Experimental: merge from bleeding edge 1298:1307. Port the eval...

src/codegen-ia32.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 326 matching lines @@
       return frame_->ParameterAt(index);
 
     case Slot::LOCAL:
       return frame_->LocalAt(index);
 
     case Slot::CONTEXT: {
       // Follow the context chain if necessary.
       ASSERT(!tmp.is(esi));  // do not overwrite context register
       Register context = esi;
       int chain_length = scope()->ContextChainLength(slot->var()->scope());
-      for (int i = chain_length; i-- > 0;) {
+      for (int i = 0; i < chain_length; i++) {
         // Load the closure.
         // (All contexts, even 'with' contexts, have a closure,
         // and it is the same for all contexts inside a function.
         // There is no need to go to the function context first.)
         __ mov(tmp, ContextOperand(context, Context::CLOSURE_INDEX));
         // Load the function context (which is the incoming, outer context).
         __ mov(tmp, FieldOperand(tmp, JSFunction::kContextOffset));
         context = tmp;
       }
       // We may have a 'with' context now. Get the function context.
       // (In fact this mov may never be the needed, since the scope analysis
       // may not permit a direct context access in this case and thus we are
       // always at a function context. However it is safe to dereference be-
       // cause the function context of a function context is itself. Before
       // deleting this mov we should try to create a counter-example first,
       // though...)
       __ mov(tmp, ContextOperand(context, Context::FCONTEXT_INDEX));
       return ContextOperand(tmp, index);
     }
 
     default:
       UNREACHABLE();
       return Operand(eax);
   }
 }
 
 
+Operand CodeGenerator::ContextSlotOperandCheckExtensions(Slot* slot,
+                                                         Result tmp,
+                                                         JumpTarget* slow) {
+  ASSERT(slot->type() == Slot::CONTEXT);
+  ASSERT(tmp.is_register());
+  Result context(esi, this);
+
+  for (Scope* s = scope(); s != slot->var()->scope(); s = s->outer_scope()) {
+    if (s->num_heap_slots() > 0) {
+      if (s->calls_eval()) {
+        // Check that extension is NULL.
+        __ cmp(ContextOperand(context.reg(), Context::EXTENSION_INDEX),
+               Immediate(0));
+        slow->Branch(not_equal, not_taken);
+      }
+      __ mov(tmp.reg(), ContextOperand(context.reg(), Context::CLOSURE_INDEX));
+      __ mov(tmp.reg(), FieldOperand(tmp.reg(), JSFunction::kContextOffset));
+      context = tmp;
+    }
+  }
+  // Check that last extension is NULL.
+  __ cmp(ContextOperand(context.reg(), Context::EXTENSION_INDEX),
+         Immediate(0));
+  slow->Branch(not_equal, not_taken);
+  __ mov(tmp.reg(), ContextOperand(context.reg(), Context::FCONTEXT_INDEX));
+  return ContextOperand(tmp.reg(), slot->index());
+}
+
+
 // Emit code to load the value of an expression to the top of the
 // frame. If the expression is boolean-valued it may be compiled (or
 // partially compiled) into control flow to the control destination.
 // If force_control is true, control flow is forced.
 void CodeGenerator::LoadCondition(Expression* x,
                                   TypeofState typeof_state,
                                   ControlDestination* dest,
                                   bool force_control) {
   ASSERT(!in_spilled_code());
 #ifdef DEBUG
@@ skipping 1164 matching lines @@
   Variable* var = node->proxy()->var();
   ASSERT(var != NULL);  // must have been resolved
   Slot* slot = var->slot();
 
   // If it was not possible to allocate the variable at compile time,
   // we need to "declare" it at runtime to make sure it actually
   // exists in the local context.
   if (slot != NULL && slot->type() == Slot::LOOKUP) {
     // Variables with a "LOOKUP" slot were introduced as non-locals
     // during variable resolution and must have mode DYNAMIC.
-    ASSERT(var->mode() == Variable::DYNAMIC);
+    ASSERT(var->is_dynamic());
     // For now, just do a runtime call.  Duplicate the context register.
     Result context(esi, this);
     frame_->Push(&context);
     frame_->Push(var->name());
     // Declaration nodes are always introduced in one of two modes.
     ASSERT(node->mode() == Variable::VAR || node->mode() == Variable::CONST);
     PropertyAttributes attr = node->mode() == Variable::VAR ? NONE : READ_ONLY;
     frame_->Push(Smi::FromInt(attr));
     // Push initial value, if any.
     // Note: For variables we must not push an initial value (such as
@@ skipping 1322 matching lines @@
       Load(node->else_expression(), typeof_state());
     }
   }
 
   exit.Bind();
 }
 
 
 void CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
   if (slot->type() == Slot::LOOKUP) {
-    ASSERT(slot->var()->mode() == Variable::DYNAMIC);
+    ASSERT(slot->var()->is_dynamic());
 
-    // For now, just do a runtime call.
+    JumpTarget slow(this);
+    JumpTarget done(this);
+    Result value(this);
+
+    // Generate fast-case code for variables that might be shadowed by
+    // eval-introduced variables.  Eval is used a lot without
+    // introducing variables.  In those cases, we do not want to
+    // perform a runtime call for all variables in the scope
+    // containing the eval.
+    if (slot->var()->mode() == Variable::DYNAMIC_GLOBAL) {
+      value = LoadFromGlobalSlotCheckExtensions(slot, typeof_state, &slow);
+      // If there was no control flow to slow, we can exit early.
+      if (!slow.is_linked()) {
+        frame_->Push(&value);
+        return;
+      }
+
+      done.Jump(&value);
+
+    } else if (slot->var()->mode() == Variable::DYNAMIC_LOCAL) {
+      Slot* potential_slot = slot->var()->local_if_not_shadowed()->slot();
+      // Allocate a fresh register to use as a temp in
+      // ContextSlotOperandCheckExtensions and to hold the result
+      // value.
+      value = allocator_->Allocate();
+      ASSERT(value.is_valid());
+      __ mov(value.reg(),
+             ContextSlotOperandCheckExtensions(potential_slot, value, &slow));
+      // There is always control flow to slow from
+      // ContextSlotOperandCheckExtensions.
+      done.Jump(&value);
+    }
+
+    slow.Bind();
     frame_->Push(esi);
     frame_->Push(slot->var()->name());
-
-    Result value(this);
     if (typeof_state == INSIDE_TYPEOF) {
       value =
           frame_->CallRuntime(Runtime::kLoadContextSlotNoReferenceError, 2);
     } else {
       value = frame_->CallRuntime(Runtime::kLoadContextSlot, 2);
     }
+
+    done.Bind(&value);
     frame_->Push(&value);
 
   } else if (slot->var()->mode() == Variable::CONST) {
     // Const slots may contain 'the hole' value (the constant hasn't been
     // initialized yet) which needs to be converted into the 'undefined'
     // value.
     //
     // We currently spill the virtual frame because constants use the
     // potentially unsafe direct-frame access of SlotOperand.
     VirtualFrame::SpilledScope spilled_scope(this);
@@ skipping 20 matching lines @@
     // because it will always be a context slot.
     ASSERT(slot->type() == Slot::CONTEXT);
     Result temp = allocator_->Allocate();
     ASSERT(temp.is_valid());
     __ mov(temp.reg(), SlotOperand(slot, temp.reg()));
     frame_->Push(&temp);
   }
 }
 
 
+Result CodeGenerator::LoadFromGlobalSlotCheckExtensions(
+    Slot* slot,
+    TypeofState typeof_state,
+    JumpTarget* slow) {
+  // Check that no extension objects have been created by calls to
+  // eval from the current scope to the global scope.
+  Result context(esi, this);
+  Result tmp = allocator_->Allocate();
+  ASSERT(tmp.is_valid());  // Called with all non-reserved registers available.
+
+  for (Scope* s = scope(); s != NULL; s = s->outer_scope()) {
+    if (s->num_heap_slots() > 0) {
+      if (s->calls_eval()) {
+        // Check that extension is NULL.
+        __ cmp(ContextOperand(context.reg(), Context::EXTENSION_INDEX),
+               Immediate(0));
+        slow->Branch(not_equal, not_taken);
+      }
+      // Load next context in chain.
+      __ mov(tmp.reg(), ContextOperand(context.reg(), Context::CLOSURE_INDEX));
+      __ mov(tmp.reg(), FieldOperand(tmp.reg(), JSFunction::kContextOffset));
+      context = tmp;
+    }
+    // If no outer scope calls eval, we do not need to check more
+    // context extensions.
+    if (!s->outer_scope_calls_eval()) break;
+  }
+  context.Unuse();
+  tmp.Unuse();
+
+  // All extension objects were empty and it is safe to use a global
+  // load IC call.
+  Handle<Code> ic(Builtins::builtin(Builtins::LoadIC_Initialize));
+  // Load the global object.
+  LoadGlobal();
+  // Setup the name register.  All non-reserved registers are available.
+  Result name = allocator_->Allocate(ecx);
+  ASSERT(name.is_valid());
+  __ mov(name.reg(), slot->var()->name());
+  RelocInfo::Mode rmode = (typeof_state == INSIDE_TYPEOF)
+                        ? RelocInfo::CODE_TARGET
+                        : RelocInfo::CODE_TARGET_CONTEXT;
+  Result answer = frame_->CallCodeObject(ic, rmode, &name, 0);
+
+  // Discard the global object. The result is in answer.
+  frame_->Drop();
+  return answer;
+}
+
+
 void CodeGenerator::StoreToSlot(Slot* slot, InitState init_state) {
   if (slot->type() == Slot::LOOKUP) {
-    ASSERT(slot->var()->mode() == Variable::DYNAMIC);
+    ASSERT(slot->var()->is_dynamic());
 
     // For now, just do a runtime call.
     frame_->Push(esi);
     frame_->Push(slot->var()->name());
 
     Result value(this);
     if (init_state == CONST_INIT) {
       // Same as the case for a normal store, but ignores attribute
       // (e.g. READ_ONLY) of context slot so that we can initialize const
       // properties (introduced via eval("const foo = (some expr);")). Also,
@@ skipping 11 matching lines @@
       value = frame_->CallRuntime(Runtime::kInitializeConstContextSlot, 3);
     } else {
       value = frame_->CallRuntime(Runtime::kStoreContextSlot, 3);
     }
     // Storing a variable must keep the (new) value on the expression
     // stack. This is necessary for compiling chained assignment
     // expressions.
     frame_->Push(&value);
 
   } else {
-    ASSERT(slot->var()->mode() != Variable::DYNAMIC);
+    ASSERT(!slot->var()->is_dynamic());
 
     JumpTarget exit(this);
     if (init_state == CONST_INIT) {
       ASSERT(slot->var()->mode() == Variable::CONST);
       // Only the first const initialization must be executed (the slot
       // still contains 'the hole' value). When the assignment is executed,
       // the code is identical to a normal store (see below).
       //
       // We spill the frame in the code below because the direct-frame
       // access of SlotOperand is potentially unsafe with an unspilled
@@ skipping 3543 matching lines @@
 
   // Slow-case: Go through the JavaScript implementation.
   __ bind(&slow);
   __ InvokeBuiltin(Builtins::INSTANCE_OF, JUMP_FUNCTION);
 }
 
 
 #undef __
 
 } }  // namespace v8::internal