Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/builtins/builtins-array.cc

Issue 2756663002: [csa] Bailout to the runtime for ToInteger conversion in Array.p.indexOf. (Closed)
Patch Set: Also fix FastDoubleElementsAccessor::IndexOfValueImpl Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | src/elements.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 the V8 project authors. All rights reserved. 1 // Copyright 2016 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/builtins/builtins.h" 5 #include "src/builtins/builtins.h"
6 #include "src/builtins/builtins-utils.h" 6 #include "src/builtins/builtins-utils.h"
7 7
8 #include "src/code-factory.h" 8 #include "src/code-factory.h"
9 #include "src/code-stub-assembler.h" 9 #include "src/code-stub-assembler.h"
10 #include "src/contexts.h" 10 #include "src/contexts.h"
(...skipping 2030 matching lines...) Expand 10 before | Expand all | Expand 10 after
2041 CSA_ASSERT(this, 2041 CSA_ASSERT(this,
2042 TaggedIsSmi(LoadObjectField(array, JSArray::kLengthOffset))); 2042 TaggedIsSmi(LoadObjectField(array, JSArray::kLengthOffset)));
2043 Node* len = LoadAndUntagObjectField(array, JSArray::kLengthOffset); 2043 Node* len = LoadAndUntagObjectField(array, JSArray::kLengthOffset);
2044 2044
2045 len_var.Bind(len); 2045 len_var.Bind(len);
2046 Branch(WordEqual(len_var.value(), intptr_zero), &return_not_found, &init_k); 2046 Branch(WordEqual(len_var.value(), intptr_zero), &return_not_found, &init_k);
2047 } 2047 }
2048 2048
2049 Bind(&init_k); 2049 Bind(&init_k);
2050 { 2050 {
2051 Label done(this), init_k_smi(this), init_k_heap_num(this), 2051 // For now only deal with undefined and Smis here; we must be really careful
2052 init_k_zero(this), init_k_n(this); 2052 // with side-effects from the ToInteger conversion as the side-effects might
2053 Node* tagged_n = ToInteger(context, start_from); 2053 // render our assumptions about the receiver being a fast JSArray and the
2054 2054 // length invalid.
2055 Branch(TaggedIsSmi(tagged_n), &init_k_smi, &init_k_heap_num); 2055 Label done(this), init_k_smi(this), init_k_other(this), init_k_zero(this),
2056 init_k_n(this);
2057 Branch(TaggedIsSmi(start_from), &init_k_smi, &init_k_other);
2056 2058
2057 Bind(&init_k_smi); 2059 Bind(&init_k_smi);
2058 { 2060 {
2059 start_from_var.Bind(SmiUntag(tagged_n)); 2061 // The fromIndex is a Smi.
2062 start_from_var.Bind(SmiUntag(start_from));
2060 Goto(&init_k_n); 2063 Goto(&init_k_n);
2061 } 2064 }
2062 2065
2063 Bind(&init_k_heap_num); 2066 Bind(&init_k_other);
2064 { 2067 {
2065 Label do_return_not_found(this); 2068 // The fromIndex must be undefined then, otherwise bailout and let the
2066 // This round is lossless for all valid lengths. 2069 // runtime deal with the full ToInteger conversion.
2067 Node* fp_len = RoundIntPtrToFloat64(len_var.value()); 2070 GotoIfNot(IsUndefined(start_from), &call_runtime);
2068 Node* fp_n = LoadHeapNumberValue(tagged_n); 2071 start_from_var.Bind(intptr_zero);
2069 GotoIf(Float64GreaterThanOrEqual(fp_n, fp_len), &do_return_not_found);
2070 start_from_var.Bind(ChangeInt32ToIntPtr(TruncateFloat64ToWord32(fp_n)));
2071 Goto(&init_k_n); 2072 Goto(&init_k_n);
2072
2073 Bind(&do_return_not_found);
2074 {
2075 index_var.Bind(intptr_zero);
2076 Goto(&return_not_found);
2077 }
2078 } 2073 }
2079 2074
2080 Bind(&init_k_n); 2075 Bind(&init_k_n);
2081 { 2076 {
2082 Label if_positive(this), if_negative(this), done(this); 2077 Label if_positive(this), if_negative(this), done(this);
2083 Branch(IntPtrLessThan(start_from_var.value(), intptr_zero), &if_negative, 2078 Branch(IntPtrLessThan(start_from_var.value(), intptr_zero), &if_negative,
2084 &if_positive); 2079 &if_positive);
2085 2080
2086 Bind(&if_positive); 2081 Bind(&if_positive);
2087 { 2082 {
(...skipping 660 matching lines...) Expand 10 before | Expand all | Expand 10 after
2748 { 2743 {
2749 Node* message = SmiConstant(MessageTemplate::kDetachedOperation); 2744 Node* message = SmiConstant(MessageTemplate::kDetachedOperation);
2750 CallRuntime(Runtime::kThrowTypeError, context, message, 2745 CallRuntime(Runtime::kThrowTypeError, context, message,
2751 HeapConstant(operation)); 2746 HeapConstant(operation));
2752 Unreachable(); 2747 Unreachable();
2753 } 2748 }
2754 } 2749 }
2755 2750
2756 } // namespace internal 2751 } // namespace internal
2757 } // namespace v8 2752 } // namespace v8
OLDNEW
« no previous file with comments | « no previous file | src/elements.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698