| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 2943 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2954 __ bind(&miss); | 2954 __ bind(&miss); |
| 2955 TailCallBuiltin(masm(), MissBuiltin(kind())); | 2955 TailCallBuiltin(masm(), MissBuiltin(kind())); |
| 2956 | 2956 |
| 2957 // Return the generated code. | 2957 // Return the generated code. |
| 2958 InlineCacheState state = | 2958 InlineCacheState state = |
| 2959 number_of_handled_maps > 1 ? POLYMORPHIC : MONOMORPHIC; | 2959 number_of_handled_maps > 1 ? POLYMORPHIC : MONOMORPHIC; |
| 2960 return GetICCode(kind(), type, name, state); | 2960 return GetICCode(kind(), type, name, state); |
| 2961 } | 2961 } |
| 2962 | 2962 |
| 2963 | 2963 |
| 2964 // Specialized stub for constructing objects from functions which only have only | |
| 2965 // simple assignments of the form this.x = ...; in their body. | |
| 2966 Handle<Code> ConstructStubCompiler::CompileConstructStub( | |
| 2967 Handle<JSFunction> function) { | |
| 2968 // ----------- S t a t e ------------- | |
| 2969 // -- rax : argc | |
| 2970 // -- rdi : constructor | |
| 2971 // -- rsp[0] : return address | |
| 2972 // -- rsp[4] : last argument | |
| 2973 // ----------------------------------- | |
| 2974 Label generic_stub_call; | |
| 2975 | |
| 2976 // Use r8 for holding undefined which is used in several places below. | |
| 2977 __ Move(r8, factory()->undefined_value()); | |
| 2978 | |
| 2979 #ifdef ENABLE_DEBUGGER_SUPPORT | |
| 2980 // Check to see whether there are any break points in the function code. If | |
| 2981 // there are jump to the generic constructor stub which calls the actual | |
| 2982 // code for the function thereby hitting the break points. | |
| 2983 __ movq(rbx, FieldOperand(rdi, JSFunction::kSharedFunctionInfoOffset)); | |
| 2984 __ movq(rbx, FieldOperand(rbx, SharedFunctionInfo::kDebugInfoOffset)); | |
| 2985 __ cmpq(rbx, r8); | |
| 2986 __ j(not_equal, &generic_stub_call); | |
| 2987 #endif | |
| 2988 | |
| 2989 // Load the initial map and verify that it is in fact a map. | |
| 2990 // rdi: constructor | |
| 2991 __ movq(rbx, FieldOperand(rdi, JSFunction::kPrototypeOrInitialMapOffset)); | |
| 2992 // Will both indicate a NULL and a Smi. | |
| 2993 STATIC_ASSERT(kSmiTag == 0); | |
| 2994 __ JumpIfSmi(rbx, &generic_stub_call); | |
| 2995 __ CmpObjectType(rbx, MAP_TYPE, rcx); | |
| 2996 __ j(not_equal, &generic_stub_call); | |
| 2997 | |
| 2998 #ifdef DEBUG | |
| 2999 // Cannot construct functions this way. | |
| 3000 // rbx: initial map | |
| 3001 __ CmpInstanceType(rbx, JS_FUNCTION_TYPE); | |
| 3002 __ Check(not_equal, "Function constructed by construct stub."); | |
| 3003 #endif | |
| 3004 | |
| 3005 // Now allocate the JSObject in new space. | |
| 3006 // rbx: initial map | |
| 3007 ASSERT(function->has_initial_map()); | |
| 3008 int instance_size = function->initial_map()->instance_size(); | |
| 3009 #ifdef DEBUG | |
| 3010 __ movzxbq(rcx, FieldOperand(rbx, Map::kInstanceSizeOffset)); | |
| 3011 __ shl(rcx, Immediate(kPointerSizeLog2)); | |
| 3012 __ cmpq(rcx, Immediate(instance_size)); | |
| 3013 __ Check(equal, "Instance size of initial map changed."); | |
| 3014 #endif | |
| 3015 __ Allocate(instance_size, rdx, rcx, no_reg, &generic_stub_call, | |
| 3016 NO_ALLOCATION_FLAGS); | |
| 3017 | |
| 3018 // Allocated the JSObject, now initialize the fields and add the heap tag. | |
| 3019 // rbx: initial map | |
| 3020 // rdx: JSObject (untagged) | |
| 3021 __ movq(Operand(rdx, JSObject::kMapOffset), rbx); | |
| 3022 __ Move(rbx, factory()->empty_fixed_array()); | |
| 3023 __ movq(Operand(rdx, JSObject::kPropertiesOffset), rbx); | |
| 3024 __ movq(Operand(rdx, JSObject::kElementsOffset), rbx); | |
| 3025 | |
| 3026 // rax: argc | |
| 3027 // rdx: JSObject (untagged) | |
| 3028 // Load the address of the first in-object property into r9. | |
| 3029 __ lea(r9, Operand(rdx, JSObject::kHeaderSize)); | |
| 3030 // Calculate the location of the first argument. The stack contains only the | |
| 3031 // return address on top of the argc arguments. | |
| 3032 __ lea(rcx, Operand(rsp, rax, times_pointer_size, 0)); | |
| 3033 | |
| 3034 // rax: argc | |
| 3035 // rcx: first argument | |
| 3036 // rdx: JSObject (untagged) | |
| 3037 // r8: undefined | |
| 3038 // r9: first in-object property of the JSObject | |
| 3039 // Fill the initialized properties with a constant value or a passed argument | |
| 3040 // depending on the this.x = ...; assignment in the function. | |
| 3041 Handle<SharedFunctionInfo> shared(function->shared()); | |
| 3042 for (int i = 0; i < shared->this_property_assignments_count(); i++) { | |
| 3043 if (shared->IsThisPropertyAssignmentArgument(i)) { | |
| 3044 // Check if the argument assigned to the property is actually passed. | |
| 3045 // If argument is not passed the property is set to undefined, | |
| 3046 // otherwise find it on the stack. | |
| 3047 int arg_number = shared->GetThisPropertyAssignmentArgument(i); | |
| 3048 __ movq(rbx, r8); | |
| 3049 __ cmpq(rax, Immediate(arg_number)); | |
| 3050 __ cmovq(above, rbx, Operand(rcx, arg_number * -kPointerSize)); | |
| 3051 // Store value in the property. | |
| 3052 __ movq(Operand(r9, i * kPointerSize), rbx); | |
| 3053 } else { | |
| 3054 // Set the property to the constant value. | |
| 3055 Handle<Object> constant(shared->GetThisPropertyAssignmentConstant(i), | |
| 3056 isolate()); | |
| 3057 __ Move(Operand(r9, i * kPointerSize), constant); | |
| 3058 } | |
| 3059 } | |
| 3060 | |
| 3061 // Fill the unused in-object property fields with undefined. | |
| 3062 for (int i = shared->this_property_assignments_count(); | |
| 3063 i < function->initial_map()->inobject_properties(); | |
| 3064 i++) { | |
| 3065 __ movq(Operand(r9, i * kPointerSize), r8); | |
| 3066 } | |
| 3067 | |
| 3068 // rax: argc | |
| 3069 // rdx: JSObject (untagged) | |
| 3070 // Move argc to rbx and the JSObject to return to rax and tag it. | |
| 3071 __ movq(rbx, rax); | |
| 3072 __ movq(rax, rdx); | |
| 3073 __ or_(rax, Immediate(kHeapObjectTag)); | |
| 3074 | |
| 3075 // rax: JSObject | |
| 3076 // rbx: argc | |
| 3077 // Remove caller arguments and receiver from the stack and return. | |
| 3078 __ pop(rcx); | |
| 3079 __ lea(rsp, Operand(rsp, rbx, times_pointer_size, 1 * kPointerSize)); | |
| 3080 __ push(rcx); | |
| 3081 Counters* counters = isolate()->counters(); | |
| 3082 __ IncrementCounter(counters->constructed_objects(), 1); | |
| 3083 __ IncrementCounter(counters->constructed_objects_stub(), 1); | |
| 3084 __ ret(0); | |
| 3085 | |
| 3086 // Jump to the generic stub in case the specialized code cannot handle the | |
| 3087 // construction. | |
| 3088 __ bind(&generic_stub_call); | |
| 3089 Handle<Code> code = isolate()->builtins()->JSConstructStubGeneric(); | |
| 3090 __ Jump(code, RelocInfo::CODE_TARGET); | |
| 3091 | |
| 3092 // Return the generated code. | |
| 3093 return GetCode(); | |
| 3094 } | |
| 3095 | |
| 3096 | |
| 3097 #undef __ | 2964 #undef __ |
| 3098 #define __ ACCESS_MASM(masm) | 2965 #define __ ACCESS_MASM(masm) |
| 3099 | 2966 |
| 3100 | 2967 |
| 3101 void KeyedLoadStubCompiler::GenerateLoadDictionaryElement( | 2968 void KeyedLoadStubCompiler::GenerateLoadDictionaryElement( |
| 3102 MacroAssembler* masm) { | 2969 MacroAssembler* masm) { |
| 3103 // ----------- S t a t e ------------- | 2970 // ----------- S t a t e ------------- |
| 3104 // -- rax : key | 2971 // -- rax : key |
| 3105 // -- rdx : receiver | 2972 // -- rdx : receiver |
| 3106 // -- rsp[0] : return address | 2973 // -- rsp[0] : return address |
| (...skipping 509 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3616 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Slow); | 3483 TailCallBuiltin(masm, Builtins::kKeyedStoreIC_Slow); |
| 3617 } | 3484 } |
| 3618 } | 3485 } |
| 3619 | 3486 |
| 3620 | 3487 |
| 3621 #undef __ | 3488 #undef __ |
| 3622 | 3489 |
| 3623 } } // namespace v8::internal | 3490 } } // namespace v8::internal |
| 3624 | 3491 |
| 3625 #endif // V8_TARGET_ARCH_X64 | 3492 #endif // V8_TARGET_ARCH_X64 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15993016:
Remove the optimized construct stub. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge