| Index: src/x87/builtins-x87.cc
|
| diff --git a/src/x87/builtins-x87.cc b/src/x87/builtins-x87.cc
|
| index 80141d3f4605b8472f427e4ca85b2912d6f86f6a..78cf181193f33aaf57d81a6af3f386d96b4c31ec 100644
|
| --- a/src/x87/builtins-x87.cc
|
| +++ b/src/x87/builtins-x87.cc
|
| @@ -1797,6 +1797,134 @@ void Builtins::Generate_ArgumentsAdaptorTrampoline(MacroAssembler* masm) {
|
| }
|
|
|
|
|
| +static void CompatibleReceiverCheck(MacroAssembler* masm, Register receiver,
|
| + Register function_template_info,
|
| + Register scratch0, Register scratch1,
|
| + Label* receiver_check_failed) {
|
| + // If receiver is not an object, jump to receiver_check_failed.
|
| + __ CmpObjectType(receiver, FIRST_JS_OBJECT_TYPE, scratch0);
|
| + __ j(below, receiver_check_failed);
|
| +
|
| + // If there is no signature, return the holder.
|
| + __ CompareRoot(FieldOperand(function_template_info,
|
| + FunctionTemplateInfo::kSignatureOffset),
|
| + Heap::kUndefinedValueRootIndex);
|
| + Label receiver_check_passed;
|
| + __ j(equal, &receiver_check_passed, Label::kNear);
|
| +
|
| + // Walk the prototype chain.
|
| + Label prototype_loop_start;
|
| + __ bind(&prototype_loop_start);
|
| +
|
| + // End if receiver is null or if it's a hidden prototype.
|
| + __ CompareRoot(receiver, Heap::kNullValueRootIndex);
|
| + __ j(equal, receiver_check_failed, Label::kNear);
|
| + __ mov(scratch0, FieldOperand(receiver, HeapObject::kMapOffset));
|
| + __ test(FieldOperand(scratch0, Map::kBitField3Offset),
|
| + Immediate(Map::IsHiddenPrototype::kMask));
|
| + __ j(not_zero, receiver_check_failed, Label::kNear);
|
| +
|
| + // Get the constructor, if any.
|
| + __ GetMapConstructor(scratch0, scratch0, scratch1);
|
| + __ CmpInstanceType(scratch1, JS_FUNCTION_TYPE);
|
| + Label next_prototype;
|
| + __ j(not_equal, &next_prototype, Label::kNear);
|
| +
|
| + // Get the constructor's signature.
|
| + __ mov(scratch0,
|
| + FieldOperand(scratch0, JSFunction::kSharedFunctionInfoOffset));
|
| + __ mov(scratch0,
|
| + FieldOperand(scratch0, SharedFunctionInfo::kFunctionDataOffset));
|
| +
|
| + // Loop through the chain of inheriting function templates.
|
| + Label function_template_loop;
|
| + __ bind(&function_template_loop);
|
| +
|
| + // If the signatures match, we have a compatible receiver.
|
| + __ cmp(scratch0, FieldOperand(function_template_info,
|
| + FunctionTemplateInfo::kSignatureOffset));
|
| + __ j(equal, &receiver_check_passed, Label::kNear);
|
| +
|
| + // If the current type is not a FunctionTemplateInfo, load the next prototype
|
| + // in the chain.
|
| + __ JumpIfSmi(scratch0, &next_prototype, Label::kNear);
|
| + __ CmpObjectType(scratch0, FUNCTION_TEMPLATE_INFO_TYPE, scratch1);
|
| + __ j(not_equal, &next_prototype, Label::kNear);
|
| +
|
| + // Otherwise load the parent function template and iterate.
|
| + __ mov(scratch0,
|
| + FieldOperand(scratch0, FunctionTemplateInfo::kParentTemplateOffset));
|
| + __ jmp(&function_template_loop, Label::kNear);
|
| +
|
| + // Load the next prototype and iterate.
|
| + __ bind(&next_prototype);
|
| + __ mov(receiver, FieldOperand(receiver, HeapObject::kMapOffset));
|
| + __ mov(receiver, FieldOperand(receiver, Map::kPrototypeOffset));
|
| + __ jmp(&prototype_loop_start, Label::kNear);
|
| +
|
| + __ bind(&receiver_check_passed);
|
| +}
|
| +
|
| +
|
| +void Builtins::Generate_HandleFastApiCall(MacroAssembler* masm) {
|
| + // ----------- S t a t e -------------
|
| + // -- eax : number of arguments (not including the receiver)
|
| + // -- edi : callee
|
| + // -- esi : context
|
| + // -- esp[0] : return address
|
| + // -- esp[4] : last argument
|
| + // -- ...
|
| + // -- esp[eax * 4] : first argument
|
| + // -- esp[(eax + 1) * 4] : receiver
|
| + // -----------------------------------
|
| +
|
| + // Load the receiver.
|
| + Operand receiver_operand(esp, eax, times_pointer_size, kPCOnStackSize);
|
| + __ mov(ecx, receiver_operand);
|
| +
|
| + // Update the receiver if this is a contextual call.
|
| + Label set_global_proxy, valid_receiver;
|
| + __ CompareRoot(ecx, Heap::kUndefinedValueRootIndex);
|
| + __ j(equal, &set_global_proxy);
|
| + __ bind(&valid_receiver);
|
| +
|
| + // Load the FunctionTemplateInfo.
|
| + __ mov(ebx, FieldOperand(edi, JSFunction::kSharedFunctionInfoOffset));
|
| + __ mov(ebx, FieldOperand(ebx, SharedFunctionInfo::kFunctionDataOffset));
|
| +
|
| + // Do the compatible receiver check.
|
| + Label receiver_check_failed;
|
| + __ Push(eax);
|
| + CompatibleReceiverCheck(masm, ecx, ebx, edx, eax, &receiver_check_failed);
|
| + __ Pop(eax);
|
| + // Get the callback offset from the FunctionTemplateInfo, and jump to the
|
| + // beginning of the code.
|
| + __ mov(edx, FieldOperand(ebx, FunctionTemplateInfo::kCallCodeOffset));
|
| + __ mov(edx, FieldOperand(edx, CallHandlerInfo::kFastHandlerOffset));
|
| + __ add(edx, Immediate(Code::kHeaderSize - kHeapObjectTag));
|
| + __ jmp(edx);
|
| +
|
| + __ bind(&set_global_proxy);
|
| + __ mov(ecx, GlobalObjectOperand());
|
| + __ mov(ecx, FieldOperand(ecx, JSGlobalObject::kGlobalProxyOffset));
|
| + __ mov(receiver_operand, ecx);
|
| + __ jmp(&valid_receiver, Label::kNear);
|
| +
|
| + // Compatible receiver check failed: pop return address, arguments and
|
| + // receiver and throw an Illegal Invocation exception.
|
| + __ bind(&receiver_check_failed);
|
| + __ Pop(eax);
|
| + __ PopReturnAddressTo(ebx);
|
| + __ lea(eax, Operand(eax, times_pointer_size, 1 * kPointerSize));
|
| + __ add(esp, eax);
|
| + __ PushReturnAddressFrom(ebx);
|
| + {
|
| + FrameScope scope(masm, StackFrame::INTERNAL);
|
| + __ TailCallRuntime(Runtime::kThrowIllegalInvocation, 0, 1);
|
| + }
|
| +}
|
| +
|
| +
|
| void Builtins::Generate_OnStackReplacement(MacroAssembler* masm) {
|
| // Lookup the function in the JavaScript frame.
|
| __ mov(eax, Operand(ebp, JavaScriptFrameConstants::kFunctionOffset));
|
|
|
Chromium Code Reviews
Issue 1474543004:
Implement Fast Accessor Builder (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master