From 516d47c73b12a3d4d2634a426ddc31069bdbbccc Mon Sep 17 00:00:00 2001 From: "kasperl@chromium.org" Date: Tue, 28 Jul 2009 12:46:08 +0000 Subject: [PATCH] Fix pixel array support for x64 and make the fast Array functions that use JSARRAY_HAS_FAST_ELEMENTS_CHECK a bit safer in the presence of pixel arrays. Review URL: http://codereview.chromium.org/159500 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/arm/stub-cache-arm.cc | 6 +++--- src/ia32/stub-cache-ia32.cc | 6 +++--- src/x64/ic-x64.cc | 15 +++++++-------- src/x64/stub-cache-x64.cc | 6 +++--- 4 files changed, 16 insertions(+), 17 deletions(-) diff --git a/src/arm/stub-cache-arm.cc b/src/arm/stub-cache-arm.cc index 3e65cf6..d58817b 100644 --- a/src/arm/stub-cache-arm.cc +++ b/src/arm/stub-cache-arm.cc @@ -678,13 +678,13 @@ Object* CallStubCompiler::CompileCallConstant(Object* object, case JSARRAY_HAS_FAST_ELEMENTS_CHECK: CheckPrototypes(JSObject::cast(object), r1, holder, r3, r2, name, &miss); - // Make sure object->elements()->map() != Heap::hash_table_map() + // Make sure object->HasFastElements(). // Get the elements array of the object. __ ldr(r3, FieldMemOperand(r1, JSObject::kElementsOffset)); // Check that the object is in fast mode (not dictionary). __ ldr(r2, FieldMemOperand(r3, HeapObject::kMapOffset)); - __ cmp(r2, Operand(Factory::hash_table_map())); - __ b(eq, &miss); + __ cmp(r2, Operand(Factory::fixed_array_map())); + __ b(ne, &miss); break; default: diff --git a/src/ia32/stub-cache-ia32.cc b/src/ia32/stub-cache-ia32.cc index ea02649..59712bf 100644 --- a/src/ia32/stub-cache-ia32.cc +++ b/src/ia32/stub-cache-ia32.cc @@ -680,13 +680,13 @@ Object* CallStubCompiler::CompileCallConstant(Object* object, case JSARRAY_HAS_FAST_ELEMENTS_CHECK: CheckPrototypes(JSObject::cast(object), edx, holder, ebx, ecx, name, &miss); - // Make sure object->elements()->map() != Heap::dictionary_array_map() + // Make sure object->HasFastElements(). // Get the elements array of the object. __ mov(ebx, FieldOperand(edx, JSObject::kElementsOffset)); // Check that the object is in fast mode (not dictionary). __ cmp(FieldOperand(ebx, HeapObject::kMapOffset), - Immediate(Factory::hash_table_map())); - __ j(equal, &miss, not_taken); + Immediate(Factory::fixed_array_map())); + __ j(not_equal, &miss, not_taken); break; default: diff --git a/src/x64/ic-x64.cc b/src/x64/ic-x64.cc index 123518c..e2a15b1 100644 --- a/src/x64/ic-x64.cc +++ b/src/x64/ic-x64.cc @@ -87,8 +87,7 @@ static void GenerateDictionaryLoad(MacroAssembler* masm, Label* miss_label, // Check that the properties array is a dictionary. __ movq(r0, FieldOperand(r1, JSObject::kPropertiesOffset)); - __ Cmp(FieldOperand(r0, HeapObject::kMapOffset), - Factory::hash_table_map()); + __ Cmp(FieldOperand(r0, HeapObject::kMapOffset), Factory::hash_table_map()); __ j(not_equal, miss_label); // Compute the capacity mask. @@ -243,8 +242,8 @@ void KeyedLoadIC::GenerateGeneric(MacroAssembler* masm) { __ bind(&index_int); __ movq(rcx, FieldOperand(rcx, JSObject::kElementsOffset)); // Check that the object is in fast mode (not dictionary). - __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::hash_table_map()); - __ j(equal, &slow); + __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::fixed_array_map()); + __ j(not_equal, &slow); // Check that the key (index) is within bounds. __ cmpl(rax, FieldOperand(rcx, FixedArray::kLengthOffset)); __ j(below, &fast); // Unsigned comparison rejects negative indices. @@ -387,8 +386,8 @@ void KeyedStoreIC::GenerateGeneric(MacroAssembler* masm) { // rbx: index (as a smi) __ movq(rcx, FieldOperand(rdx, JSObject::kElementsOffset)); // Check that the object is in fast mode (not dictionary). - __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::hash_table_map()); - __ j(equal, &slow); + __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::fixed_array_map()); + __ j(not_equal, &slow); // Untag the key (for checking against untagged length in the fixed array). __ movl(rdx, rbx); __ sarl(rdx, Immediate(kSmiTagSize)); @@ -438,8 +437,8 @@ void KeyedStoreIC::GenerateGeneric(MacroAssembler* masm) { // rdx: JSArray // rbx: index (as a smi) __ movq(rcx, FieldOperand(rdx, JSObject::kElementsOffset)); - __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::hash_table_map()); - __ j(equal, &slow); + __ Cmp(FieldOperand(rcx, HeapObject::kMapOffset), Factory::fixed_array_map()); + __ j(not_equal, &slow); // Check the key against the length in the array, compute the // address to store into and fall through to fast case. diff --git a/src/x64/stub-cache-x64.cc b/src/x64/stub-cache-x64.cc index 737c3ec..d396a12 100644 --- a/src/x64/stub-cache-x64.cc +++ b/src/x64/stub-cache-x64.cc @@ -133,13 +133,13 @@ Object* CallStubCompiler::CompileCallConstant(Object* object, case JSARRAY_HAS_FAST_ELEMENTS_CHECK: CheckPrototypes(JSObject::cast(object), rdx, holder, rbx, rcx, name, &miss); - // Make sure object->elements()->map() != Heap::dictionary_array_map() + // Make sure object->HasFastElements(). // Get the elements array of the object. __ movq(rbx, FieldOperand(rdx, JSObject::kElementsOffset)); // Check that the object is in fast mode (not dictionary). __ Cmp(FieldOperand(rbx, HeapObject::kMapOffset), - Factory::hash_table_map()); - __ j(equal, &miss); + Factory::fixed_array_map()); + __ j(not_equal, &miss); break; default: -- 2.7.4