Null is not instance of anything.
|
| + __ cmp(object, Factory::null_value());
|
| + __ j(not_equal, &object_not_null);
|
| + __ IncrementCounter(&Counters::instance_of_stub_false_null, 1);
|
| + __ Set(eax, Immediate(Smi::FromInt(1)));
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
| +
|
| + __ bind(&object_not_null);
|
| + // Smi values is not instance of anything.
|
| + __ test(object, Immediate(kSmiTagMask));
|
| + __ j(not_zero, &object_not_null_or_smi, not_taken);
|
| + __ Set(eax, Immediate(Smi::FromInt(1)));
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
| +
|
| + __ bind(&object_not_null_or_smi);
|
| + // String values is not instance of anything.
|
| + Condition is_string = masm->IsObjectStringType(object, scratch, scratch);
|
| + __ j(NegateCondition(is_string), &slow);
|
| + __ IncrementCounter(&Counters::instance_of_stub_false_string, 1);
|
| + __ Set(eax, Immediate(Smi::FromInt(1)));
|
| + __ ret((args_in_registers() ? 0 : 2) * kPointerSize);
|
| +
|
| // Slow-case: Go through the JavaScript implementation.
|
| __ bind(&slow);
|
| + if (args_in_registers()) {
|
| + // Push arguments below return address.
|
| + __ pop(scratch);
|
| + __ push(object);
|
| + __ push(function);
|
| + __ push(scratch);
|
| + }
|
| + __ IncrementCounter(&Counters::instance_of_slow, 1);
|
| __ InvokeBuiltin(Builtins::INSTANCE_OF, JUMP_FUNCTION);
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 5828004:
IA32: Optimize instanceof... (Closed)
Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/