[cleanup] Drop handwritten KeyedStoreIC code

src/ic/x64/ic-x64.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #if V8_TARGET_ARCH_X64
 
 #include "src/codegen.h"
 #include "src/ic/ic.h"
 #include "src/ic/ic-compiler.h"
 #include "src/ic/stub-cache.h"
@@ skipping 103 matching lines @@
   const int kValueOffset = kElementsStartOffset + kPointerSize;
   __ leap(scratch1, Operand(elements, scratch1, times_pointer_size,
                             kValueOffset - kHeapObjectTag));
   __ movp(Operand(scratch1, 0), value);
 
   // Update write barrier. Make sure not to clobber the value.
   __ movp(scratch0, value);
   __ RecordWrite(elements, scratch1, scratch0, kDontSaveFPRegs);
 }
 
-static void KeyedStoreGenerateMegamorphicHelper(
-    MacroAssembler* masm, Label* fast_object, Label* fast_double, Label* slow,
-    KeyedStoreCheckMap check_map, KeyedStoreIncrementLength increment_length) {
-  Label transition_smi_elements;
-  Label finish_object_store, non_double_value, transition_double_elements;
-  Label fast_double_without_map_check;
-  Register receiver = StoreDescriptor::ReceiverRegister();
-  Register key = StoreDescriptor::NameRegister();
-  Register value = StoreDescriptor::ValueRegister();
-  DCHECK(receiver.is(rdx));
-  DCHECK(key.is(rcx));
-  DCHECK(value.is(rax));
-  // Fast case: Do the store, could be either Object or double.
-  __ bind(fast_object);
-  // rbx: receiver's elements array (a FixedArray)
-  // receiver is a JSArray.
-  // r9: map of receiver
-  if (check_map == kCheckMap) {
-    __ movp(rdi, FieldOperand(rbx, HeapObject::kMapOffset));
-    __ CompareRoot(rdi, Heap::kFixedArrayMapRootIndex);
-    __ j(not_equal, fast_double);
-  }
-
-  // HOLECHECK: guards "A[i] = V"
-  // We have to go to the runtime if the current value is the hole because
-  // there may be a callback on the element
-  Label holecheck_passed1;
-  __ movp(kScratchRegister,
-          FieldOperand(rbx, key, times_pointer_size, FixedArray::kHeaderSize));
-  __ CompareRoot(kScratchRegister, Heap::kTheHoleValueRootIndex);
-  __ j(not_equal, &holecheck_passed1);
-  __ JumpIfDictionaryInPrototypeChain(receiver, rdi, kScratchRegister, slow);
-
-  __ bind(&holecheck_passed1);
-
-  // Smi stores don't require further checks.
-  Label non_smi_value;
-  __ JumpIfNotSmi(value, &non_smi_value);
-  if (increment_length == kIncrementLength) {
-    // Add 1 to receiver->length.
-    __ leal(rdi, Operand(key, 1));
-    __ Integer32ToSmiField(FieldOperand(receiver, JSArray::kLengthOffset), rdi);
-  }
-  // It's irrelevant whether array is smi-only or not when writing a smi.
-  __ movp(FieldOperand(rbx, key, times_pointer_size, FixedArray::kHeaderSize),
-          value);
-  __ ret(0);
-
-  __ bind(&non_smi_value);
-  // Writing a non-smi, check whether array allows non-smi elements.
-  // r9: receiver's map
-  __ CheckFastObjectElements(r9, &transition_smi_elements);
-
-  __ bind(&finish_object_store);
-  if (increment_length == kIncrementLength) {
-    // Add 1 to receiver->length.
-    __ leal(rdi, Operand(key, 1));
-    __ Integer32ToSmiField(FieldOperand(receiver, JSArray::kLengthOffset), rdi);
-  }
-  __ movp(FieldOperand(rbx, key, times_pointer_size, FixedArray::kHeaderSize),
-          value);
-  __ movp(rdx, value);  // Preserve the value which is returned.
-  __ RecordWriteArray(rbx, rdx, key, kDontSaveFPRegs, EMIT_REMEMBERED_SET,
-                      OMIT_SMI_CHECK);
-  __ ret(0);
-
-  __ bind(fast_double);
-  if (check_map == kCheckMap) {
-    // Check for fast double array case. If this fails, call through to the
-    // runtime.
-    // rdi: elements array's map
-    __ CompareRoot(rdi, Heap::kFixedDoubleArrayMapRootIndex);
-    __ j(not_equal, slow);
-  }
-
-  // HOLECHECK: guards "A[i] double hole?"
-  // We have to see if the double version of the hole is present. If so
-  // go to the runtime.
-  uint32_t offset = FixedDoubleArray::kHeaderSize + sizeof(kHoleNanLower32);
-  __ cmpl(FieldOperand(rbx, key, times_8, offset), Immediate(kHoleNanUpper32));
-  __ j(not_equal, &fast_double_without_map_check);
-  __ JumpIfDictionaryInPrototypeChain(receiver, rdi, kScratchRegister, slow);
-
-  __ bind(&fast_double_without_map_check);
-  __ StoreNumberToDoubleElements(value, rbx, key, kScratchDoubleReg,
-                                 &transition_double_elements);
-  if (increment_length == kIncrementLength) {
-    // Add 1 to receiver->length.
-    __ leal(rdi, Operand(key, 1));
-    __ Integer32ToSmiField(FieldOperand(receiver, JSArray::kLengthOffset), rdi);
-  }
-  __ ret(0);
-
-  __ bind(&transition_smi_elements);
-  __ movp(rbx, FieldOperand(receiver, HeapObject::kMapOffset));
-
-  // Transition the array appropriately depending on the value type.
-  __ movp(r9, FieldOperand(value, HeapObject::kMapOffset));
-  __ CompareRoot(r9, Heap::kHeapNumberMapRootIndex);
-  __ j(not_equal, &non_double_value);
-
-  // Value is a double. Transition FAST_SMI_ELEMENTS ->
-  // FAST_DOUBLE_ELEMENTS and complete the store.
-  __ LoadTransitionedArrayMapConditional(FAST_SMI_ELEMENTS,
-                                         FAST_DOUBLE_ELEMENTS, rbx, rdi, slow);
-  AllocationSiteMode mode =
-      AllocationSite::GetMode(FAST_SMI_ELEMENTS, FAST_DOUBLE_ELEMENTS);
-  ElementsTransitionGenerator::GenerateSmiToDouble(masm, receiver, key, value,
-                                                   rbx, mode, slow);
-  __ movp(rbx, FieldOperand(receiver, JSObject::kElementsOffset));
-  __ jmp(&fast_double_without_map_check);
-
-  __ bind(&non_double_value);
-  // Value is not a double, FAST_SMI_ELEMENTS -> FAST_ELEMENTS
-  __ LoadTransitionedArrayMapConditional(FAST_SMI_ELEMENTS, FAST_ELEMENTS, rbx,
-                                         rdi, slow);
-  mode = AllocationSite::GetMode(FAST_SMI_ELEMENTS, FAST_ELEMENTS);
-  ElementsTransitionGenerator::GenerateMapChangeElementsTransition(
-      masm, receiver, key, value, rbx, mode, slow);
-  __ movp(rbx, FieldOperand(receiver, JSObject::kElementsOffset));
-  __ jmp(&finish_object_store);
-
-  __ bind(&transition_double_elements);
-  // Elements are FAST_DOUBLE_ELEMENTS, but value is an Object that's not a
-  // HeapNumber. Make sure that the receiver is a Array with FAST_ELEMENTS and
-  // transition array from FAST_DOUBLE_ELEMENTS to FAST_ELEMENTS
-  __ movp(rbx, FieldOperand(receiver, HeapObject::kMapOffset));
-  __ LoadTransitionedArrayMapConditional(FAST_DOUBLE_ELEMENTS, FAST_ELEMENTS,
-                                         rbx, rdi, slow);
-  mode = AllocationSite::GetMode(FAST_DOUBLE_ELEMENTS, FAST_ELEMENTS);
-  ElementsTransitionGenerator::GenerateDoubleToObject(masm, receiver, key,
-                                                      value, rbx, mode, slow);
-  __ movp(rbx, FieldOperand(receiver, JSObject::kElementsOffset));
-  __ jmp(&finish_object_store);
-}
-
-
-void KeyedStoreIC::GenerateMegamorphic(MacroAssembler* masm,
-                                       LanguageMode language_mode) {
-  // Return address is on the stack.
-  Label slow, slow_with_tagged_index, fast_object, fast_object_grow;
-  Label fast_double, fast_double_grow;
-  Label array, extra, check_if_double_array, maybe_name_key, miss;
-  Register receiver = StoreDescriptor::ReceiverRegister();
-  Register key = StoreDescriptor::NameRegister();
-  DCHECK(receiver.is(rdx));
-  DCHECK(key.is(rcx));
-
-  // Check that the object isn't a smi.
-  __ JumpIfSmi(receiver, &slow_with_tagged_index);
-  // Get the map from the receiver.
-  __ movp(r9, FieldOperand(receiver, HeapObject::kMapOffset));
-  // Check that the receiver does not require access checks.
-  // The generic stub does not perform map checks.
-  __ testb(FieldOperand(r9, Map::kBitFieldOffset),
-           Immediate(1 << Map::kIsAccessCheckNeeded));
-  __ j(not_zero, &slow_with_tagged_index);
-  // Check that the key is a smi.
-  __ JumpIfNotSmi(key, &maybe_name_key);
-  __ SmiToInteger32(key, key);
-
-  __ CmpInstanceType(r9, JS_ARRAY_TYPE);
-  __ j(equal, &array);
-  // Check that the object is some kind of JS object EXCEPT JS Value type. In
-  // the case that the object is a value-wrapper object, we enter the runtime
-  // system to make sure that indexing into string objects works as intended.
-  STATIC_ASSERT(JS_VALUE_TYPE < JS_OBJECT_TYPE);
-  __ CmpInstanceType(r9, JS_OBJECT_TYPE);
-  __ j(below, &slow);
-
-  // Object case: Check key against length in the elements array.
-  __ movp(rbx, FieldOperand(receiver, JSObject::kElementsOffset));
-  // Check array bounds.
-  __ SmiCompareInteger32(FieldOperand(rbx, FixedArray::kLengthOffset), key);
-  // rbx: FixedArray
-  __ j(above, &fast_object);
-
-  // Slow case: call runtime.
-  __ bind(&slow);
-  __ Integer32ToSmi(key, key);
-  __ bind(&slow_with_tagged_index);
-  PropertyICCompiler::GenerateRuntimeSetProperty(masm, language_mode);
-  // Never returns to here.
-
-  __ bind(&maybe_name_key);
-  __ movp(r9, FieldOperand(key, HeapObject::kMapOffset));
-  __ movzxbp(r9, FieldOperand(r9, Map::kInstanceTypeOffset));
-  __ JumpIfNotUniqueNameInstanceType(r9, &slow_with_tagged_index);
-
-  Register vector = StoreWithVectorDescriptor::VectorRegister();
-  Register slot = StoreWithVectorDescriptor::SlotRegister();
-  // The handlers in the stub cache expect a vector and slot. Since we won't
-  // change the IC from any downstream misses, a dummy vector can be used.
-  Handle<TypeFeedbackVector> dummy_vector =
-      TypeFeedbackVector::DummyVector(masm->isolate());
-  int slot_index = dummy_vector->GetIndex(
-      FeedbackVectorSlot(TypeFeedbackVector::kDummyKeyedStoreICSlot));
-  __ Move(vector, dummy_vector);
-  __ Move(slot, Smi::FromInt(slot_index));
-
-  masm->isolate()->store_stub_cache()->GenerateProbe(masm, receiver, key, r9,
-                                                     no_reg);
-  // Cache miss.
-  __ jmp(&miss);
-
-  // Extra capacity case: Check if there is extra capacity to
-  // perform the store and update the length. Used for adding one
-  // element to the array by writing to array[array.length].
-  __ bind(&extra);
-  // receiver is a JSArray.
-  // rbx: receiver's elements array (a FixedArray)
-  // flags: smicompare (receiver.length(), rbx)
-  __ j(not_equal, &slow);  // do not leave holes in the array
-  __ SmiCompareInteger32(FieldOperand(rbx, FixedArray::kLengthOffset), key);
-  __ j(below_equal, &slow);
-  // Increment index to get new length.
-  __ movp(rdi, FieldOperand(rbx, HeapObject::kMapOffset));
-  __ CompareRoot(rdi, Heap::kFixedArrayMapRootIndex);
-  __ j(not_equal, &check_if_double_array);
-  __ jmp(&fast_object_grow);
-
-  __ bind(&check_if_double_array);
-  // rdi: elements array's map
-  __ CompareRoot(rdi, Heap::kFixedDoubleArrayMapRootIndex);
-  __ j(not_equal, &slow);
-  __ jmp(&fast_double_grow);
-
-  // Array case: Get the length and the elements array from the JS
-  // array. Check that the array is in fast mode (and writable); if it
-  // is the length is always a smi.
-  __ bind(&array);
-  // receiver is a JSArray.
-  __ movp(rbx, FieldOperand(receiver, JSObject::kElementsOffset));
-
-  // Check the key against the length in the array, compute the
-  // address to store into and fall through to fast case.
-  __ SmiCompareInteger32(FieldOperand(receiver, JSArray::kLengthOffset), key);
-  __ j(below_equal, &extra);
-
-  KeyedStoreGenerateMegamorphicHelper(masm, &fast_object, &fast_double, &slow,
-                                      kCheckMap, kDontIncrementLength);
-  KeyedStoreGenerateMegamorphicHelper(masm, &fast_object_grow,
-                                      &fast_double_grow, &slow, kDontCheckMap,
-                                      kIncrementLength);
-
-  __ bind(&miss);
-  GenerateMiss(masm);
-}
-
 void LoadIC::GenerateNormal(MacroAssembler* masm) {
   Register dictionary = rax;
   DCHECK(!dictionary.is(LoadDescriptor::ReceiverRegister()));
   DCHECK(!dictionary.is(LoadDescriptor::NameRegister()));
 
   Label slow;
 
   __ movp(dictionary, FieldOperand(LoadDescriptor::ReceiverRegister(),
                                    JSObject::kPropertiesOffset));
   GenerateDictionaryLoad(masm, &slow, dictionary,
@@ skipping 214 matching lines @@
   Condition cc =
       (check == ENABLE_INLINED_SMI_CHECK)
           ? (*jmp_address == Assembler::kJncShortOpcode ? not_zero : zero)
           : (*jmp_address == Assembler::kJnzShortOpcode ? not_carry : carry);
   *jmp_address = static_cast<byte>(Assembler::kJccShortPrefix | cc);
 }
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_X64