[strong] Implement strong mode restrictions on property access

src/ic/ppc/ic-ppc.cc

 // Copyright 2014 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/v8.h"
 
 #if V8_TARGET_ARCH_PPC
 
 #include "src/codegen.h"
 #include "src/ic/ic.h"
@@ skipping 149 matching lines @@
   __ lbz(scratch, FieldMemOperand(map, Map::kInstanceTypeOffset));
   __ cmpi(scratch, Operand(JS_OBJECT_TYPE));
   __ blt(slow);
 }
 
 
 // Loads an indexed element from a fast case array.
 static void GenerateFastArrayLoad(MacroAssembler* masm, Register receiver,
                                   Register key, Register elements,
                                   Register scratch1, Register scratch2,
-                                  Register result, Label* slow) {
+                                  Register result, Label* slow,
+                                  LanguageMode language_mode) {
   // Register use:
   //
   // receiver - holds the receiver on entry.
   //            Unchanged unless 'result' is the same register.
   //
   // key      - holds the smi key on entry.
   //            Unchanged unless 'result' is the same register.
   //
   // result   - holds the result on exit if the load succeeded.
   //            Allowed to be the the same as 'receiver' or 'key'.
   //            Unchanged on bailout so 'receiver' and 'key' can be safely
   //            used by further computation.
   //
   // Scratch registers:
   //
   // elements - holds the elements of the receiver and its protoypes.
   //
   // scratch1 - used to hold elements length, bit fields, base addresses.
   //
   // scratch2 - used to hold maps, prototypes, and the loaded value.
   Label check_prototypes, check_next_prototype;
-  Label done, in_bounds, return_undefined;
+  Label done, in_bounds, absent;
 
   __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset));
   __ AssertFastElements(elements);
 
   // Check that the key (index) is within bounds.
   __ LoadP(scratch1, FieldMemOperand(elements, FixedArray::kLengthOffset));
   __ cmpl(key, scratch1);
   __ blt(&in_bounds);
   // Out-of-bounds. Check the prototype chain to see if we can just return
   // 'undefined'.
   __ cmpi(key, Operand::Zero());
   __ blt(slow);  // Negative keys can't take the fast OOB path.
   __ bind(&check_prototypes);
   __ LoadP(scratch2, FieldMemOperand(receiver, HeapObject::kMapOffset));
   __ bind(&check_next_prototype);
   __ LoadP(scratch2, FieldMemOperand(scratch2, Map::kPrototypeOffset));
   // scratch2: current prototype
   __ CompareRoot(scratch2, Heap::kNullValueRootIndex);
-  __ beq(&return_undefined);
+  __ beq(&absent);
   __ LoadP(elements, FieldMemOperand(scratch2, JSObject::kElementsOffset));
   __ LoadP(scratch2, FieldMemOperand(scratch2, HeapObject::kMapOffset));
   // elements: elements of current prototype
   // scratch2: map of current prototype
   __ CompareInstanceType(scratch2, scratch1, JS_OBJECT_TYPE);
   __ blt(slow);
   __ lbz(scratch1, FieldMemOperand(scratch2, Map::kBitFieldOffset));
   __ andi(r0, scratch1, Operand((1 << Map::kIsAccessCheckNeeded) |
                                 (1 << Map::kHasIndexedInterceptor)));
   __ bne(slow, cr0);
   __ CompareRoot(elements, Heap::kEmptyFixedArrayRootIndex);
   __ bne(slow);
   __ jmp(&check_next_prototype);
 
-  __ bind(&return_undefined);
-  __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
-  __ jmp(&done);
+  __ bind(&absent);
+  if (is_strong(language_mode)) {
+    // Strong mode accesses must throw in this case, so call the runtime.
+    __ jmp(slow);
+  } else {
+    __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
+    __ jmp(&done);
+  }
 
   __ bind(&in_bounds);
   // Fast case: Do the load.
   __ addi(scratch1, elements,
           Operand(FixedArray::kHeaderSize - kHeapObjectTag));
   // The key is a smi.
   __ SmiToPtrArrayOffset(scratch2, key);
   __ LoadPX(scratch2, MemOperand(scratch2, scratch1));
   __ CompareRoot(scratch2, Heap::kTheHoleValueRootIndex);
   // In case the loaded value is the_hole we have to check the prototype chain.
@@ skipping 42 matching lines @@
   Label slow;
 
   __ LoadP(dictionary, FieldMemOperand(LoadDescriptor::ReceiverRegister(),
                                        JSObject::kPropertiesOffset));
   GenerateDictionaryLoad(masm, &slow, dictionary,
                          LoadDescriptor::NameRegister(), r3, r6, r7);
   __ Ret();
 
   // Dictionary load failed, go slow (but don't miss).
   __ bind(&slow);
-  GenerateRuntimeGetProperty(masm);
+  GenerateSlow(masm);
 }
 
 
 // A register that isn't one of the parameters to the load ic.
 static const Register LoadIC_TempRegister() { return r6; }
 
 
 static void LoadIC_PushArgs(MacroAssembler* masm) {
   Register receiver = LoadDescriptor::ReceiverRegister();
   Register name = LoadDescriptor::NameRegister();
@@ skipping 14 matching lines @@
 
   LoadIC_PushArgs(masm);
 
   // Perform tail call to the entry.
   ExternalReference ref = ExternalReference(IC_Utility(kLoadIC_Miss), isolate);
   int arg_count = 4;
   __ TailCallExternalReference(ref, arg_count, 1);
 }
 
 
-void LoadIC::GenerateRuntimeGetProperty(MacroAssembler* masm) {
+void LoadIC::GenerateSlow(MacroAssembler* masm) {
   // The return address is in lr.
 
   __ mr(LoadIC_TempRegister(), LoadDescriptor::ReceiverRegister());
   __ Push(LoadIC_TempRegister(), LoadDescriptor::NameRegister());
 
-  __ TailCallRuntime(Runtime::kGetProperty, 2, 1);
+  ExternalReference ref =
+      ExternalReference(IC_Utility(kLoadIC_Slow), masm->isolate());
+  int arg_count = 2;
+  __ TailCallExternalReference(ref, arg_count, 1);
 }
 
 
 void KeyedLoadIC::GenerateMiss(MacroAssembler* masm) {
   // The return address is in lr.
   Isolate* isolate = masm->isolate();
 
   DCHECK(!AreAliased(r7, r8, LoadWithVectorDescriptor::SlotRegister(),
                      LoadWithVectorDescriptor::VectorRegister()));
   __ IncrementCounter(isolate->counters()->keyed_load_miss(), 1, r7, r8);
 
   LoadIC_PushArgs(masm);
 
   // Perform tail call to the entry.
   ExternalReference ref =
       ExternalReference(IC_Utility(kKeyedLoadIC_Miss), isolate);
   int arg_count = 4;
   __ TailCallExternalReference(ref, arg_count, 1);
 }
 
 
-void KeyedLoadIC::GenerateRuntimeGetProperty(MacroAssembler* masm) {
+void KeyedLoadIC::GenerateSlow(MacroAssembler* masm) {
   // The return address is in lr.
 
   __ Push(LoadDescriptor::ReceiverRegister(), LoadDescriptor::NameRegister());
 
-  __ TailCallRuntime(Runtime::kKeyedGetProperty, 2, 1);
+  ExternalReference ref =
+      ExternalReference(IC_Utility(kKeyedLoadIC_Slow), masm->isolate());
+  int arg_count = 2;
+  __ TailCallExternalReference(ref, arg_count, 1);
 }
 
 
-void KeyedLoadIC::GenerateMegamorphic(MacroAssembler* masm) {
+void KeyedLoadIC::GenerateMegamorphic(MacroAssembler* masm,
+                                      LanguageMode language_mode) {
   // The return address is in lr.
   Label slow, check_name, index_smi, index_name, property_array_property;
   Label probe_dictionary, check_number_dictionary;
 
   Register key = LoadDescriptor::NameRegister();
   Register receiver = LoadDescriptor::ReceiverRegister();
   DCHECK(key.is(r5));
   DCHECK(receiver.is(r4));
 
   Isolate* isolate = masm->isolate();
 
   // Check that the key is a smi.
   __ JumpIfNotSmi(key, &check_name);
   __ bind(&index_smi);
   // Now the key is known to be a smi. This place is also jumped to from below
   // where a numeric string is converted to a smi.
 
   GenerateKeyedLoadReceiverCheck(masm, receiver, r3, r6,
                                  Map::kHasIndexedInterceptor, &slow);
 
   // Check the receiver's map to see if it has fast elements.
   __ CheckFastElements(r3, r6, &check_number_dictionary);
 
-  GenerateFastArrayLoad(masm, receiver, key, r3, r6, r7, r3, &slow);
+  GenerateFastArrayLoad(masm, receiver, key, r3, r6, r7, r3, &slow,
+                        language_mode);
   __ IncrementCounter(isolate->counters()->keyed_load_generic_smi(), 1, r7, r6);
   __ Ret();
 
   __ bind(&check_number_dictionary);
   __ LoadP(r7, FieldMemOperand(receiver, JSObject::kElementsOffset));
   __ LoadP(r6, FieldMemOperand(r7, JSObject::kMapOffset));
 
   // Check whether the elements is a number dictionary.
   // r6: elements map
   // r7: elements
   __ LoadRoot(ip, Heap::kHashTableMapRootIndex);
   __ cmp(r6, ip);
   __ bne(&slow);
   __ SmiUntag(r3, key);
   __ LoadFromNumberDictionary(&slow, r7, key, r3, r3, r6, r8);
   __ Ret();
 
   // Slow case, key and receiver still in r3 and r4.
   __ bind(&slow);
   __ IncrementCounter(isolate->counters()->keyed_load_generic_slow(), 1, r7,
                       r6);
-  GenerateRuntimeGetProperty(masm);
+  GenerateSlow(masm);
 
   __ bind(&check_name);
   GenerateKeyNameCheck(masm, key, r3, r6, &index_name, &slow);
 
   GenerateKeyedLoadReceiverCheck(masm, receiver, r3, r6,
                                  Map::kHasNamedInterceptor, &slow);
 
   // If the receiver is a fast-case object, check the stub cache. Otherwise
   // probe the dictionary.
   __ LoadP(r6, FieldMemOperand(receiver, JSObject::kPropertiesOffset));
@@ skipping 468 matching lines @@
     patcher.EmitCondition(ne);
   } else {
     DCHECK(Assembler::GetCondition(branch_instr) == ne);
     patcher.EmitCondition(eq);
   }
 }
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_PPC