| Index: src/ia32/stub-cache-ia32.cc
|
| ===================================================================
|
| --- src/ia32/stub-cache-ia32.cc (revision 6800)
|
| +++ src/ia32/stub-cache-ia32.cc (working copy)
|
| @@ -327,28 +327,32 @@
|
| Register receiver,
|
| Register scratch1,
|
| Register scratch2,
|
| - Label* miss) {
|
| + Label* miss,
|
| + bool support_wrappers) {
|
| Label check_wrapper;
|
|
|
| // Check if the object is a string leaving the instance type in the
|
| // scratch register.
|
| - GenerateStringCheck(masm, receiver, scratch1, miss, &check_wrapper);
|
| + GenerateStringCheck(masm, receiver, scratch1, miss,
|
| + support_wrappers ? &check_wrapper : miss);
|
|
|
| // Load length from the string and convert to a smi.
|
| __ mov(eax, FieldOperand(receiver, String::kLengthOffset));
|
| __ ret(0);
|
|
|
| - // Check if the object is a JSValue wrapper.
|
| - __ bind(&check_wrapper);
|
| - __ cmp(scratch1, JS_VALUE_TYPE);
|
| - __ j(not_equal, miss, not_taken);
|
| + if (support_wrappers) {
|
| + // Check if the object is a JSValue wrapper.
|
| + __ bind(&check_wrapper);
|
| + __ cmp(scratch1, JS_VALUE_TYPE);
|
| + __ j(not_equal, miss, not_taken);
|
|
|
| - // Check if the wrapped value is a string and load the length
|
| - // directly if it is.
|
| - __ mov(scratch2, FieldOperand(receiver, JSValue::kValueOffset));
|
| - GenerateStringCheck(masm, scratch2, scratch1, miss, miss);
|
| - __ mov(eax, FieldOperand(scratch2, String::kLengthOffset));
|
| - __ ret(0);
|
| + // Check if the wrapped value is a string and load the length
|
| + // directly if it is.
|
| + __ mov(scratch2, FieldOperand(receiver, JSValue::kValueOffset));
|
| + GenerateStringCheck(masm, scratch2, scratch1, miss, miss);
|
| + __ mov(eax, FieldOperand(scratch2, String::kLengthOffset));
|
| + __ ret(0);
|
| + }
|
| }
|
|
|
|
|
| @@ -451,10 +455,9 @@
|
|
|
|
|
| // Generates call to API function.
|
| -static bool GenerateFastApiCall(MacroAssembler* masm,
|
| - const CallOptimization& optimization,
|
| - int argc,
|
| - Failure** failure) {
|
| +static MaybeObject* GenerateFastApiCall(MacroAssembler* masm,
|
| + const CallOptimization& optimization,
|
| + int argc) {
|
| // ----------- S t a t e -------------
|
| // -- esp[0] : return address
|
| // -- esp[4] : object passing the type check
|
| @@ -516,13 +519,8 @@
|
| // already generated). Do not allow the assembler to perform a
|
| // garbage collection but instead return the allocation failure
|
| // object.
|
| - MaybeObject* result =
|
| - masm->TryCallApiFunctionAndReturn(&fun, argc + kFastApiCallArguments + 1);
|
| - if (result->IsFailure()) {
|
| - *failure = Failure::cast(result);
|
| - return false;
|
| - }
|
| - return true;
|
| + return masm->TryCallApiFunctionAndReturn(&fun,
|
| + argc + kFastApiCallArguments + 1);
|
| }
|
|
|
|
|
| @@ -535,17 +533,16 @@
|
| arguments_(arguments),
|
| name_(name) {}
|
|
|
| - bool Compile(MacroAssembler* masm,
|
| - JSObject* object,
|
| - JSObject* holder,
|
| - String* name,
|
| - LookupResult* lookup,
|
| - Register receiver,
|
| - Register scratch1,
|
| - Register scratch2,
|
| - Register scratch3,
|
| - Label* miss,
|
| - Failure** failure) {
|
| + MaybeObject* Compile(MacroAssembler* masm,
|
| + JSObject* object,
|
| + JSObject* holder,
|
| + String* name,
|
| + LookupResult* lookup,
|
| + Register receiver,
|
| + Register scratch1,
|
| + Register scratch2,
|
| + Register scratch3,
|
| + Label* miss) {
|
| ASSERT(holder->HasNamedInterceptor());
|
| ASSERT(!holder->GetNamedInterceptor()->getter()->IsUndefined());
|
|
|
| @@ -566,8 +563,7 @@
|
| lookup,
|
| name,
|
| optimization,
|
| - miss,
|
| - failure);
|
| + miss);
|
| } else {
|
| CompileRegular(masm,
|
| object,
|
| @@ -578,23 +574,22 @@
|
| name,
|
| holder,
|
| miss);
|
| - return true;
|
| + return Heap::undefined_value(); // Success.
|
| }
|
| }
|
|
|
| private:
|
| - bool CompileCacheable(MacroAssembler* masm,
|
| - JSObject* object,
|
| - Register receiver,
|
| - Register scratch1,
|
| - Register scratch2,
|
| - Register scratch3,
|
| - JSObject* interceptor_holder,
|
| - LookupResult* lookup,
|
| - String* name,
|
| - const CallOptimization& optimization,
|
| - Label* miss_label,
|
| - Failure** failure) {
|
| + MaybeObject* CompileCacheable(MacroAssembler* masm,
|
| + JSObject* object,
|
| + Register receiver,
|
| + Register scratch1,
|
| + Register scratch2,
|
| + Register scratch3,
|
| + JSObject* interceptor_holder,
|
| + LookupResult* lookup,
|
| + String* name,
|
| + const CallOptimization& optimization,
|
| + Label* miss_label) {
|
| ASSERT(optimization.is_constant_call());
|
| ASSERT(!lookup->holder()->IsGlobalObject());
|
|
|
| @@ -656,11 +651,9 @@
|
|
|
| // Invoke function.
|
| if (can_do_fast_api_call) {
|
| - bool success = GenerateFastApiCall(masm, optimization,
|
| - arguments_.immediate(), failure);
|
| - if (!success) {
|
| - return false;
|
| - }
|
| + MaybeObject* result =
|
| + GenerateFastApiCall(masm, optimization, arguments_.immediate());
|
| + if (result->IsFailure()) return result;
|
| } else {
|
| __ InvokeFunction(optimization.constant_function(), arguments_,
|
| JUMP_FUNCTION);
|
| @@ -679,7 +672,7 @@
|
| FreeSpaceForFastApiCall(masm, scratch1);
|
| }
|
|
|
| - return true;
|
| + return Heap::undefined_value(); // Success.
|
| }
|
|
|
| void CompileRegular(MacroAssembler* masm,
|
| @@ -1057,17 +1050,16 @@
|
| }
|
|
|
|
|
| -bool StubCompiler::GenerateLoadCallback(JSObject* object,
|
| - JSObject* holder,
|
| - Register receiver,
|
| - Register name_reg,
|
| - Register scratch1,
|
| - Register scratch2,
|
| - Register scratch3,
|
| - AccessorInfo* callback,
|
| - String* name,
|
| - Label* miss,
|
| - Failure** failure) {
|
| +MaybeObject* StubCompiler::GenerateLoadCallback(JSObject* object,
|
| + JSObject* holder,
|
| + Register receiver,
|
| + Register name_reg,
|
| + Register scratch1,
|
| + Register scratch2,
|
| + Register scratch3,
|
| + AccessorInfo* callback,
|
| + String* name,
|
| + Label* miss) {
|
| // Check that the receiver isn't a smi.
|
| __ test(receiver, Immediate(kSmiTagMask));
|
| __ j(zero, miss, not_taken);
|
| @@ -1122,13 +1114,7 @@
|
| // already generated). Do not allow the assembler to perform a
|
| // garbage collection but instead return the allocation failure
|
| // object.
|
| - MaybeObject* result = masm()->TryCallApiFunctionAndReturn(&fun, kStackSpace);
|
| - if (result->IsFailure()) {
|
| - *failure = Failure::cast(result);
|
| - return false;
|
| - }
|
| -
|
| - return true;
|
| + return masm()->TryCallApiFunctionAndReturn(&fun, kStackSpace);
|
| }
|
|
|
|
|
| @@ -1362,11 +1348,10 @@
|
|
|
|
|
| MaybeObject* CallStubCompiler::GenerateMissBranch() {
|
| + MaybeObject* maybe_obj = StubCache::ComputeCallMiss(arguments().immediate(),
|
| + kind_);
|
| Object* obj;
|
| - { MaybeObject* maybe_obj =
|
| - StubCache::ComputeCallMiss(arguments().immediate(), kind_);
|
| - if (!maybe_obj->ToObject(&obj)) return maybe_obj;
|
| - }
|
| + if (!maybe_obj->ToObject(&obj)) return maybe_obj;
|
| __ jmp(Handle<Code>(Code::cast(obj)), RelocInfo::CODE_TARGET);
|
| return obj;
|
| }
|
| @@ -1686,10 +1671,16 @@
|
| const int argc = arguments().immediate();
|
|
|
| Label miss;
|
| + Label name_miss;
|
| Label index_out_of_range;
|
| + Label* index_out_of_range_label = &index_out_of_range;
|
|
|
| - GenerateNameCheck(name, &miss);
|
| + if (kind_ == Code::CALL_IC && extra_ic_state_ == DEFAULT_STRING_STUB) {
|
| + index_out_of_range_label = &miss;
|
| + }
|
|
|
| + GenerateNameCheck(name, &name_miss);
|
| +
|
| // Check that the maps starting from the prototype haven't changed.
|
| GenerateDirectLoadGlobalFunctionPrototype(masm(),
|
| Context::STRING_FUNCTION_INDEX,
|
| @@ -1716,7 +1707,7 @@
|
| result,
|
| &miss, // When not a string.
|
| &miss, // When not a number.
|
| - &index_out_of_range,
|
| + index_out_of_range_label,
|
| STRING_INDEX_IS_NUMBER);
|
| char_code_at_generator.GenerateFast(masm());
|
| __ ret((argc + 1) * kPointerSize);
|
| @@ -1724,11 +1715,16 @@
|
| StubRuntimeCallHelper call_helper;
|
| char_code_at_generator.GenerateSlow(masm(), call_helper);
|
|
|
| - __ bind(&index_out_of_range);
|
| - __ Set(eax, Immediate(Factory::nan_value()));
|
| - __ ret((argc + 1) * kPointerSize);
|
| + if (index_out_of_range.is_linked()) {
|
| + __ bind(&index_out_of_range);
|
| + __ Set(eax, Immediate(Factory::nan_value()));
|
| + __ ret((argc + 1) * kPointerSize);
|
| + }
|
|
|
| __ bind(&miss);
|
| + // Restore function name in ecx.
|
| + __ Set(ecx, Immediate(Handle<String>(name)));
|
| + __ bind(&name_miss);
|
| Object* obj;
|
| { MaybeObject* maybe_obj = GenerateMissBranch();
|
| if (!maybe_obj->ToObject(&obj)) return maybe_obj;
|
| @@ -1759,10 +1755,16 @@
|
| const int argc = arguments().immediate();
|
|
|
| Label miss;
|
| + Label name_miss;
|
| Label index_out_of_range;
|
| + Label* index_out_of_range_label = &index_out_of_range;
|
|
|
| - GenerateNameCheck(name, &miss);
|
| + if (kind_ == Code::CALL_IC && extra_ic_state_ == DEFAULT_STRING_STUB) {
|
| + index_out_of_range_label = &miss;
|
| + }
|
|
|
| + GenerateNameCheck(name, &name_miss);
|
| +
|
| // Check that the maps starting from the prototype haven't changed.
|
| GenerateDirectLoadGlobalFunctionPrototype(masm(),
|
| Context::STRING_FUNCTION_INDEX,
|
| @@ -1791,7 +1793,7 @@
|
| result,
|
| &miss, // When not a string.
|
| &miss, // When not a number.
|
| - &index_out_of_range,
|
| + index_out_of_range_label,
|
| STRING_INDEX_IS_NUMBER);
|
| char_at_generator.GenerateFast(masm());
|
| __ ret((argc + 1) * kPointerSize);
|
| @@ -1799,11 +1801,16 @@
|
| StubRuntimeCallHelper call_helper;
|
| char_at_generator.GenerateSlow(masm(), call_helper);
|
|
|
| - __ bind(&index_out_of_range);
|
| - __ Set(eax, Immediate(Factory::empty_string()));
|
| - __ ret((argc + 1) * kPointerSize);
|
| + if (index_out_of_range.is_linked()) {
|
| + __ bind(&index_out_of_range);
|
| + __ Set(eax, Immediate(Factory::empty_string()));
|
| + __ ret((argc + 1) * kPointerSize);
|
| + }
|
|
|
| __ bind(&miss);
|
| + // Restore function name in ecx.
|
| + __ Set(ecx, Immediate(Handle<String>(name)));
|
| + __ bind(&name_miss);
|
| Object* obj;
|
| { MaybeObject* maybe_obj = GenerateMissBranch();
|
| if (!maybe_obj->ToObject(&obj)) return maybe_obj;
|
| @@ -2260,17 +2267,14 @@
|
| }
|
|
|
| if (depth != kInvalidProtoDepth) {
|
| - Failure* failure;
|
| // Move the return address on top of the stack.
|
| __ mov(eax, Operand(esp, 3 * kPointerSize));
|
| __ mov(Operand(esp, 0 * kPointerSize), eax);
|
|
|
| // esp[2 * kPointerSize] is uninitialized, esp[3 * kPointerSize] contains
|
| // duplicate of return address and will be overwritten.
|
| - bool success = GenerateFastApiCall(masm(), optimization, argc, &failure);
|
| - if (!success) {
|
| - return failure;
|
| - }
|
| + MaybeObject* result = GenerateFastApiCall(masm(), optimization, argc);
|
| + if (result->IsFailure()) return result;
|
| } else {
|
| __ InvokeFunction(function, arguments(), JUMP_FUNCTION);
|
| }
|
| @@ -2315,21 +2319,17 @@
|
| __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
|
|
|
| CallInterceptorCompiler compiler(this, arguments(), ecx);
|
| - Failure* failure;
|
| - bool success = compiler.Compile(masm(),
|
| - object,
|
| - holder,
|
| - name,
|
| - &lookup,
|
| - edx,
|
| - ebx,
|
| - edi,
|
| - eax,
|
| - &miss,
|
| - &failure);
|
| - if (!success) {
|
| - return failure;
|
| - }
|
| + MaybeObject* result = compiler.Compile(masm(),
|
| + object,
|
| + holder,
|
| + name,
|
| + &lookup,
|
| + edx,
|
| + ebx,
|
| + edi,
|
| + eax,
|
| + &miss);
|
| + if (result->IsFailure()) return result;
|
|
|
| // Restore receiver.
|
| __ mov(edx, Operand(esp, (argc + 1) * kPointerSize));
|
| @@ -2583,14 +2583,24 @@
|
| Immediate(Handle<Map>(object->map())));
|
| __ j(not_equal, &miss, not_taken);
|
|
|
| - // Store the value in the cell.
|
| +
|
| + // Compute the cell operand to use.
|
| + Operand cell_operand = Operand::Cell(Handle<JSGlobalPropertyCell>(cell));
|
| if (Serializer::enabled()) {
|
| __ mov(ecx, Immediate(Handle<JSGlobalPropertyCell>(cell)));
|
| - __ mov(FieldOperand(ecx, JSGlobalPropertyCell::kValueOffset), eax);
|
| - } else {
|
| - __ mov(Operand::Cell(Handle<JSGlobalPropertyCell>(cell)), eax);
|
| + cell_operand = FieldOperand(ecx, JSGlobalPropertyCell::kValueOffset);
|
| }
|
|
|
| + // Check that the value in the cell is not the hole. If it is, this
|
| + // cell could have been deleted and reintroducing the global needs
|
| + // to update the property details in the property dictionary of the
|
| + // global object. We bail out to the runtime system to do that.
|
| + __ cmp(cell_operand, Factory::the_hole_value());
|
| + __ j(equal, &miss);
|
| +
|
| + // Store the value in the cell.
|
| + __ mov(cell_operand, eax);
|
| +
|
| // Return the value (register eax).
|
| __ IncrementCounter(&Counters::named_store_global_inline, 1);
|
| __ ret(0);
|
| @@ -2700,6 +2710,42 @@
|
| }
|
|
|
|
|
| +MaybeObject* KeyedStoreStubCompiler::CompileStorePixelArray(
|
| + JSObject* receiver) {
|
| + // ----------- S t a t e -------------
|
| + // -- eax : value
|
| + // -- ecx : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| + Label miss;
|
| +
|
| + // Check that the map matches.
|
| + __ CheckMap(edx, Handle<Map>(receiver->map()), &miss, false);
|
| +
|
| + // Do the load.
|
| + GenerateFastPixelArrayStore(masm(),
|
| + edx,
|
| + ecx,
|
| + eax,
|
| + edi,
|
| + ebx,
|
| + true,
|
| + &miss,
|
| + &miss,
|
| + NULL,
|
| + &miss);
|
| +
|
| + // Handle store cache miss.
|
| + __ bind(&miss);
|
| + Handle<Code> ic(Builtins::builtin(Builtins::KeyedStoreIC_Miss));
|
| + __ jmp(ic, RelocInfo::CODE_TARGET);
|
| +
|
| + // Return the generated code.
|
| + return GetCode(NORMAL, NULL);
|
| +}
|
| +
|
| +
|
| MaybeObject* LoadStubCompiler::CompileLoadNonexistent(String* name,
|
| JSObject* object,
|
| JSObject* last) {
|
| @@ -2779,12 +2825,11 @@
|
| // -----------------------------------
|
| Label miss;
|
|
|
| - Failure* failure = Failure::InternalError();
|
| - bool success = GenerateLoadCallback(object, holder, eax, ecx, ebx, edx, edi,
|
| - callback, name, &miss, &failure);
|
| - if (!success) {
|
| + MaybeObject* result = GenerateLoadCallback(object, holder, eax, ecx, ebx, edx,
|
| + edi, callback, name, &miss);
|
| + if (result->IsFailure()) {
|
| miss.Unuse();
|
| - return failure;
|
| + return result;
|
| }
|
|
|
| __ bind(&miss);
|
| @@ -2948,12 +2993,11 @@
|
| __ cmp(Operand(eax), Immediate(Handle<String>(name)));
|
| __ j(not_equal, &miss, not_taken);
|
|
|
| - Failure* failure = Failure::InternalError();
|
| - bool success = GenerateLoadCallback(receiver, holder, edx, eax, ebx, ecx, edi,
|
| - callback, name, &miss, &failure);
|
| - if (!success) {
|
| + MaybeObject* result = GenerateLoadCallback(receiver, holder, edx, eax, ebx,
|
| + ecx, edi, callback, name, &miss);
|
| + if (result->IsFailure()) {
|
| miss.Unuse();
|
| - return failure;
|
| + return result;
|
| }
|
|
|
| __ bind(&miss);
|
| @@ -3069,7 +3113,7 @@
|
| __ cmp(Operand(eax), Immediate(Handle<String>(name)));
|
| __ j(not_equal, &miss, not_taken);
|
|
|
| - GenerateLoadStringLength(masm(), edx, ecx, ebx, &miss);
|
| + GenerateLoadStringLength(masm(), edx, ecx, ebx, &miss, true);
|
| __ bind(&miss);
|
| __ DecrementCounter(&Counters::keyed_load_string_length, 1);
|
| GenerateLoadMiss(masm(), Code::KEYED_LOAD_IC);
|
| @@ -3148,6 +3192,37 @@
|
| }
|
|
|
|
|
| +MaybeObject* KeyedLoadStubCompiler::CompileLoadPixelArray(JSObject* receiver) {
|
| + // ----------- S t a t e -------------
|
| + // -- eax : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| + Label miss;
|
| +
|
| + // Check that the map matches.
|
| + __ CheckMap(edx, Handle<Map>(receiver->map()), &miss, false);
|
| +
|
| + GenerateFastPixelArrayLoad(masm(),
|
| + edx,
|
| + eax,
|
| + ecx,
|
| + ebx,
|
| + eax,
|
| + &miss,
|
| + &miss,
|
| + &miss);
|
| +
|
| + // Handle load cache miss.
|
| + __ bind(&miss);
|
| + Handle<Code> ic(Builtins::builtin(Builtins::KeyedLoadIC_Miss));
|
| + __ jmp(ic, RelocInfo::CODE_TARGET);
|
| +
|
| + // Return the generated code.
|
| + return GetCode(NORMAL, NULL);
|
| +}
|
| +
|
| +
|
| // Specialized stub for constructing objects from functions which only have only
|
| // simple assignments of the form this.x = ...; in their body.
|
| MaybeObject* ConstructStubCompiler::CompileConstructStub(JSFunction* function) {
|
| @@ -3286,6 +3361,364 @@
|
| }
|
|
|
|
|
| +MaybeObject* ExternalArrayStubCompiler::CompileKeyedLoadStub(
|
| + ExternalArrayType array_type, Code::Flags flags) {
|
| + // ----------- S t a t e -------------
|
| + // -- eax : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| + Label slow, failed_allocation;
|
| +
|
| + // Check that the object isn't a smi.
|
| + __ test(edx, Immediate(kSmiTagMask));
|
| + __ j(zero, &slow, not_taken);
|
| +
|
| + // Check that the key is a smi.
|
| + __ test(eax, Immediate(kSmiTagMask));
|
| + __ j(not_zero, &slow, not_taken);
|
| +
|
| + // Get the map of the receiver.
|
| + __ mov(ecx, FieldOperand(edx, HeapObject::kMapOffset));
|
| + // Check that the receiver does not require access checks. We need
|
| + // to check this explicitly since this generic stub does not perform
|
| + // map checks.
|
| + __ test_b(FieldOperand(ecx, Map::kBitFieldOffset),
|
| + 1 << Map::kIsAccessCheckNeeded);
|
| + __ j(not_zero, &slow, not_taken);
|
| +
|
| + __ CmpInstanceType(ecx, JS_OBJECT_TYPE);
|
| + __ j(not_equal, &slow, not_taken);
|
| +
|
| + // Check that the elements array is the appropriate type of
|
| + // ExternalArray.
|
| + __ mov(ebx, FieldOperand(edx, JSObject::kElementsOffset));
|
| + Handle<Map> map(Heap::MapForExternalArrayType(array_type));
|
| + __ cmp(FieldOperand(ebx, HeapObject::kMapOffset),
|
| + Immediate(map));
|
| + __ j(not_equal, &slow, not_taken);
|
| +
|
| + // eax: key, known to be a smi.
|
| + // edx: receiver, known to be a JSObject.
|
| + // ebx: elements object, known to be an external array.
|
| + // Check that the index is in range.
|
| + __ mov(ecx, eax);
|
| + __ SmiUntag(ecx); // Untag the index.
|
| + __ cmp(ecx, FieldOperand(ebx, ExternalArray::kLengthOffset));
|
| + // Unsigned comparison catches both negative and too-large values.
|
| + __ j(above_equal, &slow);
|
| +
|
| + __ mov(ebx, FieldOperand(ebx, ExternalArray::kExternalPointerOffset));
|
| + // ebx: base pointer of external storage
|
| + switch (array_type) {
|
| + case kExternalByteArray:
|
| + __ movsx_b(ecx, Operand(ebx, ecx, times_1, 0));
|
| + break;
|
| + case kExternalUnsignedByteArray:
|
| + __ movzx_b(ecx, Operand(ebx, ecx, times_1, 0));
|
| + break;
|
| + case kExternalShortArray:
|
| + __ movsx_w(ecx, Operand(ebx, ecx, times_2, 0));
|
| + break;
|
| + case kExternalUnsignedShortArray:
|
| + __ movzx_w(ecx, Operand(ebx, ecx, times_2, 0));
|
| + break;
|
| + case kExternalIntArray:
|
| + case kExternalUnsignedIntArray:
|
| + __ mov(ecx, Operand(ebx, ecx, times_4, 0));
|
| + break;
|
| + case kExternalFloatArray:
|
| + __ fld_s(Operand(ebx, ecx, times_4, 0));
|
| + break;
|
| + default:
|
| + UNREACHABLE();
|
| + break;
|
| + }
|
| +
|
| + // For integer array types:
|
| + // ecx: value
|
| + // For floating-point array type:
|
| + // FP(0): value
|
| +
|
| + if (array_type == kExternalIntArray ||
|
| + array_type == kExternalUnsignedIntArray) {
|
| + // For the Int and UnsignedInt array types, we need to see whether
|
| + // the value can be represented in a Smi. If not, we need to convert
|
| + // it to a HeapNumber.
|
| + Label box_int;
|
| + if (array_type == kExternalIntArray) {
|
| + __ cmp(ecx, 0xC0000000);
|
| + __ j(sign, &box_int);
|
| + } else {
|
| + ASSERT_EQ(array_type, kExternalUnsignedIntArray);
|
| + // The test is different for unsigned int values. Since we need
|
| + // the value to be in the range of a positive smi, we can't
|
| + // handle either of the top two bits being set in the value.
|
| + __ test(ecx, Immediate(0xC0000000));
|
| + __ j(not_zero, &box_int);
|
| + }
|
| +
|
| + __ mov(eax, ecx);
|
| + __ SmiTag(eax);
|
| + __ ret(0);
|
| +
|
| + __ bind(&box_int);
|
| +
|
| + // Allocate a HeapNumber for the int and perform int-to-double
|
| + // conversion.
|
| + if (array_type == kExternalIntArray) {
|
| + __ push(ecx);
|
| + __ fild_s(Operand(esp, 0));
|
| + __ pop(ecx);
|
| + } else {
|
| + ASSERT(array_type == kExternalUnsignedIntArray);
|
| + // Need to zero-extend the value.
|
| + // There's no fild variant for unsigned values, so zero-extend
|
| + // to a 64-bit int manually.
|
| + __ push(Immediate(0));
|
| + __ push(ecx);
|
| + __ fild_d(Operand(esp, 0));
|
| + __ pop(ecx);
|
| + __ pop(ecx);
|
| + }
|
| + // FP(0): value
|
| + __ AllocateHeapNumber(ecx, ebx, edi, &failed_allocation);
|
| + // Set the value.
|
| + __ mov(eax, ecx);
|
| + __ fstp_d(FieldOperand(eax, HeapNumber::kValueOffset));
|
| + __ ret(0);
|
| + } else if (array_type == kExternalFloatArray) {
|
| + // For the floating-point array type, we need to always allocate a
|
| + // HeapNumber.
|
| + __ AllocateHeapNumber(ecx, ebx, edi, &failed_allocation);
|
| + // Set the value.
|
| + __ mov(eax, ecx);
|
| + __ fstp_d(FieldOperand(eax, HeapNumber::kValueOffset));
|
| + __ ret(0);
|
| + } else {
|
| + __ mov(eax, ecx);
|
| + __ SmiTag(eax);
|
| + __ ret(0);
|
| + }
|
| +
|
| + // If we fail allocation of the HeapNumber, we still have a value on
|
| + // top of the FPU stack. Remove it.
|
| + __ bind(&failed_allocation);
|
| + __ ffree();
|
| + __ fincstp();
|
| + // Fall through to slow case.
|
| +
|
| + // Slow case: Jump to runtime.
|
| + __ bind(&slow);
|
| + __ IncrementCounter(&Counters::keyed_load_external_array_slow, 1);
|
| + // ----------- S t a t e -------------
|
| + // -- eax : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| +
|
| + __ pop(ebx);
|
| + __ push(edx); // receiver
|
| + __ push(eax); // name
|
| + __ push(ebx); // return address
|
| +
|
| + // Perform tail call to the entry.
|
| + __ TailCallRuntime(Runtime::kKeyedGetProperty, 2, 1);
|
| +
|
| + // Return the generated code.
|
| + return GetCode(flags);
|
| +}
|
| +
|
| +
|
| +MaybeObject* ExternalArrayStubCompiler::CompileKeyedStoreStub(
|
| + ExternalArrayType array_type, Code::Flags flags) {
|
| + // ----------- S t a t e -------------
|
| + // -- eax : value
|
| + // -- ecx : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| + Label slow, check_heap_number;
|
| +
|
| + // Check that the object isn't a smi.
|
| + __ test(edx, Immediate(kSmiTagMask));
|
| + __ j(zero, &slow);
|
| + // Get the map from the receiver.
|
| + __ mov(edi, FieldOperand(edx, HeapObject::kMapOffset));
|
| + // Check that the receiver does not require access checks. We need
|
| + // to do this because this generic stub does not perform map checks.
|
| + __ test_b(FieldOperand(edi, Map::kBitFieldOffset),
|
| + 1 << Map::kIsAccessCheckNeeded);
|
| + __ j(not_zero, &slow);
|
| + // Check that the key is a smi.
|
| + __ test(ecx, Immediate(kSmiTagMask));
|
| + __ j(not_zero, &slow);
|
| + // Get the instance type from the map of the receiver.
|
| + __ CmpInstanceType(edi, JS_OBJECT_TYPE);
|
| + __ j(not_equal, &slow);
|
| +
|
| + // Check that the elements array is the appropriate type of
|
| + // ExternalArray.
|
| + // eax: value
|
| + // edx: receiver, a JSObject
|
| + // ecx: key, a smi
|
| + __ mov(edi, FieldOperand(edx, JSObject::kElementsOffset));
|
| + __ CheckMap(edi, Handle<Map>(Heap::MapForExternalArrayType(array_type)),
|
| + &slow, true);
|
| +
|
| + // Check that the index is in range.
|
| + __ mov(ebx, ecx);
|
| + __ SmiUntag(ebx);
|
| + __ cmp(ebx, FieldOperand(edi, ExternalArray::kLengthOffset));
|
| + // Unsigned comparison catches both negative and too-large values.
|
| + __ j(above_equal, &slow);
|
| +
|
| + // Handle both smis and HeapNumbers in the fast path. Go to the
|
| + // runtime for all other kinds of values.
|
| + // eax: value
|
| + // edx: receiver
|
| + // ecx: key
|
| + // edi: elements array
|
| + // ebx: untagged index
|
| + __ test(eax, Immediate(kSmiTagMask));
|
| + __ j(not_equal, &check_heap_number);
|
| + // smi case
|
| + __ mov(ecx, eax); // Preserve the value in eax. Key is no longer needed.
|
| + __ SmiUntag(ecx);
|
| + __ mov(edi, FieldOperand(edi, ExternalArray::kExternalPointerOffset));
|
| + // ecx: base pointer of external storage
|
| + switch (array_type) {
|
| + case kExternalByteArray:
|
| + case kExternalUnsignedByteArray:
|
| + __ mov_b(Operand(edi, ebx, times_1, 0), ecx);
|
| + break;
|
| + case kExternalShortArray:
|
| + case kExternalUnsignedShortArray:
|
| + __ mov_w(Operand(edi, ebx, times_2, 0), ecx);
|
| + break;
|
| + case kExternalIntArray:
|
| + case kExternalUnsignedIntArray:
|
| + __ mov(Operand(edi, ebx, times_4, 0), ecx);
|
| + break;
|
| + case kExternalFloatArray:
|
| + // Need to perform int-to-float conversion.
|
| + __ push(ecx);
|
| + __ fild_s(Operand(esp, 0));
|
| + __ pop(ecx);
|
| + __ fstp_s(Operand(edi, ebx, times_4, 0));
|
| + break;
|
| + default:
|
| + UNREACHABLE();
|
| + break;
|
| + }
|
| + __ ret(0); // Return the original value.
|
| +
|
| + __ bind(&check_heap_number);
|
| + // eax: value
|
| + // edx: receiver
|
| + // ecx: key
|
| + // edi: elements array
|
| + // ebx: untagged index
|
| + __ cmp(FieldOperand(eax, HeapObject::kMapOffset),
|
| + Immediate(Factory::heap_number_map()));
|
| + __ j(not_equal, &slow);
|
| +
|
| + // The WebGL specification leaves the behavior of storing NaN and
|
| + // +/-Infinity into integer arrays basically undefined. For more
|
| + // reproducible behavior, convert these to zero.
|
| + __ mov(edi, FieldOperand(edi, ExternalArray::kExternalPointerOffset));
|
| + // ebx: untagged index
|
| + // edi: base pointer of external storage
|
| + if (array_type == kExternalFloatArray) {
|
| + __ fld_d(FieldOperand(eax, HeapNumber::kValueOffset));
|
| + __ fstp_s(Operand(edi, ebx, times_4, 0));
|
| + __ ret(0);
|
| + } else {
|
| + // Perform float-to-int conversion with truncation (round-to-zero)
|
| + // behavior.
|
| +
|
| + // For the moment we make the slow call to the runtime on
|
| + // processors that don't support SSE2. The code in IntegerConvert
|
| + // (code-stubs-ia32.cc) is roughly what is needed here though the
|
| + // conversion failure case does not need to be handled.
|
| + if (CpuFeatures::IsSupported(SSE2)) {
|
| + if (array_type != kExternalIntArray &&
|
| + array_type != kExternalUnsignedIntArray) {
|
| + ASSERT(CpuFeatures::IsSupported(SSE2));
|
| + CpuFeatures::Scope scope(SSE2);
|
| + __ cvttsd2si(ecx, FieldOperand(eax, HeapNumber::kValueOffset));
|
| + // ecx: untagged integer value
|
| + switch (array_type) {
|
| + case kExternalByteArray:
|
| + case kExternalUnsignedByteArray:
|
| + __ mov_b(Operand(edi, ebx, times_1, 0), ecx);
|
| + break;
|
| + case kExternalShortArray:
|
| + case kExternalUnsignedShortArray:
|
| + __ mov_w(Operand(edi, ebx, times_2, 0), ecx);
|
| + break;
|
| + default:
|
| + UNREACHABLE();
|
| + break;
|
| + }
|
| + } else {
|
| + if (CpuFeatures::IsSupported(SSE3)) {
|
| + CpuFeatures::Scope scope(SSE3);
|
| + // fisttp stores values as signed integers. To represent the
|
| + // entire range of int and unsigned int arrays, store as a
|
| + // 64-bit int and discard the high 32 bits.
|
| + // If the value is NaN or +/-infinity, the result is 0x80000000,
|
| + // which is automatically zero when taken mod 2^n, n < 32.
|
| + __ fld_d(FieldOperand(eax, HeapNumber::kValueOffset));
|
| + __ sub(Operand(esp), Immediate(2 * kPointerSize));
|
| + __ fisttp_d(Operand(esp, 0));
|
| + __ pop(ecx);
|
| + __ add(Operand(esp), Immediate(kPointerSize));
|
| + } else {
|
| + ASSERT(CpuFeatures::IsSupported(SSE2));
|
| + CpuFeatures::Scope scope(SSE2);
|
| + // We can easily implement the correct rounding behavior for the
|
| + // range [0, 2^31-1]. For the time being, to keep this code simple,
|
| + // make the slow runtime call for values outside this range.
|
| + // Note: we could do better for signed int arrays.
|
| + __ movd(xmm0, FieldOperand(eax, HeapNumber::kValueOffset));
|
| + // We will need the key if we have to make the slow runtime call.
|
| + __ push(ecx);
|
| + __ LoadPowerOf2(xmm1, ecx, 31);
|
| + __ pop(ecx);
|
| + __ ucomisd(xmm1, xmm0);
|
| + __ j(above_equal, &slow);
|
| + __ cvttsd2si(ecx, Operand(xmm0));
|
| + }
|
| + // ecx: untagged integer value
|
| + __ mov(Operand(edi, ebx, times_4, 0), ecx);
|
| + }
|
| + __ ret(0); // Return original value.
|
| + }
|
| + }
|
| +
|
| + // Slow case: call runtime.
|
| + __ bind(&slow);
|
| + // ----------- S t a t e -------------
|
| + // -- eax : value
|
| + // -- ecx : key
|
| + // -- edx : receiver
|
| + // -- esp[0] : return address
|
| + // -----------------------------------
|
| +
|
| + __ pop(ebx);
|
| + __ push(edx);
|
| + __ push(ecx);
|
| + __ push(eax);
|
| + __ push(ebx);
|
| +
|
| + // Do tail-call to runtime routine.
|
| + __ TailCallRuntime(Runtime::kSetProperty, 3, 1);
|
| +
|
| + return GetCode(flags);
|
| +}
|
| +
|
| +
|
| #undef __
|
|
|
| } } // namespace v8::internal
|
|
|
Chromium Code Reviews
Issue 6529032:
Merge 6168:6800 from bleeding_edge to experimental/gc branch. (Closed)
Base URL: http://v8.googlecode.com/svn/branches/experimental/gc/