Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1111)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/ic/mips/ic-mips.cc

Issue 1228063004: Fix keyed element access wrt string wrappers (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/ic/ia32/ic-ia32.cc ('k') | src/ic/x64/ic-x64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 5
6 #include "src/v8.h" 6 #include "src/v8.h"
7 7
8 #if V8_TARGET_ARCH_MIPS 8 #if V8_TARGET_ARCH_MIPS
9 9
10 #include "src/codegen.h" 10 #include "src/codegen.h"
(...skipping 638 matching lines...) Expand 10 before | Expand all | Expand 10 after
649 __ lw(receiver_map, FieldMemOperand(receiver, HeapObject::kMapOffset)); 649 __ lw(receiver_map, FieldMemOperand(receiver, HeapObject::kMapOffset));
650 // Check that the receiver does not require access checks and is not observed. 650 // Check that the receiver does not require access checks and is not observed.
651 // The generic stub does not perform map checks or handle observed objects. 651 // The generic stub does not perform map checks or handle observed objects.
652 __ lbu(t0, FieldMemOperand(receiver_map, Map::kBitFieldOffset)); 652 __ lbu(t0, FieldMemOperand(receiver_map, Map::kBitFieldOffset));
653 __ And(t0, t0, 653 __ And(t0, t0,
654 Operand(1 << Map::kIsAccessCheckNeeded | 1 << Map::kIsObserved)); 654 Operand(1 << Map::kIsAccessCheckNeeded | 1 << Map::kIsObserved));
655 __ Branch(&slow, ne, t0, Operand(zero_reg)); 655 __ Branch(&slow, ne, t0, Operand(zero_reg));
656 // Check if the object is a JS array or not. 656 // Check if the object is a JS array or not.
657 __ lbu(t0, FieldMemOperand(receiver_map, Map::kInstanceTypeOffset)); 657 __ lbu(t0, FieldMemOperand(receiver_map, Map::kInstanceTypeOffset));
658 __ Branch(&array, eq, t0, Operand(JS_ARRAY_TYPE)); 658 __ Branch(&array, eq, t0, Operand(JS_ARRAY_TYPE));
659 // Check that the object is some kind of JSObject. 659 // Check that the object is some kind of JS object EXCEPT JS Value type. In
660 __ Branch(&slow, lt, t0, Operand(FIRST_JS_OBJECT_TYPE)); 660 // the case that the object is a value-wrapper object, we enter the runtime
661 // system to make sure that indexing into string objects works as intended.
662 STATIC_ASSERT(JS_VALUE_TYPE < JS_OBJECT_TYPE);
663 __ Branch(&slow, lo, t0, Operand(JS_OBJECT_TYPE));
661 664
662 // Object case: Check key against length in the elements array. 665 // Object case: Check key against length in the elements array.
663 __ lw(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); 666 __ lw(elements, FieldMemOperand(receiver, JSObject::kElementsOffset));
664 // Check array bounds. Both the key and the length of FixedArray are smis. 667 // Check array bounds. Both the key and the length of FixedArray are smis.
665 __ lw(t0, FieldMemOperand(elements, FixedArray::kLengthOffset)); 668 __ lw(t0, FieldMemOperand(elements, FixedArray::kLengthOffset));
666 __ Branch(&fast_object, lo, key, Operand(t0)); 669 __ Branch(&fast_object, lo, key, Operand(t0));
667 670
668 // Slow case, handle jump to runtime. 671 // Slow case, handle jump to runtime.
669 __ bind(&slow); 672 __ bind(&slow);
670 // Entry registers are intact. 673 // Entry registers are intact.
(...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after
897 patcher.ChangeBranchCondition(ne); 900 patcher.ChangeBranchCondition(ne);
898 } else { 901 } else {
899 DCHECK(Assembler::IsBne(branch_instr)); 902 DCHECK(Assembler::IsBne(branch_instr));
900 patcher.ChangeBranchCondition(eq); 903 patcher.ChangeBranchCondition(eq);
901 } 904 }
902 } 905 }
903 } // namespace internal 906 } // namespace internal
904 } // namespace v8 907 } // namespace v8
905 908
906 #endif // V8_TARGET_ARCH_MIPS 909 #endif // V8_TARGET_ARCH_MIPS
OLDNEW
« no previous file with comments | « src/ic/ia32/ic-ia32.cc ('k') | src/ic/x64/ic-x64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698