Index: src/x64/builtins-x64.cc |
diff --git a/src/x64/builtins-x64.cc b/src/x64/builtins-x64.cc |
index eba09acd24240c892478e30461a6c6d83304551a..0e3a7a564bcd4fe903b1e813960789bd26cd009f 100644 |
--- a/src/x64/builtins-x64.cc |
+++ b/src/x64/builtins-x64.cc |
@@ -1974,6 +1974,94 @@ void Builtins::Generate_CallFunction(MacroAssembler* masm, |
// static |
+void Builtins::Generate_CallBoundFunction(MacroAssembler* masm) { |
+ // ----------- S t a t e ------------- |
+ // -- rax : the number of arguments (not including the receiver) |
+ // -- rdi : the function to call (checked to be a JSBoundFunction) |
+ // ----------------------------------- |
+ __ AssertBoundFunction(rdi); |
+ |
+ // Patch the receiver to [[BoundThis]]. |
+ { |
+ StackArgumentsAccessor args(rsp, rax); |
+ __ movp(rbx, FieldOperand(rdi, JSBoundFunction::kBoundThisOffset)); |
+ __ movp(args.GetReceiverOperand(), rbx); |
+ } |
+ |
+ // Load [[BoundArguments]] into rdx and length of that into rcx. |
+ __ movp(rdx, FieldOperand(rdi, JSBoundFunction::kBoundArgumentsOffset)); |
+ __ SmiToInteger32(rcx, FieldOperand(rdx, FixedArray::kLengthOffset)); |
+ |
+ // ----------- S t a t e ------------- |
+ // -- rax : the number of arguments (not including the receiver) |
+ // -- rdi : the function to call (checked to be a JSBoundFunction) |
+ // -- rdx : the [[BoundArguments]] (implemented as FixedArray) |
+ // -- rcx : the number of [[BoundArguments]] |
+ // ----------------------------------- |
+ |
+ // Reserve stack space for the [[BoundArguments]]. |
+ { |
+ Label done; |
+ __ leap(rbx, Operand(rcx, times_pointer_size, 0)); |
+ __ subp(rsp, rbx); |
+ // Check the stack for overflow. We are not trying to catch interruptions |
+ // (i.e. debug break and preemption) here, so check the "real stack limit". |
+ __ CompareRoot(rsp, Heap::kRealStackLimitRootIndex); |
+ __ j(greater, &done, Label::kNear); // Signed comparison. |
+ // Restore the stack pointer. |
+ __ addp(rsp, rbx); |
+ { |
+ FrameScope scope(masm, StackFrame::MANUAL); |
+ __ EnterFrame(StackFrame::INTERNAL); |
+ __ CallRuntime(Runtime::kThrowStackOverflow, 0); |
+ } |
+ __ bind(&done); |
+ } |
+ |
+ // Relocate arguments and return address down the stack. |
+ { |
+ Label loop; |
+ __ incp(rax); // arguments plus return address |
+ __ Set(rbx, 0); |
+ __ bind(&loop); |
+ __ movp(kScratchRegister, Operand(rsp, rcx, times_pointer_size, 0)); |
+ __ incp(rcx); |
+ __ movp(Operand(rsp, rbx, times_pointer_size, 0), kScratchRegister); |
+ __ incp(rbx); |
+ __ cmpp(rbx, rax); |
+ __ j(less, &loop); |
+ } |
+ |
+ // Copy [[BoundArguments]] to the stack (below the arguments). |
+ { |
+ Label loop, done_loop; |
+ __ SmiToInteger32(rcx, FieldOperand(rdx, FixedArray::kLengthOffset)); |
+ __ bind(&loop); |
+ __ subp(rcx, Immediate(1)); |
+ __ j(less, &done_loop, Label::kNear); |
+ __ movp(rbx, FieldOperand(rdx, rcx, times_pointer_size, |
+ FixedArray::kHeaderSize)); |
+ __ movp(Operand(rsp, rax, times_pointer_size, 0), rbx); |
+ __ incp(rax); |
+ __ jmp(&loop); |
+ __ bind(&done_loop); |
+ } |
+ |
+ // Adjust effective number of arguments (rax contains the number of arguments |
+ // from the call plus return address plus the number of [[BoundArguments]]), |
+ // so we need to subtract one for the return address. |
+ __ decp(rax); |
+ |
+ // Call the [[BoundTargetFunction]] via the Call builtin. |
+ __ movp(rdi, FieldOperand(rdi, JSBoundFunction::kBoundTargetFunctionOffset)); |
+ __ Load(rcx, |
+ ExternalReference(Builtins::kCall_ReceiverIsAny, masm->isolate())); |
+ __ leap(rcx, FieldOperand(rcx, Code::kHeaderSize)); |
+ __ jmp(rcx); |
+} |
+ |
+ |
+// static |
void Builtins::Generate_Call(MacroAssembler* masm, ConvertReceiverMode mode) { |
// ----------- S t a t e ------------- |
// -- rax : the number of arguments (not including the receiver) |
@@ -1987,6 +2075,9 @@ void Builtins::Generate_Call(MacroAssembler* masm, ConvertReceiverMode mode) { |
__ CmpObjectType(rdi, JS_FUNCTION_TYPE, rcx); |
__ j(equal, masm->isolate()->builtins()->CallFunction(mode), |
RelocInfo::CODE_TARGET); |
+ __ CmpInstanceType(rcx, JS_BOUND_FUNCTION_TYPE); |
+ __ j(equal, masm->isolate()->builtins()->CallBoundFunction(), |
+ RelocInfo::CODE_TARGET); |
__ CmpInstanceType(rcx, JS_PROXY_TYPE); |
__ j(not_equal, &non_function); |
@@ -2049,6 +2140,97 @@ void Builtins::Generate_ConstructFunction(MacroAssembler* masm) { |
// static |
+void Builtins::Generate_ConstructBoundFunction(MacroAssembler* masm) { |
+ // ----------- S t a t e ------------- |
+ // -- rax : the number of arguments (not including the receiver) |
+ // -- rdx : the new target (checked to be a constructor) |
+ // -- rdi : the constructor to call (checked to be a JSBoundFunction) |
+ // ----------------------------------- |
+ __ AssertBoundFunction(rdi); |
+ |
+ // Load [[BoundArguments]] into r12 and length of that into rcx. |
+ __ movp(r12, FieldOperand(rdi, JSBoundFunction::kBoundArgumentsOffset)); |
+ __ SmiToInteger32(rcx, FieldOperand(r12, FixedArray::kLengthOffset)); |
+ |
+ // ----------- S t a t e ------------- |
+ // -- rax : the number of arguments (not including the receiver) |
+ // -- rdi : the function to call (checked to be a JSBoundFunction) |
+ // -- r12 : the [[BoundArguments]] (implemented as FixedArray) |
+ // -- rcx : the number of [[BoundArguments]] |
+ // ----------------------------------- |
+ |
+ // Reserve stack space for the [[BoundArguments]]. |
+ { |
+ Label done; |
+ __ leap(rbx, Operand(rcx, times_pointer_size, 0)); |
+ __ subp(rsp, rbx); |
+ // Check the stack for overflow. We are not trying to catch interruptions |
+ // (i.e. debug break and preemption) here, so check the "real stack limit". |
+ __ CompareRoot(rsp, Heap::kRealStackLimitRootIndex); |
+ __ j(greater, &done, Label::kNear); // Signed comparison. |
+ // Restore the stack pointer. |
+ __ addp(rsp, rbx); |
+ { |
+ FrameScope scope(masm, StackFrame::MANUAL); |
+ __ EnterFrame(StackFrame::INTERNAL); |
+ __ CallRuntime(Runtime::kThrowStackOverflow, 0); |
+ } |
+ __ bind(&done); |
+ } |
+ |
+ // Relocate arguments and return address down the stack. |
+ { |
+ Label loop; |
+ __ incp(rax); // arguments plus return address |
+ __ Set(rbx, 0); |
+ __ bind(&loop); |
+ __ movp(kScratchRegister, Operand(rsp, rcx, times_pointer_size, 0)); |
+ __ incp(rcx); |
+ __ movp(Operand(rsp, rbx, times_pointer_size, 0), kScratchRegister); |
+ __ incp(rbx); |
+ __ cmpp(rbx, rax); |
+ __ j(less, &loop); |
+ } |
+ |
+ // Copy [[BoundArguments]] to the stack (below the arguments). |
+ { |
+ Label loop, done_loop; |
+ __ SmiToInteger32(rcx, FieldOperand(r12, FixedArray::kLengthOffset)); |
+ __ bind(&loop); |
+ __ subp(rcx, Immediate(1)); |
+ __ j(less, &done_loop, Label::kNear); |
+ __ movp(rbx, FieldOperand(r12, rcx, times_pointer_size, |
+ FixedArray::kHeaderSize)); |
+ __ movp(Operand(rsp, rax, times_pointer_size, 0), rbx); |
+ __ incp(rax); |
+ __ jmp(&loop); |
+ __ bind(&done_loop); |
+ } |
+ |
+ // Adjust effective number of arguments (rax contains the number of arguments |
+ // from the call plus return address plus the number of [[BoundArguments]]), |
+ // so we need to subtract one for the return address. |
+ __ decp(rax); |
+ |
+ // Patch new.target to [[BoundTargetFunction]] if new.target equals target. |
+ { |
+ Label done; |
+ __ cmpp(rdi, rdx); |
+ __ j(not_equal, &done, Label::kNear); |
+ __ movp(rdx, |
+ FieldOperand(rdi, JSBoundFunction::kBoundTargetFunctionOffset)); |
+ __ bind(&done); |
+ } |
+ |
+ // Construct the [[BoundTargetFunction]] via the Construct builtin. |
+ __ movp(rdi, FieldOperand(rdi, JSBoundFunction::kBoundTargetFunctionOffset)); |
+ __ Load(rcx, ExternalReference(Builtins::kConstruct, masm->isolate())); |
+ __ leap(rcx, FieldOperand(rcx, Code::kHeaderSize)); |
+ __ jmp(rcx); |
+} |
+ |
+ |
+// static |
void Builtins::Generate_ConstructProxy(MacroAssembler* masm) { |
// ----------- S t a t e ------------- |
// -- rax : the number of arguments (not including the receiver) |
@@ -2093,6 +2275,12 @@ void Builtins::Generate_Construct(MacroAssembler* masm) { |
Immediate(1 << Map::kIsConstructor)); |
__ j(zero, &non_constructor, Label::kNear); |
+ // Only dispatch to bound functions after checking whether they are |
+ // constructors. |
+ __ CmpInstanceType(rcx, JS_BOUND_FUNCTION_TYPE); |
+ __ j(equal, masm->isolate()->builtins()->ConstructBoundFunction(), |
+ RelocInfo::CODE_TARGET); |
+ |
// Only dispatch to proxies after checking whether they are constructors. |
__ CmpInstanceType(rcx, JS_PROXY_TYPE); |
__ j(equal, masm->isolate()->builtins()->ConstructProxy(), |