Basic support for tracking smi-only arrays on ia32.

src/ia32/stub-cache-ia32.cc

 // Copyright 2011 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 1451 matching lines @@
       STATIC_ASSERT(kSmiTag == 0);
       __ add(Operand(eax), Immediate(Smi::FromInt(argc)));
 
       // Get the element's length into ecx.
       __ mov(ecx, FieldOperand(ebx, FixedArray::kLengthOffset));
 
       // Check if we could survive without allocation.
       __ cmp(eax, Operand(ecx));
       __ j(greater, &attempt_to_grow_elements);
 
+      // Check if value is a smi.
+      __ mov(ecx, Operand(esp, argc * kPointerSize));
+      __ JumpIfNotSmi(ecx, &with_write_barrier);
+
       // Save new length.
       __ mov(FieldOperand(edx, JSArray::kLengthOffset), eax);
 
       // Push the element.
       __ lea(edx, FieldOperand(ebx,
                                eax, times_half_pointer_size,
                                FixedArray::kHeaderSize - argc * kPointerSize));
-      __ mov(ecx, Operand(esp, argc * kPointerSize));
       __ mov(Operand(edx, 0), ecx);
 
-      // Check if value is a smi.
-      __ JumpIfNotSmi(ecx, &with_write_barrier);
-
       __ bind(&exit);

[Yang, 2011/09/21 14:47:50]

Remove unused label.

[danno, 2011/09/22 11:23:15]

Done.

       __ ret((argc + 1) * kPointerSize);
 
       __ bind(&with_write_barrier);
 
+      if (FLAG_smi_only_arrays) {
+        __ mov(edi, FieldOperand(edx, HeapObject::kMapOffset));
+        __ CheckFastObjectElements(edi, &call_builtin);
+      }
+
+      // Save new length.
+      __ mov(FieldOperand(edx, JSArray::kLengthOffset), eax);
+
+      // Push the element.
+      __ lea(edx, FieldOperand(ebx,
+                               eax, times_half_pointer_size,
+                               FixedArray::kHeaderSize - argc * kPointerSize));
+      __ mov(Operand(edx, 0), ecx);
+
       __ RecordWrite(
           ebx, edx, ecx, kDontSaveFPRegs, EMIT_REMEMBERED_SET, OMIT_SMI_CHECK);
 
       __ ret((argc + 1) * kPointerSize);
 
       __ bind(&attempt_to_grow_elements);
       if (!FLAG_inline_new) {
         __ jmp(&call_builtin);
       }
 
+      __ mov(edi, Operand(esp, argc * kPointerSize));
+      if (FLAG_smi_only_arrays) {
+        // Growing elements that are SMI-only requires special handling in case
+        // the new element is non-Smi. For now, delegate to the builtin.
+        Label no_fast_elements_check;
+        __ JumpIfSmi(edi, &no_fast_elements_check);
+        __ mov(esi, FieldOperand(edx, HeapObject::kMapOffset));
+      __ CheckFastObjectElements(esi, &call_builtin, Label::kFar);
+      __ bind(&no_fast_elements_check);

[Yang, 2011/09/21 14:47:50]

Nit: indentation.

[danno, 2011/09/22 11:23:15]

Done.

+      }
+
       // We could be lucky and the elements array could be at the top of
       // new-space.  In this case we can just grow it in place by moving the
       // allocation pointer up.
 
       ExternalReference new_space_allocation_top =
           ExternalReference::new_space_allocation_top_address(isolate());
       ExternalReference new_space_allocation_limit =
           ExternalReference::new_space_allocation_limit_address(isolate());
 
       const int kAllocationDelta = 4;
       // Load top.
       __ mov(ecx, Operand::StaticVariable(new_space_allocation_top));
 
       // Check if it's the end of elements.
       __ lea(edx, FieldOperand(ebx,
                                eax, times_half_pointer_size,
                                FixedArray::kHeaderSize - argc * kPointerSize));
       __ cmp(edx, Operand(ecx));
       __ j(not_equal, &call_builtin);
       __ add(Operand(ecx), Immediate(kAllocationDelta * kPointerSize));
       __ cmp(ecx, Operand::StaticVariable(new_space_allocation_limit));
       __ j(above, &call_builtin);
 
       // We fit and could grow elements.
       __ mov(Operand::StaticVariable(new_space_allocation_top), ecx);
-      __ mov(ecx, Operand(esp, argc * kPointerSize));
 
       // Push the argument...
-      __ mov(Operand(edx, 0), ecx);
+      __ mov(Operand(edx, 0), edi);
       // ... and fill the rest with holes.
       for (int i = 1; i < kAllocationDelta; i++) {
         __ mov(Operand(edx, i * kPointerSize),
                Immediate(factory()->the_hole_value()));
       }
 
       // We know the elements array is in new space so we don't need the
       // remembered set, but we just pushed a value onto it so we may have to
       // tell the incremental marker to rescan the object that we just grew.  We
       // don't need to worry about the holes because they are in old space and
       // already marked black.
-      __ RecordWrite(ebx, edx, ecx, kDontSaveFPRegs, OMIT_REMEMBERED_SET);
+      __ RecordWrite(ebx, edx, edi, kDontSaveFPRegs, OMIT_REMEMBERED_SET);
 
       // Restore receiver to edx as finish sequence assumes it's here.
       __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
 
       // Increment element's and array's sizes.
       __ add(FieldOperand(ebx, FixedArray::kLengthOffset),
              Immediate(Smi::FromInt(kAllocationDelta)));
 
       // NOTE: This only happen in new-space, where we don't
       // care about the black-byte-count on pages. Otherwise we should
@@ skipping 2319 matching lines @@
       masm->isolate()->builtins()->KeyedLoadIC_Slow();
   __ jmp(slow_ic, RelocInfo::CODE_TARGET);
 
   __ bind(&miss_force_generic);
   Handle<Code> miss_ic =
       masm->isolate()->builtins()->KeyedLoadIC_MissForceGeneric();
   __ jmp(miss_ic, RelocInfo::CODE_TARGET);
 }
 
 
-void KeyedStoreStubCompiler::GenerateStoreFastElement(MacroAssembler* masm,
-                                                      bool is_js_array) {
+void KeyedStoreStubCompiler::GenerateStoreFastElement(
+    MacroAssembler* masm,
+    bool is_js_array,
+    StoreObjectAction store_object_action) {

[fschneider, 2011/09/22 07:46:38]

I find the name StoreObjectAction a little misleading. Why not just pass the
elements kind instead?
It seems to be used just to decide what to do in case of smi-only  or normal
fast elements. 

[danno, 2011/09/22 11:23:15]

Done.

   // ----------- S t a t e -------------
   //  -- eax    : value
   //  -- ecx    : key
   //  -- edx    : receiver
   //  -- esp[0] : return address
   // -----------------------------------
   Label miss_force_generic;
 
   // This stub is meant to be tail-jumped to, the receiver must already
   // have been verified by the caller to not be a smi.
@@ skipping 10 matching lines @@
   if (is_js_array) {
     // Check that the key is within bounds.
     __ cmp(ecx, FieldOperand(edx, JSArray::kLengthOffset));  // smis.
     __ j(above_equal, &miss_force_generic);
   } else {
     // Check that the key is within bounds.
     __ cmp(ecx, FieldOperand(edi, FixedArray::kLengthOffset));  // smis.
     __ j(above_equal, &miss_force_generic);
   }
 
-  // Do the store and update the write barrier.
-  __ lea(ecx, FieldOperand(edi, ecx, times_2, FixedArray::kHeaderSize));
-  __ mov(Operand(ecx, 0), eax);
-  // Make sure to preserve the value in register eax.
-  __ mov(edx, Operand(eax));
-  __ RecordWrite(edi, ecx, edx, kDontSaveFPRegs);
+  if (store_object_action == kObjectStoreForcesGeneric) {
+    __ JumpIfNotSmi(eax, &miss_force_generic);
+    __ mov(FieldOperand(edi, ecx, times_2, FixedArray::kHeaderSize), eax);

[Yang, 2011/09/21 14:47:50]

Maybe use times_half_pointer_size instead and comment that this is because ecx
is a smi.

[danno, 2011/09/22 11:23:15]

Done.

+  } else {
+    ASSERT(store_object_action == kObjectStoreCausesWriteBarrier);
+    // Do the store and update the write barrier.
+    __ lea(ecx, FieldOperand(edi, ecx, times_2, FixedArray::kHeaderSize));
+    __ mov(Operand(ecx, 0), eax);
+    // Make sure to preserve the value in register eax.
+    __ mov(edx, Operand(eax));
+    __ RecordWrite(edi, ecx, edx, kDontSaveFPRegs);
+  }
 
   // Done.
   __ ret(0);
 
   // Handle store cache miss, replacing the ic with the generic stub.
   __ bind(&miss_force_generic);
   Handle<Code> ic_force_generic =
       masm->isolate()->builtins()->KeyedStoreIC_MissForceGeneric();
   __ jmp(ic_force_generic, RelocInfo::CODE_TARGET);
 }
@@ skipping 91 matching lines @@
       masm->isolate()->builtins()->KeyedStoreIC_MissForceGeneric();
   __ jmp(ic_force_generic, RelocInfo::CODE_TARGET);
 }
 
 
 #undef __
 
 } }  // namespace v8::internal
 
 #endif  // V8_TARGET_ARCH_IA32