Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(63)

Side by Side Diff: src/ia32/ic-ia32.cc

Issue 10375033: Fix unsigned-Smi check in MappedArgumentsLookup (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/arm/ic-arm.cc ('k') | src/mips/ic-mips.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 365 matching lines...) Expand 10 before | Expand all | Expand 10 after
376 376
377 // Check that the receiver is a JSObject. Because of the elements 377 // Check that the receiver is a JSObject. Because of the elements
378 // map check later, we do not need to check for interceptors or 378 // map check later, we do not need to check for interceptors or
379 // whether it requires access checks. 379 // whether it requires access checks.
380 __ JumpIfSmi(object, slow_case); 380 __ JumpIfSmi(object, slow_case);
381 // Check that the object is some kind of JSObject. 381 // Check that the object is some kind of JSObject.
382 __ CmpObjectType(object, FIRST_JS_RECEIVER_TYPE, scratch1); 382 __ CmpObjectType(object, FIRST_JS_RECEIVER_TYPE, scratch1);
383 __ j(below, slow_case); 383 __ j(below, slow_case);
384 384
385 // Check that the key is a positive smi. 385 // Check that the key is a positive smi.
386 __ test(key, Immediate(0x8000001)); 386 __ test(key, Immediate(0x80000001));
387 __ j(not_zero, slow_case); 387 __ j(not_zero, slow_case);
388 388
389 // Load the elements into scratch1 and check its map. 389 // Load the elements into scratch1 and check its map.
390 Handle<Map> arguments_map(heap->non_strict_arguments_elements_map()); 390 Handle<Map> arguments_map(heap->non_strict_arguments_elements_map());
391 __ mov(scratch1, FieldOperand(object, JSObject::kElementsOffset)); 391 __ mov(scratch1, FieldOperand(object, JSObject::kElementsOffset));
392 __ CheckMap(scratch1, arguments_map, slow_case, DONT_DO_SMI_CHECK); 392 __ CheckMap(scratch1, arguments_map, slow_case, DONT_DO_SMI_CHECK);
393 393
394 // Check if element is in the range of mapped arguments. If not, jump 394 // Check if element is in the range of mapped arguments. If not, jump
395 // to the unmapped lookup with the parameter map in scratch1. 395 // to the unmapped lookup with the parameter map in scratch1.
396 __ mov(scratch2, FieldOperand(scratch1, FixedArray::kLengthOffset)); 396 __ mov(scratch2, FieldOperand(scratch1, FixedArray::kLengthOffset));
397 __ sub(scratch2, Immediate(Smi::FromInt(2))); 397 __ sub(scratch2, Immediate(Smi::FromInt(2)));
398 __ cmp(key, scratch2); 398 __ cmp(key, scratch2);
399 __ j(greater_equal, unmapped_case); 399 __ j(above_equal, unmapped_case);
Jakob Kummerow 2012/05/07 09:17:02 With the fixed positive-smi check above, this chan
400 400
401 // Load element index and check whether it is the hole. 401 // Load element index and check whether it is the hole.
402 const int kHeaderSize = FixedArray::kHeaderSize + 2 * kPointerSize; 402 const int kHeaderSize = FixedArray::kHeaderSize + 2 * kPointerSize;
403 __ mov(scratch2, FieldOperand(scratch1, 403 __ mov(scratch2, FieldOperand(scratch1,
404 key, 404 key,
405 times_half_pointer_size, 405 times_half_pointer_size,
406 kHeaderSize)); 406 kHeaderSize));
407 __ cmp(scratch2, factory->the_hole_value()); 407 __ cmp(scratch2, factory->the_hole_value());
408 __ j(equal, unmapped_case); 408 __ j(equal, unmapped_case);
409 409
(...skipping 1355 matching lines...) Expand 10 before | Expand all | Expand 10 after
1765 Condition cc = (check == ENABLE_INLINED_SMI_CHECK) 1765 Condition cc = (check == ENABLE_INLINED_SMI_CHECK)
1766 ? (*jmp_address == Assembler::kJncShortOpcode ? not_zero : zero) 1766 ? (*jmp_address == Assembler::kJncShortOpcode ? not_zero : zero)
1767 : (*jmp_address == Assembler::kJnzShortOpcode ? not_carry : carry); 1767 : (*jmp_address == Assembler::kJnzShortOpcode ? not_carry : carry);
1768 *jmp_address = static_cast<byte>(Assembler::kJccShortPrefix | cc); 1768 *jmp_address = static_cast<byte>(Assembler::kJccShortPrefix | cc);
1769 } 1769 }
1770 1770
1771 1771
1772 } } // namespace v8::internal 1772 } } // namespace v8::internal
1773 1773
1774 #endif // V8_TARGET_ARCH_IA32 1774 #endif // V8_TARGET_ARCH_IA32
OLDNEW
« no previous file with comments | « src/arm/ic-arm.cc ('k') | src/mips/ic-mips.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698