Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / chromium_org / v8 / a53e8e03bcb23716d1025de362626f90f00da892 / . / src / arm / stub-cache-arm.cc
blob: 1ede12ce69b7ae313d0a6f90ebf03d9607aa4853 [file] [log] [blame]
erik.corry@gmail.comf2038fb2012-01-16 11:42:08 +0000[diff] [blame]1// Copyright 2012 the V8 project authors. All rights reserved.
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2// Redistribution and use in source and binary forms, with or without
3// modification, are permitted provided that the following conditions are
4// met:
5//
6// * Redistributions of source code must retain the above copyright
7// notice, this list of conditions and the following disclaimer.
8// * Redistributions in binary form must reproduce the above
9// copyright notice, this list of conditions and the following
10// disclaimer in the documentation and/or other materials provided
11// with the distribution.
12// * Neither the name of Google Inc. nor the names of its
13// contributors may be used to endorse or promote products derived
14// from this software without specific prior written permission.
15//
16// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
28#include "v8.h"
29
erik.corry@gmail.com9dfbea42010-05-21 12:58:28 +0000[diff] [blame]30#if defined(V8_TARGET_ARCH_ARM)
31
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]32#include "ic-inl.h"
karlklose@chromium.org44bc7082011-04-11 12:33:05 +0000[diff] [blame]33#include "codegen.h"
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]34#include "stub-cache.h"
35
kasperl@chromium.org71affb52009-05-26 05:44:31 +0000[diff] [blame]36namespace v8 {
37namespace internal {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]38
ager@chromium.org65dad4b2009-04-23 08:48:43 +0000[diff] [blame]39#define __ ACCESS_MASM(masm)
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]40
41
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]42static void ProbeTable(Isolate* isolate,
43 MacroAssembler* masm,
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]44 Code::Flags flags,
45 StubCache::Table table,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]46 Register receiver,
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]47 Register name,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]48 // Number of the cache entry, not scaled.
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]49 Register offset,
50 Register scratch,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]51 Register scratch2,
52 Register offset_scratch) {
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]53 ExternalReference key_offset(isolate->stub_cache()->key_reference(table));
54 ExternalReference value_offset(isolate->stub_cache()->value_reference(table));
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]55 ExternalReference map_offset(isolate->stub_cache()->map_reference(table));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]56
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]57 uint32_t key_off_addr = reinterpret_cast<uint32_t>(key_offset.address());
58 uint32_t value_off_addr = reinterpret_cast<uint32_t>(value_offset.address());
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]59 uint32_t map_off_addr = reinterpret_cast<uint32_t>(map_offset.address());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]60
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]61 // Check the relative positions of the address fields.
62 ASSERT(value_off_addr > key_off_addr);
63 ASSERT((value_off_addr - key_off_addr) % 4 == 0);
64 ASSERT((value_off_addr - key_off_addr) < (256 * 4));
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]65 ASSERT(map_off_addr > key_off_addr);
66 ASSERT((map_off_addr - key_off_addr) % 4 == 0);
67 ASSERT((map_off_addr - key_off_addr) < (256 * 4));
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]68
69 Label miss;
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]70 Register base_addr = scratch;
71 scratch = no_reg;
72
73 // Multiply by 3 because there are 3 fields per entry (name, code, map).
74 __ add(offset_scratch, offset, Operand(offset, LSL, 1));
75
76 // Calculate the base address of the entry.
77 __ mov(base_addr, Operand(key_offset));
78 __ add(base_addr, base_addr, Operand(offset_scratch, LSL, kPointerSizeLog2));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]79
80 // Check that the key in the entry matches the name.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]81 __ ldr(ip, MemOperand(base_addr, 0));
fschneider@chromium.org013f3e12010-04-26 13:27:52 +0000[diff] [blame]82 __ cmp(name, ip);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]83 __ b(ne, &miss);
84
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]85 // Check the map matches.
86 __ ldr(ip, MemOperand(base_addr, map_off_addr - key_off_addr));
87 __ ldr(scratch2, FieldMemOperand(receiver, HeapObject::kMapOffset));
88 __ cmp(ip, scratch2);
89 __ b(ne, &miss);
90
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]91 // Get the code entry from the cache.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]92 Register code = scratch2;
93 scratch2 = no_reg;
94 __ ldr(code, MemOperand(base_addr, value_off_addr - key_off_addr));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]95
96 // Check that the flags match what we're looking for.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]97 Register flags_reg = base_addr;
98 base_addr = no_reg;
99 __ ldr(flags_reg, FieldMemOperand(code, Code::kFlagsOffset));
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]100 // It's a nice optimization if this constant is encodable in the bic insn.
101
102 uint32_t mask = Code::kFlagsNotUsedInLookup;
103 ASSERT(__ ImmediateFitsAddrMode1Instruction(mask));
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]104 __ bic(flags_reg, flags_reg, Operand(mask));
svenpanne@chromium.org876cca82013-03-18 14:43:20 +0000[diff] [blame]105 __ cmp(flags_reg, Operand(flags));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]106 __ b(ne, &miss);
107
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]108#ifdef DEBUG
109 if (FLAG_test_secondary_stub_cache && table == StubCache::kPrimary) {
110 __ jmp(&miss);
111 } else if (FLAG_test_primary_stub_cache && table == StubCache::kSecondary) {
112 __ jmp(&miss);
113 }
114#endif
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]115
116 // Jump to the first instruction in the code stub.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]117 __ add(pc, code, Operand(Code::kHeaderSize - kHeapObjectTag));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]118
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]119 // Miss: fall through.
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]120 __ bind(&miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]121}
122
123
ager@chromium.org6a2b0aa2010-07-13 20:58:03 +0000[diff] [blame]124// Helper function used to check that the dictionary doesn't contain
125// the property. This function may return false negatives, so miss_label
126// must always call a backup property check that is complete.
127// This function is safe to call if the receiver has fast properties.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]128// Name must be unique and receiver must be a heap object.
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]129static void GenerateDictionaryNegativeLookup(MacroAssembler* masm,
130 Label* miss_label,
131 Register receiver,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]132 Handle<Name> name,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]133 Register scratch0,
134 Register scratch1) {
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]135 ASSERT(name->IsUniqueName());
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]136 Counters* counters = masm->isolate()->counters();
137 __ IncrementCounter(counters->negative_lookups(), 1, scratch0, scratch1);
138 __ IncrementCounter(counters->negative_lookups_miss(), 1, scratch0, scratch1);
139
140 Label done;
141
142 const int kInterceptorOrAccessCheckNeededMask =
143 (1 << Map::kHasNamedInterceptor) | (1 << Map::kIsAccessCheckNeeded);
144
145 // Bail out if the receiver has a named interceptor or requires access checks.
146 Register map = scratch1;
147 __ ldr(map, FieldMemOperand(receiver, HeapObject::kMapOffset));
148 __ ldrb(scratch0, FieldMemOperand(map, Map::kBitFieldOffset));
149 __ tst(scratch0, Operand(kInterceptorOrAccessCheckNeededMask));
150 __ b(ne, miss_label);
151
152 // Check that receiver is a JSObject.
153 __ ldrb(scratch0, FieldMemOperand(map, Map::kInstanceTypeOffset));
154 __ cmp(scratch0, Operand(FIRST_SPEC_OBJECT_TYPE));
155 __ b(lt, miss_label);
156
157 // Load properties array.
158 Register properties = scratch0;
159 __ ldr(properties, FieldMemOperand(receiver, JSObject::kPropertiesOffset));
160 // Check that the properties array is a dictionary.
161 __ ldr(map, FieldMemOperand(properties, HeapObject::kMapOffset));
162 Register tmp = properties;
163 __ LoadRoot(tmp, Heap::kHashTableMapRootIndex);
164 __ cmp(map, tmp);
165 __ b(ne, miss_label);
166
167 // Restore the temporarily used register.
168 __ ldr(properties, FieldMemOperand(receiver, JSObject::kPropertiesOffset));
169
170
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]171 NameDictionaryLookupStub::GenerateNegativeLookup(masm,
172 miss_label,
173 &done,
174 receiver,
175 properties,
176 name,
177 scratch1);
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]178 __ bind(&done);
179 __ DecrementCounter(counters->negative_lookups_miss(), 1, scratch0, scratch1);
180}
181
182
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]183void StubCache::GenerateProbe(MacroAssembler* masm,
184 Code::Flags flags,
185 Register receiver,
186 Register name,
kasperl@chromium.org86f77b72009-07-06 08:21:57 +0000[diff] [blame]187 Register scratch,
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]188 Register extra,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]189 Register extra2,
190 Register extra3) {
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]191 Isolate* isolate = masm->isolate();
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]192 Label miss;
193
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]194 // Make sure that code is valid. The multiplying code relies on the
195 // entry size being 12.
196 ASSERT(sizeof(Entry) == 12);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]197
198 // Make sure the flags does not name a specific type.
199 ASSERT(Code::ExtractTypeFromFlags(flags) == 0);
200
201 // Make sure that there are no register conflicts.
202 ASSERT(!scratch.is(receiver));
203 ASSERT(!scratch.is(name));
fschneider@chromium.orge03fb642010-11-01 12:34:09 +0000[diff] [blame]204 ASSERT(!extra.is(receiver));
205 ASSERT(!extra.is(name));
206 ASSERT(!extra.is(scratch));
207 ASSERT(!extra2.is(receiver));
208 ASSERT(!extra2.is(name));
209 ASSERT(!extra2.is(scratch));
210 ASSERT(!extra2.is(extra));
211
212 // Check scratch, extra and extra2 registers are valid.
213 ASSERT(!scratch.is(no_reg));
214 ASSERT(!extra.is(no_reg));
215 ASSERT(!extra2.is(no_reg));
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]216 ASSERT(!extra3.is(no_reg));
217
218 Counters* counters = masm->isolate()->counters();
219 __ IncrementCounter(counters->megamorphic_stub_cache_probes(), 1,
220 extra2, extra3);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]221
222 // Check that the receiver isn't a smi.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]223 __ JumpIfSmi(receiver, &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]224
225 // Get the map of the receiver and compute the hash.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]226 __ ldr(scratch, FieldMemOperand(name, Name::kHashFieldOffset));
ager@chromium.org7c537e22008-10-16 08:43:32 +0000[diff] [blame]227 __ ldr(ip, FieldMemOperand(receiver, HeapObject::kMapOffset));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]228 __ add(scratch, scratch, Operand(ip));
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]229 uint32_t mask = kPrimaryTableSize - 1;
230 // We shift out the last two bits because they are not part of the hash and
231 // they are always 01 for maps.
232 __ mov(scratch, Operand(scratch, LSR, kHeapObjectTagSize));
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]233 // Mask down the eor argument to the minimum to keep the immediate
234 // ARM-encodable.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]235 __ eor(scratch, scratch, Operand((flags >> kHeapObjectTagSize) & mask));
rossberg@chromium.org994edf62012-02-06 10:12:55 +0000[diff] [blame]236 // Prefer and_ to ubfx here because ubfx takes 2 cycles.
237 __ and_(scratch, scratch, Operand(mask));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]238
239 // Probe the primary table.
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]240 ProbeTable(isolate,
241 masm,
242 flags,
243 kPrimary,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]244 receiver,
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]245 name,
246 scratch,
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]247 extra,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]248 extra2,
249 extra3);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]250
251 // Primary miss: Compute hash for secondary probe.
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]252 __ sub(scratch, scratch, Operand(name, LSR, kHeapObjectTagSize));
253 uint32_t mask2 = kSecondaryTableSize - 1;
254 __ add(scratch, scratch, Operand((flags >> kHeapObjectTagSize) & mask2));
rossberg@chromium.org994edf62012-02-06 10:12:55 +0000[diff] [blame]255 __ and_(scratch, scratch, Operand(mask2));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]256
257 // Probe the secondary table.
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]258 ProbeTable(isolate,
259 masm,
260 flags,
261 kSecondary,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]262 receiver,
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]263 name,
264 scratch,
jkummerow@chromium.org1145ef82012-02-02 16:21:15 +0000[diff] [blame]265 extra,
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]266 extra2,
267 extra3);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]268
269 // Cache miss: Fall-through and let caller handle the miss by
270 // entering the runtime system.
271 __ bind(&miss);
ulan@chromium.org812308e2012-02-29 15:58:45 +0000[diff] [blame]272 __ IncrementCounter(counters->megamorphic_stub_cache_misses(), 1,
273 extra2, extra3);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]274}
275
276
277void StubCompiler::GenerateLoadGlobalFunctionPrototype(MacroAssembler* masm,
278 int index,
279 Register prototype) {
280 // Load the global or builtins object from the current context.
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]281 __ ldr(prototype,
yangguo@chromium.org46839fb2012-08-28 09:06:19 +0000[diff] [blame]282 MemOperand(cp, Context::SlotOffset(Context::GLOBAL_OBJECT_INDEX)));
283 // Load the native context from the global or builtins object.
284 __ ldr(prototype,
285 FieldMemOperand(prototype, GlobalObject::kNativeContextOffset));
286 // Load the function from the native context.
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]287 __ ldr(prototype, MemOperand(prototype, Context::SlotOffset(index)));
288 // Load the initial map. The global functions all have initial maps.
289 __ ldr(prototype,
290 FieldMemOperand(prototype, JSFunction::kPrototypeOrInitialMapOffset));
291 // Load the prototype from the initial map.
292 __ ldr(prototype, FieldMemOperand(prototype, Map::kPrototypeOffset));
293}
294
295
lrn@chromium.org1af7e1b2010-06-07 11:12:01 +0000[diff] [blame]296void StubCompiler::GenerateDirectLoadGlobalFunctionPrototype(
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]297 MacroAssembler* masm,
298 int index,
299 Register prototype,
300 Label* miss) {
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]301 Isolate* isolate = masm->isolate();
fschneider@chromium.orgc20610a2010-09-22 09:44:58 +0000[diff] [blame]302 // Check we're still in the same context.
yangguo@chromium.org46839fb2012-08-28 09:06:19 +0000[diff] [blame]303 __ ldr(prototype,
304 MemOperand(cp, Context::SlotOffset(Context::GLOBAL_OBJECT_INDEX)));
305 __ Move(ip, isolate->global_object());
fschneider@chromium.orgc20610a2010-09-22 09:44:58 +0000[diff] [blame]306 __ cmp(prototype, ip);
307 __ b(ne, miss);
lrn@chromium.org1af7e1b2010-06-07 11:12:01 +0000[diff] [blame]308 // Get the global function with the given index.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]309 Handle<JSFunction> function(
yangguo@chromium.org46839fb2012-08-28 09:06:19 +0000[diff] [blame]310 JSFunction::cast(isolate->native_context()->get(index)));
lrn@chromium.org1af7e1b2010-06-07 11:12:01 +0000[diff] [blame]311 // Load its initial map. The global functions all have initial maps.
312 __ Move(prototype, Handle<Map>(function->initial_map()));
313 // Load the prototype from the initial map.
314 __ ldr(prototype, FieldMemOperand(prototype, Map::kPrototypeOffset));
315}
316
317
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]318void StubCompiler::GenerateFastPropertyLoad(MacroAssembler* masm,
319 Register dst,
320 Register src,
321 bool inobject,
322 int index,
323 Representation representation) {
324 ASSERT(!FLAG_track_double_fields || !representation.IsDouble());
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]325 int offset = index * kPointerSize;
326 if (!inobject) {
327 // Calculate the offset into the properties array.
328 offset = offset + FixedArray::kHeaderSize;
329 __ ldr(dst, FieldMemOperand(src, JSObject::kPropertiesOffset));
330 src = dst;
ager@chromium.org7c537e22008-10-16 08:43:32 +0000[diff] [blame]331 }
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]332 __ ldr(dst, FieldMemOperand(src, offset));
ager@chromium.org7c537e22008-10-16 08:43:32 +0000[diff] [blame]333}
334
335
ager@chromium.org3bf7b912008-11-17 09:09:45 +0000[diff] [blame]336void StubCompiler::GenerateLoadArrayLength(MacroAssembler* masm,
337 Register receiver,
338 Register scratch,
339 Label* miss_label) {
340 // Check that the receiver isn't a smi.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]341 __ JumpIfSmi(receiver, miss_label);
ager@chromium.org3bf7b912008-11-17 09:09:45 +0000[diff] [blame]342
343 // Check that the object is a JS array.
ager@chromium.orgeadaf222009-06-16 09:43:10 +0000[diff] [blame]344 __ CompareObjectType(receiver, scratch, scratch, JS_ARRAY_TYPE);
ager@chromium.org3bf7b912008-11-17 09:09:45 +0000[diff] [blame]345 __ b(ne, miss_label);
346
347 // Load length directly from the JS array.
348 __ ldr(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
349 __ Ret();
350}
351
352
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]353// Generate code to check if an object is a string. If the object is a
354// heap object, its map's instance type is left in the scratch1 register.
355// If this is not needed, scratch1 and scratch2 may be the same register.
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]356static void GenerateStringCheck(MacroAssembler* masm,
357 Register receiver,
358 Register scratch1,
359 Register scratch2,
360 Label* smi,
361 Label* non_string_object) {
362 // Check that the receiver isn't a smi.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]363 __ JumpIfSmi(receiver, smi);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]364
365 // Check that the object is a string.
366 __ ldr(scratch1, FieldMemOperand(receiver, HeapObject::kMapOffset));
367 __ ldrb(scratch1, FieldMemOperand(scratch1, Map::kInstanceTypeOffset));
368 __ and_(scratch2, scratch1, Operand(kIsNotStringMask));
369 // The cast is to resolve the overload for the argument of 0x0.
370 __ cmp(scratch2, Operand(static_cast<int32_t>(kStringTag)));
371 __ b(ne, non_string_object);
372}
373
374
ager@chromium.org32912102009-01-16 10:38:43 +0000[diff] [blame]375// Generate code to load the length from a string object and return the length.
376// If the receiver object is not a string or a wrapped string object the
377// execution continues at the miss label. The register containing the
378// receiver is potentially clobbered.
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]379void StubCompiler::GenerateLoadStringLength(MacroAssembler* masm,
380 Register receiver,
381 Register scratch1,
382 Register scratch2,
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]383 Label* miss,
384 bool support_wrappers) {
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]385 Label check_wrapper;
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]386
387 // Check if the object is a string leaving the instance type in the
388 // scratch1 register.
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]389 GenerateStringCheck(masm, receiver, scratch1, scratch2, miss,
390 support_wrappers ? &check_wrapper : miss);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]391
392 // Load length directly from the string.
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]393 __ ldr(r0, FieldMemOperand(receiver, String::kLengthOffset));
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]394 __ Ret();
395
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]396 if (support_wrappers) {
397 // Check if the object is a JSValue wrapper.
398 __ bind(&check_wrapper);
399 __ cmp(scratch1, Operand(JS_VALUE_TYPE));
400 __ b(ne, miss);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]401
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]402 // Unwrap the value and check if the wrapped value is a string.
403 __ ldr(scratch1, FieldMemOperand(receiver, JSValue::kValueOffset));
404 GenerateStringCheck(masm, scratch1, scratch2, scratch2, miss, miss);
405 __ ldr(r0, FieldMemOperand(scratch1, String::kLengthOffset));
406 __ Ret();
407 }
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]408}
409
410
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]411void StubCompiler::GenerateLoadFunctionPrototype(MacroAssembler* masm,
412 Register receiver,
413 Register scratch1,
414 Register scratch2,
415 Label* miss_label) {
416 __ TryGetFunctionPrototype(receiver, scratch1, scratch2, miss_label);
417 __ mov(r0, scratch1);
418 __ Ret();
419}
420
421
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]422// Generate code to check that a global property cell is empty. Create
423// the property cell at compilation time if no cell exists for the
424// property.
425static void GenerateCheckPropertyCell(MacroAssembler* masm,
426 Handle<GlobalObject> global,
427 Handle<Name> name,
428 Register scratch,
429 Label* miss) {
430 Handle<JSGlobalPropertyCell> cell =
431 GlobalObject::EnsurePropertyCell(global, name);
432 ASSERT(cell->value()->IsTheHole());
433 __ mov(scratch, Operand(cell));
434 __ ldr(scratch,
435 FieldMemOperand(scratch, JSGlobalPropertyCell::kValueOffset));
436 __ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
437 __ cmp(scratch, ip);
438 __ b(ne, miss);
439}
440
441
442// Generate StoreTransition code, value is passed in r0 register.
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]443// When leaving generated code after success, the receiver_reg and name_reg
444// may be clobbered. Upon branch to miss_label, the receiver and name
445// registers have their original values.
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]446void StubCompiler::GenerateStoreTransition(MacroAssembler* masm,
447 Handle<JSObject> object,
448 LookupResult* lookup,
449 Handle<Map> transition,
450 Handle<Name> name,
451 Register receiver_reg,
452 Register name_reg,
453 Register value_reg,
454 Register scratch1,
455 Register scratch2,
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]456 Register scratch3,
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]457 Label* miss_label,
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]458 Label* miss_restore_name,
459 Label* slow) {
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]460 // r0 : value
461 Label exit;
462
erik.corry@gmail.comf2038fb2012-01-16 11:42:08 +0000[diff] [blame]463 // Check that the map of the object hasn't changed.
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]464 __ CheckMap(receiver_reg, scratch1, Handle<Map>(object->map()), miss_label,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]465 DO_SMI_CHECK);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]466
467 // Perform global security token check if needed.
468 if (object->IsJSGlobalProxy()) {
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]469 __ CheckAccessGlobalProxy(receiver_reg, scratch1, miss_label);
470 }
471
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]472 int descriptor = transition->LastAdded();
473 DescriptorArray* descriptors = transition->instance_descriptors();
474 PropertyDetails details = descriptors->GetDetails(descriptor);
475 Representation representation = details.representation();
476 ASSERT(!representation.IsNone());
477
478 // Ensure no transitions to deprecated maps are followed.
479 __ CheckMapDeprecated(transition, scratch1, miss_label);
480
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]481 // Check that we are allowed to write this.
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]482 if (object->GetPrototype()->IsJSObject()) {
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]483 JSObject* holder;
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]484 // holder == object indicates that no property was found.
485 if (lookup->holder() != *object) {
486 holder = lookup->holder();
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]487 } else {
488 // Find the top object.
489 holder = *object;
490 do {
491 holder = JSObject::cast(holder->GetPrototype());
492 } while (holder->GetPrototype()->IsJSObject());
493 }
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]494 Register holder_reg = CheckPrototypes(
495 object, receiver_reg, Handle<JSObject>(holder), name_reg,
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]496 scratch1, scratch2, name, miss_restore_name, SKIP_RECEIVER);
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]497 // If no property was found, and the holder (the last object in the
498 // prototype chain) is in slow mode, we need to do a negative lookup on the
499 // holder.
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]500 if (lookup->holder() == *object) {
501 if (holder->IsJSGlobalObject()) {
502 GenerateCheckPropertyCell(
503 masm,
504 Handle<GlobalObject>(GlobalObject::cast(holder)),
505 name,
506 scratch1,
507 miss_restore_name);
508 } else if (!holder->HasFastProperties() && !holder->IsJSGlobalProxy()) {
509 GenerateDictionaryNegativeLookup(
510 masm, miss_restore_name, holder_reg, name, scratch1, scratch2);
511 }
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]512 }
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]513 }
514
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]515 Register storage_reg = name_reg;
516
517 if (FLAG_track_fields && representation.IsSmi()) {
518 __ JumpIfNotSmi(value_reg, miss_restore_name);
ulan@chromium.org906e2fb2013-05-14 08:14:38 +0000[diff] [blame]519 } else if (FLAG_track_heap_object_fields && representation.IsHeapObject()) {
520 __ JumpIfSmi(value_reg, miss_restore_name);
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]521 } else if (FLAG_track_double_fields && representation.IsDouble()) {
522 Label do_store, heap_number;
523 __ LoadRoot(scratch3, Heap::kHeapNumberMapRootIndex);
524 __ AllocateHeapNumber(storage_reg, scratch1, scratch2, scratch3, slow);
525
526 __ JumpIfNotSmi(value_reg, &heap_number);
527 __ SmiUntag(scratch1, value_reg);
528 __ vmov(s0, scratch1);
529 __ vcvt_f64_s32(d0, s0);
530 __ jmp(&do_store);
531
532 __ bind(&heap_number);
533 __ CheckMap(value_reg, scratch1, Heap::kHeapNumberMapRootIndex,
534 miss_restore_name, DONT_DO_SMI_CHECK);
535 __ vldr(d0, FieldMemOperand(value_reg, HeapNumber::kValueOffset));
536
537 __ bind(&do_store);
538 __ vstr(d0, FieldMemOperand(storage_reg, HeapNumber::kValueOffset));
539 }
540
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]541 // Stub never generated for non-global objects that require access
542 // checks.
543 ASSERT(object->IsJSGlobalProxy() || !object->IsAccessCheckNeeded());
544
545 // Perform map transition for the receiver if necessary.
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]546 if (object->map()->unused_property_fields() == 0) {
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]547 // The properties must be extended before we can store the value.
ager@chromium.org32912102009-01-16 10:38:43 +0000[diff] [blame]548 // We jump to a runtime call that extends the properties array.
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]549 __ push(receiver_reg);
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]550 __ mov(r2, Operand(transition));
lrn@chromium.orgc34f5802010-04-28 12:53:43 +0000[diff] [blame]551 __ Push(r2, r0);
ager@chromium.orgce5e87b2010-03-10 10:24:18 +0000[diff] [blame]552 __ TailCallExternalReference(
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]553 ExternalReference(IC_Utility(IC::kSharedStoreIC_ExtendStorage),
554 masm->isolate()),
555 3,
556 1);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]557 return;
558 }
559
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]560 // Update the map of the object.
561 __ mov(scratch1, Operand(transition));
562 __ str(scratch1, FieldMemOperand(receiver_reg, HeapObject::kMapOffset));
verwaest@chromium.org37141392012-05-31 13:27:02 +0000[diff] [blame]563
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]564 // Update the write barrier for the map field and pass the now unused
565 // name_reg as scratch register.
566 __ RecordWriteField(receiver_reg,
567 HeapObject::kMapOffset,
568 scratch1,
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]569 scratch2,
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]570 kLRHasNotBeenSaved,
571 kDontSaveFPRegs,
572 OMIT_REMEMBERED_SET,
573 OMIT_SMI_CHECK);
574
575 int index = transition->instance_descriptors()->GetFieldIndex(
576 transition->LastAdded());
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]577
578 // Adjust for the number of properties stored in the object. Even in the
579 // face of a transition we can use the old map here because the size of the
580 // object and the number of in-object properties is not going to change.
581 index -= object->map()->inobject_properties();
582
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]583 // TODO(verwaest): Share this code as a code stub.
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]584 SmiCheck smi_check = representation.IsTagged()
585 ? INLINE_SMI_CHECK : OMIT_SMI_CHECK;
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]586 if (index < 0) {
587 // Set the property straight into the object.
588 int offset = object->map()->instance_size() + (index * kPointerSize);
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]589 if (FLAG_track_double_fields && representation.IsDouble()) {
590 __ str(storage_reg, FieldMemOperand(receiver_reg, offset));
591 } else {
592 __ str(value_reg, FieldMemOperand(receiver_reg, offset));
593 }
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]594
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]595 if (!FLAG_track_fields || !representation.IsSmi()) {
596 // Skip updating write barrier if storing a smi.
597 __ JumpIfSmi(value_reg, &exit);
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]598
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]599 // Update the write barrier for the array address.
600 // Pass the now unused name_reg as a scratch register.
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]601 if (!FLAG_track_double_fields || !representation.IsDouble()) {
602 __ mov(name_reg, value_reg);
603 } else {
604 ASSERT(storage_reg.is(name_reg));
605 }
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]606 __ RecordWriteField(receiver_reg,
607 offset,
608 name_reg,
609 scratch1,
610 kLRHasNotBeenSaved,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]611 kDontSaveFPRegs,
612 EMIT_REMEMBERED_SET,
613 smi_check);
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]614 }
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]615 } else {
616 // Write to the properties array.
617 int offset = index * kPointerSize + FixedArray::kHeaderSize;
618 // Get the properties array
619 __ ldr(scratch1,
620 FieldMemOperand(receiver_reg, JSObject::kPropertiesOffset));
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]621 if (FLAG_track_double_fields && representation.IsDouble()) {
622 __ str(storage_reg, FieldMemOperand(scratch1, offset));
623 } else {
624 __ str(value_reg, FieldMemOperand(scratch1, offset));
625 }
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]626
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]627 if (!FLAG_track_fields || !representation.IsSmi()) {
628 // Skip updating write barrier if storing a smi.
629 __ JumpIfSmi(value_reg, &exit);
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]630
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]631 // Update the write barrier for the array address.
632 // Ok to clobber receiver_reg and name_reg, since we return.
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]633 if (!FLAG_track_double_fields || !representation.IsDouble()) {
634 __ mov(name_reg, value_reg);
635 } else {
636 ASSERT(storage_reg.is(name_reg));
637 }
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]638 __ RecordWriteField(scratch1,
639 offset,
640 name_reg,
641 receiver_reg,
642 kLRHasNotBeenSaved,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]643 kDontSaveFPRegs,
644 EMIT_REMEMBERED_SET,
645 smi_check);
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]646 }
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]647 }
648
649 // Return the value (register r0).
650 ASSERT(value_reg.is(r0));
651 __ bind(&exit);
652 __ Ret();
653}
654
655
656// Generate StoreField code, value is passed in r0 register.
657// When leaving generated code after success, the receiver_reg and name_reg
658// may be clobbered. Upon branch to miss_label, the receiver and name
659// registers have their original values.
660void StubCompiler::GenerateStoreField(MacroAssembler* masm,
661 Handle<JSObject> object,
662 LookupResult* lookup,
663 Register receiver_reg,
664 Register name_reg,
665 Register value_reg,
666 Register scratch1,
667 Register scratch2,
668 Label* miss_label) {
669 // r0 : value
670 Label exit;
671
672 // Check that the map of the object hasn't changed.
673 __ CheckMap(receiver_reg, scratch1, Handle<Map>(object->map()), miss_label,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]674 DO_SMI_CHECK);
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]675
676 // Perform global security token check if needed.
677 if (object->IsJSGlobalProxy()) {
678 __ CheckAccessGlobalProxy(receiver_reg, scratch1, miss_label);
679 }
680
681 // Stub never generated for non-global objects that require access
682 // checks.
683 ASSERT(object->IsJSGlobalProxy() || !object->IsAccessCheckNeeded());
684
685 int index = lookup->GetFieldIndex().field_index();
686
687 // Adjust for the number of properties stored in the object. Even in the
688 // face of a transition we can use the old map here because the size of the
689 // object and the number of in-object properties is not going to change.
690 index -= object->map()->inobject_properties();
691
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]692 Representation representation = lookup->representation();
693 ASSERT(!representation.IsNone());
694 if (FLAG_track_fields && representation.IsSmi()) {
695 __ JumpIfNotSmi(value_reg, miss_label);
ulan@chromium.org906e2fb2013-05-14 08:14:38 +0000[diff] [blame]696 } else if (FLAG_track_heap_object_fields && representation.IsHeapObject()) {
697 __ JumpIfSmi(value_reg, miss_label);
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]698 } else if (FLAG_track_double_fields && representation.IsDouble()) {
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]699 // Load the double storage.
700 if (index < 0) {
701 int offset = object->map()->instance_size() + (index * kPointerSize);
702 __ ldr(scratch1, FieldMemOperand(receiver_reg, offset));
703 } else {
704 __ ldr(scratch1,
705 FieldMemOperand(receiver_reg, JSObject::kPropertiesOffset));
706 int offset = index * kPointerSize + FixedArray::kHeaderSize;
707 __ ldr(scratch1, FieldMemOperand(scratch1, offset));
708 }
709
710 // Store the value into the storage.
711 Label do_store, heap_number;
712 __ JumpIfNotSmi(value_reg, &heap_number);
713 __ SmiUntag(scratch2, value_reg);
714 __ vmov(s0, scratch2);
715 __ vcvt_f64_s32(d0, s0);
716 __ jmp(&do_store);
717
718 __ bind(&heap_number);
719 __ CheckMap(value_reg, scratch2, Heap::kHeapNumberMapRootIndex,
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]720 miss_label, DONT_DO_SMI_CHECK);
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]721 __ vldr(d0, FieldMemOperand(value_reg, HeapNumber::kValueOffset));
722
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]723 __ bind(&do_store);
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]724 __ vstr(d0, FieldMemOperand(scratch1, HeapNumber::kValueOffset));
725 // Return the value (register r0).
726 ASSERT(value_reg.is(r0));
727 __ Ret();
728 return;
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]729 }
730
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]731 // TODO(verwaest): Share this code as a code stub.
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]732 SmiCheck smi_check = representation.IsTagged()
733 ? INLINE_SMI_CHECK : OMIT_SMI_CHECK;
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]734 if (index < 0) {
735 // Set the property straight into the object.
736 int offset = object->map()->instance_size() + (index * kPointerSize);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]737 __ str(value_reg, FieldMemOperand(receiver_reg, offset));
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]738
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]739 if (!FLAG_track_fields || !representation.IsSmi()) {
740 // Skip updating write barrier if storing a smi.
741 __ JumpIfSmi(value_reg, &exit);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]742
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]743 // Update the write barrier for the array address.
744 // Pass the now unused name_reg as a scratch register.
745 __ mov(name_reg, value_reg);
746 __ RecordWriteField(receiver_reg,
747 offset,
748 name_reg,
749 scratch1,
750 kLRHasNotBeenSaved,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]751 kDontSaveFPRegs,
752 EMIT_REMEMBERED_SET,
753 smi_check);
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]754 }
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]755 } else {
756 // Write to the properties array.
kasperl@chromium.orge959c182009-07-27 08:59:04 +0000[diff] [blame]757 int offset = index * kPointerSize + FixedArray::kHeaderSize;
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]758 // Get the properties array
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]759 __ ldr(scratch1,
760 FieldMemOperand(receiver_reg, JSObject::kPropertiesOffset));
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]761 __ str(value_reg, FieldMemOperand(scratch1, offset));
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]762
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]763 if (!FLAG_track_fields || !representation.IsSmi()) {
764 // Skip updating write barrier if storing a smi.
765 __ JumpIfSmi(value_reg, &exit);
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]766
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]767 // Update the write barrier for the array address.
768 // Ok to clobber receiver_reg and name_reg, since we return.
769 __ mov(name_reg, value_reg);
770 __ RecordWriteField(scratch1,
771 offset,
772 name_reg,
773 receiver_reg,
774 kLRHasNotBeenSaved,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]775 kDontSaveFPRegs,
776 EMIT_REMEMBERED_SET,
777 smi_check);
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]778 }
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]779 }
780
781 // Return the value (register r0).
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]782 ASSERT(value_reg.is(r0));
ager@chromium.orga74f0da2008-12-03 16:05:52 +0000[diff] [blame]783 __ bind(&exit);
784 __ Ret();
785}
786
787
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]788void BaseStoreStubCompiler::GenerateRestoreName(MacroAssembler* masm,
789 Label* label,
790 Handle<Name> name) {
791 if (!label->is_unused()) {
792 __ bind(label);
793 __ mov(this->name(), Operand(name));
794 }
mvstanton@chromium.orgd16d8532013-01-25 13:29:10 +0000[diff] [blame]795}
796
797
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]798static void GenerateCallFunction(MacroAssembler* masm,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]799 Handle<Object> object,
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]800 const ParameterCount& arguments,
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]801 Label* miss,
802 Code::ExtraICState extra_ic_state) {
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]803 // ----------- S t a t e -------------
804 // -- r0: receiver
805 // -- r1: function to call
806 // -----------------------------------
807
808 // Check that the function really is a function.
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]809 __ JumpIfSmi(r1, miss);
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]810 __ CompareObjectType(r1, r3, r3, JS_FUNCTION_TYPE);
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]811 __ b(ne, miss);
812
813 // Patch the receiver on the stack with the global proxy if
814 // necessary.
815 if (object->IsGlobalObject()) {
816 __ ldr(r3, FieldMemOperand(r0, GlobalObject::kGlobalReceiverOffset));
817 __ str(r3, MemOperand(sp, arguments.immediate() * kPointerSize));
818 }
819
820 // Invoke the function.
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]821 CallKind call_kind = CallICBase::Contextual::decode(extra_ic_state)
822 ? CALL_AS_FUNCTION
823 : CALL_AS_METHOD;
824 __ InvokeFunction(r1, arguments, JUMP_FUNCTION, NullCallWrapper(), call_kind);
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]825}
826
827
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]828static void PushInterceptorArguments(MacroAssembler* masm,
829 Register receiver,
830 Register holder,
831 Register name,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]832 Handle<JSObject> holder_obj) {
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]833 __ push(name);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]834 Handle<InterceptorInfo> interceptor(holder_obj->GetNamedInterceptor());
835 ASSERT(!masm->isolate()->heap()->InNewSpace(*interceptor));
ager@chromium.orgb26c50a2010-03-26 09:27:16 +0000[diff] [blame]836 Register scratch = name;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]837 __ mov(scratch, Operand(interceptor));
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]838 __ push(scratch);
ager@chromium.orgb26c50a2010-03-26 09:27:16 +0000[diff] [blame]839 __ push(receiver);
840 __ push(holder);
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]841 __ ldr(scratch, FieldMemOperand(scratch, InterceptorInfo::kDataOffset));
842 __ push(scratch);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]843 __ mov(scratch, Operand(ExternalReference::isolate_address(masm->isolate())));
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]844 __ push(scratch);
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]845}
846
847
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]848static void CompileCallLoadPropertyWithInterceptor(
849 MacroAssembler* masm,
850 Register receiver,
851 Register holder,
852 Register name,
853 Handle<JSObject> holder_obj) {
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]854 PushInterceptorArguments(masm, receiver, holder, name, holder_obj);
855
856 ExternalReference ref =
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]857 ExternalReference(IC_Utility(IC::kLoadPropertyWithInterceptorOnly),
858 masm->isolate());
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]859 __ mov(r0, Operand(6));
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]860 __ mov(r1, Operand(ref));
861
862 CEntryStub stub(1);
863 __ CallStub(&stub);
864}
865
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]866
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]867static const int kFastApiCallArguments = FunctionCallbackArguments::kArgsLength;
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]868
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]869// Reserves space for the extra arguments to API function in the
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]870// caller's frame.
871//
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]872// These arguments are set by CheckPrototypes and GenerateFastApiDirectCall.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]873static void ReserveSpaceForFastApiCall(MacroAssembler* masm,
874 Register scratch) {
875 __ mov(scratch, Operand(Smi::FromInt(0)));
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]876 for (int i = 0; i < kFastApiCallArguments; i++) {
877 __ push(scratch);
878 }
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]879}
880
881
882// Undoes the effects of ReserveSpaceForFastApiCall.
883static void FreeSpaceForFastApiCall(MacroAssembler* masm) {
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]884 __ Drop(kFastApiCallArguments);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]885}
886
887
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]888static void GenerateFastApiDirectCall(MacroAssembler* masm,
889 const CallOptimization& optimization,
890 int argc) {
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]891 // ----------- S t a t e -------------
892 // -- sp[0] : holder (set by CheckPrototypes)
ulan@chromium.org2efb9002012-01-19 15:36:35 +0000[diff] [blame]893 // -- sp[4] : callee JS function
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]894 // -- sp[8] : call data
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]895 // -- sp[12] : isolate
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]896 // -- sp[16] : ReturnValue
897 // -- sp[20] : last JS argument
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]898 // -- ...
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]899 // -- sp[(argc + 4) * 4] : first JS argument
900 // -- sp[(argc + 5) * 4] : receiver
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]901 // -----------------------------------
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]902 // Get the function and setup the context.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]903 Handle<JSFunction> function = optimization.constant_function();
ricow@chromium.org64e3a4b2011-12-13 08:07:27 +0000[diff] [blame]904 __ LoadHeapObject(r5, function);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]905 __ ldr(cp, FieldMemOperand(r5, JSFunction::kContextOffset));
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]906
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]907 // Pass the additional arguments.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]908 Handle<CallHandlerInfo> api_call_info = optimization.api_call_info();
ulan@chromium.org09d7ab52013-02-25 15:50:35 +0000[diff] [blame]909 Handle<Object> call_data(api_call_info->data(), masm->isolate());
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]910 if (masm->isolate()->heap()->InNewSpace(*call_data)) {
911 __ Move(r0, api_call_info);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]912 __ ldr(r6, FieldMemOperand(r0, CallHandlerInfo::kDataOffset));
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]913 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]914 __ Move(r6, call_data);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]915 }
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]916 __ mov(r7, Operand(ExternalReference::isolate_address(masm->isolate())));
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]917 // Store JS function, call data, isolate and ReturnValue.
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]918 __ stm(ib, sp, r5.bit() | r6.bit() | r7.bit());
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]919 __ LoadRoot(r5, Heap::kUndefinedValueRootIndex);
920 __ str(r5, MemOperand(sp, 4 * kPointerSize));
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]921
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]922 // Prepare arguments.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]923 __ add(r2, sp, Operand(4 * kPointerSize));
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]924
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]925 // Allocate the v8::Arguments structure in the arguments' space since
926 // it's not controlled by GC.
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]927 const int kApiStackSpace = 4;
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]928
929 FrameScope frame_scope(masm, StackFrame::MANUAL);
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]930 __ EnterExitFrame(false, kApiStackSpace);
931
932 // r0 = v8::Arguments&
933 // Arguments is after the return address.
934 __ add(r0, sp, Operand(1 * kPointerSize));
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]935 // v8::Arguments::implicit_args_
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]936 __ str(r2, MemOperand(r0, 0 * kPointerSize));
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]937 // v8::Arguments::values_
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]938 __ add(ip, r2, Operand(argc * kPointerSize));
939 __ str(ip, MemOperand(r0, 1 * kPointerSize));
940 // v8::Arguments::length_ = argc
941 __ mov(ip, Operand(argc));
942 __ str(ip, MemOperand(r0, 2 * kPointerSize));
943 // v8::Arguments::is_construct_call = 0
jkummerow@chromium.org59297c72013-01-09 16:32:23 +0000[diff] [blame]944 __ mov(ip, Operand::Zero());
ricow@chromium.org83aa5492011-02-07 12:42:56 +0000[diff] [blame]945 __ str(ip, MemOperand(r0, 3 * kPointerSize));
946
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]947 const int kStackUnwindSpace = argc + kFastApiCallArguments + 1;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]948 Address function_address = v8::ToCData<Address>(api_call_info->callback());
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]949 bool returns_handle =
950 !CallbackTable::ReturnsVoid(masm->isolate(), function_address);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]951 ApiFunction fun(function_address);
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]952 ExternalReference::Type type =
953 returns_handle ?
954 ExternalReference::DIRECT_API_CALL :
955 ExternalReference::DIRECT_API_CALL_NEW;
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]956 ExternalReference ref = ExternalReference(&fun,
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]957 type,
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]958 masm->isolate());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]959 AllowExternalCallThatCantCauseGC scope(masm);
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]960 __ CallApiFunctionAndReturn(ref,
961 kStackUnwindSpace,
962 returns_handle,
963 kFastApiCallArguments + 1);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]964}
965
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]966
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]967class CallInterceptorCompiler BASE_EMBEDDED {
968 public:
969 CallInterceptorCompiler(StubCompiler* stub_compiler,
970 const ParameterCount& arguments,
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]971 Register name,
972 Code::ExtraICState extra_ic_state)
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]973 : stub_compiler_(stub_compiler),
974 arguments_(arguments),
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]975 name_(name),
976 extra_ic_state_(extra_ic_state) {}
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]977
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]978 void Compile(MacroAssembler* masm,
979 Handle<JSObject> object,
980 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]981 Handle<Name> name,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]982 LookupResult* lookup,
983 Register receiver,
984 Register scratch1,
985 Register scratch2,
986 Register scratch3,
987 Label* miss) {
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]988 ASSERT(holder->HasNamedInterceptor());
989 ASSERT(!holder->GetNamedInterceptor()->getter()->IsUndefined());
990
991 // Check that the receiver isn't a smi.
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]992 __ JumpIfSmi(receiver, miss);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]993 CallOptimization optimization(lookup);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]994 if (optimization.is_constant_call()) {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]995 CompileCacheable(masm, object, receiver, scratch1, scratch2, scratch3,
996 holder, lookup, name, optimization, miss);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]997 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]998 CompileRegular(masm, object, receiver, scratch1, scratch2, scratch3,
999 name, holder, miss);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1000 }
1001 }
1002
1003 private:
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1004 void CompileCacheable(MacroAssembler* masm,
1005 Handle<JSObject> object,
1006 Register receiver,
1007 Register scratch1,
1008 Register scratch2,
1009 Register scratch3,
1010 Handle<JSObject> interceptor_holder,
1011 LookupResult* lookup,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1012 Handle<Name> name,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1013 const CallOptimization& optimization,
1014 Label* miss_label) {
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1015 ASSERT(optimization.is_constant_call());
1016 ASSERT(!lookup->holder()->IsGlobalObject());
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]1017 Counters* counters = masm->isolate()->counters();
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1018 int depth1 = kInvalidProtoDepth;
1019 int depth2 = kInvalidProtoDepth;
1020 bool can_do_fast_api_call = false;
1021 if (optimization.is_simple_api_call() &&
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1022 !lookup->holder()->IsGlobalObject()) {
1023 depth1 = optimization.GetPrototypeDepthOfExpectedType(
1024 object, interceptor_holder);
1025 if (depth1 == kInvalidProtoDepth) {
1026 depth2 = optimization.GetPrototypeDepthOfExpectedType(
1027 interceptor_holder, Handle<JSObject>(lookup->holder()));
1028 }
1029 can_do_fast_api_call =
1030 depth1 != kInvalidProtoDepth || depth2 != kInvalidProtoDepth;
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1031 }
1032
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]1033 __ IncrementCounter(counters->call_const_interceptor(), 1,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1034 scratch1, scratch2);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1035
1036 if (can_do_fast_api_call) {
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]1037 __ IncrementCounter(counters->call_const_interceptor_fast_api(), 1,
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1038 scratch1, scratch2);
1039 ReserveSpaceForFastApiCall(masm, scratch1);
1040 }
1041
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1042 // Check that the maps from receiver to interceptor's holder
1043 // haven't changed and thus we can invoke interceptor.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1044 Label miss_cleanup;
1045 Label* miss = can_do_fast_api_call ? &miss_cleanup : miss_label;
1046 Register holder =
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1047 stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
1048 scratch1, scratch2, scratch3,
1049 name, depth1, miss);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1050
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1051 // Invoke an interceptor and if it provides a value,
1052 // branch to |regular_invoke|.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1053 Label regular_invoke;
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1054 LoadWithInterceptor(masm, receiver, holder, interceptor_holder, scratch2,
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1055 &regular_invoke);
1056
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1057 // Interceptor returned nothing for this property. Try to use cached
1058 // constant function.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1059
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1060 // Check that the maps from interceptor's holder to constant function's
1061 // holder haven't changed and thus we can use cached constant function.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1062 if (*interceptor_holder != lookup->holder()) {
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1063 stub_compiler_->CheckPrototypes(interceptor_holder, receiver,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1064 Handle<JSObject>(lookup->holder()),
1065 scratch1, scratch2, scratch3,
1066 name, depth2, miss);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1067 } else {
1068 // CheckPrototypes has a side effect of fetching a 'holder'
1069 // for API (object which is instanceof for the signature). It's
1070 // safe to omit it here, as if present, it should be fetched
1071 // by the previous CheckPrototypes.
1072 ASSERT(depth2 == kInvalidProtoDepth);
1073 }
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1074
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1075 // Invoke function.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1076 if (can_do_fast_api_call) {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1077 GenerateFastApiDirectCall(masm, optimization, arguments_.immediate());
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1078 } else {
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]1079 CallKind call_kind = CallICBase::Contextual::decode(extra_ic_state_)
1080 ? CALL_AS_FUNCTION
1081 : CALL_AS_METHOD;
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1082 Handle<JSFunction> function = optimization.constant_function();
1083 ParameterCount expected(function);
1084 __ InvokeFunction(function, expected, arguments_,
ulan@chromium.org2efb9002012-01-19 15:36:35 +0000[diff] [blame]1085 JUMP_FUNCTION, NullCallWrapper(), call_kind);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1086 }
1087
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1088 // Deferred code for fast API call case---clean preallocated space.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1089 if (can_do_fast_api_call) {
1090 __ bind(&miss_cleanup);
1091 FreeSpaceForFastApiCall(masm);
1092 __ b(miss_label);
1093 }
1094
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1095 // Invoke a regular function.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1096 __ bind(&regular_invoke);
1097 if (can_do_fast_api_call) {
1098 FreeSpaceForFastApiCall(masm);
1099 }
1100 }
1101
1102 void CompileRegular(MacroAssembler* masm,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1103 Handle<JSObject> object,
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1104 Register receiver,
1105 Register scratch1,
1106 Register scratch2,
ager@chromium.org6a2b0aa2010-07-13 20:58:03 +0000[diff] [blame]1107 Register scratch3,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1108 Handle<Name> name,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1109 Handle<JSObject> interceptor_holder,
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1110 Label* miss_label) {
1111 Register holder =
kmillikin@chromium.org9155e252010-05-26 13:27:57 +0000[diff] [blame]1112 stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1113 scratch1, scratch2, scratch3,
1114 name, miss_label);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1115
1116 // Call a runtime function to load the interceptor property.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1117 FrameScope scope(masm, StackFrame::INTERNAL);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1118 // Save the name_ register across the call.
1119 __ push(name_);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1120 PushInterceptorArguments(masm, receiver, holder, name_, interceptor_holder);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1121 __ CallExternalReference(
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]1122 ExternalReference(IC_Utility(IC::kLoadPropertyWithInterceptorForCall),
1123 masm->isolate()),
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]1124 6);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1125 // Restore the name_ register.
1126 __ pop(name_);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1127 // Leave the internal frame.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1128 }
1129
1130 void LoadWithInterceptor(MacroAssembler* masm,
1131 Register receiver,
1132 Register holder,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1133 Handle<JSObject> holder_obj,
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1134 Register scratch,
1135 Label* interceptor_succeeded) {
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1136 {
1137 FrameScope scope(masm, StackFrame::INTERNAL);
1138 __ Push(holder, name_);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1139 CompileCallLoadPropertyWithInterceptor(masm,
1140 receiver,
1141 holder,
1142 name_,
1143 holder_obj);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1144 __ pop(name_); // Restore the name.
1145 __ pop(receiver); // Restore the holder.
1146 }
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1147 // If interceptor returns no-result sentinel, call the constant function.
1148 __ LoadRoot(scratch, Heap::kNoInterceptorResultSentinelRootIndex);
1149 __ cmp(r0, scratch);
1150 __ b(ne, interceptor_succeeded);
1151 }
1152
1153 StubCompiler* stub_compiler_;
1154 const ParameterCount& arguments_;
1155 Register name_;
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]1156 Code::ExtraICState extra_ic_state_;
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]1157};
1158
1159
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]1160// Calls GenerateCheckPropertyCell for each global object in the prototype chain
1161// from object to (but not including) holder.
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1162static void GenerateCheckPropertyCells(MacroAssembler* masm,
1163 Handle<JSObject> object,
1164 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1165 Handle<Name> name,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1166 Register scratch,
1167 Label* miss) {
1168 Handle<JSObject> current = object;
1169 while (!current.is_identical_to(holder)) {
1170 if (current->IsGlobalObject()) {
1171 GenerateCheckPropertyCell(masm,
1172 Handle<GlobalObject>::cast(current),
1173 name,
1174 scratch,
1175 miss);
1176 }
1177 current = Handle<JSObject>(JSObject::cast(current->GetPrototype()));
1178 }
1179}
1180
1181
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]1182// Convert and store int passed in register ival to IEEE 754 single precision
1183// floating point value at memory location (dst + 4 * wordoffset)
1184// If VFP3 is available use it for conversion.
1185static void StoreIntAsFloat(MacroAssembler* masm,
1186 Register dst,
1187 Register wordoffset,
1188 Register ival,
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]1189 Register scratch1) {
1190 __ vmov(s0, ival);
1191 __ add(scratch1, dst, Operand(wordoffset, LSL, 2));
1192 __ vcvt_f32_s32(s0, s0);
1193 __ vstr(s0, scratch1, 0);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]1194}
1195
1196
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]1197void StubCompiler::GenerateTailCall(MacroAssembler* masm, Handle<Code> code) {
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1198 __ Jump(code, RelocInfo::CODE_TARGET);
1199}
1200
1201
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]1202#undef __
1203#define __ ACCESS_MASM(masm())
1204
1205
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1206Register StubCompiler::CheckPrototypes(Handle<JSObject> object,
1207 Register object_reg,
1208 Handle<JSObject> holder,
1209 Register holder_reg,
1210 Register scratch1,
1211 Register scratch2,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1212 Handle<Name> name,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1213 int save_at_depth,
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1214 Label* miss,
1215 PrototypeCheckType check) {
1216 Handle<JSObject> first = object;
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1217 // Make sure there's no overlap between holder and object registers.
1218 ASSERT(!scratch1.is(object_reg) && !scratch1.is(holder_reg));
1219 ASSERT(!scratch2.is(object_reg) && !scratch2.is(holder_reg)
1220 && !scratch2.is(scratch1));
1221
1222 // Keep track of the current object in register reg.
1223 Register reg = object_reg;
1224 int depth = 0;
1225
1226 if (save_at_depth == depth) {
1227 __ str(reg, MemOperand(sp));
1228 }
1229
1230 // Check the maps in the prototype chain.
1231 // Traverse the prototype chain from the object and do map checks.
1232 Handle<JSObject> current = object;
1233 while (!current.is_identical_to(holder)) {
1234 ++depth;
1235
1236 // Only global objects and objects that do not require access
1237 // checks are allowed in stubs.
1238 ASSERT(current->IsJSGlobalProxy() || !current->IsAccessCheckNeeded());
1239
1240 Handle<JSObject> prototype(JSObject::cast(current->GetPrototype()));
1241 if (!current->HasFastProperties() &&
1242 !current->IsJSGlobalObject() &&
1243 !current->IsJSGlobalProxy()) {
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1244 if (!name->IsUniqueName()) {
1245 ASSERT(name->IsString());
1246 name = factory()->InternalizeString(Handle<String>::cast(name));
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1247 }
1248 ASSERT(current->property_dictionary()->FindEntry(*name) ==
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1249 NameDictionary::kNotFound);
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1250
1251 GenerateDictionaryNegativeLookup(masm(), miss, reg, name,
1252 scratch1, scratch2);
1253
1254 __ ldr(scratch1, FieldMemOperand(reg, HeapObject::kMapOffset));
1255 reg = holder_reg; // From now on the object will be in holder_reg.
1256 __ ldr(reg, FieldMemOperand(scratch1, Map::kPrototypeOffset));
1257 } else {
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1258 Register map_reg = scratch1;
1259 if (!current.is_identical_to(first) || check == CHECK_ALL_MAPS) {
1260 Handle<Map> current_map(current->map());
1261 // CheckMap implicitly loads the map of |reg| into |map_reg|.
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]1262 __ CheckMap(reg, map_reg, current_map, miss, DONT_DO_SMI_CHECK);
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1263 } else {
1264 __ ldr(map_reg, FieldMemOperand(reg, HeapObject::kMapOffset));
1265 }
erik.corry@gmail.comf2038fb2012-01-16 11:42:08 +0000[diff] [blame]1266
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1267 // Check access rights to the global object. This has to happen after
1268 // the map check so that we know that the object is actually a global
1269 // object.
1270 if (current->IsJSGlobalProxy()) {
1271 __ CheckAccessGlobalProxy(reg, scratch2, miss);
1272 }
1273 reg = holder_reg; // From now on the object will be in holder_reg.
1274
1275 if (heap()->InNewSpace(*prototype)) {
1276 // The prototype is in new space; we cannot store a reference to it
1277 // in the code. Load it from the map.
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1278 __ ldr(reg, FieldMemOperand(map_reg, Map::kPrototypeOffset));
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1279 } else {
1280 // The prototype is in old space; load it directly.
1281 __ mov(reg, Operand(prototype));
1282 }
1283 }
1284
1285 if (save_at_depth == depth) {
1286 __ str(reg, MemOperand(sp));
1287 }
1288
1289 // Go to the next object in the prototype chain.
1290 current = prototype;
1291 }
1292
1293 // Log the check depth.
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1294 LOG(isolate(), IntEvent("check-maps-depth", depth + 1));
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1295
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1296 if (!holder.is_identical_to(first) || check == CHECK_ALL_MAPS) {
1297 // Check the holder map.
1298 __ CheckMap(reg, scratch1, Handle<Map>(holder->map()), miss,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]1299 DONT_DO_SMI_CHECK);
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1300 }
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1301
1302 // Perform security check for access to the global object.
1303 ASSERT(holder->IsJSGlobalProxy() || !holder->IsAccessCheckNeeded());
1304 if (holder->IsJSGlobalProxy()) {
1305 __ CheckAccessGlobalProxy(reg, scratch1, miss);
1306 }
1307
1308 // If we've skipped any global objects, it's not enough to verify that
1309 // their maps haven't changed. We also need to check that the property
1310 // cell for the property is still empty.
1311 GenerateCheckPropertyCells(masm(), object, holder, name, scratch1, miss);
1312
1313 // Return the register containing the holder.
1314 return reg;
1315}
1316
1317
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1318void BaseLoadStubCompiler::HandlerFrontendFooter(Label* success,
1319 Label* miss) {
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1320 if (!miss->is_unused()) {
1321 __ b(success);
1322 __ bind(miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]1323 TailCallBuiltin(masm(), MissBuiltin(kind()));
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1324 }
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1325}
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1326
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1327
1328Register BaseLoadStubCompiler::CallbackHandlerFrontend(
1329 Handle<JSObject> object,
1330 Register object_reg,
1331 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1332 Handle<Name> name,
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1333 Label* success,
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1334 Handle<ExecutableAccessorInfo> callback) {
1335 Label miss;
1336
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]1337 Register reg = HandlerFrontendHeader(object, object_reg, holder, name, &miss);
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1338
1339 if (!holder->HasFastProperties() && !holder->IsJSGlobalObject()) {
1340 ASSERT(!reg.is(scratch2()));
1341 ASSERT(!reg.is(scratch3()));
1342 ASSERT(!reg.is(scratch4()));
1343
1344 // Load the properties dictionary.
1345 Register dictionary = scratch4();
1346 __ ldr(dictionary, FieldMemOperand(reg, JSObject::kPropertiesOffset));
1347
1348 // Probe the dictionary.
1349 Label probe_done;
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1350 NameDictionaryLookupStub::GeneratePositiveLookup(masm(),
1351 &miss,
1352 &probe_done,
1353 dictionary,
1354 this->name(),
1355 scratch2(),
1356 scratch3());
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1357 __ bind(&probe_done);
1358
1359 // If probing finds an entry in the dictionary, scratch3 contains the
1360 // pointer into the dictionary. Check that the value is the callback.
1361 Register pointer = scratch3();
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1362 const int kElementsStartOffset = NameDictionary::kHeaderSize +
1363 NameDictionary::kElementsStartIndex * kPointerSize;
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1364 const int kValueOffset = kElementsStartOffset + kPointerSize;
1365 __ ldr(scratch2(), FieldMemOperand(pointer, kValueOffset));
1366 __ cmp(scratch2(), Operand(callback));
1367 __ b(ne, &miss);
1368 }
1369
1370 HandlerFrontendFooter(success, &miss);
1371 return reg;
1372}
1373
1374
1375void BaseLoadStubCompiler::NonexistentHandlerFrontend(
1376 Handle<JSObject> object,
1377 Handle<JSObject> last,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1378 Handle<Name> name,
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1379 Label* success,
1380 Handle<GlobalObject> global) {
1381 Label miss;
1382
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]1383 HandlerFrontendHeader(object, receiver(), last, name, &miss);
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1384
1385 // If the last object in the prototype chain is a global object,
1386 // check that the global property cell is empty.
1387 if (!global.is_null()) {
1388 GenerateCheckPropertyCell(masm(), global, name, scratch2(), &miss);
1389 }
1390
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1391 HandlerFrontendFooter(success, &miss);
1392}
1393
1394
1395void BaseLoadStubCompiler::GenerateLoadField(Register reg,
1396 Handle<JSObject> holder,
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]1397 PropertyIndex field,
1398 Representation representation) {
1399 if (!reg.is(receiver())) __ mov(receiver(), reg);
1400 if (kind() == Code::LOAD_IC) {
1401 LoadFieldStub stub(field.is_inobject(holder),
1402 field.translate(holder),
1403 representation);
1404 GenerateTailCall(masm(), stub.GetCode(isolate()));
1405 } else {
1406 KeyedLoadFieldStub stub(field.is_inobject(holder),
1407 field.translate(holder),
1408 representation);
1409 GenerateTailCall(masm(), stub.GetCode(isolate()));
1410 }
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1411}
1412
1413
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1414void BaseLoadStubCompiler::GenerateLoadConstant(Handle<JSFunction> value) {
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1415 // Return the constant value.
ricow@chromium.org64e3a4b2011-12-13 08:07:27 +0000[diff] [blame]1416 __ LoadHeapObject(r0, value);
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1417 __ Ret();
1418}
1419
1420
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1421void BaseLoadStubCompiler::GenerateLoadCallback(
1422 Register reg,
1423 Handle<ExecutableAccessorInfo> callback) {
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1424 // Build AccessorInfo::args_ list on the stack and push property name below
1425 // the exit frame to make GC aware of them and store pointers to them.
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1426 __ push(receiver());
1427 __ mov(scratch2(), sp); // scratch2 = AccessorInfo::args_
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1428 if (heap()->InNewSpace(callback->data())) {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1429 __ Move(scratch3(), callback);
1430 __ ldr(scratch3(), FieldMemOperand(scratch3(),
1431 ExecutableAccessorInfo::kDataOffset));
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1432 } else {
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1433 __ Move(scratch3(), Handle<Object>(callback->data(), isolate()));
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1434 }
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1435 __ Push(reg, scratch3());
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1436 __ mov(scratch3(),
1437 Operand(ExternalReference::isolate_address(isolate())));
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1438 __ LoadRoot(scratch4(), Heap::kUndefinedValueRootIndex);
1439 __ Push(scratch3(), scratch4(), name());
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1440 __ mov(r0, sp); // r0 = Handle<Name>
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1441
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1442 const int kApiStackSpace = 1;
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1443 FrameScope frame_scope(masm(), StackFrame::MANUAL);
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1444 __ EnterExitFrame(false, kApiStackSpace);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1445
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1446 // Create AccessorInfo instance on the stack above the exit frame with
erik.corry@gmail.comf2038fb2012-01-16 11:42:08 +0000[diff] [blame]1447 // scratch2 (internal::Object** args_) as the data.
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1448 __ str(scratch2(), MemOperand(sp, 1 * kPointerSize));
vegorov@chromium.org5d6c1f52011-02-28 13:13:38 +0000[diff] [blame]1449 __ add(r1, sp, Operand(1 * kPointerSize)); // r1 = AccessorInfo&
1450
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1451 const int kStackUnwindSpace = kFastApiCallArguments + 1;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1452 Address getter_address = v8::ToCData<Address>(callback->getter());
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1453 bool returns_handle =
1454 !CallbackTable::ReturnsVoid(isolate(), getter_address);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1455 ApiFunction fun(getter_address);
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1456 ExternalReference::Type type =
1457 returns_handle ?
1458 ExternalReference::DIRECT_GETTER_CALL :
1459 ExternalReference::DIRECT_GETTER_CALL_NEW;
1460
1461 ExternalReference ref = ExternalReference(&fun, type, isolate());
1462 __ CallApiFunctionAndReturn(ref,
1463 kStackUnwindSpace,
1464 returns_handle,
1465 3);
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1466}
1467
1468
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1469void BaseLoadStubCompiler::GenerateLoadInterceptor(
1470 Register holder_reg,
1471 Handle<JSObject> object,
1472 Handle<JSObject> interceptor_holder,
1473 LookupResult* lookup,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1474 Handle<Name> name) {
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1475 ASSERT(interceptor_holder->HasNamedInterceptor());
1476 ASSERT(!interceptor_holder->GetNamedInterceptor()->getter()->IsUndefined());
1477
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1478 // So far the most popular follow ups for interceptor loads are FIELD
1479 // and CALLBACKS, so inline only them, other cases may be added
1480 // later.
1481 bool compile_followup_inline = false;
jkummerow@chromium.org05ed9dd2012-01-23 14:42:48 +0000[diff] [blame]1482 if (lookup->IsFound() && lookup->IsCacheable()) {
yangguo@chromium.orgde0db002012-06-22 13:44:28 +0000[diff] [blame]1483 if (lookup->IsField()) {
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1484 compile_followup_inline = true;
1485 } else if (lookup->type() == CALLBACKS &&
hpayer@chromium.org7c3372b2013-02-13 17:26:04 +0000[diff] [blame]1486 lookup->GetCallbackObject()->IsExecutableAccessorInfo()) {
1487 ExecutableAccessorInfo* callback =
1488 ExecutableAccessorInfo::cast(lookup->GetCallbackObject());
mmassi@chromium.org7028c052012-06-13 11:51:58 +0000[diff] [blame]1489 compile_followup_inline = callback->getter() != NULL &&
1490 callback->IsCompatibleReceiver(*object);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1491 }
1492 }
1493
1494 if (compile_followup_inline) {
1495 // Compile the interceptor call, followed by inline code to load the
1496 // property from further up the prototype chain if the call fails.
1497 // Check that the maps haven't changed.
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1498 ASSERT(holder_reg.is(receiver()) || holder_reg.is(scratch1()));
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1499
jkummerow@chromium.org212d9642012-05-11 15:02:09 +0000[diff] [blame]1500 // Preserve the receiver register explicitly whenever it is different from
1501 // the holder and it is needed should the interceptor return without any
1502 // result. The CALLBACKS case needs the receiver to be passed into C++ code,
1503 // the FIELD case might cause a miss during the prototype check.
1504 bool must_perfrom_prototype_check = *interceptor_holder != lookup->holder();
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1505 bool must_preserve_receiver_reg = !receiver().is(holder_reg) &&
jkummerow@chromium.org212d9642012-05-11 15:02:09 +0000[diff] [blame]1506 (lookup->type() == CALLBACKS || must_perfrom_prototype_check);
1507
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1508 // Save necessary data before invoking an interceptor.
1509 // Requires a frame to make GC aware of pushed pointers.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1510 {
1511 FrameScope frame_scope(masm(), StackFrame::INTERNAL);
jkummerow@chromium.org212d9642012-05-11 15:02:09 +0000[diff] [blame]1512 if (must_preserve_receiver_reg) {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1513 __ Push(receiver(), holder_reg, this->name());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1514 } else {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1515 __ Push(holder_reg, this->name());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1516 }
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1517 // Invoke an interceptor. Note: map checks from receiver to
1518 // interceptor's holder has been compiled before (see a caller
1519 // of this method.)
1520 CompileCallLoadPropertyWithInterceptor(masm(),
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1521 receiver(),
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1522 holder_reg,
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1523 this->name(),
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1524 interceptor_holder);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1525 // Check if interceptor provided a value for property. If it's
1526 // the case, return immediately.
1527 Label interceptor_failed;
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1528 __ LoadRoot(scratch1(), Heap::kNoInterceptorResultSentinelRootIndex);
1529 __ cmp(r0, scratch1());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1530 __ b(eq, &interceptor_failed);
1531 frame_scope.GenerateLeaveFrame();
1532 __ Ret();
1533
1534 __ bind(&interceptor_failed);
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1535 __ pop(this->name());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1536 __ pop(holder_reg);
jkummerow@chromium.org212d9642012-05-11 15:02:09 +0000[diff] [blame]1537 if (must_preserve_receiver_reg) {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1538 __ pop(receiver());
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1539 }
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1540 // Leave the internal frame.
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1541 }
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1542
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1543 GenerateLoadPostInterceptor(holder_reg, interceptor_holder, name, lookup);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1544 } else { // !compile_followup_inline
1545 // Call the runtime system to load the interceptor.
1546 // Check that the maps haven't changed.
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]1547 PushInterceptorArguments(masm(), receiver(), holder_reg,
1548 this->name(), interceptor_holder);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1549
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]1550 ExternalReference ref =
1551 ExternalReference(IC_Utility(IC::kLoadPropertyWithInterceptorForLoad),
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1552 isolate());
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]1553 __ TailCallExternalReference(ref, 6, 1);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]1554 }
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]1555}
1556
1557
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1558void CallStubCompiler::GenerateNameCheck(Handle<Name> name, Label* miss) {
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]1559 if (kind_ == Code::KEYED_CALL_IC) {
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1560 __ cmp(r2, Operand(name));
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]1561 __ b(ne, miss);
1562 }
1563}
1564
1565
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1566void CallStubCompiler::GenerateGlobalReceiverCheck(Handle<JSObject> object,
1567 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1568 Handle<Name> name,
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1569 Label* miss) {
1570 ASSERT(holder->IsGlobalObject());
1571
1572 // Get the number of arguments.
1573 const int argc = arguments().immediate();
1574
1575 // Get the receiver from the stack.
1576 __ ldr(r0, MemOperand(sp, argc * kPointerSize));
1577
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1578 // Check that the maps haven't changed.
mstarzinger@chromium.org3233d2f2012-03-14 11:16:03 +0000[diff] [blame]1579 __ JumpIfSmi(r0, miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1580 CheckPrototypes(object, r0, holder, r3, r1, r4, name, miss);
1581}
1582
1583
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1584void CallStubCompiler::GenerateLoadFunctionFromCell(
1585 Handle<JSGlobalPropertyCell> cell,
1586 Handle<JSFunction> function,
1587 Label* miss) {
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1588 // Get the value from the cell.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1589 __ mov(r3, Operand(cell));
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1590 __ ldr(r1, FieldMemOperand(r3, JSGlobalPropertyCell::kValueOffset));
1591
1592 // Check that the cell contains the same function.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1593 if (heap()->InNewSpace(*function)) {
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1594 // We can't embed a pointer to a function in new space so we have
1595 // to verify that the shared function info is unchanged. This has
1596 // the nice side effect that multiple closures based on the same
1597 // function can all use this call IC. Before we load through the
1598 // function, we have to verify that it still is a function.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]1599 __ JumpIfSmi(r1, miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1600 __ CompareObjectType(r1, r3, r3, JS_FUNCTION_TYPE);
1601 __ b(ne, miss);
1602
1603 // Check the shared function info. Make sure it hasn't changed.
1604 __ Move(r3, Handle<SharedFunctionInfo>(function->shared()));
1605 __ ldr(r4, FieldMemOperand(r1, JSFunction::kSharedFunctionInfoOffset));
1606 __ cmp(r4, r3);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1607 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1608 __ cmp(r1, Operand(function));
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1609 }
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1610 __ b(ne, miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1611}
1612
1613
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1614void CallStubCompiler::GenerateMissBranch() {
1615 Handle<Code> code =
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]1616 isolate()->stub_cache()->ComputeCallMiss(arguments().immediate(),
1617 kind_,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1618 extra_state_);
1619 __ Jump(code, RelocInfo::CODE_TARGET);
1620}
1621
1622
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1623Handle<Code> CallStubCompiler::CompileCallField(Handle<JSObject> object,
1624 Handle<JSObject> holder,
yangguo@chromium.orgeeb44b62012-11-13 13:56:09 +0000[diff] [blame]1625 PropertyIndex index,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]1626 Handle<Name> name) {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1627 // ----------- S t a t e -------------
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]1628 // -- r2 : name
1629 // -- lr : return address
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1630 // -----------------------------------
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1631 Label miss;
1632
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]1633 GenerateNameCheck(name, &miss);
1634
mads.s.ager31e71382008-08-13 09:32:07 +0000[diff] [blame]1635 const int argc = arguments().immediate();
1636
kasperl@chromium.org9fe21c62008-10-28 08:53:51 +0000[diff] [blame]1637 // Get the receiver of the function from the stack into r0.
1638 __ ldr(r0, MemOperand(sp, argc * kPointerSize));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1639 // Check that the receiver isn't a smi.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]1640 __ JumpIfSmi(r0, &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1641
1642 // Do the right check and compute the holder register.
ager@chromium.org6a2b0aa2010-07-13 20:58:03 +0000[diff] [blame]1643 Register reg = CheckPrototypes(object, r0, holder, r1, r3, r4, name, &miss);
ulan@chromium.org57ff8812013-05-10 08:16:55 +0000[diff] [blame]1644 GenerateFastPropertyLoad(masm(), r1, reg, index.is_inobject(holder),
1645 index.translate(holder), Representation::Tagged());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1646
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1647 GenerateCallFunction(masm(), object, arguments(), &miss, extra_state_);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1648
1649 // Handle call cache miss.
1650 __ bind(&miss);
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]1651 GenerateMissBranch();
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1652
1653 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]1654 return GetCode(Code::FIELD, name);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]1655}
1656
1657
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1658Handle<Code> CallStubCompiler::CompileArrayPushCall(
1659 Handle<Object> object,
1660 Handle<JSObject> holder,
1661 Handle<JSGlobalPropertyCell> cell,
1662 Handle<JSFunction> function,
1663 Handle<String> name) {
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1664 // ----------- S t a t e -------------
1665 // -- r2 : name
1666 // -- lr : return address
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1667 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
1668 // -- ...
1669 // -- sp[argc * 4] : receiver
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1670 // -----------------------------------
1671
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1672 // If object is not an array, bail out to regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1673 if (!object->IsJSArray() || !cell.is_null()) return Handle<Code>::null();
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1674
1675 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1676 GenerateNameCheck(name, &miss);
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]1677
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1678 Register receiver = r1;
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1679 // Get the receiver from the stack
1680 const int argc = arguments().immediate();
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1681 __ ldr(receiver, MemOperand(sp, argc * kPointerSize));
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1682
1683 // Check that the receiver isn't a smi.
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]1684 __ JumpIfSmi(receiver, &miss);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1685
1686 // Check that the maps haven't changed.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1687 CheckPrototypes(Handle<JSObject>::cast(object), receiver, holder, r3, r0, r4,
1688 name, &miss);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1689
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1690 if (argc == 0) {
1691 // Nothing to do, just return the length.
1692 __ ldr(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
1693 __ Drop(argc + 1);
1694 __ Ret();
1695 } else {
1696 Label call_builtin;
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1697
1698 if (argc == 1) { // Otherwise fall through to call the builtin.
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1699 Label attempt_to_grow_elements, with_write_barrier, check_double;
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1700
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1701 Register elements = r6;
1702 Register end_elements = r5;
1703 // Get the elements array of the object.
1704 __ ldr(elements, FieldMemOperand(receiver, JSArray::kElementsOffset));
1705
1706 // Check that the elements are in fast mode and writable.
1707 __ CheckMap(elements,
1708 r0,
1709 Heap::kFixedArrayMapRootIndex,
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1710 &check_double,
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1711 DONT_DO_SMI_CHECK);
1712
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1713 // Get the array's length into r0 and calculate new length.
1714 __ ldr(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1715 __ add(r0, r0, Operand(Smi::FromInt(argc)));
1716
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1717 // Get the elements' length.
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1718 __ ldr(r4, FieldMemOperand(elements, FixedArray::kLengthOffset));
1719
1720 // Check if we could survive without allocation.
1721 __ cmp(r0, r4);
1722 __ b(gt, &attempt_to_grow_elements);
1723
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1724 // Check if value is a smi.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1725 __ ldr(r4, MemOperand(sp, (argc - 1) * kPointerSize));
1726 __ JumpIfNotSmi(r4, &with_write_barrier);
1727
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1728 // Save new length.
1729 __ str(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
1730
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1731 // Store the value.
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1732 // We may need a register containing the address end_elements below,
1733 // so write back the value in end_elements.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1734 __ add(end_elements, elements, Operand::PointerOffsetFromSmiKey(r0));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1735 const int kEndElementsOffset =
1736 FixedArray::kHeaderSize - kHeapObjectTag - argc * kPointerSize;
1737 __ str(r4, MemOperand(end_elements, kEndElementsOffset, PreIndex));
1738
1739 // Check for a smi.
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1740 __ Drop(argc + 1);
1741 __ Ret();
1742
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1743 __ bind(&check_double);
1744
1745 // Check that the elements are in fast mode and writable.
1746 __ CheckMap(elements,
1747 r0,
1748 Heap::kFixedDoubleArrayMapRootIndex,
1749 &call_builtin,
1750 DONT_DO_SMI_CHECK);
1751
1752 // Get the array's length into r0 and calculate new length.
1753 __ ldr(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1754 __ add(r0, r0, Operand(Smi::FromInt(argc)));
1755
1756 // Get the elements' length.
1757 __ ldr(r4, FieldMemOperand(elements, FixedArray::kLengthOffset));
1758
1759 // Check if we could survive without allocation.
1760 __ cmp(r0, r4);
1761 __ b(gt, &call_builtin);
1762
1763 __ ldr(r4, MemOperand(sp, (argc - 1) * kPointerSize));
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1764 __ StoreNumberToDoubleElements(r4, r0, elements, r5,
1765 &call_builtin, argc * kDoubleSize);
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1766
1767 // Save new length.
1768 __ str(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
1769
1770 // Check for a smi.
1771 __ Drop(argc + 1);
1772 __ Ret();
1773
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1774 __ bind(&with_write_barrier);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1775
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1776 __ ldr(r3, FieldMemOperand(receiver, HeapObject::kMapOffset));
1777
1778 if (FLAG_smi_only_arrays && !FLAG_trace_elements_transitions) {
1779 Label fast_object, not_fast_object;
1780 __ CheckFastObjectElements(r3, r7, &not_fast_object);
1781 __ jmp(&fast_object);
1782 // In case of fast smi-only, convert to fast object, otherwise bail out.
1783 __ bind(&not_fast_object);
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]1784 __ CheckFastSmiElements(r3, r7, &call_builtin);
yangguo@chromium.orgfb377212012-11-16 14:43:43 +0000[diff] [blame]1785
1786 __ ldr(r7, FieldMemOperand(r4, HeapObject::kMapOffset));
1787 __ LoadRoot(ip, Heap::kHeapNumberMapRootIndex);
1788 __ cmp(r7, ip);
1789 __ b(eq, &call_builtin);
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1790 // edx: receiver
1791 // r3: map
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]1792 Label try_holey_map;
1793 __ LoadTransitionedArrayMapConditional(FAST_SMI_ELEMENTS,
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1794 FAST_ELEMENTS,
1795 r3,
1796 r7,
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]1797 &try_holey_map);
1798 __ mov(r2, receiver);
1799 ElementsTransitionGenerator::
yangguo@chromium.org46a2a512013-01-18 16:29:40 +0000[diff] [blame]1800 GenerateMapChangeElementsTransition(masm(),
1801 DONT_TRACK_ALLOCATION_SITE,
1802 NULL);
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]1803 __ jmp(&fast_object);
1804
1805 __ bind(&try_holey_map);
1806 __ LoadTransitionedArrayMapConditional(FAST_HOLEY_SMI_ELEMENTS,
1807 FAST_HOLEY_ELEMENTS,
1808 r3,
1809 r7,
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1810 &call_builtin);
1811 __ mov(r2, receiver);
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]1812 ElementsTransitionGenerator::
yangguo@chromium.org46a2a512013-01-18 16:29:40 +0000[diff] [blame]1813 GenerateMapChangeElementsTransition(masm(),
1814 DONT_TRACK_ALLOCATION_SITE,
1815 NULL);
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1816 __ bind(&fast_object);
1817 } else {
1818 __ CheckFastObjectElements(r3, r3, &call_builtin);
1819 }
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1820
1821 // Save new length.
1822 __ str(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
1823
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1824 // Store the value.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1825 // We may need a register containing the address end_elements below,
1826 // so write back the value in end_elements.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1827 __ add(end_elements, elements, Operand::PointerOffsetFromSmiKey(r0));
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1828 __ str(r4, MemOperand(end_elements, kEndElementsOffset, PreIndex));
1829
1830 __ RecordWrite(elements,
1831 end_elements,
1832 r4,
1833 kLRHasNotBeenSaved,
1834 kDontSaveFPRegs,
1835 EMIT_REMEMBERED_SET,
1836 OMIT_SMI_CHECK);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1837 __ Drop(argc + 1);
1838 __ Ret();
1839
1840 __ bind(&attempt_to_grow_elements);
1841 // r0: array's length + 1.
1842 // r4: elements' length.
1843
1844 if (!FLAG_inline_new) {
1845 __ b(&call_builtin);
1846 }
1847
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1848 __ ldr(r2, MemOperand(sp, (argc - 1) * kPointerSize));
svenpanne@chromium.orga8bb4d92011-10-10 13:20:40 +0000[diff] [blame]1849 // Growing elements that are SMI-only requires special handling in case
1850 // the new element is non-Smi. For now, delegate to the builtin.
1851 Label no_fast_elements_check;
1852 __ JumpIfSmi(r2, &no_fast_elements_check);
1853 __ ldr(r7, FieldMemOperand(receiver, HeapObject::kMapOffset));
1854 __ CheckFastObjectElements(r7, r7, &call_builtin);
1855 __ bind(&no_fast_elements_check);
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1856
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1857 ExternalReference new_space_allocation_top =
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1858 ExternalReference::new_space_allocation_top_address(isolate());
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1859 ExternalReference new_space_allocation_limit =
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1860 ExternalReference::new_space_allocation_limit_address(isolate());
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1861
1862 const int kAllocationDelta = 4;
1863 // Load top and check if it is the end of elements.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1864 __ add(end_elements, elements, Operand::PointerOffsetFromSmiKey(r0));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1865 __ add(end_elements, end_elements, Operand(kEndElementsOffset));
1866 __ mov(r7, Operand(new_space_allocation_top));
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1867 __ ldr(r3, MemOperand(r7));
1868 __ cmp(end_elements, r3);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1869 __ b(ne, &call_builtin);
1870
1871 __ mov(r9, Operand(new_space_allocation_limit));
1872 __ ldr(r9, MemOperand(r9));
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1873 __ add(r3, r3, Operand(kAllocationDelta * kPointerSize));
1874 __ cmp(r3, r9);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1875 __ b(hi, &call_builtin);
1876
1877 // We fit and could grow elements.
1878 // Update new_space_allocation_top.
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1879 __ str(r3, MemOperand(r7));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1880 // Push the argument.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]1881 __ str(r2, MemOperand(end_elements));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1882 // Fill the rest with holes.
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1883 __ LoadRoot(r3, Heap::kTheHoleValueRootIndex);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1884 for (int i = 1; i < kAllocationDelta; i++) {
yangguo@chromium.org78d1ad42012-02-09 13:53:47 +0000[diff] [blame]1885 __ str(r3, MemOperand(end_elements, i * kPointerSize));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1886 }
1887
1888 // Update elements' and array's sizes.
1889 __ str(r0, FieldMemOperand(receiver, JSArray::kLengthOffset));
1890 __ add(r4, r4, Operand(Smi::FromInt(kAllocationDelta)));
1891 __ str(r4, FieldMemOperand(elements, FixedArray::kLengthOffset));
1892
1893 // Elements are in new space, so write barrier is not required.
1894 __ Drop(argc + 1);
1895 __ Ret();
1896 }
1897 __ bind(&call_builtin);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1898 __ TailCallExternalReference(
1899 ExternalReference(Builtins::c_ArrayPush, isolate()), argc + 1, 1);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1900 }
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1901
1902 // Handle call cache miss.
1903 __ bind(&miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1904 GenerateMissBranch();
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1905
1906 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1907 return GetCode(function);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1908}
1909
1910
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1911Handle<Code> CallStubCompiler::CompileArrayPopCall(
1912 Handle<Object> object,
1913 Handle<JSObject> holder,
1914 Handle<JSGlobalPropertyCell> cell,
1915 Handle<JSFunction> function,
1916 Handle<String> name) {
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1917 // ----------- S t a t e -------------
1918 // -- r2 : name
1919 // -- lr : return address
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1920 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
1921 // -- ...
1922 // -- sp[argc * 4] : receiver
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1923 // -----------------------------------
1924
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]1925 // If object is not an array, bail out to regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1926 if (!object->IsJSArray() || !cell.is_null()) return Handle<Code>::null();
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1927
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1928 Label miss, return_undefined, call_builtin;
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1929 Register receiver = r1;
1930 Register elements = r3;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1931 GenerateNameCheck(name, &miss);
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]1932
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1933 // Get the receiver from the stack
1934 const int argc = arguments().immediate();
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1935 __ ldr(receiver, MemOperand(sp, argc * kPointerSize));
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1936 // Check that the receiver isn't a smi.
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]1937 __ JumpIfSmi(receiver, &miss);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1938
1939 // Check that the maps haven't changed.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1940 CheckPrototypes(Handle<JSObject>::cast(object), receiver, holder, elements,
1941 r4, r0, name, &miss);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1942
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1943 // Get the elements array of the object.
1944 __ ldr(elements, FieldMemOperand(receiver, JSArray::kElementsOffset));
1945
1946 // Check that the elements are in fast mode and writable.
kmillikin@chromium.orgc53e10d2011-05-18 09:12:58 +0000[diff] [blame]1947 __ CheckMap(elements,
1948 r0,
1949 Heap::kFixedArrayMapRootIndex,
1950 &call_builtin,
1951 DONT_DO_SMI_CHECK);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1952
1953 // Get the array's length into r4 and calculate new length.
1954 __ ldr(r4, FieldMemOperand(receiver, JSArray::kLengthOffset));
1955 __ sub(r4, r4, Operand(Smi::FromInt(1)), SetCC);
1956 __ b(lt, &return_undefined);
1957
1958 // Get the last element.
1959 __ LoadRoot(r6, Heap::kTheHoleValueRootIndex);
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1960 // We can't address the last element in one operation. Compute the more
1961 // expensive shift first, and use an offset later on.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]1962 __ add(elements, elements, Operand::PointerOffsetFromSmiKey(r4));
fschneider@chromium.org7d10be52012-04-10 12:30:14 +0000[diff] [blame]1963 __ ldr(r0, FieldMemOperand(elements, FixedArray::kHeaderSize));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1964 __ cmp(r0, r6);
1965 __ b(eq, &call_builtin);
1966
1967 // Set the array's length.
1968 __ str(r4, FieldMemOperand(receiver, JSArray::kLengthOffset));
1969
1970 // Fill with the hole.
fschneider@chromium.org7d10be52012-04-10 12:30:14 +0000[diff] [blame]1971 __ str(r6, FieldMemOperand(elements, FixedArray::kHeaderSize));
vegorov@chromium.org21b5e952010-11-23 10:24:40 +0000[diff] [blame]1972 __ Drop(argc + 1);
1973 __ Ret();
1974
1975 __ bind(&return_undefined);
1976 __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
1977 __ Drop(argc + 1);
1978 __ Ret();
1979
1980 __ bind(&call_builtin);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]1981 __ TailCallExternalReference(
1982 ExternalReference(Builtins::c_ArrayPop, isolate()), argc + 1, 1);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1983
1984 // Handle call cache miss.
1985 __ bind(&miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1986 GenerateMissBranch();
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1987
1988 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1989 return GetCode(function);
vegorov@chromium.orgf8372902010-03-15 10:26:20 +0000[diff] [blame]1990}
1991
1992
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]1993Handle<Code> CallStubCompiler::CompileStringCharCodeAtCall(
1994 Handle<Object> object,
1995 Handle<JSObject> holder,
1996 Handle<JSGlobalPropertyCell> cell,
1997 Handle<JSFunction> function,
1998 Handle<String> name) {
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]1999 // ----------- S t a t e -------------
2000 // -- r2 : function name
2001 // -- lr : return address
2002 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
2003 // -- ...
2004 // -- sp[argc * 4] : receiver
2005 // -----------------------------------
2006
2007 // If object is not a string, bail out to regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2008 if (!object->IsString() || !cell.is_null()) return Handle<Code>::null();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2009
2010 const int argc = arguments().immediate();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2011 Label miss;
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2012 Label name_miss;
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2013 Label index_out_of_range;
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2014 Label* index_out_of_range_label = &index_out_of_range;
2015
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]2016 if (kind_ == Code::CALL_IC &&
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2017 (CallICBase::StringStubState::decode(extra_state_) ==
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]2018 DEFAULT_STRING_STUB)) {
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2019 index_out_of_range_label = &miss;
2020 }
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2021 GenerateNameCheck(name, &name_miss);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2022
2023 // Check that the maps starting from the prototype haven't changed.
2024 GenerateDirectLoadGlobalFunctionPrototype(masm(),
2025 Context::STRING_FUNCTION_INDEX,
fschneider@chromium.orgc20610a2010-09-22 09:44:58 +0000[diff] [blame]2026 r0,
2027 &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2028 ASSERT(!object.is_identical_to(holder));
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2029 CheckPrototypes(
2030 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
2031 r0, holder, r1, r3, r4, name, &miss);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2032
2033 Register receiver = r1;
2034 Register index = r4;
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2035 Register result = r0;
2036 __ ldr(receiver, MemOperand(sp, argc * kPointerSize));
2037 if (argc > 0) {
2038 __ ldr(index, MemOperand(sp, (argc - 1) * kPointerSize));
2039 } else {
2040 __ LoadRoot(index, Heap::kUndefinedValueRootIndex);
2041 }
2042
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2043 StringCharCodeAtGenerator generator(receiver,
2044 index,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2045 result,
2046 &miss, // When not a string.
2047 &miss, // When not a number.
2048 index_out_of_range_label,
2049 STRING_INDEX_IS_NUMBER);
2050 generator.GenerateFast(masm());
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2051 __ Drop(argc + 1);
2052 __ Ret();
2053
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]2054 StubRuntimeCallHelper call_helper;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2055 generator.GenerateSlow(masm(), call_helper);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2056
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2057 if (index_out_of_range.is_linked()) {
2058 __ bind(&index_out_of_range);
2059 __ LoadRoot(r0, Heap::kNanValueRootIndex);
2060 __ Drop(argc + 1);
2061 __ Ret();
2062 }
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2063
2064 __ bind(&miss);
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2065 // Restore function name in r2.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2066 __ Move(r2, name);
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2067 __ bind(&name_miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2068 GenerateMissBranch();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2069
2070 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2071 return GetCode(function);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]2072}
2073
2074
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2075Handle<Code> CallStubCompiler::CompileStringCharAtCall(
2076 Handle<Object> object,
2077 Handle<JSObject> holder,
2078 Handle<JSGlobalPropertyCell> cell,
2079 Handle<JSFunction> function,
2080 Handle<String> name) {
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2081 // ----------- S t a t e -------------
2082 // -- r2 : function name
2083 // -- lr : return address
2084 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
2085 // -- ...
2086 // -- sp[argc * 4] : receiver
2087 // -----------------------------------
2088
2089 // If object is not a string, bail out to regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2090 if (!object->IsString() || !cell.is_null()) return Handle<Code>::null();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2091
2092 const int argc = arguments().immediate();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2093 Label miss;
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2094 Label name_miss;
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2095 Label index_out_of_range;
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2096 Label* index_out_of_range_label = &index_out_of_range;
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]2097 if (kind_ == Code::CALL_IC &&
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2098 (CallICBase::StringStubState::decode(extra_state_) ==
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]2099 DEFAULT_STRING_STUB)) {
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2100 index_out_of_range_label = &miss;
2101 }
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2102 GenerateNameCheck(name, &name_miss);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2103
2104 // Check that the maps starting from the prototype haven't changed.
2105 GenerateDirectLoadGlobalFunctionPrototype(masm(),
2106 Context::STRING_FUNCTION_INDEX,
fschneider@chromium.orgc20610a2010-09-22 09:44:58 +0000[diff] [blame]2107 r0,
2108 &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2109 ASSERT(!object.is_identical_to(holder));
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2110 CheckPrototypes(
2111 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
2112 r0, holder, r1, r3, r4, name, &miss);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2113
2114 Register receiver = r0;
2115 Register index = r4;
danno@chromium.orgc612e022011-11-10 11:38:15 +0000[diff] [blame]2116 Register scratch = r3;
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2117 Register result = r0;
2118 __ ldr(receiver, MemOperand(sp, argc * kPointerSize));
2119 if (argc > 0) {
2120 __ ldr(index, MemOperand(sp, (argc - 1) * kPointerSize));
2121 } else {
2122 __ LoadRoot(index, Heap::kUndefinedValueRootIndex);
2123 }
2124
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2125 StringCharAtGenerator generator(receiver,
2126 index,
danno@chromium.orgc612e022011-11-10 11:38:15 +0000[diff] [blame]2127 scratch,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2128 result,
2129 &miss, // When not a string.
2130 &miss, // When not a number.
2131 index_out_of_range_label,
2132 STRING_INDEX_IS_NUMBER);
2133 generator.GenerateFast(masm());
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2134 __ Drop(argc + 1);
2135 __ Ret();
2136
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]2137 StubRuntimeCallHelper call_helper;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2138 generator.GenerateSlow(masm(), call_helper);
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2139
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2140 if (index_out_of_range.is_linked()) {
2141 __ bind(&index_out_of_range);
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]2142 __ LoadRoot(r0, Heap::kempty_stringRootIndex);
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2143 __ Drop(argc + 1);
2144 __ Ret();
2145 }
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2146
2147 __ bind(&miss);
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2148 // Restore function name in r2.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2149 __ Move(r2, name);
erik.corry@gmail.com0511e242011-01-19 11:11:08 +0000[diff] [blame]2150 __ bind(&name_miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2151 GenerateMissBranch();
ricow@chromium.org65fae842010-08-25 15:26:24 +0000[diff] [blame]2152
2153 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2154 return GetCode(function);
ricow@chromium.org30ce4112010-05-31 10:38:25 +0000[diff] [blame]2155}
2156
2157
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2158Handle<Code> CallStubCompiler::CompileStringFromCharCodeCall(
2159 Handle<Object> object,
2160 Handle<JSObject> holder,
2161 Handle<JSGlobalPropertyCell> cell,
2162 Handle<JSFunction> function,
2163 Handle<String> name) {
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2164 // ----------- S t a t e -------------
2165 // -- r2 : function name
2166 // -- lr : return address
2167 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
2168 // -- ...
2169 // -- sp[argc * 4] : receiver
2170 // -----------------------------------
2171
2172 const int argc = arguments().immediate();
2173
2174 // If the object is not a JSObject or we got an unexpected number of
2175 // arguments, bail out to the regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2176 if (!object->IsJSObject() || argc != 1) return Handle<Code>::null();
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2177
2178 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2179 GenerateNameCheck(name, &miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2180
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2181 if (cell.is_null()) {
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2182 __ ldr(r1, MemOperand(sp, 1 * kPointerSize));
2183
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]2184 __ JumpIfSmi(r1, &miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2185
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2186 CheckPrototypes(Handle<JSObject>::cast(object), r1, holder, r0, r3, r4,
2187 name, &miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2188 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2189 ASSERT(cell->value() == *function);
2190 GenerateGlobalReceiverCheck(Handle<JSObject>::cast(object), holder, name,
2191 &miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2192 GenerateLoadFunctionFromCell(cell, function, &miss);
2193 }
2194
2195 // Load the char code argument.
2196 Register code = r1;
2197 __ ldr(code, MemOperand(sp, 0 * kPointerSize));
2198
2199 // Check the code is a smi.
2200 Label slow;
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]2201 __ JumpIfNotSmi(code, &slow);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2202
2203 // Convert the smi code to uint16.
2204 __ and_(code, code, Operand(Smi::FromInt(0xffff)));
2205
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2206 StringCharFromCodeGenerator generator(code, r0);
2207 generator.GenerateFast(masm());
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2208 __ Drop(argc + 1);
2209 __ Ret();
2210
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]2211 StubRuntimeCallHelper call_helper;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2212 generator.GenerateSlow(masm(), call_helper);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2213
2214 // Tail call the full function. We do not have to patch the receiver
2215 // because the function makes no use of it.
2216 __ bind(&slow);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2217 ParameterCount expected(function);
2218 __ InvokeFunction(function, expected, arguments(),
2219 JUMP_FUNCTION, NullCallWrapper(), CALL_AS_METHOD);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2220
2221 __ bind(&miss);
2222 // r2: function name.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2223 GenerateMissBranch();
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2224
2225 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]2226 return cell.is_null() ? GetCode(function) : GetCode(Code::NORMAL, name);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2227}
2228
2229
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2230Handle<Code> CallStubCompiler::CompileMathFloorCall(
2231 Handle<Object> object,
2232 Handle<JSObject> holder,
2233 Handle<JSGlobalPropertyCell> cell,
2234 Handle<JSFunction> function,
2235 Handle<String> name) {
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2236 // ----------- S t a t e -------------
2237 // -- r2 : function name
2238 // -- lr : return address
2239 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
2240 // -- ...
2241 // -- sp[argc * 4] : receiver
2242 // -----------------------------------
2243
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2244 const int argc = arguments().immediate();
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2245 // If the object is not a JSObject or we got an unexpected number of
2246 // arguments, bail out to the regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2247 if (!object->IsJSObject() || argc != 1) return Handle<Code>::null();
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2248
2249 Label miss, slow;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2250 GenerateNameCheck(name, &miss);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2251
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2252 if (cell.is_null()) {
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2253 __ ldr(r1, MemOperand(sp, 1 * kPointerSize));
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]2254 __ JumpIfSmi(r1, &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2255 CheckPrototypes(Handle<JSObject>::cast(object), r1, holder, r0, r3, r4,
2256 name, &miss);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2257 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2258 ASSERT(cell->value() == *function);
2259 GenerateGlobalReceiverCheck(Handle<JSObject>::cast(object), holder, name,
2260 &miss);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2261 GenerateLoadFunctionFromCell(cell, function, &miss);
2262 }
2263
2264 // Load the (only) argument into r0.
2265 __ ldr(r0, MemOperand(sp, 0 * kPointerSize));
2266
2267 // If the argument is a smi, just return.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]2268 __ SmiTst(r0);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2269 __ Drop(argc + 1, eq);
2270 __ Ret(eq);
2271
kmillikin@chromium.orgc53e10d2011-05-18 09:12:58 +0000[diff] [blame]2272 __ CheckMap(r0, r1, Heap::kHeapNumberMapRootIndex, &slow, DONT_DO_SMI_CHECK);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2273
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2274 Label smi_check, just_return;
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2275
2276 // Load the HeapNumber value.
2277 // We will need access to the value in the core registers, so we load it
2278 // with ldrd and move it to the fpu. It also spares a sub instruction for
2279 // updating the HeapNumber value address, as vldr expects a multiple
2280 // of 4 offset.
2281 __ Ldrd(r4, r5, FieldMemOperand(r0, HeapNumber::kValueOffset));
2282 __ vmov(d1, r4, r5);
2283
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2284 // Check for NaN, Infinities and -0.
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2285 // They are invariant through a Math.Floor call, so just
2286 // return the original argument.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2287 __ Sbfx(r3, r5, HeapNumber::kExponentShift, HeapNumber::kExponentBits);
2288 __ cmp(r3, Operand(-1));
2289 __ b(eq, &just_return);
2290 __ eor(r3, r5, Operand(0x80000000u));
2291 __ orr(r3, r3, r4, SetCC);
2292 __ b(eq, &just_return);
2293 // Test for values that can be exactly represented as a
2294 // signed 32-bit integer.
2295 __ TryDoubleToInt32Exact(r0, d1, d2);
2296 // If exact, check smi
2297 __ b(eq, &smi_check);
2298 __ cmp(r5, Operand(0));
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2299
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2300 // If input is in ]+0, +inf[, the cmp has cleared overflow and negative
2301 // (V=0 and N=0), the two following instructions won't execute and
2302 // we fall through smi_check to check if the result can fit into a smi.
2303
2304 // If input is in ]-inf, -0[, sub one and, go to slow if we have
2305 // an overflow. Else we fall through smi check.
2306 // Hint: if x is a negative, non integer number,
2307 // floor(x) <=> round_to_zero(x) - 1.
2308 __ sub(r0, r0, Operand(1), SetCC, mi);
2309 __ b(vs, &slow);
2310
2311 __ bind(&smi_check);
2312 // Check if the result can fit into an smi. If we had an overflow,
2313 // the result is either 0x80000000 or 0x7FFFFFFF and won't fit into an smi.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2314 // If result doesn't fit into an smi, branch to slow.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]2315 __ SmiTag(r0, SetCC);
2316 __ b(vs, &slow);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2317
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2318 __ bind(&just_return);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2319 __ Drop(argc + 1);
2320 __ Ret();
2321
sgjesse@chromium.orgc6c57182011-01-17 12:24:25 +0000[diff] [blame]2322 __ bind(&slow);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2323 // Tail call the full function. We do not have to patch the receiver
2324 // because the function makes no use of it.
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2325 ParameterCount expected(function);
2326 __ InvokeFunction(function, expected, arguments(),
2327 JUMP_FUNCTION, NullCallWrapper(), CALL_AS_METHOD);
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2328
2329 __ bind(&miss);
2330 // r2: function name.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2331 GenerateMissBranch();
erik.corry@gmail.com4a6c3272010-11-18 12:04:40 +0000[diff] [blame]2332
2333 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]2334 return cell.is_null() ? GetCode(function) : GetCode(Code::NORMAL, name);
fschneider@chromium.orgc20610a2010-09-22 09:44:58 +0000[diff] [blame]2335}
2336
2337
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2338Handle<Code> CallStubCompiler::CompileMathAbsCall(
2339 Handle<Object> object,
2340 Handle<JSObject> holder,
2341 Handle<JSGlobalPropertyCell> cell,
2342 Handle<JSFunction> function,
2343 Handle<String> name) {
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2344 // ----------- S t a t e -------------
2345 // -- r2 : function name
2346 // -- lr : return address
2347 // -- sp[(argc - n - 1) * 4] : arg[n] (zero-based)
2348 // -- ...
2349 // -- sp[argc * 4] : receiver
2350 // -----------------------------------
2351
2352 const int argc = arguments().immediate();
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2353 // If the object is not a JSObject or we got an unexpected number of
2354 // arguments, bail out to the regular call.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2355 if (!object->IsJSObject() || argc != 1) return Handle<Code>::null();
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2356
2357 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2358 GenerateNameCheck(name, &miss);
2359 if (cell.is_null()) {
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2360 __ ldr(r1, MemOperand(sp, 1 * kPointerSize));
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]2361 __ JumpIfSmi(r1, &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2362 CheckPrototypes(Handle<JSObject>::cast(object), r1, holder, r0, r3, r4,
2363 name, &miss);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2364 } else {
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2365 ASSERT(cell->value() == *function);
2366 GenerateGlobalReceiverCheck(Handle<JSObject>::cast(object), holder, name,
2367 &miss);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2368 GenerateLoadFunctionFromCell(cell, function, &miss);
2369 }
2370
2371 // Load the (only) argument into r0.
2372 __ ldr(r0, MemOperand(sp, 0 * kPointerSize));
2373
2374 // Check if the argument is a smi.
2375 Label not_smi;
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]2376 __ JumpIfNotSmi(r0, &not_smi);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2377
2378 // Do bitwise not or do nothing depending on the sign of the
2379 // argument.
2380 __ eor(r1, r0, Operand(r0, ASR, kBitsPerInt - 1));
2381
2382 // Add 1 or do nothing depending on the sign of the argument.
2383 __ sub(r0, r1, Operand(r0, ASR, kBitsPerInt - 1), SetCC);
2384
2385 // If the result is still negative, go to the slow case.
2386 // This only happens for the most negative smi.
2387 Label slow;
2388 __ b(mi, &slow);
2389
2390 // Smi case done.
2391 __ Drop(argc + 1);
2392 __ Ret();
2393
2394 // Check if the argument is a heap number and load its exponent and
2395 // sign.
2396 __ bind(&not_smi);
kmillikin@chromium.orgc53e10d2011-05-18 09:12:58 +0000[diff] [blame]2397 __ CheckMap(r0, r1, Heap::kHeapNumberMapRootIndex, &slow, DONT_DO_SMI_CHECK);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2398 __ ldr(r1, FieldMemOperand(r0, HeapNumber::kExponentOffset));
2399
2400 // Check the sign of the argument. If the argument is positive,
2401 // just return it.
2402 Label negative_sign;
2403 __ tst(r1, Operand(HeapNumber::kSignMask));
2404 __ b(ne, &negative_sign);
2405 __ Drop(argc + 1);
2406 __ Ret();
2407
2408 // If the argument is negative, clear the sign, and return a new
2409 // number.
2410 __ bind(&negative_sign);
2411 __ eor(r1, r1, Operand(HeapNumber::kSignMask));
2412 __ ldr(r3, FieldMemOperand(r0, HeapNumber::kMantissaOffset));
2413 __ LoadRoot(r6, Heap::kHeapNumberMapRootIndex);
2414 __ AllocateHeapNumber(r0, r4, r5, r6, &slow);
2415 __ str(r1, FieldMemOperand(r0, HeapNumber::kExponentOffset));
2416 __ str(r3, FieldMemOperand(r0, HeapNumber::kMantissaOffset));
2417 __ Drop(argc + 1);
2418 __ Ret();
2419
2420 // Tail call the full function. We do not have to patch the receiver
2421 // because the function makes no use of it.
2422 __ bind(&slow);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2423 ParameterCount expected(function);
2424 __ InvokeFunction(function, expected, arguments(),
2425 JUMP_FUNCTION, NullCallWrapper(), CALL_AS_METHOD);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2426
2427 __ bind(&miss);
2428 // r2: function name.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2429 GenerateMissBranch();
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2430
2431 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]2432 return cell.is_null() ? GetCode(function) : GetCode(Code::NORMAL, name);
kmillikin@chromium.orgf05f2912010-09-30 10:07:24 +0000[diff] [blame]2433}
2434
2435
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2436Handle<Code> CallStubCompiler::CompileFastApiCall(
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2437 const CallOptimization& optimization,
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2438 Handle<Object> object,
2439 Handle<JSObject> holder,
2440 Handle<JSGlobalPropertyCell> cell,
2441 Handle<JSFunction> function,
2442 Handle<String> name) {
lrn@chromium.org7516f052011-03-30 08:52:27 +0000[diff] [blame]2443 Counters* counters = isolate()->counters();
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]2444
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2445 ASSERT(optimization.is_simple_api_call());
2446 // Bail out if object is a global object as we don't want to
2447 // repatch it to global receiver.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2448 if (object->IsGlobalObject()) return Handle<Code>::null();
2449 if (!cell.is_null()) return Handle<Code>::null();
2450 if (!object->IsJSObject()) return Handle<Code>::null();
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2451 int depth = optimization.GetPrototypeDepthOfExpectedType(
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2452 Handle<JSObject>::cast(object), holder);
2453 if (depth == kInvalidProtoDepth) return Handle<Code>::null();
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2454
2455 Label miss, miss_before_stack_reserved;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2456 GenerateNameCheck(name, &miss_before_stack_reserved);
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2457
2458 // Get the receiver from the stack.
2459 const int argc = arguments().immediate();
2460 __ ldr(r1, MemOperand(sp, argc * kPointerSize));
2461
2462 // Check that the receiver isn't a smi.
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]2463 __ JumpIfSmi(r1, &miss_before_stack_reserved);
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2464
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]2465 __ IncrementCounter(counters->call_const(), 1, r0, r3);
2466 __ IncrementCounter(counters->call_const_fast_api(), 1, r0, r3);
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2467
2468 ReserveSpaceForFastApiCall(masm(), r0);
2469
2470 // Check that the maps haven't changed and find a Holder as a side effect.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2471 CheckPrototypes(Handle<JSObject>::cast(object), r1, holder, r0, r3, r4, name,
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2472 depth, &miss);
2473
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2474 GenerateFastApiDirectCall(masm(), optimization, argc);
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2475
2476 __ bind(&miss);
2477 FreeSpaceForFastApiCall(masm());
2478
2479 __ bind(&miss_before_stack_reserved);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2480 GenerateMissBranch();
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2481
2482 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2483 return GetCode(function);
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2484}
2485
2486
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2487void CallStubCompiler::CompileHandlerFrontend(Handle<Object> object,
2488 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2489 Handle<Name> name,
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2490 CheckType check,
2491 Label* success) {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2492 // ----------- S t a t e -------------
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]2493 // -- r2 : name
2494 // -- lr : return address
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2495 // -----------------------------------
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2496 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2497 GenerateNameCheck(name, &miss);
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]2498
mads.s.ager31e71382008-08-13 09:32:07 +0000[diff] [blame]2499 // Get the receiver from the stack
2500 const int argc = arguments().immediate();
2501 __ ldr(r1, MemOperand(sp, argc * kPointerSize));
2502
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2503 // Check that the receiver isn't a smi.
2504 if (check != NUMBER_CHECK) {
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]2505 __ JumpIfSmi(r1, &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2506 }
2507
kasperl@chromium.org9fe21c62008-10-28 08:53:51 +0000[diff] [blame]2508 // Make sure that it's okay not to patch the on stack receiver
2509 // unless we're doing a receiver map check.
2510 ASSERT(!object->IsGlobalObject() || check == RECEIVER_MAP_CHECK);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2511 switch (check) {
2512 case RECEIVER_MAP_CHECK:
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2513 __ IncrementCounter(isolate()->counters()->call_const(), 1, r0, r3);
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]2514
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2515 // Check that the maps haven't changed.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2516 CheckPrototypes(Handle<JSObject>::cast(object), r1, holder, r0, r3, r4,
2517 name, &miss);
kasperl@chromium.org9fe21c62008-10-28 08:53:51 +0000[diff] [blame]2518
2519 // Patch the receiver on the stack with the global proxy if
2520 // necessary.
2521 if (object->IsGlobalObject()) {
2522 __ ldr(r3, FieldMemOperand(r1, GlobalObject::kGlobalReceiverOffset));
2523 __ str(r3, MemOperand(sp, argc * kPointerSize));
2524 }
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2525 break;
2526
2527 case STRING_CHECK:
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]2528 // Check that the object is a string.
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2529 __ CompareObjectType(r1, r3, r3, FIRST_NONSTRING_TYPE);
2530 __ b(ge, &miss);
2531 // Check that the maps starting from the prototype haven't changed.
2532 GenerateDirectLoadGlobalFunctionPrototype(
2533 masm(), Context::STRING_FUNCTION_INDEX, r0, &miss);
2534 CheckPrototypes(
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2535 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2536 r0, holder, r3, r1, r4, name, &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2537 break;
2538
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]2539 case SYMBOL_CHECK:
2540 // Check that the object is a symbol.
2541 __ CompareObjectType(r1, r1, r3, SYMBOL_TYPE);
2542 __ b(ne, &miss);
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]2543 // Check that the maps starting from the prototype haven't changed.
2544 GenerateDirectLoadGlobalFunctionPrototype(
2545 masm(), Context::SYMBOL_FUNCTION_INDEX, r0, &miss);
2546 CheckPrototypes(
2547 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
2548 r0, holder, r3, r1, r4, name, &miss);
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]2549 break;
2550
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2551 case NUMBER_CHECK: {
2552 Label fast;
2553 // Check that the object is a smi or a heap number.
2554 __ JumpIfSmi(r1, &fast);
2555 __ CompareObjectType(r1, r0, r0, HEAP_NUMBER_TYPE);
2556 __ b(ne, &miss);
2557 __ bind(&fast);
2558 // Check that the maps starting from the prototype haven't changed.
2559 GenerateDirectLoadGlobalFunctionPrototype(
2560 masm(), Context::NUMBER_FUNCTION_INDEX, r0, &miss);
2561 CheckPrototypes(
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2562 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2563 r0, holder, r3, r1, r4, name, &miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2564 break;
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2565 }
2566 case BOOLEAN_CHECK: {
2567 Label fast;
2568 // Check that the object is a boolean.
2569 __ LoadRoot(ip, Heap::kTrueValueRootIndex);
2570 __ cmp(r1, ip);
2571 __ b(eq, &fast);
2572 __ LoadRoot(ip, Heap::kFalseValueRootIndex);
2573 __ cmp(r1, ip);
2574 __ b(ne, &miss);
2575 __ bind(&fast);
2576 // Check that the maps starting from the prototype haven't changed.
2577 GenerateDirectLoadGlobalFunctionPrototype(
2578 masm(), Context::BOOLEAN_FUNCTION_INDEX, r0, &miss);
2579 CheckPrototypes(
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2580 Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate()))),
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2581 r0, holder, r3, r1, r4, name, &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2582 break;
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2583 }
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2584 }
2585
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2586 __ b(success);
2587
2588 // Handle call cache miss.
2589 __ bind(&miss);
2590 GenerateMissBranch();
2591}
2592
2593
2594void CallStubCompiler::CompileHandlerBackend(Handle<JSFunction> function) {
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2595 CallKind call_kind = CallICBase::Contextual::decode(extra_state_)
ricow@chromium.orgd2be9012011-06-01 06:00:58 +0000[diff] [blame]2596 ? CALL_AS_FUNCTION
2597 : CALL_AS_METHOD;
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2598 ParameterCount expected(function);
2599 __ InvokeFunction(function, expected, arguments(),
2600 JUMP_FUNCTION, NullCallWrapper(), call_kind);
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2601}
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2602
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2603
2604Handle<Code> CallStubCompiler::CompileCallConstant(
2605 Handle<Object> object,
2606 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2607 Handle<Name> name,
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2608 CheckType check,
2609 Handle<JSFunction> function) {
2610 if (HasCustomCallGenerator(function)) {
2611 Handle<Code> code = CompileCustomCall(object, holder,
2612 Handle<JSGlobalPropertyCell>::null(),
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2613 function, Handle<String>::cast(name));
mmassi@chromium.org2f0efde2013-02-06 14:12:58 +0000[diff] [blame]2614 // A null handle means bail out to the regular compiler code below.
2615 if (!code.is_null()) return code;
2616 }
2617
2618 Label success;
2619
2620 CompileHandlerFrontend(object, holder, name, check, &success);
2621 __ bind(&success);
2622 CompileHandlerBackend(function);
2623
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2624 // Return the generated code.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2625 return GetCode(function);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2626}
2627
2628
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2629Handle<Code> CallStubCompiler::CompileCallInterceptor(Handle<JSObject> object,
2630 Handle<JSObject> holder,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2631 Handle<Name> name) {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2632 // ----------- S t a t e -------------
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]2633 // -- r2 : name
2634 // -- lr : return address
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2635 // -----------------------------------
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]2636 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2637 GenerateNameCheck(name, &miss);
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]2638
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]2639 // Get the number of arguments.
2640 const int argc = arguments().immediate();
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2641 LookupResult lookup(isolate());
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]2642 LookupPostInterceptor(holder, name, &lookup);
2643
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]2644 // Get the receiver from the stack.
2645 __ ldr(r1, MemOperand(sp, argc * kPointerSize));
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]2646
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2647 CallInterceptorCompiler compiler(this, arguments(), r2, extra_state_);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2648 compiler.Compile(masm(), object, holder, name, &lookup, r1, r3, r4, r0,
2649 &miss);
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]2650
2651 // Move returned value, the function to call, to r1.
2652 __ mov(r1, r0);
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]2653 // Restore receiver.
kmillikin@chromium.org4111b802010-05-03 10:34:42 +0000[diff] [blame]2654 __ ldr(r0, MemOperand(sp, argc * kPointerSize));
sgjesse@chromium.orgb302e562010-02-03 11:26:59 +0000[diff] [blame]2655
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2656 GenerateCallFunction(masm(), object, arguments(), &miss, extra_state_);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2657
2658 // Handle call cache miss.
2659 __ bind(&miss);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2660 GenerateMissBranch();
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2661
2662 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]2663 return GetCode(Code::INTERCEPTOR, name);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2664}
2665
2666
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2667Handle<Code> CallStubCompiler::CompileCallGlobal(
2668 Handle<JSObject> object,
2669 Handle<GlobalObject> holder,
2670 Handle<JSGlobalPropertyCell> cell,
2671 Handle<JSFunction> function,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2672 Handle<Name> name) {
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2673 // ----------- S t a t e -------------
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]2674 // -- r2 : name
2675 // -- lr : return address
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2676 // -----------------------------------
sgjesse@chromium.orgea88ce92011-03-23 11:19:56 +0000[diff] [blame]2677 if (HasCustomCallGenerator(function)) {
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2678 Handle<Code> code = CompileCustomCall(
2679 object, holder, cell, function, Handle<String>::cast(name));
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2680 // A null handle means bail out to the regular compiler code below.
2681 if (!code.is_null()) return code;
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2682 }
2683
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2684 Label miss;
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2685 GenerateNameCheck(name, &miss);
whesse@chromium.org2c186ca2010-06-16 11:32:39 +0000[diff] [blame]2686
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2687 // Get the number of arguments.
2688 const int argc = arguments().immediate();
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2689 GenerateGlobalReceiverCheck(object, holder, name, &miss);
sgjesse@chromium.org2ec107f2010-09-13 09:19:46 +0000[diff] [blame]2690 GenerateLoadFunctionFromCell(cell, function, &miss);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2691
2692 // Patch the receiver on the stack with the global proxy if
2693 // necessary.
kasperl@chromium.orgdefbd102009-07-13 14:04:26 +0000[diff] [blame]2694 if (object->IsGlobalObject()) {
2695 __ ldr(r3, FieldMemOperand(r0, GlobalObject::kGlobalReceiverOffset));
2696 __ str(r3, MemOperand(sp, argc * kPointerSize));
2697 }
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2698
erik.corry@gmail.comf2038fb2012-01-16 11:42:08 +0000[diff] [blame]2699 // Set up the context (function already in r1).
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2700 __ ldr(cp, FieldMemOperand(r1, JSFunction::kContextOffset));
2701
2702 // Jump to the cached code (tail call).
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2703 Counters* counters = isolate()->counters();
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]2704 __ IncrementCounter(counters->call_global_inline(), 1, r3, r4);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2705 ParameterCount expected(function->shared()->formal_parameter_count());
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2706 CallKind call_kind = CallICBase::Contextual::decode(extra_state_)
danno@chromium.org40cb8782011-05-25 07:58:50 +0000[diff] [blame]2707 ? CALL_AS_FUNCTION
2708 : CALL_AS_METHOD;
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2709 // We call indirectly through the code field in the function to
2710 // allow recompilation to take effect without changing any of the
2711 // call sites.
2712 __ ldr(r3, FieldMemOperand(r1, JSFunction::kCodeEntryOffset));
2713 __ InvokeCode(r3, expected, arguments(), JUMP_FUNCTION,
2714 NullCallWrapper(), call_kind);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2715
2716 // Handle call cache miss.
2717 __ bind(&miss);
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]2718 __ IncrementCounter(counters->call_global_inline_miss(), 1, r1, r3);
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]2719 GenerateMissBranch();
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2720
2721 // Return the generated code.
jkummerow@chromium.org7a6fc812012-06-27 11:12:38 +0000[diff] [blame]2722 return GetCode(Code::NORMAL, name);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2723}
2724
2725
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2726Handle<Code> StoreStubCompiler::CompileStoreCallback(
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2727 Handle<Name> name,
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2728 Handle<JSObject> object,
yangguo@chromium.org355cfd12012-08-29 15:32:24 +0000[diff] [blame]2729 Handle<JSObject> holder,
hpayer@chromium.org7c3372b2013-02-13 17:26:04 +0000[diff] [blame]2730 Handle<ExecutableAccessorInfo> callback) {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2731 Label miss;
yangguo@chromium.org355cfd12012-08-29 15:32:24 +0000[diff] [blame]2732 // Check that the maps haven't changed.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2733 __ JumpIfSmi(receiver(), &miss);
2734 CheckPrototypes(object, receiver(), holder,
2735 scratch1(), scratch2(), scratch3(), name, &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2736
yangguo@chromium.org355cfd12012-08-29 15:32:24 +0000[diff] [blame]2737 // Stub never generated for non-global objects that require access checks.
2738 ASSERT(holder->IsJSGlobalProxy() || !holder->IsAccessCheckNeeded());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2739
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2740 __ push(receiver()); // receiver
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2741 __ mov(ip, Operand(callback)); // callback info
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2742 __ Push(ip, this->name(), value());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2743
mads.s.ager31e71382008-08-13 09:32:07 +0000[diff] [blame]2744 // Do tail-call to the runtime system.
2745 ExternalReference store_callback_property =
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2746 ExternalReference(IC_Utility(IC::kStoreCallbackProperty), isolate());
ager@chromium.orgce5e87b2010-03-10 10:24:18 +0000[diff] [blame]2747 __ TailCallExternalReference(store_callback_property, 4, 1);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2748
2749 // Handle store cache miss.
2750 __ bind(&miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2751 TailCallBuiltin(masm(), MissBuiltin(kind()));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2752
2753 // Return the generated code.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2754 return GetICCode(kind(), Code::CALLBACKS, name);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2755}
2756
2757
yangguo@chromium.org46839fb2012-08-28 09:06:19 +0000[diff] [blame]2758#undef __
2759#define __ ACCESS_MASM(masm)
2760
2761
2762void StoreStubCompiler::GenerateStoreViaSetter(
2763 MacroAssembler* masm,
2764 Handle<JSFunction> setter) {
2765 // ----------- S t a t e -------------
2766 // -- r0 : value
2767 // -- r1 : receiver
2768 // -- r2 : name
2769 // -- lr : return address
2770 // -----------------------------------
2771 {
2772 FrameScope scope(masm, StackFrame::INTERNAL);
2773
2774 // Save value register, so we can restore it later.
2775 __ push(r0);
2776
2777 if (!setter.is_null()) {
2778 // Call the JavaScript setter with receiver and value on the stack.
2779 __ Push(r1, r0);
2780 ParameterCount actual(1);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2781 ParameterCount expected(setter);
2782 __ InvokeFunction(setter, expected, actual,
2783 CALL_FUNCTION, NullCallWrapper(), CALL_AS_METHOD);
yangguo@chromium.org46839fb2012-08-28 09:06:19 +0000[diff] [blame]2784 } else {
2785 // If we generate a global code snippet for deoptimization only, remember
2786 // the place to continue after deoptimization.
2787 masm->isolate()->heap()->SetSetterStubDeoptPCOffset(masm->pc_offset());
2788 }
2789
2790 // We have to return the passed value, not the return value of the setter.
2791 __ pop(r0);
2792
2793 // Restore context register.
2794 __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
2795 }
2796 __ Ret();
2797}
2798
2799
2800#undef __
2801#define __ ACCESS_MASM(masm())
2802
2803
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2804Handle<Code> StoreStubCompiler::CompileStoreInterceptor(
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2805 Handle<JSObject> object,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2806 Handle<Name> name) {
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2807 Label miss;
2808
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2809 // Check that the map of the object hasn't changed.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2810 __ CheckMap(receiver(), scratch1(), Handle<Map>(object->map()), &miss,
svenpanne@chromium.orga53e8e02013-05-24 12:35:50 +0000[diff] [blame^]2811 DO_SMI_CHECK);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2812
2813 // Perform global security token check if needed.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2814 if (object->IsJSGlobalProxy()) {
2815 __ CheckAccessGlobalProxy(receiver(), scratch1(), &miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2816 }
2817
ager@chromium.org5c838252010-02-19 08:53:10 +0000[diff] [blame]2818 // Stub is never generated for non-global objects that require access
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2819 // checks.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2820 ASSERT(object->IsJSGlobalProxy() || !object->IsAccessCheckNeeded());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2821
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2822 __ Push(receiver(), this->name(), value());
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2823
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2824 __ mov(scratch1(), Operand(Smi::FromInt(strict_mode())));
2825 __ push(scratch1()); // strict mode
ager@chromium.org9ee27ae2011-03-02 13:43:26 +0000[diff] [blame]2826
mads.s.ager31e71382008-08-13 09:32:07 +0000[diff] [blame]2827 // Do tail-call to the runtime system.
2828 ExternalReference store_ic_property =
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2829 ExternalReference(IC_Utility(IC::kStoreInterceptorProperty), isolate());
ager@chromium.org9ee27ae2011-03-02 13:43:26 +0000[diff] [blame]2830 __ TailCallExternalReference(store_ic_property, 4, 1);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2831
2832 // Handle store cache miss.
2833 __ bind(&miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2834 TailCallBuiltin(masm(), MissBuiltin(kind()));
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2835
2836 // Return the generated code.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2837 return GetICCode(kind(), Code::INTERCEPTOR, name);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2838}
2839
2840
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2841Handle<Code> StoreStubCompiler::CompileStoreGlobal(
2842 Handle<GlobalObject> object,
2843 Handle<JSGlobalPropertyCell> cell,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2844 Handle<Name> name) {
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2845 Label miss;
2846
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2847 // Check that the map of the global has not changed.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2848 __ ldr(scratch1(), FieldMemOperand(receiver(), HeapObject::kMapOffset));
2849 __ cmp(scratch1(), Operand(Handle<Map>(object->map())));
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2850 __ b(ne, &miss);
2851
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]2852 // Check that the value in the cell is not the hole. If it is, this
2853 // cell could have been deleted and reintroducing the global needs
2854 // to update the property details in the property dictionary of the
2855 // global object. We bail out to the runtime system to do that.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2856 __ mov(scratch1(), Operand(cell));
2857 __ LoadRoot(scratch2(), Heap::kTheHoleValueRootIndex);
2858 __ ldr(scratch3(),
2859 FieldMemOperand(scratch1(), JSGlobalPropertyCell::kValueOffset));
2860 __ cmp(scratch3(), scratch2());
ager@chromium.org378b34e2011-01-28 08:04:38 +0000[diff] [blame]2861 __ b(eq, &miss);
2862
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2863 // Store the value in the cell.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2864 __ str(value(),
2865 FieldMemOperand(scratch1(), JSGlobalPropertyCell::kValueOffset));
ricow@chromium.org64e3a4b2011-12-13 08:07:27 +0000[diff] [blame]2866 // Cells are always rescanned, so no write barrier here.
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]2867
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2868 Counters* counters = isolate()->counters();
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2869 __ IncrementCounter(
2870 counters->named_store_global_inline(), 1, scratch1(), scratch2());
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2871 __ Ret();
2872
2873 // Handle store cache miss.
2874 __ bind(&miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2875 __ IncrementCounter(
2876 counters->named_store_global_inline_miss(), 1, scratch1(), scratch2());
2877 TailCallBuiltin(masm(), MissBuiltin(kind()));
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2878
2879 // Return the generated code.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2880 return GetICCode(kind(), Code::NORMAL, name);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2881}
2882
2883
mstarzinger@chromium.orge3b8d0f2013-02-01 09:06:41 +0000[diff] [blame]2884Handle<Code> LoadStubCompiler::CompileLoadNonexistent(
mstarzinger@chromium.orge3b8d0f2013-02-01 09:06:41 +0000[diff] [blame]2885 Handle<JSObject> object,
2886 Handle<JSObject> last,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2887 Handle<Name> name,
mstarzinger@chromium.orge3b8d0f2013-02-01 09:06:41 +0000[diff] [blame]2888 Handle<GlobalObject> global) {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2889 Label success;
ricow@chromium.orgc9c80822010-04-21 08:22:37 +0000[diff] [blame]2890
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2891 NonexistentHandlerFrontend(object, last, name, &success, global);
ricow@chromium.orgc9c80822010-04-21 08:22:37 +0000[diff] [blame]2892
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2893 __ bind(&success);
ricow@chromium.orgc9c80822010-04-21 08:22:37 +0000[diff] [blame]2894 // Return undefined if maps of the full prototype chain are still the
2895 // same and no global property with this name contains a value.
2896 __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
2897 __ Ret();
2898
ricow@chromium.orgc9c80822010-04-21 08:22:37 +0000[diff] [blame]2899 // Return the generated code.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2900 return GetCode(kind(), Code::NONEXISTENT, name);
ricow@chromium.orgc9c80822010-04-21 08:22:37 +0000[diff] [blame]2901}
2902
2903
danno@chromium.org94b0d6f2013-02-04 13:33:20 +0000[diff] [blame]2904Register* LoadStubCompiler::registers() {
2905 // receiver, name, scratch1, scratch2, scratch3, scratch4.
2906 static Register registers[] = { r0, r2, r3, r1, r4, r5 };
2907 return registers;
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2908}
2909
2910
danno@chromium.org94b0d6f2013-02-04 13:33:20 +0000[diff] [blame]2911Register* KeyedLoadStubCompiler::registers() {
2912 // receiver, name, scratch1, scratch2, scratch3, scratch4.
2913 static Register registers[] = { r1, r0, r2, r3, r4, r5 };
2914 return registers;
2915}
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2916
danno@chromium.org94b0d6f2013-02-04 13:33:20 +0000[diff] [blame]2917
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2918Register* StoreStubCompiler::registers() {
2919 // receiver, name, value, scratch1, scratch2, scratch3.
2920 static Register registers[] = { r1, r2, r0, r3, r4, r5 };
2921 return registers;
2922}
2923
2924
2925Register* KeyedStoreStubCompiler::registers() {
2926 // receiver, name, value, scratch1, scratch2, scratch3.
2927 static Register registers[] = { r2, r1, r0, r3, r4, r5 };
2928 return registers;
2929}
2930
2931
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2932void KeyedLoadStubCompiler::GenerateNameCheck(Handle<Name> name,
danno@chromium.org94b0d6f2013-02-04 13:33:20 +0000[diff] [blame]2933 Register name_reg,
2934 Label* miss) {
2935 __ cmp(name_reg, Operand(name));
2936 __ b(ne, miss);
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]2937}
2938
2939
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]2940void KeyedStoreStubCompiler::GenerateNameCheck(Handle<Name> name,
2941 Register name_reg,
2942 Label* miss) {
2943 __ cmp(name_reg, Operand(name));
2944 __ b(ne, miss);
2945}
2946
2947
mstarzinger@chromium.orgde886792012-09-11 13:22:37 +0000[diff] [blame]2948#undef __
2949#define __ ACCESS_MASM(masm)
2950
2951
2952void LoadStubCompiler::GenerateLoadViaGetter(MacroAssembler* masm,
2953 Handle<JSFunction> getter) {
2954 // ----------- S t a t e -------------
2955 // -- r0 : receiver
2956 // -- r2 : name
2957 // -- lr : return address
2958 // -----------------------------------
2959 {
2960 FrameScope scope(masm, StackFrame::INTERNAL);
2961
2962 if (!getter.is_null()) {
2963 // Call the JavaScript getter with the receiver on the stack.
2964 __ push(r0);
2965 ParameterCount actual(0);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]2966 ParameterCount expected(getter);
2967 __ InvokeFunction(getter, expected, actual,
2968 CALL_FUNCTION, NullCallWrapper(), CALL_AS_METHOD);
mstarzinger@chromium.orgde886792012-09-11 13:22:37 +0000[diff] [blame]2969 } else {
2970 // If we generate a global code snippet for deoptimization only, remember
2971 // the place to continue after deoptimization.
2972 masm->isolate()->heap()->SetGetterStubDeoptPCOffset(masm->pc_offset());
2973 }
2974
2975 // Restore context register.
2976 __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
2977 }
2978 __ Ret();
2979}
2980
2981
2982#undef __
2983#define __ ACCESS_MASM(masm())
2984
2985
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2986Handle<Code> LoadStubCompiler::CompileLoadGlobal(
2987 Handle<JSObject> object,
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2988 Handle<GlobalObject> global,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2989 Handle<JSGlobalPropertyCell> cell,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]2990 Handle<Name> name,
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]2991 bool is_dont_delete) {
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]2992 Label success, miss;
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2993
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]2994 __ CheckMap(
2995 receiver(), scratch1(), Handle<Map>(object->map()), &miss, DO_SMI_CHECK);
2996 HandlerFrontendHeader(
2997 object, receiver(), Handle<JSObject>::cast(global), name, &miss);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]2998
2999 // Get the value from the cell.
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3000 __ mov(r3, Operand(cell));
lrn@chromium.orgc34f5802010-04-28 12:53:43 +0000[diff] [blame]3001 __ ldr(r4, FieldMemOperand(r3, JSGlobalPropertyCell::kValueOffset));
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]3002
3003 // Check for deleted property if property can actually be deleted.
3004 if (!is_dont_delete) {
ager@chromium.orgab99eea2009-08-25 07:05:41 +0000[diff] [blame]3005 __ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
lrn@chromium.orgc34f5802010-04-28 12:53:43 +0000[diff] [blame]3006 __ cmp(r4, ip);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]3007 __ b(eq, &miss);
3008 }
3009
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]3010 HandlerFrontendFooter(&success, &miss);
3011 __ bind(&success);
3012
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3013 Counters* counters = isolate()->counters();
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]3014 __ IncrementCounter(counters->named_load_global_stub(), 1, r1, r3);
hpayer@chromium.org8432c912013-02-28 15:55:26 +0000[diff] [blame]3015 __ mov(r0, r4);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]3016 __ Ret();
3017
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]3018 // Return the generated code.
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3019 return GetICCode(kind(), Code::NORMAL, name);
kasperl@chromium.org2abc4502009-07-02 07:00:29 +0000[diff] [blame]3020}
3021
3022
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3023Handle<Code> BaseLoadStubCompiler::CompilePolymorphicIC(
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3024 MapHandleList* receiver_maps,
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3025 CodeHandleList* handlers,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3026 Handle<Name> name,
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3027 Code::StubType type,
3028 IcCheckType check) {
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]3029 Label miss;
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3030
3031 if (check == PROPERTY) {
3032 GenerateNameCheck(name, this->name(), &miss);
3033 }
3034
3035 __ JumpIfSmi(receiver(), &miss);
3036 Register map_reg = scratch1();
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]3037
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3038 int receiver_count = receiver_maps->length();
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]3039 int number_of_handled_maps = 0;
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3040 __ ldr(map_reg, FieldMemOperand(receiver(), HeapObject::kMapOffset));
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3041 for (int current = 0; current < receiver_count; ++current) {
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]3042 Handle<Map> map = receiver_maps->at(current);
3043 if (!map->is_deprecated()) {
3044 number_of_handled_maps++;
3045 __ mov(ip, Operand(receiver_maps->at(current)));
3046 __ cmp(map_reg, ip);
3047 __ Jump(handlers->at(current), RelocInfo::CODE_TARGET, eq);
3048 }
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3049 }
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]3050 ASSERT(number_of_handled_maps != 0);
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]3051
3052 __ bind(&miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3053 TailCallBuiltin(masm(), MissBuiltin(kind()));
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]3054
3055 // Return the generated code.
yangguo@chromium.org4a9f6552013-03-04 14:46:33 +0000[diff] [blame]3056 InlineCacheState state =
danno@chromium.orgf005df62013-04-30 16:36:45 +0000[diff] [blame]3057 number_of_handled_maps > 1 ? POLYMORPHIC : MONOMORPHIC;
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3058 return GetICCode(kind(), type, name, state);
kasperl@chromium.orga5551262010-12-07 12:49:48 +0000[diff] [blame]3059}
3060
3061
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3062Handle<Code> KeyedStoreStubCompiler::CompileStorePolymorphic(
3063 MapHandleList* receiver_maps,
3064 CodeHandleList* handler_stubs,
3065 MapHandleList* transitioned_maps) {
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3066 Label miss;
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3067 __ JumpIfSmi(receiver(), &miss);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3068
3069 int receiver_count = receiver_maps->length();
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3070 __ ldr(scratch1(), FieldMemOperand(receiver(), HeapObject::kMapOffset));
rossberg@chromium.orgb4b2aa62011-10-13 09:49:59 +0000[diff] [blame]3071 for (int i = 0; i < receiver_count; ++i) {
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3072 __ mov(ip, Operand(receiver_maps->at(i)));
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3073 __ cmp(scratch1(), ip);
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3074 if (transitioned_maps->at(i).is_null()) {
3075 __ Jump(handler_stubs->at(i), RelocInfo::CODE_TARGET, eq);
rossberg@chromium.orgb4b2aa62011-10-13 09:49:59 +0000[diff] [blame]3076 } else {
3077 Label next_map;
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3078 __ b(ne, &next_map);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3079 __ mov(transition_map(), Operand(transitioned_maps->at(i)));
erik.corry@gmail.com394dbcf2011-10-27 07:38:48 +0000[diff] [blame]3080 __ Jump(handler_stubs->at(i), RelocInfo::CODE_TARGET, al);
rossberg@chromium.orgb4b2aa62011-10-13 09:49:59 +0000[diff] [blame]3081 __ bind(&next_map);
3082 }
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3083 }
3084
3085 __ bind(&miss);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3086 TailCallBuiltin(masm(), MissBuiltin(kind()));
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3087
3088 // Return the generated code.
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3089 return GetICCode(
3090 kind(), Code::NORMAL, factory()->empty_string(), POLYMORPHIC);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3091}
3092
3093
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]3094Handle<Code> ConstructStubCompiler::CompileConstructStub(
3095 Handle<JSFunction> function) {
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3096 // ----------- S t a t e -------------
3097 // -- r0 : argc
3098 // -- r1 : constructor
3099 // -- lr : return address
3100 // -- [sp] : last argument
3101 // -----------------------------------
3102 Label generic_stub_call;
3103
3104 // Use r7 for holding undefined which is used in several places below.
3105 __ LoadRoot(r7, Heap::kUndefinedValueRootIndex);
3106
3107#ifdef ENABLE_DEBUGGER_SUPPORT
3108 // Check to see whether there are any break points in the function code. If
3109 // there are jump to the generic constructor stub which calls the actual
3110 // code for the function thereby hitting the break points.
3111 __ ldr(r2, FieldMemOperand(r1, JSFunction::kSharedFunctionInfoOffset));
3112 __ ldr(r2, FieldMemOperand(r2, SharedFunctionInfo::kDebugInfoOffset));
3113 __ cmp(r2, r7);
3114 __ b(ne, &generic_stub_call);
3115#endif
3116
3117 // Load the initial map and verify that it is in fact a map.
3118 // r1: constructor function
3119 // r7: undefined
3120 __ ldr(r2, FieldMemOperand(r1, JSFunction::kPrototypeOrInitialMapOffset));
whesse@chromium.org7b260152011-06-20 15:33:18 +0000[diff] [blame]3121 __ JumpIfSmi(r2, &generic_stub_call);
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3122 __ CompareObjectType(r2, r3, r4, MAP_TYPE);
3123 __ b(ne, &generic_stub_call);
3124
3125#ifdef DEBUG
3126 // Cannot construct functions this way.
3127 // r0: argc
3128 // r1: constructor function
3129 // r2: initial map
3130 // r7: undefined
3131 __ CompareInstanceType(r2, r3, JS_FUNCTION_TYPE);
3132 __ Check(ne, "Function constructed by construct stub.");
3133#endif
3134
3135 // Now allocate the JSObject in new space.
3136 // r0: argc
3137 // r1: constructor function
3138 // r2: initial map
3139 // r7: undefined
mvstanton@chromium.orge4ac3ef2012-11-12 14:53:34 +0000[diff] [blame]3140 ASSERT(function->has_initial_map());
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3141 __ ldrb(r3, FieldMemOperand(r2, Map::kInstanceSizeOffset));
mvstanton@chromium.orge4ac3ef2012-11-12 14:53:34 +0000[diff] [blame]3142#ifdef DEBUG
3143 int instance_size = function->initial_map()->instance_size();
3144 __ cmp(r3, Operand(instance_size >> kPointerSizeLog2));
3145 __ Check(eq, "Instance size of initial map changed.");
3146#endif
mstarzinger@chromium.orgf705b502013-04-04 11:38:09 +0000[diff] [blame]3147 __ Allocate(r3, r4, r5, r6, &generic_stub_call, SIZE_IN_WORDS);
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3148
3149 // Allocated the JSObject, now initialize the fields. Map is set to initial
3150 // map and properties and elements are set to empty fixed array.
3151 // r0: argc
3152 // r1: constructor function
3153 // r2: initial map
3154 // r3: object size (in words)
3155 // r4: JSObject (not tagged)
3156 // r7: undefined
3157 __ LoadRoot(r6, Heap::kEmptyFixedArrayRootIndex);
3158 __ mov(r5, r4);
3159 ASSERT_EQ(0 * kPointerSize, JSObject::kMapOffset);
3160 __ str(r2, MemOperand(r5, kPointerSize, PostIndex));
3161 ASSERT_EQ(1 * kPointerSize, JSObject::kPropertiesOffset);
3162 __ str(r6, MemOperand(r5, kPointerSize, PostIndex));
3163 ASSERT_EQ(2 * kPointerSize, JSObject::kElementsOffset);
3164 __ str(r6, MemOperand(r5, kPointerSize, PostIndex));
3165
3166 // Calculate the location of the first argument. The stack contains only the
3167 // argc arguments.
3168 __ add(r1, sp, Operand(r0, LSL, kPointerSizeLog2));
3169
3170 // Fill all the in-object properties with undefined.
3171 // r0: argc
3172 // r1: first argument
3173 // r3: object size (in words)
3174 // r4: JSObject (not tagged)
3175 // r5: First in-object property of JSObject (not tagged)
3176 // r7: undefined
3177 // Fill the initialized properties with a constant value or a passed argument
3178 // depending on the this.x = ...; assignment in the function.
jkummerow@chromium.orgc3b37122011-11-07 10:14:12 +0000[diff] [blame]3179 Handle<SharedFunctionInfo> shared(function->shared());
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3180 for (int i = 0; i < shared->this_property_assignments_count(); i++) {
3181 if (shared->IsThisPropertyAssignmentArgument(i)) {
3182 Label not_passed, next;
3183 // Check if the argument assigned to the property is actually passed.
3184 int arg_number = shared->GetThisPropertyAssignmentArgument(i);
3185 __ cmp(r0, Operand(arg_number));
3186 __ b(le, &not_passed);
3187 // Argument passed - find it on the stack.
3188 __ ldr(r2, MemOperand(r1, (arg_number + 1) * -kPointerSize));
3189 __ str(r2, MemOperand(r5, kPointerSize, PostIndex));
3190 __ b(&next);
3191 __ bind(&not_passed);
3192 // Set the property to undefined.
3193 __ str(r7, MemOperand(r5, kPointerSize, PostIndex));
3194 __ bind(&next);
3195 } else {
3196 // Set the property to the constant value.
ulan@chromium.org09d7ab52013-02-25 15:50:35 +0000[diff] [blame]3197 Handle<Object> constant(shared->GetThisPropertyAssignmentConstant(i),
3198 isolate());
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3199 __ mov(r2, Operand(constant));
3200 __ str(r2, MemOperand(r5, kPointerSize, PostIndex));
3201 }
3202 }
3203
3204 // Fill the unused in-object property fields with undefined.
3205 for (int i = shared->this_property_assignments_count();
ager@chromium.orgbeb25712010-11-29 08:02:25 +0000[diff] [blame]3206 i < function->initial_map()->inobject_properties();
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3207 i++) {
3208 __ str(r7, MemOperand(r5, kPointerSize, PostIndex));
3209 }
3210
3211 // r0: argc
3212 // r4: JSObject (not tagged)
3213 // Move argc to r1 and the JSObject to return to r0 and tag it.
3214 __ mov(r1, r0);
3215 __ mov(r0, r4);
3216 __ orr(r0, r0, Operand(kHeapObjectTag));
3217
3218 // r0: JSObject
3219 // r1: argc
3220 // Remove caller arguments and receiver from the stack and return.
3221 __ add(sp, sp, Operand(r1, LSL, kPointerSizeLog2));
3222 __ add(sp, sp, Operand(kPointerSize));
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3223 Counters* counters = isolate()->counters();
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]3224 __ IncrementCounter(counters->constructed_objects(), 1, r1, r2);
3225 __ IncrementCounter(counters->constructed_objects_stub(), 1, r1, r2);
ager@chromium.orga1645e22009-09-09 19:27:10 +0000[diff] [blame]3226 __ Jump(lr);
3227
3228 // Jump to the generic stub in case the specialized code cannot handle the
3229 // construction.
3230 __ bind(&generic_stub_call);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3231 Handle<Code> code = isolate()->builtins()->JSConstructStubGeneric();
fschneider@chromium.org7979bbb2011-03-28 10:47:03 +0000[diff] [blame]3232 __ Jump(code, RelocInfo::CODE_TARGET);
ager@chromium.org18ad94b2009-09-02 08:22:29 +0000[diff] [blame]3233
3234 // Return the generated code.
3235 return GetCode();
3236}
3237
3238
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3239#undef __
3240#define __ ACCESS_MASM(masm)
3241
3242
sgjesse@chromium.org6db88712011-07-11 11:41:22 +0000[diff] [blame]3243void KeyedLoadStubCompiler::GenerateLoadDictionaryElement(
3244 MacroAssembler* masm) {
3245 // ---------- S t a t e --------------
3246 // -- lr : return address
3247 // -- r0 : key
3248 // -- r1 : receiver
3249 // -----------------------------------
3250 Label slow, miss_force_generic;
3251
3252 Register key = r0;
3253 Register receiver = r1;
3254
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3255 __ UntagAndJumpIfNotSmi(r2, key, &miss_force_generic);
sgjesse@chromium.org6db88712011-07-11 11:41:22 +0000[diff] [blame]3256 __ ldr(r4, FieldMemOperand(receiver, JSObject::kElementsOffset));
3257 __ LoadFromNumberDictionary(&slow, r4, key, r0, r2, r3, r5);
3258 __ Ret();
3259
3260 __ bind(&slow);
3261 __ IncrementCounter(
3262 masm->isolate()->counters()->keyed_load_external_array_slow(),
3263 1, r2, r3);
3264
3265 // ---------- S t a t e --------------
3266 // -- lr : return address
3267 // -- r0 : key
3268 // -- r1 : receiver
3269 // -----------------------------------
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3270 TailCallBuiltin(masm, Builtins::kKeyedLoadIC_Slow);
sgjesse@chromium.org6db88712011-07-11 11:41:22 +0000[diff] [blame]3271
3272 // Miss case, call the runtime.
3273 __ bind(&miss_force_generic);
3274
3275 // ---------- S t a t e --------------
3276 // -- lr : return address
3277 // -- r0 : key
3278 // -- r1 : receiver
3279 // -----------------------------------
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3280 TailCallBuiltin(masm, Builtins::kKeyedLoadIC_MissForceGeneric);
sgjesse@chromium.org6db88712011-07-11 11:41:22 +0000[diff] [blame]3281}
3282
3283
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3284static void GenerateSmiKeyCheck(MacroAssembler* masm,
3285 Register key,
3286 Register scratch0,
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3287 DwVfpRegister double_scratch0,
verwaest@chromium.org33e09c82012-10-10 17:07:22 +0000[diff] [blame]3288 DwVfpRegister double_scratch1,
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3289 Label* fail) {
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3290 Label key_ok;
3291 // Check for smi or a smi inside a heap number. We convert the heap
3292 // number and check if the conversion is exact and fits into the smi
3293 // range.
3294 __ JumpIfSmi(key, &key_ok);
3295 __ CheckMap(key,
3296 scratch0,
3297 Heap::kHeapNumberMapRootIndex,
3298 fail,
3299 DONT_DO_SMI_CHECK);
3300 __ sub(ip, key, Operand(kHeapObjectTag));
3301 __ vldr(double_scratch0, ip, HeapNumber::kValueOffset);
3302 __ TryDoubleToInt32Exact(scratch0, double_scratch0, double_scratch1);
3303 __ b(ne, fail);
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3304 __ TrySmiTag(key, scratch0, fail);
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3305 __ bind(&key_ok);
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3306}
3307
3308
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3309void KeyedStoreStubCompiler::GenerateStoreExternalArray(
3310 MacroAssembler* masm,
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3311 ElementsKind elements_kind) {
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3312 // ---------- S t a t e --------------
3313 // -- r0 : value
3314 // -- r1 : key
3315 // -- r2 : receiver
3316 // -- lr : return address
3317 // -----------------------------------
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3318 Label slow, check_heap_number, miss_force_generic;
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3319
3320 // Register usage.
3321 Register value = r0;
3322 Register key = r1;
3323 Register receiver = r2;
3324 // r3 mostly holds the elements array or the destination external array.
3325
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3326 // This stub is meant to be tail-jumped to, the receiver must already
3327 // have been verified by the caller to not be a smi.
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3328
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3329 // Check that the key is a smi or a heap number convertible to a smi.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3330 GenerateSmiKeyCheck(masm, key, r4, d1, d2, &miss_force_generic);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3331
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3332 __ ldr(r3, FieldMemOperand(receiver, JSObject::kElementsOffset));
3333
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3334 // Check that the index is in range
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3335 __ ldr(ip, FieldMemOperand(r3, ExternalArray::kLengthOffset));
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3336 __ cmp(key, ip);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3337 // Unsigned comparison catches both negative and too-large values.
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3338 __ b(hs, &miss_force_generic);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3339
3340 // Handle both smis and HeapNumbers in the fast path. Go to the
3341 // runtime for all other kinds of values.
3342 // r3: external array.
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3343 if (elements_kind == EXTERNAL_PIXEL_ELEMENTS) {
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3344 // Double to pixel conversion is only implemented in the runtime for now.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3345 __ UntagAndJumpIfNotSmi(r5, value, &slow);
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3346 } else {
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3347 __ UntagAndJumpIfNotSmi(r5, value, &check_heap_number);
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3348 }
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3349 __ ldr(r3, FieldMemOperand(r3, ExternalArray::kExternalPointerOffset));
3350
3351 // r3: base pointer of external storage.
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3352 // r5: value (integer).
svenpanne@chromium.org6d786c92011-06-15 10:58:27 +0000[diff] [blame]3353 switch (elements_kind) {
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3354 case EXTERNAL_PIXEL_ELEMENTS:
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3355 // Clamp the value to [0..255].
3356 __ Usat(r5, 8, Operand(r5));
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3357 __ strb(r5, MemOperand(r3, key, LSR, 1));
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3358 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3359 case EXTERNAL_BYTE_ELEMENTS:
3360 case EXTERNAL_UNSIGNED_BYTE_ELEMENTS:
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3361 __ strb(r5, MemOperand(r3, key, LSR, 1));
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3362 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3363 case EXTERNAL_SHORT_ELEMENTS:
3364 case EXTERNAL_UNSIGNED_SHORT_ELEMENTS:
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3365 __ strh(r5, MemOperand(r3, key, LSL, 0));
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3366 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3367 case EXTERNAL_INT_ELEMENTS:
3368 case EXTERNAL_UNSIGNED_INT_ELEMENTS:
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3369 __ str(r5, MemOperand(r3, key, LSL, 1));
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3370 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3371 case EXTERNAL_FLOAT_ELEMENTS:
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3372 // Perform int-to-float conversion and store to memory.
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3373 __ SmiUntag(r4, key);
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3374 StoreIntAsFloat(masm, r3, r4, r5, r7);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3375 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3376 case EXTERNAL_DOUBLE_ELEMENTS:
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3377 __ vmov(s2, r5);
3378 __ vcvt_f64_s32(d0, s2);
whesse@chromium.org4acdc2c2011-08-15 13:01:23 +0000[diff] [blame]3379 __ add(r3, r3, Operand(key, LSL, 2));
erik.corry@gmail.com3847bd52011-04-27 10:38:56 +0000[diff] [blame]3380 // r3: effective address of the double element
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3381 __ vstr(d0, r3, 0);
erik.corry@gmail.com3847bd52011-04-27 10:38:56 +0000[diff] [blame]3382 break;
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3383 case FAST_ELEMENTS:
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]3384 case FAST_SMI_ELEMENTS:
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3385 case FAST_DOUBLE_ELEMENTS:
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]3386 case FAST_HOLEY_ELEMENTS:
3387 case FAST_HOLEY_SMI_ELEMENTS:
3388 case FAST_HOLEY_DOUBLE_ELEMENTS:
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3389 case DICTIONARY_ELEMENTS:
3390 case NON_STRICT_ARGUMENTS_ELEMENTS:
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3391 UNREACHABLE();
3392 break;
3393 }
3394
3395 // Entry registers are intact, r0 holds the value which is the return value.
3396 __ Ret();
3397
kmillikin@chromium.org83e16822011-09-13 08:21:47 +0000[diff] [blame]3398 if (elements_kind != EXTERNAL_PIXEL_ELEMENTS) {
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3399 // r3: external array.
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3400 __ bind(&check_heap_number);
3401 __ CompareObjectType(value, r5, r6, HEAP_NUMBER_TYPE);
3402 __ b(ne, &slow);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3403
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3404 __ ldr(r3, FieldMemOperand(r3, ExternalArray::kExternalPointerOffset));
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3405
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3406 // r3: base pointer of external storage.
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3407
danno@chromium.org4d3fe4e2011-03-10 10:14:28 +0000[diff] [blame]3408 // The WebGL specification leaves the behavior of storing NaN and
3409 // +/-Infinity into integer arrays basically undefined. For more
3410 // reproducible behavior, convert these to zero.
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3411
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3412 if (elements_kind == EXTERNAL_FLOAT_ELEMENTS) {
3413 // vldr requires offset to be a multiple of 4 so we can not
3414 // include -kHeapObjectTag into it.
3415 __ sub(r5, r0, Operand(kHeapObjectTag));
3416 __ vldr(d0, r5, HeapNumber::kValueOffset);
3417 __ add(r5, r3, Operand(key, LSL, 1));
3418 __ vcvt_f32_f64(s0, d0);
3419 __ vstr(s0, r5, 0);
3420 } else if (elements_kind == EXTERNAL_DOUBLE_ELEMENTS) {
3421 __ sub(r5, r0, Operand(kHeapObjectTag));
3422 __ vldr(d0, r5, HeapNumber::kValueOffset);
3423 __ add(r5, r3, Operand(key, LSL, 2));
3424 __ vstr(d0, r5, 0);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3425 } else {
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3426 // Hoisted load. vldr requires offset to be a multiple of 4 so we can
3427 // not include -kHeapObjectTag into it.
3428 __ sub(r5, value, Operand(kHeapObjectTag));
3429 __ vldr(d0, r5, HeapNumber::kValueOffset);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3430 __ ECMAToInt32(r5, d0, r6, r7, r9, d1);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3431
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3432 switch (elements_kind) {
3433 case EXTERNAL_BYTE_ELEMENTS:
3434 case EXTERNAL_UNSIGNED_BYTE_ELEMENTS:
3435 __ strb(r5, MemOperand(r3, key, LSR, 1));
3436 break;
3437 case EXTERNAL_SHORT_ELEMENTS:
3438 case EXTERNAL_UNSIGNED_SHORT_ELEMENTS:
3439 __ strh(r5, MemOperand(r3, key, LSL, 0));
3440 break;
3441 case EXTERNAL_INT_ELEMENTS:
3442 case EXTERNAL_UNSIGNED_INT_ELEMENTS:
3443 __ str(r5, MemOperand(r3, key, LSL, 1));
3444 break;
3445 case EXTERNAL_PIXEL_ELEMENTS:
3446 case EXTERNAL_FLOAT_ELEMENTS:
3447 case EXTERNAL_DOUBLE_ELEMENTS:
3448 case FAST_ELEMENTS:
3449 case FAST_SMI_ELEMENTS:
3450 case FAST_DOUBLE_ELEMENTS:
3451 case FAST_HOLEY_ELEMENTS:
3452 case FAST_HOLEY_SMI_ELEMENTS:
3453 case FAST_HOLEY_DOUBLE_ELEMENTS:
3454 case DICTIONARY_ELEMENTS:
3455 case NON_STRICT_ARGUMENTS_ELEMENTS:
3456 UNREACHABLE();
3457 break;
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3458 }
3459 }
mstarzinger@chromium.orge27d6172013-04-17 11:51:44 +0000[diff] [blame]3460
3461 // Entry registers are intact, r0 holds the value which is the return
3462 // value.
3463 __ Ret();
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3464 }
3465
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3466 // Slow case, key and receiver still in r0 and r1.
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3467 __ bind(&slow);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3468 __ IncrementCounter(
3469 masm->isolate()->counters()->keyed_load_external_array_slow(),
3470 1, r2, r3);
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3471
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3472 // ---------- S t a t e --------------
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3473 // -- lr : return address
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3474 // -- r0 : key
3475 // -- r1 : receiver
3476 // -----------------------------------
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3477 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Slow);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3478
3479 // Miss case, call the runtime.
3480 __ bind(&miss_force_generic);
3481
3482 // ---------- S t a t e --------------
3483 // -- lr : return address
3484 // -- r0 : key
3485 // -- r1 : receiver
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3486 // -----------------------------------
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3487 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_MissForceGeneric);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3488}
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3489
ager@chromium.org9ee27ae2011-03-02 13:43:26 +0000[diff] [blame]3490
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]3491void KeyedStoreStubCompiler::GenerateStoreFastElement(
3492 MacroAssembler* masm,
3493 bool is_js_array,
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3494 ElementsKind elements_kind,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3495 KeyedAccessStoreMode store_mode) {
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3496 // ----------- S t a t e -------------
3497 // -- r0 : value
3498 // -- r1 : key
3499 // -- r2 : receiver
3500 // -- lr : return address
3501 // -- r3 : scratch
3502 // -- r4 : scratch (elements)
3503 // -----------------------------------
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3504 Label miss_force_generic, transition_elements_kind, grow, slow;
3505 Label finish_store, check_capacity;
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3506
3507 Register value_reg = r0;
3508 Register key_reg = r1;
3509 Register receiver_reg = r2;
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3510 Register scratch = r4;
3511 Register elements_reg = r3;
3512 Register length_reg = r5;
3513 Register scratch2 = r6;
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3514
3515 // This stub is meant to be tail-jumped to, the receiver must already
3516 // have been verified by the caller to not be a smi.
3517
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3518 // Check that the key is a smi or a heap number convertible to a smi.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3519 GenerateSmiKeyCheck(masm, key_reg, r4, d1, d2, &miss_force_generic);
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3520
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]3521 if (IsFastSmiElementsKind(elements_kind)) {
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3522 __ JumpIfNotSmi(value_reg, &transition_elements_kind);
3523 }
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3524
3525 // Check that the key is within bounds.
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3526 __ ldr(elements_reg,
3527 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3528 if (is_js_array) {
3529 __ ldr(scratch, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3530 } else {
3531 __ ldr(scratch, FieldMemOperand(elements_reg, FixedArray::kLengthOffset));
3532 }
3533 // Compare smis.
3534 __ cmp(key_reg, scratch);
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3535 if (is_js_array && IsGrowStoreMode(store_mode)) {
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3536 __ b(hs, &grow);
3537 } else {
3538 __ b(hs, &miss_force_generic);
3539 }
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3540
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3541 // Make sure elements is a fast element array, not 'cow'.
3542 __ CheckMap(elements_reg,
3543 scratch,
3544 Heap::kFixedArrayMapRootIndex,
3545 &miss_force_generic,
3546 DONT_DO_SMI_CHECK);
3547
3548 __ bind(&finish_store);
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]3549 if (IsFastSmiElementsKind(elements_kind)) {
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]3550 __ add(scratch,
3551 elements_reg,
3552 Operand(FixedArray::kHeaderSize - kHeapObjectTag));
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3553 __ add(scratch, scratch, Operand::PointerOffsetFromSmiKey(key_reg));
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]3554 __ str(value_reg, MemOperand(scratch));
3555 } else {
svenpanne@chromium.org830d30c2012-05-29 13:20:14 +0000[diff] [blame]3556 ASSERT(IsFastObjectElementsKind(elements_kind));
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]3557 __ add(scratch,
3558 elements_reg,
3559 Operand(FixedArray::kHeaderSize - kHeapObjectTag));
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3560 __ add(scratch, scratch, Operand::PointerOffsetFromSmiKey(key_reg));
erik.corry@gmail.comc3b670f2011-10-05 21:44:48 +0000[diff] [blame]3561 __ str(value_reg, MemOperand(scratch));
3562 __ mov(receiver_reg, value_reg);
3563 __ RecordWrite(elements_reg, // Object.
3564 scratch, // Address.
3565 receiver_reg, // Value.
3566 kLRHasNotBeenSaved,
3567 kDontSaveFPRegs);
3568 }
ager@chromium.orgea91cc52011-05-23 06:06:11 +0000[diff] [blame]3569 // value_reg (r0) is preserved.
3570 // Done.
3571 __ Ret();
3572
3573 __ bind(&miss_force_generic);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3574 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_MissForceGeneric);
rossberg@chromium.orgb4b2aa62011-10-13 09:49:59 +0000[diff] [blame]3575
3576 __ bind(&transition_elements_kind);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3577 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Miss);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3578
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3579 if (is_js_array && IsGrowStoreMode(store_mode)) {
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3580 // Grow the array by a single element if possible.
3581 __ bind(&grow);
3582
3583 // Make sure the array is only growing by a single element, anything else
3584 // must be handled by the runtime. Flags already set by previous compare.
3585 __ b(ne, &miss_force_generic);
3586
3587 // Check for the empty array, and preallocate a small backing store if
3588 // possible.
3589 __ ldr(length_reg,
3590 FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3591 __ ldr(elements_reg,
3592 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
3593 __ CompareRoot(elements_reg, Heap::kEmptyFixedArrayRootIndex);
3594 __ b(ne, &check_capacity);
3595
3596 int size = FixedArray::SizeFor(JSArray::kPreallocatedArrayElements);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3597 __ Allocate(size, elements_reg, scratch, scratch2, &slow, TAG_OBJECT);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3598
3599 __ LoadRoot(scratch, Heap::kFixedArrayMapRootIndex);
3600 __ str(scratch, FieldMemOperand(elements_reg, JSObject::kMapOffset));
3601 __ mov(scratch, Operand(Smi::FromInt(JSArray::kPreallocatedArrayElements)));
3602 __ str(scratch, FieldMemOperand(elements_reg, FixedArray::kLengthOffset));
3603 __ LoadRoot(scratch, Heap::kTheHoleValueRootIndex);
3604 for (int i = 1; i < JSArray::kPreallocatedArrayElements; ++i) {
3605 __ str(scratch, FieldMemOperand(elements_reg, FixedArray::SizeFor(i)));
3606 }
3607
3608 // Store the element at index zero.
3609 __ str(value_reg, FieldMemOperand(elements_reg, FixedArray::SizeFor(0)));
3610
3611 // Install the new backing store in the JSArray.
3612 __ str(elements_reg,
3613 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
3614 __ RecordWriteField(receiver_reg, JSObject::kElementsOffset, elements_reg,
3615 scratch, kLRHasNotBeenSaved, kDontSaveFPRegs,
3616 EMIT_REMEMBERED_SET, OMIT_SMI_CHECK);
3617
3618 // Increment the length of the array.
3619 __ mov(length_reg, Operand(Smi::FromInt(1)));
3620 __ str(length_reg, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3621 __ Ret();
3622
3623 __ bind(&check_capacity);
3624 // Check for cow elements, in general they are not handled by this stub
3625 __ CheckMap(elements_reg,
3626 scratch,
3627 Heap::kFixedCOWArrayMapRootIndex,
3628 &miss_force_generic,
3629 DONT_DO_SMI_CHECK);
3630
3631 __ ldr(scratch, FieldMemOperand(elements_reg, FixedArray::kLengthOffset));
3632 __ cmp(length_reg, scratch);
3633 __ b(hs, &slow);
3634
3635 // Grow the array and finish the store.
3636 __ add(length_reg, length_reg, Operand(Smi::FromInt(1)));
3637 __ str(length_reg, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3638 __ jmp(&finish_store);
3639
3640 __ bind(&slow);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3641 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Slow);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3642 }
vegorov@chromium.org0a4e9012011-01-24 12:33:13 +0000[diff] [blame]3643}
3644
3645
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3646void KeyedStoreStubCompiler::GenerateStoreFastDoubleElement(
3647 MacroAssembler* masm,
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3648 bool is_js_array,
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3649 KeyedAccessStoreMode store_mode) {
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3650 // ----------- S t a t e -------------
3651 // -- r0 : value
3652 // -- r1 : key
3653 // -- r2 : receiver
3654 // -- lr : return address
svenpanne@chromium.org83130cf2012-11-30 10:13:25 +0000[diff] [blame]3655 // -- r3 : scratch (elements backing store)
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3656 // -- r4 : scratch
3657 // -- r5 : scratch
3658 // -----------------------------------
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3659 Label miss_force_generic, transition_elements_kind, grow, slow;
3660 Label finish_store, check_capacity;
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3661
3662 Register value_reg = r0;
3663 Register key_reg = r1;
3664 Register receiver_reg = r2;
svenpanne@chromium.orga8bb4d92011-10-10 13:20:40 +0000[diff] [blame]3665 Register elements_reg = r3;
3666 Register scratch1 = r4;
3667 Register scratch2 = r5;
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3668 Register length_reg = r7;
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3669
3670 // This stub is meant to be tail-jumped to, the receiver must already
3671 // have been verified by the caller to not be a smi.
jkummerow@chromium.org28faa982012-04-13 09:58:30 +0000[diff] [blame]3672
3673 // Check that the key is a smi or a heap number convertible to a smi.
ulan@chromium.orgbf9432e2013-05-22 14:05:23 +0000[diff] [blame]3674 GenerateSmiKeyCheck(masm, key_reg, r4, d1, d2, &miss_force_generic);
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3675
3676 __ ldr(elements_reg,
3677 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
3678
3679 // Check that the key is within bounds.
3680 if (is_js_array) {
svenpanne@chromium.orga8bb4d92011-10-10 13:20:40 +0000[diff] [blame]3681 __ ldr(scratch1, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3682 } else {
svenpanne@chromium.orga8bb4d92011-10-10 13:20:40 +0000[diff] [blame]3683 __ ldr(scratch1,
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3684 FieldMemOperand(elements_reg, FixedArray::kLengthOffset));
3685 }
3686 // Compare smis, unsigned compare catches both negative and out-of-bound
3687 // indexes.
svenpanne@chromium.orga8bb4d92011-10-10 13:20:40 +0000[diff] [blame]3688 __ cmp(key_reg, scratch1);
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3689 if (IsGrowStoreMode(store_mode)) {
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3690 __ b(hs, &grow);
3691 } else {
3692 __ b(hs, &miss_force_generic);
3693 }
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3694
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3695 __ bind(&finish_store);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3696 __ StoreNumberToDoubleElements(value_reg, key_reg, elements_reg,
3697 scratch1, &transition_elements_kind);
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3698 __ Ret();
3699
3700 // Handle store cache miss, replacing the ic with the generic stub.
3701 __ bind(&miss_force_generic);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3702 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_MissForceGeneric);
rossberg@chromium.orgb4b2aa62011-10-13 09:49:59 +0000[diff] [blame]3703
3704 __ bind(&transition_elements_kind);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3705 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Miss);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3706
ulan@chromium.org750145a2013-03-07 15:14:13 +0000[diff] [blame]3707 if (is_js_array && IsGrowStoreMode(store_mode)) {
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3708 // Grow the array by a single element if possible.
3709 __ bind(&grow);
3710
3711 // Make sure the array is only growing by a single element, anything else
3712 // must be handled by the runtime. Flags already set by previous compare.
3713 __ b(ne, &miss_force_generic);
3714
3715 // Transition on values that can't be stored in a FixedDoubleArray.
3716 Label value_is_smi;
3717 __ JumpIfSmi(value_reg, &value_is_smi);
3718 __ ldr(scratch1, FieldMemOperand(value_reg, HeapObject::kMapOffset));
3719 __ CompareRoot(scratch1, Heap::kHeapNumberMapRootIndex);
3720 __ b(ne, &transition_elements_kind);
3721 __ bind(&value_is_smi);
3722
3723 // Check for the empty array, and preallocate a small backing store if
3724 // possible.
3725 __ ldr(length_reg,
3726 FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3727 __ ldr(elements_reg,
3728 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
3729 __ CompareRoot(elements_reg, Heap::kEmptyFixedArrayRootIndex);
3730 __ b(ne, &check_capacity);
3731
3732 int size = FixedDoubleArray::SizeFor(JSArray::kPreallocatedArrayElements);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3733 __ Allocate(size, elements_reg, scratch1, scratch2, &slow, TAG_OBJECT);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3734
danno@chromium.org1f34ad32012-11-26 14:53:56 +0000[diff] [blame]3735 // Initialize the new FixedDoubleArray.
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3736 __ LoadRoot(scratch1, Heap::kFixedDoubleArrayMapRootIndex);
3737 __ str(scratch1, FieldMemOperand(elements_reg, JSObject::kMapOffset));
3738 __ mov(scratch1,
3739 Operand(Smi::FromInt(JSArray::kPreallocatedArrayElements)));
3740 __ str(scratch1,
3741 FieldMemOperand(elements_reg, FixedDoubleArray::kLengthOffset));
3742
svenpanne@chromium.org83130cf2012-11-30 10:13:25 +0000[diff] [blame]3743 __ mov(scratch1, elements_reg);
ulan@chromium.org32d7dba2013-04-24 10:59:06 +0000[diff] [blame]3744 __ StoreNumberToDoubleElements(value_reg, key_reg, scratch1,
3745 scratch2, &transition_elements_kind);
svenpanne@chromium.org83130cf2012-11-30 10:13:25 +0000[diff] [blame]3746
danno@chromium.org1f34ad32012-11-26 14:53:56 +0000[diff] [blame]3747 __ mov(scratch1, Operand(kHoleNanLower32));
3748 __ mov(scratch2, Operand(kHoleNanUpper32));
3749 for (int i = 1; i < JSArray::kPreallocatedArrayElements; i++) {
3750 int offset = FixedDoubleArray::OffsetOfElementAt(i);
3751 __ str(scratch1, FieldMemOperand(elements_reg, offset));
3752 __ str(scratch2, FieldMemOperand(elements_reg, offset + kPointerSize));
3753 }
3754
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3755 // Install the new backing store in the JSArray.
3756 __ str(elements_reg,
3757 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
3758 __ RecordWriteField(receiver_reg, JSObject::kElementsOffset, elements_reg,
3759 scratch1, kLRHasNotBeenSaved, kDontSaveFPRegs,
3760 EMIT_REMEMBERED_SET, OMIT_SMI_CHECK);
3761
3762 // Increment the length of the array.
3763 __ mov(length_reg, Operand(Smi::FromInt(1)));
3764 __ str(length_reg, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
danno@chromium.org2c26cb12012-05-03 09:06:43 +0000[diff] [blame]3765 __ ldr(elements_reg,
3766 FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
danno@chromium.org1f34ad32012-11-26 14:53:56 +0000[diff] [blame]3767 __ Ret();
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3768
3769 __ bind(&check_capacity);
3770 // Make sure that the backing store can hold additional elements.
3771 __ ldr(scratch1,
3772 FieldMemOperand(elements_reg, FixedDoubleArray::kLengthOffset));
3773 __ cmp(length_reg, scratch1);
3774 __ b(hs, &slow);
3775
3776 // Grow the array and finish the store.
3777 __ add(length_reg, length_reg, Operand(Smi::FromInt(1)));
3778 __ str(length_reg, FieldMemOperand(receiver_reg, JSArray::kLengthOffset));
3779 __ jmp(&finish_store);
3780
3781 __ bind(&slow);
svenpanne@chromium.org2bda5432013-03-15 12:39:50 +0000[diff] [blame]3782 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Slow);
ulan@chromium.org65a89c22012-02-14 11:46:07 +0000[diff] [blame]3783 }
svenpanne@chromium.org84bcc552011-07-18 09:50:57 +0000[diff] [blame]3784}
3785
3786
christian.plesner.hansen43d26ec2008-07-03 15:10:15 +0000[diff] [blame]3787#undef __
3788
3789} } // namespace v8::internal
erik.corry@gmail.com9dfbea42010-05-21 12:58:28 +0000[diff] [blame]3790
3791#endif // V8_TARGET_ARCH_ARM