| OLD | NEW |
|---|
| 1 // Copyright 2011 the V8 project authors. All rights reserved. | 1 // Copyright 2011 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 1379 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1390 | 1390 |
| 1391 | 1391 |
| 1392 void StoreIC::GenerateArrayLength(MacroAssembler* masm) { | 1392 void StoreIC::GenerateArrayLength(MacroAssembler* masm) { |
| 1393 // ----------- S t a t e ------------- | 1393 // ----------- S t a t e ------------- |
| 1394 // -- rax : value | 1394 // -- rax : value |
| 1395 // -- rcx : name | 1395 // -- rcx : name |
| 1396 // -- rdx : receiver | 1396 // -- rdx : receiver |
| 1397 // -- rsp[0] : return address | 1397 // -- rsp[0] : return address |
| 1398 // ----------------------------------- | 1398 // ----------------------------------- |
| 1399 // | 1399 // |
| 1400 // This accepts as a receiver anything JSObject::SetElementsLength accepts | 1400 // This accepts as a receiver anything JSArray::SetElementsLength accepts |
| 1401 // (currently anything except for external and pixel arrays which means | 1401 // (currently anything except for external arrays which means anything with |
| 1402 // anything with elements of FixedArray type.), but currently is restricted | 1402 // elements of FixedArray type). Value must be a number, but only smis are |
| 1403 // to JSArray. | 1403 // accepted as the most common case. |
| 1404 // Value must be a number, but only smis are accepted as the most common case. | |
| 1405 | 1404 |
| 1406 Label miss; | 1405 Label miss; |
| 1407 | 1406 |
| 1408 Register receiver = rdx; | 1407 Register receiver = rdx; |
| 1409 Register value = rax; | 1408 Register value = rax; |
| 1410 Register scratch = rbx; | 1409 Register scratch = rbx; |
| 1411 | 1410 |
| 1412 // Check that the receiver isn't a smi. | 1411 // Check that the receiver isn't a smi. |
| 1413 __ JumpIfSmi(receiver, &miss); | 1412 __ JumpIfSmi(receiver, &miss); |
| 1414 | 1413 |
| 1415 // Check that the object is a JS array. | 1414 // Check that the object is a JS array. |
| 1416 __ CmpObjectType(receiver, JS_ARRAY_TYPE, scratch); | 1415 __ CmpObjectType(receiver, JS_ARRAY_TYPE, scratch); |
| 1417 __ j(not_equal, &miss); | 1416 __ j(not_equal, &miss); |
| 1418 | 1417 |
| 1419 // Check that elements are FixedArray. | 1418 // Check that elements are FixedArray. |
| 1420 // We rely on StoreIC_ArrayLength below to deal with all types of | 1419 // We rely on StoreIC_ArrayLength below to deal with all types of |
| 1421 // fast elements (including COW). | 1420 // fast elements (including COW). |
| 1422 __ movq(scratch, FieldOperand(receiver, JSArray::kElementsOffset)); | 1421 __ movq(scratch, FieldOperand(receiver, JSArray::kElementsOffset)); |
| 1423 __ CmpObjectType(scratch, FIXED_ARRAY_TYPE, scratch); | 1422 __ CmpObjectType(scratch, FIXED_ARRAY_TYPE, scratch); |
| 1424 __ j(not_equal, &miss); | 1423 __ j(not_equal, &miss); |
| 1425 | 1424 |
| 1425 // Check that the array has fast properties, otherwise the length |
| 1426 // property might have been redefined. |
| 1427 __ movq(scratch, FieldOperand(receiver, JSArray::kPropertiesOffset)); |
| 1428 __ CompareRoot(FieldOperand(scratch, FixedArray::kMapOffset), |
| 1429 Heap::kHashTableMapRootIndex); |
| 1430 __ j(equal, &miss); |
| 1431 |
| 1426 // Check that value is a smi. | 1432 // Check that value is a smi. |
| 1427 __ JumpIfNotSmi(value, &miss); | 1433 __ JumpIfNotSmi(value, &miss); |
| 1428 | 1434 |
| 1429 // Prepare tail call to StoreIC_ArrayLength. | 1435 // Prepare tail call to StoreIC_ArrayLength. |
| 1430 __ pop(scratch); | 1436 __ pop(scratch); |
| 1431 __ push(receiver); | 1437 __ push(receiver); |
| 1432 __ push(value); | 1438 __ push(value); |
| 1433 __ push(scratch); // return address | 1439 __ push(scratch); // return address |
| 1434 | 1440 |
| 1435 ExternalReference ref = | 1441 ExternalReference ref = |
| (...skipping 256 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1692 Condition cc = *jmp_address == Assembler::kJncShortOpcode | 1698 Condition cc = *jmp_address == Assembler::kJncShortOpcode |
| 1693 ? not_zero | 1699 ? not_zero |
| 1694 : zero; | 1700 : zero; |
| 1695 *jmp_address = static_cast<byte>(Assembler::kJccShortPrefix | cc); | 1701 *jmp_address = static_cast<byte>(Assembler::kJccShortPrefix | cc); |
| 1696 } | 1702 } |
| 1697 | 1703 |
| 1698 | 1704 |
| 1699 } } // namespace v8::internal | 1705 } } // namespace v8::internal |
| 1700 | 1706 |
| 1701 #endif // V8_TARGET_ARCH_X64 | 1707 #endif // V8_TARGET_ARCH_X64 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8895025:
Fix invalid usage of StoreIC_ArrayLength optimization. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge