| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_PPC | 5 #if V8_TARGET_ARCH_PPC |
| 6 | 6 |
| 7 #include "src/codegen.h" | 7 #include "src/codegen.h" |
| 8 #include "src/ic/ic.h" | 8 #include "src/ic/ic.h" |
| 9 #include "src/ic/ic-compiler.h" | 9 #include "src/ic/ic-compiler.h" |
| 10 #include "src/ic/stub-cache.h" | 10 #include "src/ic/stub-cache.h" |
| (...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 216 } | 216 } |
| 217 | 217 |
| 218 void KeyedStoreIC::GenerateSlow(MacroAssembler* masm) { | 218 void KeyedStoreIC::GenerateSlow(MacroAssembler* masm) { |
| 219 StoreIC_PushArgs(masm); | 219 StoreIC_PushArgs(masm); |
| 220 | 220 |
| 221 // The slow case calls into the runtime to complete the store without causing | 221 // The slow case calls into the runtime to complete the store without causing |
| 222 // an IC miss that would otherwise cause a transition to the generic stub. | 222 // an IC miss that would otherwise cause a transition to the generic stub. |
| 223 __ TailCallRuntime(Runtime::kKeyedStoreIC_Slow); | 223 __ TailCallRuntime(Runtime::kKeyedStoreIC_Slow); |
| 224 } | 224 } |
| 225 | 225 |
| 226 static void KeyedStoreGenerateMegamorphicHelper( | |
| 227 MacroAssembler* masm, Label* fast_object, Label* fast_double, Label* slow, | |
| 228 KeyedStoreCheckMap check_map, KeyedStoreIncrementLength increment_length, | |
| 229 Register value, Register key, Register receiver, Register receiver_map, | |
| 230 Register elements_map, Register elements) { | |
| 231 Label transition_smi_elements; | |
| 232 Label finish_object_store, non_double_value, transition_double_elements; | |
| 233 Label fast_double_without_map_check; | |
| 234 | |
| 235 // Fast case: Do the store, could be either Object or double. | |
| 236 __ bind(fast_object); | |
| 237 Register scratch = r7; | |
| 238 Register address = r8; | |
| 239 DCHECK(!AreAliased(value, key, receiver, receiver_map, elements_map, elements, | |
| 240 scratch, address)); | |
| 241 | |
| 242 if (check_map == kCheckMap) { | |
| 243 __ LoadP(elements_map, FieldMemOperand(elements, HeapObject::kMapOffset)); | |
| 244 __ mov(scratch, Operand(masm->isolate()->factory()->fixed_array_map())); | |
| 245 __ cmp(elements_map, scratch); | |
| 246 __ bne(fast_double); | |
| 247 } | |
| 248 | |
| 249 // HOLECHECK: guards "A[i] = V" | |
| 250 // We have to go to the runtime if the current value is the hole because | |
| 251 // there may be a callback on the element | |
| 252 Label holecheck_passed1; | |
| 253 __ addi(address, elements, Operand(FixedArray::kHeaderSize - kHeapObjectTag)); | |
| 254 __ SmiToPtrArrayOffset(scratch, key); | |
| 255 __ LoadPX(scratch, MemOperand(address, scratch)); | |
| 256 __ Cmpi(scratch, Operand(masm->isolate()->factory()->the_hole_value()), r0); | |
| 257 __ bne(&holecheck_passed1); | |
| 258 __ JumpIfDictionaryInPrototypeChain(receiver, elements_map, scratch, slow); | |
| 259 | |
| 260 __ bind(&holecheck_passed1); | |
| 261 | |
| 262 // Smi stores don't require further checks. | |
| 263 Label non_smi_value; | |
| 264 __ JumpIfNotSmi(value, &non_smi_value); | |
| 265 | |
| 266 if (increment_length == kIncrementLength) { | |
| 267 // Add 1 to receiver->length. | |
| 268 __ AddSmiLiteral(scratch, key, Smi::FromInt(1), r0); | |
| 269 __ StoreP(scratch, FieldMemOperand(receiver, JSArray::kLengthOffset), r0); | |
| 270 } | |
| 271 // It's irrelevant whether array is smi-only or not when writing a smi. | |
| 272 __ addi(address, elements, Operand(FixedArray::kHeaderSize - kHeapObjectTag)); | |
| 273 __ SmiToPtrArrayOffset(scratch, key); | |
| 274 __ StorePX(value, MemOperand(address, scratch)); | |
| 275 __ Ret(); | |
| 276 | |
| 277 __ bind(&non_smi_value); | |
| 278 // Escape to elements kind transition case. | |
| 279 __ CheckFastObjectElements(receiver_map, scratch, &transition_smi_elements); | |
| 280 | |
| 281 // Fast elements array, store the value to the elements backing store. | |
| 282 __ bind(&finish_object_store); | |
| 283 if (increment_length == kIncrementLength) { | |
| 284 // Add 1 to receiver->length. | |
| 285 __ AddSmiLiteral(scratch, key, Smi::FromInt(1), r0); | |
| 286 __ StoreP(scratch, FieldMemOperand(receiver, JSArray::kLengthOffset), r0); | |
| 287 } | |
| 288 __ addi(address, elements, Operand(FixedArray::kHeaderSize - kHeapObjectTag)); | |
| 289 __ SmiToPtrArrayOffset(scratch, key); | |
| 290 __ StorePUX(value, MemOperand(address, scratch)); | |
| 291 // Update write barrier for the elements array address. | |
| 292 __ mr(scratch, value); // Preserve the value which is returned. | |
| 293 __ RecordWrite(elements, address, scratch, kLRHasNotBeenSaved, | |
| 294 kDontSaveFPRegs, EMIT_REMEMBERED_SET, OMIT_SMI_CHECK); | |
| 295 __ Ret(); | |
| 296 | |
| 297 __ bind(fast_double); | |
| 298 if (check_map == kCheckMap) { | |
| 299 // Check for fast double array case. If this fails, call through to the | |
| 300 // runtime. | |
| 301 __ CompareRoot(elements_map, Heap::kFixedDoubleArrayMapRootIndex); | |
| 302 __ bne(slow); | |
| 303 } | |
| 304 | |
| 305 // HOLECHECK: guards "A[i] double hole?" | |
| 306 // We have to see if the double version of the hole is present. If so | |
| 307 // go to the runtime. | |
| 308 __ addi(address, elements, | |
| 309 Operand((FixedDoubleArray::kHeaderSize + Register::kExponentOffset - | |
| 310 kHeapObjectTag))); | |
| 311 __ SmiToDoubleArrayOffset(scratch, key); | |
| 312 __ lwzx(scratch, MemOperand(address, scratch)); | |
| 313 __ Cmpi(scratch, Operand(kHoleNanUpper32), r0); | |
| 314 __ bne(&fast_double_without_map_check); | |
| 315 __ JumpIfDictionaryInPrototypeChain(receiver, elements_map, scratch, slow); | |
| 316 | |
| 317 __ bind(&fast_double_without_map_check); | |
| 318 __ StoreNumberToDoubleElements(value, key, elements, scratch, d0, | |
| 319 &transition_double_elements); | |
| 320 if (increment_length == kIncrementLength) { | |
| 321 // Add 1 to receiver->length. | |
| 322 __ AddSmiLiteral(scratch, key, Smi::FromInt(1), r0); | |
| 323 __ StoreP(scratch, FieldMemOperand(receiver, JSArray::kLengthOffset), r0); | |
| 324 } | |
| 325 __ Ret(); | |
| 326 | |
| 327 __ bind(&transition_smi_elements); | |
| 328 // Transition the array appropriately depending on the value type. | |
| 329 __ LoadP(scratch, FieldMemOperand(value, HeapObject::kMapOffset)); | |
| 330 __ CompareRoot(scratch, Heap::kHeapNumberMapRootIndex); | |
| 331 __ bne(&non_double_value); | |
| 332 | |
| 333 // Value is a double. Transition FAST_SMI_ELEMENTS -> | |
| 334 // FAST_DOUBLE_ELEMENTS and complete the store. | |
| 335 __ LoadTransitionedArrayMapConditional( | |
| 336 FAST_SMI_ELEMENTS, FAST_DOUBLE_ELEMENTS, receiver_map, scratch, slow); | |
| 337 AllocationSiteMode mode = | |
| 338 AllocationSite::GetMode(FAST_SMI_ELEMENTS, FAST_DOUBLE_ELEMENTS); | |
| 339 ElementsTransitionGenerator::GenerateSmiToDouble(masm, receiver, key, value, | |
| 340 receiver_map, mode, slow); | |
| 341 __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); | |
| 342 __ b(&fast_double_without_map_check); | |
| 343 | |
| 344 __ bind(&non_double_value); | |
| 345 // Value is not a double, FAST_SMI_ELEMENTS -> FAST_ELEMENTS | |
| 346 __ LoadTransitionedArrayMapConditional(FAST_SMI_ELEMENTS, FAST_ELEMENTS, | |
| 347 receiver_map, scratch, slow); | |
| 348 mode = AllocationSite::GetMode(FAST_SMI_ELEMENTS, FAST_ELEMENTS); | |
| 349 ElementsTransitionGenerator::GenerateMapChangeElementsTransition( | |
| 350 masm, receiver, key, value, receiver_map, mode, slow); | |
| 351 __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); | |
| 352 __ b(&finish_object_store); | |
| 353 | |
| 354 __ bind(&transition_double_elements); | |
| 355 // Elements are FAST_DOUBLE_ELEMENTS, but value is an Object that's not a | |
| 356 // HeapNumber. Make sure that the receiver is a Array with FAST_ELEMENTS and | |
| 357 // transition array from FAST_DOUBLE_ELEMENTS to FAST_ELEMENTS | |
| 358 __ LoadTransitionedArrayMapConditional(FAST_DOUBLE_ELEMENTS, FAST_ELEMENTS, | |
| 359 receiver_map, scratch, slow); | |
| 360 mode = AllocationSite::GetMode(FAST_DOUBLE_ELEMENTS, FAST_ELEMENTS); | |
| 361 ElementsTransitionGenerator::GenerateDoubleToObject( | |
| 362 masm, receiver, key, value, receiver_map, mode, slow); | |
| 363 __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); | |
| 364 __ b(&finish_object_store); | |
| 365 } | |
| 366 | |
| 367 | |
| 368 void KeyedStoreIC::GenerateMegamorphic(MacroAssembler* masm, | |
| 369 LanguageMode language_mode) { | |
| 370 // ---------- S t a t e -------------- | |
| 371 // -- r3 : value | |
| 372 // -- r4 : key | |
| 373 // -- r5 : receiver | |
| 374 // -- lr : return address | |
| 375 // ----------------------------------- | |
| 376 Label slow, fast_object, fast_object_grow; | |
| 377 Label fast_double, fast_double_grow; | |
| 378 Label array, extra, check_if_double_array, maybe_name_key, miss; | |
| 379 | |
| 380 // Register usage. | |
| 381 Register value = StoreDescriptor::ValueRegister(); | |
| 382 Register key = StoreDescriptor::NameRegister(); | |
| 383 Register receiver = StoreDescriptor::ReceiverRegister(); | |
| 384 DCHECK(receiver.is(r4)); | |
| 385 DCHECK(key.is(r5)); | |
| 386 DCHECK(value.is(r3)); | |
| 387 Register receiver_map = r6; | |
| 388 Register elements_map = r9; | |
| 389 Register elements = r10; // Elements array of the receiver. | |
| 390 // r7 and r8 are used as general scratch registers. | |
| 391 | |
| 392 // Check that the key is a smi. | |
| 393 __ JumpIfNotSmi(key, &maybe_name_key); | |
| 394 // Check that the object isn't a smi. | |
| 395 __ JumpIfSmi(receiver, &slow); | |
| 396 // Get the map of the object. | |
| 397 __ LoadP(receiver_map, FieldMemOperand(receiver, HeapObject::kMapOffset)); | |
| 398 // Check that the receiver does not require access checks. | |
| 399 // The generic stub does not perform map checks. | |
| 400 __ lbz(ip, FieldMemOperand(receiver_map, Map::kBitFieldOffset)); | |
| 401 __ andi(r0, ip, Operand(1 << Map::kIsAccessCheckNeeded)); | |
| 402 __ bne(&slow, cr0); | |
| 403 // Check if the object is a JS array or not. | |
| 404 __ lbz(r7, FieldMemOperand(receiver_map, Map::kInstanceTypeOffset)); | |
| 405 __ cmpi(r7, Operand(JS_ARRAY_TYPE)); | |
| 406 __ beq(&array); | |
| 407 // Check that the object is some kind of JSObject. | |
| 408 __ cmpi(r7, Operand(FIRST_JS_OBJECT_TYPE)); | |
| 409 __ blt(&slow); | |
| 410 | |
| 411 // Object case: Check key against length in the elements array. | |
| 412 __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); | |
| 413 // Check array bounds. Both the key and the length of FixedArray are smis. | |
| 414 __ LoadP(ip, FieldMemOperand(elements, FixedArray::kLengthOffset)); | |
| 415 __ cmpl(key, ip); | |
| 416 __ blt(&fast_object); | |
| 417 | |
| 418 // Slow case, handle jump to runtime. | |
| 419 __ bind(&slow); | |
| 420 // Entry registers are intact. | |
| 421 // r3: value. | |
| 422 // r4: key. | |
| 423 // r5: receiver. | |
| 424 PropertyICCompiler::GenerateRuntimeSetProperty(masm, language_mode); | |
| 425 // Never returns to here. | |
| 426 | |
| 427 __ bind(&maybe_name_key); | |
| 428 __ LoadP(r7, FieldMemOperand(key, HeapObject::kMapOffset)); | |
| 429 __ lbz(r7, FieldMemOperand(r7, Map::kInstanceTypeOffset)); | |
| 430 __ JumpIfNotUniqueNameInstanceType(r7, &slow); | |
| 431 | |
| 432 // The handlers in the stub cache expect a vector and slot. Since we won't | |
| 433 // change the IC from any downstream misses, a dummy vector can be used. | |
| 434 Register vector = StoreWithVectorDescriptor::VectorRegister(); | |
| 435 Register slot = StoreWithVectorDescriptor::SlotRegister(); | |
| 436 DCHECK(!AreAliased(vector, slot, r8, r9, r10, r11)); | |
| 437 Handle<TypeFeedbackVector> dummy_vector = | |
| 438 TypeFeedbackVector::DummyVector(masm->isolate()); | |
| 439 int slot_index = dummy_vector->GetIndex( | |
| 440 FeedbackVectorSlot(TypeFeedbackVector::kDummyKeyedStoreICSlot)); | |
| 441 __ LoadRoot(vector, Heap::kDummyVectorRootIndex); | |
| 442 __ LoadSmiLiteral(slot, Smi::FromInt(slot_index)); | |
| 443 | |
| 444 masm->isolate()->store_stub_cache()->GenerateProbe(masm, receiver, key, r8, | |
| 445 r9, r10, r11); | |
| 446 // Cache miss. | |
| 447 __ b(&miss); | |
| 448 | |
| 449 // Extra capacity case: Check if there is extra capacity to | |
| 450 // perform the store and update the length. Used for adding one | |
| 451 // element to the array by writing to array[array.length]. | |
| 452 __ bind(&extra); | |
| 453 // Condition code from comparing key and array length is still available. | |
| 454 __ bne(&slow); // Only support writing to writing to array[array.length]. | |
| 455 // Check for room in the elements backing store. | |
| 456 // Both the key and the length of FixedArray are smis. | |
| 457 __ LoadP(ip, FieldMemOperand(elements, FixedArray::kLengthOffset)); | |
| 458 __ cmpl(key, ip); | |
| 459 __ bge(&slow); | |
| 460 __ LoadP(elements_map, FieldMemOperand(elements, HeapObject::kMapOffset)); | |
| 461 __ mov(ip, Operand(masm->isolate()->factory()->fixed_array_map())); | |
| 462 __ cmp(elements_map, ip); // PPC - I think I can re-use ip here | |
| 463 __ bne(&check_if_double_array); | |
| 464 __ b(&fast_object_grow); | |
| 465 | |
| 466 __ bind(&check_if_double_array); | |
| 467 __ mov(ip, Operand(masm->isolate()->factory()->fixed_double_array_map())); | |
| 468 __ cmp(elements_map, ip); // PPC - another ip re-use | |
| 469 __ bne(&slow); | |
| 470 __ b(&fast_double_grow); | |
| 471 | |
| 472 // Array case: Get the length and the elements array from the JS | |
| 473 // array. Check that the array is in fast mode (and writable); if it | |
| 474 // is the length is always a smi. | |
| 475 __ bind(&array); | |
| 476 __ LoadP(elements, FieldMemOperand(receiver, JSObject::kElementsOffset)); | |
| 477 | |
| 478 // Check the key against the length in the array. | |
| 479 __ LoadP(ip, FieldMemOperand(receiver, JSArray::kLengthOffset)); | |
| 480 __ cmpl(key, ip); | |
| 481 __ bge(&extra); | |
| 482 | |
| 483 KeyedStoreGenerateMegamorphicHelper( | |
| 484 masm, &fast_object, &fast_double, &slow, kCheckMap, kDontIncrementLength, | |
| 485 value, key, receiver, receiver_map, elements_map, elements); | |
| 486 KeyedStoreGenerateMegamorphicHelper(masm, &fast_object_grow, | |
| 487 &fast_double_grow, &slow, kDontCheckMap, | |
| 488 kIncrementLength, value, key, receiver, | |
| 489 receiver_map, elements_map, elements); | |
| 490 __ bind(&miss); | |
| 491 GenerateMiss(masm); | |
| 492 } | |
| 493 | |
| 494 void StoreIC::GenerateMiss(MacroAssembler* masm) { | 226 void StoreIC::GenerateMiss(MacroAssembler* masm) { |
| 495 StoreIC_PushArgs(masm); | 227 StoreIC_PushArgs(masm); |
| 496 | 228 |
| 497 // Perform tail call to the entry. | 229 // Perform tail call to the entry. |
| 498 __ TailCallRuntime(Runtime::kStoreIC_Miss); | 230 __ TailCallRuntime(Runtime::kStoreIC_Miss); |
| 499 } | 231 } |
| 500 | 232 |
| 501 | 233 |
| 502 void StoreIC::GenerateNormal(MacroAssembler* masm) { | 234 void StoreIC::GenerateNormal(MacroAssembler* masm) { |
| 503 Label miss; | 235 Label miss; |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 621 patcher.EmitCondition(ne); | 353 patcher.EmitCondition(ne); |
| 622 } else { | 354 } else { |
| 623 DCHECK(Assembler::GetCondition(branch_instr) == ne); | 355 DCHECK(Assembler::GetCondition(branch_instr) == ne); |
| 624 patcher.EmitCondition(eq); | 356 patcher.EmitCondition(eq); |
| 625 } | 357 } |
| 626 } | 358 } |
| 627 } // namespace internal | 359 } // namespace internal |
| 628 } // namespace v8 | 360 } // namespace v8 |
| 629 | 361 |
| 630 #endif // V8_TARGET_ARCH_PPC | 362 #endif // V8_TARGET_ARCH_PPC |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2523473002:
[cleanup] Drop handwritten KeyedStoreIC code (Closed)
