1 // Copyright 2016 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "src/code-stub-assembler.h"
6
7 #include "src/code-factory.h"
8 #include "src/frames-inl.h"
9 #include "src/frames.h"
10 #include "src/objects/api-callbacks.h"
11 #include "src/objects/descriptor-array.h"
12 #include "src/objects/ordered-hash-table-inl.h"
13 #include "src/wasm/wasm-objects.h"
14
15 namespace v8 {
16 namespace internal {
17
18 using compiler::Node;
19 template <class T>
20 using TNode = compiler::TNode<T>;
21 template <class T>
22 using SloppyTNode = compiler::SloppyTNode<T>;
23
CodeStubAssembler(compiler::CodeAssemblerState * state)24 CodeStubAssembler::CodeStubAssembler(compiler::CodeAssemblerState* state)
25 : compiler::CodeAssembler(state) {
26 if (DEBUG_BOOL && FLAG_csa_trap_on_node != nullptr) {
27 HandleBreakOnNode();
28 }
29 }
30
HandleBreakOnNode()31 void CodeStubAssembler::HandleBreakOnNode() {
32 // FLAG_csa_trap_on_node should be in a form "STUB,NODE" where STUB is a
33 // string specifying the name of a stub and NODE is number specifying node id.
34 const char* name = state()->name();
35 size_t name_length = strlen(name);
36 if (strncmp(FLAG_csa_trap_on_node, name, name_length) != 0) {
37 // Different name.
38 return;
39 }
40 size_t option_length = strlen(FLAG_csa_trap_on_node);
41 if (option_length < name_length + 2 ||
42 FLAG_csa_trap_on_node[name_length] != ',') {
43 // Option is too short.
44 return;
45 }
46 const char* start = &FLAG_csa_trap_on_node[name_length + 1];
47 char* end;
48 int node_id = static_cast<int>(strtol(start, &end, 10));
49 if (start == end) {
50 // Bad node id.
51 return;
52 }
53 BreakOnNode(node_id);
54 }
55
Assert(const BranchGenerator & branch,const char * message,const char * file,int line,Node * extra_node1,const char * extra_node1_name,Node * extra_node2,const char * extra_node2_name,Node * extra_node3,const char * extra_node3_name,Node * extra_node4,const char * extra_node4_name,Node * extra_node5,const char * extra_node5_name)56 void CodeStubAssembler::Assert(const BranchGenerator& branch,
57 const char* message, const char* file, int line,
58 Node* extra_node1, const char* extra_node1_name,
59 Node* extra_node2, const char* extra_node2_name,
60 Node* extra_node3, const char* extra_node3_name,
61 Node* extra_node4, const char* extra_node4_name,
62 Node* extra_node5,
63 const char* extra_node5_name) {
64 #if defined(DEBUG)
65 if (FLAG_debug_code) {
66 Check(branch, message, file, line, extra_node1, extra_node1_name,
67 extra_node2, extra_node2_name, extra_node3, extra_node3_name,
68 extra_node4, extra_node4_name, extra_node5, extra_node5_name);
69 }
70 #endif
71 }
72
Assert(const NodeGenerator & condition_body,const char * message,const char * file,int line,Node * extra_node1,const char * extra_node1_name,Node * extra_node2,const char * extra_node2_name,Node * extra_node3,const char * extra_node3_name,Node * extra_node4,const char * extra_node4_name,Node * extra_node5,const char * extra_node5_name)73 void CodeStubAssembler::Assert(const NodeGenerator& condition_body,
74 const char* message, const char* file, int line,
75 Node* extra_node1, const char* extra_node1_name,
76 Node* extra_node2, const char* extra_node2_name,
77 Node* extra_node3, const char* extra_node3_name,
78 Node* extra_node4, const char* extra_node4_name,
79 Node* extra_node5,
80 const char* extra_node5_name) {
81 #if defined(DEBUG)
82 if (FLAG_debug_code) {
83 Check(condition_body, message, file, line, extra_node1, extra_node1_name,
84 extra_node2, extra_node2_name, extra_node3, extra_node3_name,
85 extra_node4, extra_node4_name, extra_node5, extra_node5_name);
86 }
87 #endif
88 }
89
90 #ifdef DEBUG
91 namespace {
MaybePrintNodeWithName(CodeStubAssembler * csa,Node * node,const char * node_name)92 void MaybePrintNodeWithName(CodeStubAssembler* csa, Node* node,
93 const char* node_name) {
94 if (node != nullptr) {
95 csa->CallRuntime(Runtime::kPrintWithNameForAssert, csa->SmiConstant(0),
96 csa->StringConstant(node_name), node);
97 }
98 }
99 } // namespace
100 #endif
101
Check(const BranchGenerator & branch,const char * message,const char * file,int line,Node * extra_node1,const char * extra_node1_name,Node * extra_node2,const char * extra_node2_name,Node * extra_node3,const char * extra_node3_name,Node * extra_node4,const char * extra_node4_name,Node * extra_node5,const char * extra_node5_name)102 void CodeStubAssembler::Check(const BranchGenerator& branch,
103 const char* message, const char* file, int line,
104 Node* extra_node1, const char* extra_node1_name,
105 Node* extra_node2, const char* extra_node2_name,
106 Node* extra_node3, const char* extra_node3_name,
107 Node* extra_node4, const char* extra_node4_name,
108 Node* extra_node5, const char* extra_node5_name) {
109 Label ok(this);
110 Label not_ok(this, Label::kDeferred);
111 if (message != nullptr && FLAG_code_comments) {
112 Comment("[ Assert: %s", message);
113 } else {
114 Comment("[ Assert");
115 }
116 branch(&ok, ¬_ok);
117
118 BIND(¬_ok);
119 DCHECK_NOT_NULL(message);
120 char chars[1024];
121 Vector<char> buffer(chars);
122 if (file != nullptr) {
123 SNPrintF(buffer, "CSA_ASSERT failed: %s [%s:%d]\n", message, file, line);
124 } else {
125 SNPrintF(buffer, "CSA_ASSERT failed: %s\n", message);
126 }
127 Node* message_node = StringConstant(&(buffer[0]));
128
129 #ifdef DEBUG
130 // Only print the extra nodes in debug builds.
131 MaybePrintNodeWithName(this, extra_node1, extra_node1_name);
132 MaybePrintNodeWithName(this, extra_node2, extra_node2_name);
133 MaybePrintNodeWithName(this, extra_node3, extra_node3_name);
134 MaybePrintNodeWithName(this, extra_node4, extra_node4_name);
135 MaybePrintNodeWithName(this, extra_node5, extra_node5_name);
136 #endif
137
138 DebugAbort(message_node);
139 Unreachable();
140
141 BIND(&ok);
142 Comment("] Assert");
143 }
144
Check(const NodeGenerator & condition_body,const char * message,const char * file,int line,Node * extra_node1,const char * extra_node1_name,Node * extra_node2,const char * extra_node2_name,Node * extra_node3,const char * extra_node3_name,Node * extra_node4,const char * extra_node4_name,Node * extra_node5,const char * extra_node5_name)145 void CodeStubAssembler::Check(const NodeGenerator& condition_body,
146 const char* message, const char* file, int line,
147 Node* extra_node1, const char* extra_node1_name,
148 Node* extra_node2, const char* extra_node2_name,
149 Node* extra_node3, const char* extra_node3_name,
150 Node* extra_node4, const char* extra_node4_name,
151 Node* extra_node5, const char* extra_node5_name) {
152 BranchGenerator branch = [=](Label* ok, Label* not_ok) {
153 Node* condition = condition_body();
154 DCHECK_NOT_NULL(condition);
155 Branch(condition, ok, not_ok);
156 };
157
158 Check(branch, message, file, line, extra_node1, extra_node1_name, extra_node2,
159 extra_node2_name, extra_node3, extra_node3_name, extra_node4,
160 extra_node4_name, extra_node5, extra_node5_name);
161 }
162
FastCheck(TNode<BoolT> condition)163 void CodeStubAssembler::FastCheck(TNode<BoolT> condition) {
164 Label ok(this);
165 GotoIf(condition, &ok);
166 DebugBreak();
167 Goto(&ok);
168 BIND(&ok);
169 }
170
SelectImpl(TNode<BoolT> condition,const NodeGenerator & true_body,const NodeGenerator & false_body,MachineRepresentation rep)171 Node* CodeStubAssembler::SelectImpl(TNode<BoolT> condition,
172 const NodeGenerator& true_body,
173 const NodeGenerator& false_body,
174 MachineRepresentation rep) {
175 VARIABLE(value, rep);
176 Label vtrue(this), vfalse(this), end(this);
177 Branch(condition, &vtrue, &vfalse);
178
179 BIND(&vtrue);
180 {
181 value.Bind(true_body());
182 Goto(&end);
183 }
184 BIND(&vfalse);
185 {
186 value.Bind(false_body());
187 Goto(&end);
188 }
189
190 BIND(&end);
191 return value.value();
192 }
193
SelectInt32Constant(SloppyTNode<BoolT> condition,int true_value,int false_value)194 TNode<Int32T> CodeStubAssembler::SelectInt32Constant(
195 SloppyTNode<BoolT> condition, int true_value, int false_value) {
196 return SelectConstant<Int32T>(condition, Int32Constant(true_value),
197 Int32Constant(false_value));
198 }
199
SelectIntPtrConstant(SloppyTNode<BoolT> condition,int true_value,int false_value)200 TNode<IntPtrT> CodeStubAssembler::SelectIntPtrConstant(
201 SloppyTNode<BoolT> condition, int true_value, int false_value) {
202 return SelectConstant<IntPtrT>(condition, IntPtrConstant(true_value),
203 IntPtrConstant(false_value));
204 }
205
SelectBooleanConstant(SloppyTNode<BoolT> condition)206 TNode<Oddball> CodeStubAssembler::SelectBooleanConstant(
207 SloppyTNode<BoolT> condition) {
208 return SelectConstant<Oddball>(condition, TrueConstant(), FalseConstant());
209 }
210
SelectSmiConstant(SloppyTNode<BoolT> condition,Smi * true_value,Smi * false_value)211 TNode<Smi> CodeStubAssembler::SelectSmiConstant(SloppyTNode<BoolT> condition,
212 Smi* true_value,
213 Smi* false_value) {
214 return SelectConstant<Smi>(condition, SmiConstant(true_value),
215 SmiConstant(false_value));
216 }
217
NoContextConstant()218 TNode<Object> CodeStubAssembler::NoContextConstant() {
219 return SmiConstant(Context::kNoContext);
220 }
221
222 #define HEAP_CONSTANT_ACCESSOR(rootIndexName, rootAccessorName, name) \
223 compiler::TNode<std::remove_reference<decltype( \
224 *std::declval<Heap>().rootAccessorName())>::type> \
225 CodeStubAssembler::name##Constant() { \
226 return UncheckedCast<std::remove_reference<decltype( \
227 *std::declval<Heap>().rootAccessorName())>::type>( \
228 LoadRoot(Heap::k##rootIndexName##RootIndex)); \
229 }
230 HEAP_MUTABLE_IMMOVABLE_OBJECT_LIST(HEAP_CONSTANT_ACCESSOR);
231 #undef HEAP_CONSTANT_ACCESSOR
232
233 #define HEAP_CONSTANT_ACCESSOR(rootIndexName, rootAccessorName, name) \
234 compiler::TNode<std::remove_reference<decltype( \
235 *std::declval<ReadOnlyRoots>().rootAccessorName())>::type> \
236 CodeStubAssembler::name##Constant() { \
237 return UncheckedCast<std::remove_reference<decltype( \
238 *std::declval<ReadOnlyRoots>().rootAccessorName())>::type>( \
239 LoadRoot(Heap::k##rootIndexName##RootIndex)); \
240 }
241 HEAP_IMMUTABLE_IMMOVABLE_OBJECT_LIST(HEAP_CONSTANT_ACCESSOR);
242 #undef HEAP_CONSTANT_ACCESSOR
243
244 #define HEAP_CONSTANT_TEST(rootIndexName, rootAccessorName, name) \
245 compiler::TNode<BoolT> CodeStubAssembler::Is##name( \
246 SloppyTNode<Object> value) { \
247 return WordEqual(value, name##Constant()); \
248 } \
249 compiler::TNode<BoolT> CodeStubAssembler::IsNot##name( \
250 SloppyTNode<Object> value) { \
251 return WordNotEqual(value, name##Constant()); \
252 }
253 HEAP_IMMOVABLE_OBJECT_LIST(HEAP_CONSTANT_TEST);
254 #undef HEAP_CONSTANT_TEST
255
HashSeed()256 TNode<Int64T> CodeStubAssembler::HashSeed() {
257 DCHECK(Is64());
258 TNode<HeapObject> hash_seed_root =
259 TNode<HeapObject>::UncheckedCast(LoadRoot(Heap::kHashSeedRootIndex));
260 return TNode<Int64T>::UncheckedCast(LoadObjectField(
261 hash_seed_root, ByteArray::kHeaderSize, MachineType::Int64()));
262 }
263
HashSeedHigh()264 TNode<Int32T> CodeStubAssembler::HashSeedHigh() {
265 DCHECK(!Is64());
266 #ifdef V8_TARGET_BIG_ENDIAN
267 static int kOffset = 0;
268 #else
269 static int kOffset = kInt32Size;
270 #endif
271 TNode<HeapObject> hash_seed_root =
272 TNode<HeapObject>::UncheckedCast(LoadRoot(Heap::kHashSeedRootIndex));
273 return TNode<Int32T>::UncheckedCast(LoadObjectField(
274 hash_seed_root, ByteArray::kHeaderSize + kOffset, MachineType::Int32()));
275 }
276
HashSeedLow()277 TNode<Int32T> CodeStubAssembler::HashSeedLow() {
278 DCHECK(!Is64());
279 #ifdef V8_TARGET_BIG_ENDIAN
280 static int kOffset = kInt32Size;
281 #else
282 static int kOffset = 0;
283 #endif
284 TNode<HeapObject> hash_seed_root =
285 TNode<HeapObject>::UncheckedCast(LoadRoot(Heap::kHashSeedRootIndex));
286 return TNode<Int32T>::UncheckedCast(LoadObjectField(
287 hash_seed_root, ByteArray::kHeaderSize + kOffset, MachineType::Int32()));
288 }
289
IntPtrOrSmiConstant(int value,ParameterMode mode)290 Node* CodeStubAssembler::IntPtrOrSmiConstant(int value, ParameterMode mode) {
291 if (mode == SMI_PARAMETERS) {
292 return SmiConstant(value);
293 } else {
294 DCHECK_EQ(INTPTR_PARAMETERS, mode);
295 return IntPtrConstant(value);
296 }
297 }
298
IsIntPtrOrSmiConstantZero(Node * test,ParameterMode mode)299 bool CodeStubAssembler::IsIntPtrOrSmiConstantZero(Node* test,
300 ParameterMode mode) {
301 int32_t constant_test;
302 Smi* smi_test;
303 if (mode == INTPTR_PARAMETERS) {
304 if (ToInt32Constant(test, constant_test) && constant_test == 0) {
305 return true;
306 }
307 } else {
308 DCHECK_EQ(mode, SMI_PARAMETERS);
309 if (ToSmiConstant(test, smi_test) && smi_test->value() == 0) {
310 return true;
311 }
312 }
313 return false;
314 }
315
TryGetIntPtrOrSmiConstantValue(Node * maybe_constant,int * value,ParameterMode mode)316 bool CodeStubAssembler::TryGetIntPtrOrSmiConstantValue(Node* maybe_constant,
317 int* value,
318 ParameterMode mode) {
319 int32_t int32_constant;
320 if (mode == INTPTR_PARAMETERS) {
321 if (ToInt32Constant(maybe_constant, int32_constant)) {
322 *value = int32_constant;
323 return true;
324 }
325 } else {
326 DCHECK_EQ(mode, SMI_PARAMETERS);
327 Smi* smi_constant;
328 if (ToSmiConstant(maybe_constant, smi_constant)) {
329 *value = Smi::ToInt(smi_constant);
330 return true;
331 }
332 }
333 return false;
334 }
335
IntPtrRoundUpToPowerOfTwo32(TNode<IntPtrT> value)336 TNode<IntPtrT> CodeStubAssembler::IntPtrRoundUpToPowerOfTwo32(
337 TNode<IntPtrT> value) {
338 Comment("IntPtrRoundUpToPowerOfTwo32");
339 CSA_ASSERT(this, UintPtrLessThanOrEqual(value, IntPtrConstant(0x80000000u)));
340 value = Signed(IntPtrSub(value, IntPtrConstant(1)));
341 for (int i = 1; i <= 16; i *= 2) {
342 value = Signed(WordOr(value, WordShr(value, IntPtrConstant(i))));
343 }
344 return Signed(IntPtrAdd(value, IntPtrConstant(1)));
345 }
346
MatchesParameterMode(Node * value,ParameterMode mode)347 Node* CodeStubAssembler::MatchesParameterMode(Node* value, ParameterMode mode) {
348 if (mode == SMI_PARAMETERS) {
349 return TaggedIsSmi(value);
350 } else {
351 return Int32Constant(1);
352 }
353 }
354
WordIsPowerOfTwo(SloppyTNode<IntPtrT> value)355 TNode<BoolT> CodeStubAssembler::WordIsPowerOfTwo(SloppyTNode<IntPtrT> value) {
356 // value && !(value & (value - 1))
357 return WordEqual(
358 Select<IntPtrT>(
359 WordEqual(value, IntPtrConstant(0)),
360 [=] { return IntPtrConstant(1); },
361 [=] { return WordAnd(value, IntPtrSub(value, IntPtrConstant(1))); }),
362 IntPtrConstant(0));
363 }
364
Float64Round(SloppyTNode<Float64T> x)365 TNode<Float64T> CodeStubAssembler::Float64Round(SloppyTNode<Float64T> x) {
366 Node* one = Float64Constant(1.0);
367 Node* one_half = Float64Constant(0.5);
368
369 Label return_x(this);
370
371 // Round up {x} towards Infinity.
372 VARIABLE(var_x, MachineRepresentation::kFloat64, Float64Ceil(x));
373
374 GotoIf(Float64LessThanOrEqual(Float64Sub(var_x.value(), one_half), x),
375 &return_x);
376 var_x.Bind(Float64Sub(var_x.value(), one));
377 Goto(&return_x);
378
379 BIND(&return_x);
380 return TNode<Float64T>::UncheckedCast(var_x.value());
381 }
382
Float64Ceil(SloppyTNode<Float64T> x)383 TNode<Float64T> CodeStubAssembler::Float64Ceil(SloppyTNode<Float64T> x) {
384 if (IsFloat64RoundUpSupported()) {
385 return Float64RoundUp(x);
386 }
387
388 Node* one = Float64Constant(1.0);
389 Node* zero = Float64Constant(0.0);
390 Node* two_52 = Float64Constant(4503599627370496.0E0);
391 Node* minus_two_52 = Float64Constant(-4503599627370496.0E0);
392
393 VARIABLE(var_x, MachineRepresentation::kFloat64, x);
394 Label return_x(this), return_minus_x(this);
395
396 // Check if {x} is greater than zero.
397 Label if_xgreaterthanzero(this), if_xnotgreaterthanzero(this);
398 Branch(Float64GreaterThan(x, zero), &if_xgreaterthanzero,
399 &if_xnotgreaterthanzero);
400
401 BIND(&if_xgreaterthanzero);
402 {
403 // Just return {x} unless it's in the range ]0,2^52[.
404 GotoIf(Float64GreaterThanOrEqual(x, two_52), &return_x);
405
406 // Round positive {x} towards Infinity.
407 var_x.Bind(Float64Sub(Float64Add(two_52, x), two_52));
408 GotoIfNot(Float64LessThan(var_x.value(), x), &return_x);
409 var_x.Bind(Float64Add(var_x.value(), one));
410 Goto(&return_x);
411 }
412
413 BIND(&if_xnotgreaterthanzero);
414 {
415 // Just return {x} unless it's in the range ]-2^52,0[
416 GotoIf(Float64LessThanOrEqual(x, minus_two_52), &return_x);
417 GotoIfNot(Float64LessThan(x, zero), &return_x);
418
419 // Round negated {x} towards Infinity and return the result negated.
420 Node* minus_x = Float64Neg(x);
421 var_x.Bind(Float64Sub(Float64Add(two_52, minus_x), two_52));
422 GotoIfNot(Float64GreaterThan(var_x.value(), minus_x), &return_minus_x);
423 var_x.Bind(Float64Sub(var_x.value(), one));
424 Goto(&return_minus_x);
425 }
426
427 BIND(&return_minus_x);
428 var_x.Bind(Float64Neg(var_x.value()));
429 Goto(&return_x);
430
431 BIND(&return_x);
432 return TNode<Float64T>::UncheckedCast(var_x.value());
433 }
434
Float64Floor(SloppyTNode<Float64T> x)435 TNode<Float64T> CodeStubAssembler::Float64Floor(SloppyTNode<Float64T> x) {
436 if (IsFloat64RoundDownSupported()) {
437 return Float64RoundDown(x);
438 }
439
440 Node* one = Float64Constant(1.0);
441 Node* zero = Float64Constant(0.0);
442 Node* two_52 = Float64Constant(4503599627370496.0E0);
443 Node* minus_two_52 = Float64Constant(-4503599627370496.0E0);
444
445 VARIABLE(var_x, MachineRepresentation::kFloat64, x);
446 Label return_x(this), return_minus_x(this);
447
448 // Check if {x} is greater than zero.
449 Label if_xgreaterthanzero(this), if_xnotgreaterthanzero(this);
450 Branch(Float64GreaterThan(x, zero), &if_xgreaterthanzero,
451 &if_xnotgreaterthanzero);
452
453 BIND(&if_xgreaterthanzero);
454 {
455 // Just return {x} unless it's in the range ]0,2^52[.
456 GotoIf(Float64GreaterThanOrEqual(x, two_52), &return_x);
457
458 // Round positive {x} towards -Infinity.
459 var_x.Bind(Float64Sub(Float64Add(two_52, x), two_52));
460 GotoIfNot(Float64GreaterThan(var_x.value(), x), &return_x);
461 var_x.Bind(Float64Sub(var_x.value(), one));
462 Goto(&return_x);
463 }
464
465 BIND(&if_xnotgreaterthanzero);
466 {
467 // Just return {x} unless it's in the range ]-2^52,0[
468 GotoIf(Float64LessThanOrEqual(x, minus_two_52), &return_x);
469 GotoIfNot(Float64LessThan(x, zero), &return_x);
470
471 // Round negated {x} towards -Infinity and return the result negated.
472 Node* minus_x = Float64Neg(x);
473 var_x.Bind(Float64Sub(Float64Add(two_52, minus_x), two_52));
474 GotoIfNot(Float64LessThan(var_x.value(), minus_x), &return_minus_x);
475 var_x.Bind(Float64Add(var_x.value(), one));
476 Goto(&return_minus_x);
477 }
478
479 BIND(&return_minus_x);
480 var_x.Bind(Float64Neg(var_x.value()));
481 Goto(&return_x);
482
483 BIND(&return_x);
484 return TNode<Float64T>::UncheckedCast(var_x.value());
485 }
486
Float64RoundToEven(SloppyTNode<Float64T> x)487 TNode<Float64T> CodeStubAssembler::Float64RoundToEven(SloppyTNode<Float64T> x) {
488 if (IsFloat64RoundTiesEvenSupported()) {
489 return Float64RoundTiesEven(x);
490 }
491 // See ES#sec-touint8clamp for details.
492 Node* f = Float64Floor(x);
493 Node* f_and_half = Float64Add(f, Float64Constant(0.5));
494
495 VARIABLE(var_result, MachineRepresentation::kFloat64);
496 Label return_f(this), return_f_plus_one(this), done(this);
497
498 GotoIf(Float64LessThan(f_and_half, x), &return_f_plus_one);
499 GotoIf(Float64LessThan(x, f_and_half), &return_f);
500 {
501 Node* f_mod_2 = Float64Mod(f, Float64Constant(2.0));
502 Branch(Float64Equal(f_mod_2, Float64Constant(0.0)), &return_f,
503 &return_f_plus_one);
504 }
505
506 BIND(&return_f);
507 var_result.Bind(f);
508 Goto(&done);
509
510 BIND(&return_f_plus_one);
511 var_result.Bind(Float64Add(f, Float64Constant(1.0)));
512 Goto(&done);
513
514 BIND(&done);
515 return TNode<Float64T>::UncheckedCast(var_result.value());
516 }
517
Float64Trunc(SloppyTNode<Float64T> x)518 TNode<Float64T> CodeStubAssembler::Float64Trunc(SloppyTNode<Float64T> x) {
519 if (IsFloat64RoundTruncateSupported()) {
520 return Float64RoundTruncate(x);
521 }
522
523 Node* one = Float64Constant(1.0);
524 Node* zero = Float64Constant(0.0);
525 Node* two_52 = Float64Constant(4503599627370496.0E0);
526 Node* minus_two_52 = Float64Constant(-4503599627370496.0E0);
527
528 VARIABLE(var_x, MachineRepresentation::kFloat64, x);
529 Label return_x(this), return_minus_x(this);
530
531 // Check if {x} is greater than 0.
532 Label if_xgreaterthanzero(this), if_xnotgreaterthanzero(this);
533 Branch(Float64GreaterThan(x, zero), &if_xgreaterthanzero,
534 &if_xnotgreaterthanzero);
535
536 BIND(&if_xgreaterthanzero);
537 {
538 if (IsFloat64RoundDownSupported()) {
539 var_x.Bind(Float64RoundDown(x));
540 } else {
541 // Just return {x} unless it's in the range ]0,2^52[.
542 GotoIf(Float64GreaterThanOrEqual(x, two_52), &return_x);
543
544 // Round positive {x} towards -Infinity.
545 var_x.Bind(Float64Sub(Float64Add(two_52, x), two_52));
546 GotoIfNot(Float64GreaterThan(var_x.value(), x), &return_x);
547 var_x.Bind(Float64Sub(var_x.value(), one));
548 }
549 Goto(&return_x);
550 }
551
552 BIND(&if_xnotgreaterthanzero);
553 {
554 if (IsFloat64RoundUpSupported()) {
555 var_x.Bind(Float64RoundUp(x));
556 Goto(&return_x);
557 } else {
558 // Just return {x} unless its in the range ]-2^52,0[.
559 GotoIf(Float64LessThanOrEqual(x, minus_two_52), &return_x);
560 GotoIfNot(Float64LessThan(x, zero), &return_x);
561
562 // Round negated {x} towards -Infinity and return result negated.
563 Node* minus_x = Float64Neg(x);
564 var_x.Bind(Float64Sub(Float64Add(two_52, minus_x), two_52));
565 GotoIfNot(Float64GreaterThan(var_x.value(), minus_x), &return_minus_x);
566 var_x.Bind(Float64Sub(var_x.value(), one));
567 Goto(&return_minus_x);
568 }
569 }
570
571 BIND(&return_minus_x);
572 var_x.Bind(Float64Neg(var_x.value()));
573 Goto(&return_x);
574
575 BIND(&return_x);
576 return TNode<Float64T>::UncheckedCast(var_x.value());
577 }
578
IsValidSmi(TNode<Smi> smi)579 TNode<BoolT> CodeStubAssembler::IsValidSmi(TNode<Smi> smi) {
580 if (SmiValuesAre31Bits() && kPointerSize == kInt64Size) {
581 // Check that the Smi value is properly sign-extended.
582 TNode<IntPtrT> value = Signed(BitcastTaggedToWord(smi));
583 return WordEqual(value, ChangeInt32ToIntPtr(TruncateIntPtrToInt32(value)));
584 }
585 return Int32TrueConstant();
586 }
587
SmiShiftBitsConstant()588 Node* CodeStubAssembler::SmiShiftBitsConstant() {
589 return IntPtrConstant(kSmiShiftSize + kSmiTagSize);
590 }
591
SmiFromInt32(SloppyTNode<Int32T> value)592 TNode<Smi> CodeStubAssembler::SmiFromInt32(SloppyTNode<Int32T> value) {
593 TNode<IntPtrT> value_intptr = ChangeInt32ToIntPtr(value);
594 TNode<Smi> smi =
595 BitcastWordToTaggedSigned(WordShl(value_intptr, SmiShiftBitsConstant()));
596 #if V8_COMPRESS_POINTERS
597 CSA_ASSERT(this, IsValidSmi(smi));
598 #endif
599 return smi;
600 }
601
IsValidPositiveSmi(TNode<IntPtrT> value)602 TNode<BoolT> CodeStubAssembler::IsValidPositiveSmi(TNode<IntPtrT> value) {
603 intptr_t constant_value;
604 if (ToIntPtrConstant(value, constant_value)) {
605 return (static_cast<uintptr_t>(constant_value) <=
606 static_cast<uintptr_t>(Smi::kMaxValue))
607 ? Int32TrueConstant()
608 : Int32FalseConstant();
609 }
610
611 return UintPtrLessThanOrEqual(value, IntPtrConstant(Smi::kMaxValue));
612 }
613
SmiTag(SloppyTNode<IntPtrT> value)614 TNode<Smi> CodeStubAssembler::SmiTag(SloppyTNode<IntPtrT> value) {
615 int32_t constant_value;
616 if (ToInt32Constant(value, constant_value) && Smi::IsValid(constant_value)) {
617 return SmiConstant(constant_value);
618 }
619 TNode<Smi> smi =
620 BitcastWordToTaggedSigned(WordShl(value, SmiShiftBitsConstant()));
621 #if V8_COMPRESS_POINTERS
622 CSA_ASSERT(this, IsValidSmi(smi));
623 #endif
624 return smi;
625 }
626
SmiUntag(SloppyTNode<Smi> value)627 TNode<IntPtrT> CodeStubAssembler::SmiUntag(SloppyTNode<Smi> value) {
628 #if V8_COMPRESS_POINTERS
629 CSA_ASSERT(this, IsValidSmi(value));
630 #endif
631 intptr_t constant_value;
632 if (ToIntPtrConstant(value, constant_value)) {
633 return IntPtrConstant(constant_value >> (kSmiShiftSize + kSmiTagSize));
634 }
635 return Signed(WordSar(BitcastTaggedToWord(value), SmiShiftBitsConstant()));
636 }
637
SmiToInt32(SloppyTNode<Smi> value)638 TNode<Int32T> CodeStubAssembler::SmiToInt32(SloppyTNode<Smi> value) {
639 TNode<IntPtrT> result = SmiUntag(value);
640 return TruncateIntPtrToInt32(result);
641 }
642
SmiToFloat64(SloppyTNode<Smi> value)643 TNode<Float64T> CodeStubAssembler::SmiToFloat64(SloppyTNode<Smi> value) {
644 return ChangeInt32ToFloat64(SmiToInt32(value));
645 }
646
SmiMax(TNode<Smi> a,TNode<Smi> b)647 TNode<Smi> CodeStubAssembler::SmiMax(TNode<Smi> a, TNode<Smi> b) {
648 return SelectConstant<Smi>(SmiLessThan(a, b), b, a);
649 }
650
SmiMin(TNode<Smi> a,TNode<Smi> b)651 TNode<Smi> CodeStubAssembler::SmiMin(TNode<Smi> a, TNode<Smi> b) {
652 return SelectConstant<Smi>(SmiLessThan(a, b), a, b);
653 }
654
TrySmiAdd(TNode<Smi> lhs,TNode<Smi> rhs,Label * if_overflow)655 TNode<Smi> CodeStubAssembler::TrySmiAdd(TNode<Smi> lhs, TNode<Smi> rhs,
656 Label* if_overflow) {
657 if (SmiValuesAre32Bits()) {
658 TNode<PairT<IntPtrT, BoolT>> pair = IntPtrAddWithOverflow(
659 BitcastTaggedToWord(lhs), BitcastTaggedToWord(rhs));
660 TNode<BoolT> overflow = Projection<1>(pair);
661 GotoIf(overflow, if_overflow);
662 TNode<IntPtrT> result = Projection<0>(pair);
663 return BitcastWordToTaggedSigned(result);
664 } else {
665 DCHECK(SmiValuesAre31Bits());
666 TNode<PairT<Int32T, BoolT>> pair =
667 Int32AddWithOverflow(TruncateIntPtrToInt32(BitcastTaggedToWord(lhs)),
668 TruncateIntPtrToInt32(BitcastTaggedToWord(rhs)));
669 TNode<BoolT> overflow = Projection<1>(pair);
670 GotoIf(overflow, if_overflow);
671 TNode<Int32T> result = Projection<0>(pair);
672 return BitcastWordToTaggedSigned(ChangeInt32ToIntPtr(result));
673 }
674 }
675
TrySmiSub(TNode<Smi> lhs,TNode<Smi> rhs,Label * if_overflow)676 TNode<Smi> CodeStubAssembler::TrySmiSub(TNode<Smi> lhs, TNode<Smi> rhs,
677 Label* if_overflow) {
678 if (SmiValuesAre32Bits()) {
679 TNode<PairT<IntPtrT, BoolT>> pair = IntPtrSubWithOverflow(
680 BitcastTaggedToWord(lhs), BitcastTaggedToWord(rhs));
681 TNode<BoolT> overflow = Projection<1>(pair);
682 GotoIf(overflow, if_overflow);
683 TNode<IntPtrT> result = Projection<0>(pair);
684 return BitcastWordToTaggedSigned(result);
685 } else {
686 DCHECK(SmiValuesAre31Bits());
687 TNode<PairT<Int32T, BoolT>> pair =
688 Int32SubWithOverflow(TruncateIntPtrToInt32(BitcastTaggedToWord(lhs)),
689 TruncateIntPtrToInt32(BitcastTaggedToWord(rhs)));
690 TNode<BoolT> overflow = Projection<1>(pair);
691 GotoIf(overflow, if_overflow);
692 TNode<Int32T> result = Projection<0>(pair);
693 return BitcastWordToTaggedSigned(ChangeInt32ToIntPtr(result));
694 }
695 }
696
NumberMax(SloppyTNode<Object> a,SloppyTNode<Object> b)697 TNode<Object> CodeStubAssembler::NumberMax(SloppyTNode<Object> a,
698 SloppyTNode<Object> b) {
699 // TODO(danno): This could be optimized by specifically handling smi cases.
700 VARIABLE(result, MachineRepresentation::kTagged);
701 Label done(this), greater_than_equal_a(this), greater_than_equal_b(this);
702 GotoIfNumberGreaterThanOrEqual(a, b, &greater_than_equal_a);
703 GotoIfNumberGreaterThanOrEqual(b, a, &greater_than_equal_b);
704 result.Bind(NanConstant());
705 Goto(&done);
706 BIND(&greater_than_equal_a);
707 result.Bind(a);
708 Goto(&done);
709 BIND(&greater_than_equal_b);
710 result.Bind(b);
711 Goto(&done);
712 BIND(&done);
713 return TNode<Object>::UncheckedCast(result.value());
714 }
715
NumberMin(SloppyTNode<Object> a,SloppyTNode<Object> b)716 TNode<Object> CodeStubAssembler::NumberMin(SloppyTNode<Object> a,
717 SloppyTNode<Object> b) {
718 // TODO(danno): This could be optimized by specifically handling smi cases.
719 VARIABLE(result, MachineRepresentation::kTagged);
720 Label done(this), greater_than_equal_a(this), greater_than_equal_b(this);
721 GotoIfNumberGreaterThanOrEqual(a, b, &greater_than_equal_a);
722 GotoIfNumberGreaterThanOrEqual(b, a, &greater_than_equal_b);
723 result.Bind(NanConstant());
724 Goto(&done);
725 BIND(&greater_than_equal_a);
726 result.Bind(b);
727 Goto(&done);
728 BIND(&greater_than_equal_b);
729 result.Bind(a);
730 Goto(&done);
731 BIND(&done);
732 return TNode<Object>::UncheckedCast(result.value());
733 }
734
ConvertToRelativeIndex(TNode<Context> context,TNode<Object> index,TNode<IntPtrT> length)735 TNode<IntPtrT> CodeStubAssembler::ConvertToRelativeIndex(
736 TNode<Context> context, TNode<Object> index, TNode<IntPtrT> length) {
737 TVARIABLE(IntPtrT, result);
738
739 TNode<Number> const index_int =
740 ToInteger_Inline(context, index, CodeStubAssembler::kTruncateMinusZero);
741 TNode<IntPtrT> zero = IntPtrConstant(0);
742
743 Label done(this);
744 Label if_issmi(this), if_isheapnumber(this, Label::kDeferred);
745 Branch(TaggedIsSmi(index_int), &if_issmi, &if_isheapnumber);
746
747 BIND(&if_issmi);
748 {
749 TNode<Smi> const index_smi = CAST(index_int);
750 result = Select<IntPtrT>(
751 IntPtrLessThan(SmiUntag(index_smi), zero),
752 [=] { return IntPtrMax(IntPtrAdd(length, SmiUntag(index_smi)), zero); },
753 [=] { return IntPtrMin(SmiUntag(index_smi), length); });
754 Goto(&done);
755 }
756
757 BIND(&if_isheapnumber);
758 {
759 // If {index} is a heap number, it is definitely out of bounds. If it is
760 // negative, {index} = max({length} + {index}),0) = 0'. If it is positive,
761 // set {index} to {length}.
762 TNode<HeapNumber> const index_hn = CAST(index_int);
763 TNode<Float64T> const float_zero = Float64Constant(0.);
764 TNode<Float64T> const index_float = LoadHeapNumberValue(index_hn);
765 result = SelectConstant<IntPtrT>(Float64LessThan(index_float, float_zero),
766 zero, length);
767 Goto(&done);
768 }
769 BIND(&done);
770 return result.value();
771 }
772
SmiMod(TNode<Smi> a,TNode<Smi> b)773 TNode<Number> CodeStubAssembler::SmiMod(TNode<Smi> a, TNode<Smi> b) {
774 TVARIABLE(Number, var_result);
775 Label return_result(this, &var_result),
776 return_minuszero(this, Label::kDeferred),
777 return_nan(this, Label::kDeferred);
778
779 // Untag {a} and {b}.
780 TNode<Int32T> int_a = SmiToInt32(a);
781 TNode<Int32T> int_b = SmiToInt32(b);
782
783 // Return NaN if {b} is zero.
784 GotoIf(Word32Equal(int_b, Int32Constant(0)), &return_nan);
785
786 // Check if {a} is non-negative.
787 Label if_aisnotnegative(this), if_aisnegative(this, Label::kDeferred);
788 Branch(Int32LessThanOrEqual(Int32Constant(0), int_a), &if_aisnotnegative,
789 &if_aisnegative);
790
791 BIND(&if_aisnotnegative);
792 {
793 // Fast case, don't need to check any other edge cases.
794 TNode<Int32T> r = Int32Mod(int_a, int_b);
795 var_result = SmiFromInt32(r);
796 Goto(&return_result);
797 }
798
799 BIND(&if_aisnegative);
800 {
801 if (SmiValuesAre32Bits()) {
802 // Check if {a} is kMinInt and {b} is -1 (only relevant if the
803 // kMinInt is actually representable as a Smi).
804 Label join(this);
805 GotoIfNot(Word32Equal(int_a, Int32Constant(kMinInt)), &join);
806 GotoIf(Word32Equal(int_b, Int32Constant(-1)), &return_minuszero);
807 Goto(&join);
808 BIND(&join);
809 }
810
811 // Perform the integer modulus operation.
812 TNode<Int32T> r = Int32Mod(int_a, int_b);
813
814 // Check if {r} is zero, and if so return -0, because we have to
815 // take the sign of the left hand side {a}, which is negative.
816 GotoIf(Word32Equal(r, Int32Constant(0)), &return_minuszero);
817
818 // The remainder {r} can be outside the valid Smi range on 32bit
819 // architectures, so we cannot just say SmiFromInt32(r) here.
820 var_result = ChangeInt32ToTagged(r);
821 Goto(&return_result);
822 }
823
824 BIND(&return_minuszero);
825 var_result = MinusZeroConstant();
826 Goto(&return_result);
827
828 BIND(&return_nan);
829 var_result = NanConstant();
830 Goto(&return_result);
831
832 BIND(&return_result);
833 return var_result.value();
834 }
835
SmiMul(TNode<Smi> a,TNode<Smi> b)836 TNode<Number> CodeStubAssembler::SmiMul(TNode<Smi> a, TNode<Smi> b) {
837 TVARIABLE(Number, var_result);
838 VARIABLE(var_lhs_float64, MachineRepresentation::kFloat64);
839 VARIABLE(var_rhs_float64, MachineRepresentation::kFloat64);
840 Label return_result(this, &var_result);
841
842 // Both {a} and {b} are Smis. Convert them to integers and multiply.
843 Node* lhs32 = SmiToInt32(a);
844 Node* rhs32 = SmiToInt32(b);
845 Node* pair = Int32MulWithOverflow(lhs32, rhs32);
846
847 Node* overflow = Projection(1, pair);
848
849 // Check if the multiplication overflowed.
850 Label if_overflow(this, Label::kDeferred), if_notoverflow(this);
851 Branch(overflow, &if_overflow, &if_notoverflow);
852 BIND(&if_notoverflow);
853 {
854 // If the answer is zero, we may need to return -0.0, depending on the
855 // input.
856 Label answer_zero(this), answer_not_zero(this);
857 Node* answer = Projection(0, pair);
858 Node* zero = Int32Constant(0);
859 Branch(Word32Equal(answer, zero), &answer_zero, &answer_not_zero);
860 BIND(&answer_not_zero);
861 {
862 var_result = ChangeInt32ToTagged(answer);
863 Goto(&return_result);
864 }
865 BIND(&answer_zero);
866 {
867 Node* or_result = Word32Or(lhs32, rhs32);
868 Label if_should_be_negative_zero(this), if_should_be_zero(this);
869 Branch(Int32LessThan(or_result, zero), &if_should_be_negative_zero,
870 &if_should_be_zero);
871 BIND(&if_should_be_negative_zero);
872 {
873 var_result = MinusZeroConstant();
874 Goto(&return_result);
875 }
876 BIND(&if_should_be_zero);
877 {
878 var_result = SmiConstant(0);
879 Goto(&return_result);
880 }
881 }
882 }
883 BIND(&if_overflow);
884 {
885 var_lhs_float64.Bind(SmiToFloat64(a));
886 var_rhs_float64.Bind(SmiToFloat64(b));
887 Node* value = Float64Mul(var_lhs_float64.value(), var_rhs_float64.value());
888 var_result = AllocateHeapNumberWithValue(value);
889 Goto(&return_result);
890 }
891
892 BIND(&return_result);
893 return var_result.value();
894 }
895
TrySmiDiv(TNode<Smi> dividend,TNode<Smi> divisor,Label * bailout)896 TNode<Smi> CodeStubAssembler::TrySmiDiv(TNode<Smi> dividend, TNode<Smi> divisor,
897 Label* bailout) {
898 // Both {a} and {b} are Smis. Bailout to floating point division if {divisor}
899 // is zero.
900 GotoIf(WordEqual(divisor, SmiConstant(0)), bailout);
901
902 // Do floating point division if {dividend} is zero and {divisor} is
903 // negative.
904 Label dividend_is_zero(this), dividend_is_not_zero(this);
905 Branch(WordEqual(dividend, SmiConstant(0)), ÷nd_is_zero,
906 ÷nd_is_not_zero);
907
908 BIND(÷nd_is_zero);
909 {
910 GotoIf(SmiLessThan(divisor, SmiConstant(0)), bailout);
911 Goto(÷nd_is_not_zero);
912 }
913 BIND(÷nd_is_not_zero);
914
915 TNode<Int32T> untagged_divisor = SmiToInt32(divisor);
916 TNode<Int32T> untagged_dividend = SmiToInt32(dividend);
917
918 // Do floating point division if {dividend} is kMinInt (or kMinInt - 1
919 // if the Smi size is 31) and {divisor} is -1.
920 Label divisor_is_minus_one(this), divisor_is_not_minus_one(this);
921 Branch(Word32Equal(untagged_divisor, Int32Constant(-1)),
922 &divisor_is_minus_one, &divisor_is_not_minus_one);
923
924 BIND(&divisor_is_minus_one);
925 {
926 GotoIf(Word32Equal(
927 untagged_dividend,
928 Int32Constant(kSmiValueSize == 32 ? kMinInt : (kMinInt >> 1))),
929 bailout);
930 Goto(&divisor_is_not_minus_one);
931 }
932 BIND(&divisor_is_not_minus_one);
933
934 TNode<Int32T> untagged_result = Int32Div(untagged_dividend, untagged_divisor);
935 TNode<Int32T> truncated = Signed(Int32Mul(untagged_result, untagged_divisor));
936
937 // Do floating point division if the remainder is not 0.
938 GotoIf(Word32NotEqual(untagged_dividend, truncated), bailout);
939
940 return SmiFromInt32(untagged_result);
941 }
942
TruncateIntPtrToInt32(SloppyTNode<IntPtrT> value)943 TNode<Int32T> CodeStubAssembler::TruncateIntPtrToInt32(
944 SloppyTNode<IntPtrT> value) {
945 if (Is64()) {
946 return TruncateInt64ToInt32(ReinterpretCast<Int64T>(value));
947 }
948 return ReinterpretCast<Int32T>(value);
949 }
950
TaggedIsSmi(SloppyTNode<Object> a)951 TNode<BoolT> CodeStubAssembler::TaggedIsSmi(SloppyTNode<Object> a) {
952 return WordEqual(WordAnd(BitcastTaggedToWord(a), IntPtrConstant(kSmiTagMask)),
953 IntPtrConstant(0));
954 }
955
TaggedIsSmi(TNode<MaybeObject> a)956 TNode<BoolT> CodeStubAssembler::TaggedIsSmi(TNode<MaybeObject> a) {
957 return WordEqual(
958 WordAnd(BitcastMaybeObjectToWord(a), IntPtrConstant(kSmiTagMask)),
959 IntPtrConstant(0));
960 }
961
TaggedIsNotSmi(SloppyTNode<Object> a)962 TNode<BoolT> CodeStubAssembler::TaggedIsNotSmi(SloppyTNode<Object> a) {
963 return WordNotEqual(
964 WordAnd(BitcastTaggedToWord(a), IntPtrConstant(kSmiTagMask)),
965 IntPtrConstant(0));
966 }
967
TaggedIsPositiveSmi(SloppyTNode<Object> a)968 TNode<BoolT> CodeStubAssembler::TaggedIsPositiveSmi(SloppyTNode<Object> a) {
969 return WordEqual(WordAnd(BitcastTaggedToWord(a),
970 IntPtrConstant(kSmiTagMask | kSmiSignMask)),
971 IntPtrConstant(0));
972 }
973
WordIsWordAligned(SloppyTNode<WordT> word)974 TNode<BoolT> CodeStubAssembler::WordIsWordAligned(SloppyTNode<WordT> word) {
975 return WordEqual(IntPtrConstant(0),
976 WordAnd(word, IntPtrConstant(kPointerSize - 1)));
977 }
978
979 #if DEBUG
Bind(Label * label,AssemblerDebugInfo debug_info)980 void CodeStubAssembler::Bind(Label* label, AssemblerDebugInfo debug_info) {
981 CodeAssembler::Bind(label, debug_info);
982 }
983 #else
Bind(Label * label)984 void CodeStubAssembler::Bind(Label* label) { CodeAssembler::Bind(label); }
985 #endif // DEBUG
986
LoadDoubleWithHoleCheck(TNode<FixedDoubleArray> array,TNode<Smi> index,Label * if_hole)987 TNode<Float64T> CodeStubAssembler::LoadDoubleWithHoleCheck(
988 TNode<FixedDoubleArray> array, TNode<Smi> index, Label* if_hole) {
989 return LoadFixedDoubleArrayElement(array, index, MachineType::Float64(), 0,
990 SMI_PARAMETERS, if_hole);
991 }
992
BranchIfPrototypesHaveNoElements(Node * receiver_map,Label * definitely_no_elements,Label * possibly_elements)993 void CodeStubAssembler::BranchIfPrototypesHaveNoElements(
994 Node* receiver_map, Label* definitely_no_elements,
995 Label* possibly_elements) {
996 CSA_SLOW_ASSERT(this, IsMap(receiver_map));
997 VARIABLE(var_map, MachineRepresentation::kTagged, receiver_map);
998 Label loop_body(this, &var_map);
999 Node* empty_fixed_array = LoadRoot(Heap::kEmptyFixedArrayRootIndex);
1000 Node* empty_slow_element_dictionary =
1001 LoadRoot(Heap::kEmptySlowElementDictionaryRootIndex);
1002 Goto(&loop_body);
1003
1004 BIND(&loop_body);
1005 {
1006 Node* map = var_map.value();
1007 Node* prototype = LoadMapPrototype(map);
1008 GotoIf(IsNull(prototype), definitely_no_elements);
1009 Node* prototype_map = LoadMap(prototype);
1010 TNode<Int32T> prototype_instance_type = LoadMapInstanceType(prototype_map);
1011
1012 // Pessimistically assume elements if a Proxy, Special API Object,
1013 // or JSValue wrapper is found on the prototype chain. After this
1014 // instance type check, it's not necessary to check for interceptors or
1015 // access checks.
1016 Label if_custom(this, Label::kDeferred), if_notcustom(this);
1017 Branch(IsCustomElementsReceiverInstanceType(prototype_instance_type),
1018 &if_custom, &if_notcustom);
1019
1020 BIND(&if_custom);
1021 {
1022 // For string JSValue wrappers we still support the checks as long
1023 // as they wrap the empty string.
1024 GotoIfNot(InstanceTypeEqual(prototype_instance_type, JS_VALUE_TYPE),
1025 possibly_elements);
1026 Node* prototype_value = LoadJSValueValue(prototype);
1027 Branch(IsEmptyString(prototype_value), &if_notcustom, possibly_elements);
1028 }
1029
1030 BIND(&if_notcustom);
1031 {
1032 Node* prototype_elements = LoadElements(prototype);
1033 var_map.Bind(prototype_map);
1034 GotoIf(WordEqual(prototype_elements, empty_fixed_array), &loop_body);
1035 Branch(WordEqual(prototype_elements, empty_slow_element_dictionary),
1036 &loop_body, possibly_elements);
1037 }
1038 }
1039 }
1040
BranchIfJSReceiver(Node * object,Label * if_true,Label * if_false)1041 void CodeStubAssembler::BranchIfJSReceiver(Node* object, Label* if_true,
1042 Label* if_false) {
1043 GotoIf(TaggedIsSmi(object), if_false);
1044 STATIC_ASSERT(LAST_JS_RECEIVER_TYPE == LAST_TYPE);
1045 Branch(IsJSReceiver(object), if_true, if_false);
1046 }
1047
IsFastJSArray(SloppyTNode<Object> object,SloppyTNode<Context> context)1048 TNode<BoolT> CodeStubAssembler::IsFastJSArray(SloppyTNode<Object> object,
1049 SloppyTNode<Context> context) {
1050 Label if_true(this), if_false(this, Label::kDeferred), exit(this);
1051 BranchIfFastJSArray(object, context, &if_true, &if_false);
1052 TVARIABLE(BoolT, var_result);
1053 BIND(&if_true);
1054 {
1055 var_result = Int32TrueConstant();
1056 Goto(&exit);
1057 }
1058 BIND(&if_false);
1059 {
1060 var_result = Int32FalseConstant();
1061 Goto(&exit);
1062 }
1063 BIND(&exit);
1064 return var_result.value();
1065 }
1066
IsFastJSArrayWithNoCustomIteration(TNode<Object> object,TNode<Context> context)1067 TNode<BoolT> CodeStubAssembler::IsFastJSArrayWithNoCustomIteration(
1068 TNode<Object> object, TNode<Context> context) {
1069 Label if_false(this, Label::kDeferred), if_fast(this), exit(this);
1070 TVARIABLE(BoolT, var_result);
1071 BranchIfFastJSArray(object, context, &if_fast, &if_false, true);
1072 BIND(&if_fast);
1073 {
1074 // Check that the Array.prototype hasn't been modified in a way that would
1075 // affect iteration.
1076 Node* protector_cell = LoadRoot(Heap::kArrayIteratorProtectorRootIndex);
1077 DCHECK(isolate()->heap()->array_iterator_protector()->IsPropertyCell());
1078 var_result =
1079 WordEqual(LoadObjectField(protector_cell, PropertyCell::kValueOffset),
1080 SmiConstant(Isolate::kProtectorValid));
1081 Goto(&exit);
1082 }
1083 BIND(&if_false);
1084 {
1085 var_result = Int32FalseConstant();
1086 Goto(&exit);
1087 }
1088 BIND(&exit);
1089 return var_result.value();
1090 }
1091
BranchIfFastJSArray(Node * object,Node * context,Label * if_true,Label * if_false,bool iteration_only)1092 void CodeStubAssembler::BranchIfFastJSArray(Node* object, Node* context,
1093 Label* if_true, Label* if_false,
1094 bool iteration_only) {
1095 GotoIfForceSlowPath(if_false);
1096
1097 // Bailout if receiver is a Smi.
1098 GotoIf(TaggedIsSmi(object), if_false);
1099
1100 Node* map = LoadMap(object);
1101 GotoIfNot(IsJSArrayMap(map), if_false);
1102
1103 // Bailout if receiver has slow elements.
1104 Node* elements_kind = LoadMapElementsKind(map);
1105 GotoIfNot(IsFastElementsKind(elements_kind), if_false);
1106
1107 // Verify that our prototype is the initial array prototype.
1108 GotoIfNot(IsPrototypeInitialArrayPrototype(context, map), if_false);
1109
1110 if (iteration_only) {
1111 // If we are only iterating over the array, there is no need to check
1112 // the NoElements protector if the array is not holey.
1113 GotoIfNot(IsHoleyFastElementsKind(elements_kind), if_true);
1114 }
1115 Branch(IsNoElementsProtectorCellInvalid(), if_false, if_true);
1116 }
1117
BranchIfFastJSArrayForCopy(Node * object,Node * context,Label * if_true,Label * if_false)1118 void CodeStubAssembler::BranchIfFastJSArrayForCopy(Node* object, Node* context,
1119 Label* if_true,
1120 Label* if_false) {
1121 GotoIf(IsArraySpeciesProtectorCellInvalid(), if_false);
1122 BranchIfFastJSArray(object, context, if_true, if_false);
1123 }
1124
GotoIfForceSlowPath(Label * if_true)1125 void CodeStubAssembler::GotoIfForceSlowPath(Label* if_true) {
1126 #ifdef V8_ENABLE_FORCE_SLOW_PATH
1127 Node* const force_slow_path_addr =
1128 ExternalConstant(ExternalReference::force_slow_path(isolate()));
1129 Node* const force_slow = Load(MachineType::Uint8(), force_slow_path_addr);
1130
1131 GotoIf(force_slow, if_true);
1132 #endif
1133 }
1134
AllocateRaw(Node * size_in_bytes,AllocationFlags flags,Node * top_address,Node * limit_address)1135 Node* CodeStubAssembler::AllocateRaw(Node* size_in_bytes, AllocationFlags flags,
1136 Node* top_address, Node* limit_address) {
1137 // TODO(jgruber, chromium:848672): TNodeify AllocateRaw.
1138 // TODO(jgruber, chromium:848672): Call FatalProcessOutOfMemory if this fails.
1139 {
1140 intptr_t constant_value;
1141 if (ToIntPtrConstant(size_in_bytes, constant_value)) {
1142 CHECK(Internals::IsValidSmi(constant_value));
1143 CHECK_GT(constant_value, 0);
1144 } else {
1145 CSA_CHECK(this,
1146 IsValidPositiveSmi(UncheckedCast<IntPtrT>(size_in_bytes)));
1147 }
1148 }
1149
1150 Node* top = Load(MachineType::Pointer(), top_address);
1151 Node* limit = Load(MachineType::Pointer(), limit_address);
1152
1153 // If there's not enough space, call the runtime.
1154 VARIABLE(result, MachineRepresentation::kTagged);
1155 Label runtime_call(this, Label::kDeferred), no_runtime_call(this);
1156 Label merge_runtime(this, &result);
1157
1158 bool needs_double_alignment = flags & kDoubleAlignment;
1159
1160 if (flags & kAllowLargeObjectAllocation) {
1161 Label next(this);
1162 GotoIf(IsRegularHeapObjectSize(size_in_bytes), &next);
1163
1164 Node* runtime_flags = SmiConstant(
1165 Smi::FromInt(AllocateDoubleAlignFlag::encode(needs_double_alignment) |
1166 AllocateTargetSpace::encode(AllocationSpace::LO_SPACE)));
1167 Node* const runtime_result =
1168 CallRuntime(Runtime::kAllocateInTargetSpace, NoContextConstant(),
1169 SmiTag(size_in_bytes), runtime_flags);
1170 result.Bind(runtime_result);
1171 Goto(&merge_runtime);
1172
1173 BIND(&next);
1174 }
1175
1176 VARIABLE(adjusted_size, MachineType::PointerRepresentation(), size_in_bytes);
1177
1178 if (needs_double_alignment) {
1179 Label not_aligned(this), done_alignment(this, &adjusted_size);
1180
1181 Branch(WordAnd(top, IntPtrConstant(kDoubleAlignmentMask)), ¬_aligned,
1182 &done_alignment);
1183
1184 BIND(¬_aligned);
1185 Node* not_aligned_size = IntPtrAdd(size_in_bytes, IntPtrConstant(4));
1186 adjusted_size.Bind(not_aligned_size);
1187 Goto(&done_alignment);
1188
1189 BIND(&done_alignment);
1190 }
1191
1192 Node* new_top = IntPtrAdd(top, adjusted_size.value());
1193
1194 Branch(UintPtrGreaterThanOrEqual(new_top, limit), &runtime_call,
1195 &no_runtime_call);
1196
1197 BIND(&runtime_call);
1198 Node* runtime_result;
1199 if (flags & kPretenured) {
1200 Node* runtime_flags = SmiConstant(
1201 Smi::FromInt(AllocateDoubleAlignFlag::encode(needs_double_alignment) |
1202 AllocateTargetSpace::encode(AllocationSpace::OLD_SPACE)));
1203 runtime_result =
1204 CallRuntime(Runtime::kAllocateInTargetSpace, NoContextConstant(),
1205 SmiTag(size_in_bytes), runtime_flags);
1206 } else {
1207 runtime_result = CallRuntime(Runtime::kAllocateInNewSpace,
1208 NoContextConstant(), SmiTag(size_in_bytes));
1209 }
1210 result.Bind(runtime_result);
1211 Goto(&merge_runtime);
1212
1213 // When there is enough space, return `top' and bump it up.
1214 BIND(&no_runtime_call);
1215 Node* no_runtime_result = top;
1216 StoreNoWriteBarrier(MachineType::PointerRepresentation(), top_address,
1217 new_top);
1218
1219 VARIABLE(address, MachineType::PointerRepresentation(), no_runtime_result);
1220
1221 if (needs_double_alignment) {
1222 Label needs_filler(this), done_filling(this, &address);
1223 Branch(IntPtrEqual(adjusted_size.value(), size_in_bytes), &done_filling,
1224 &needs_filler);
1225
1226 BIND(&needs_filler);
1227 // Store a filler and increase the address by kPointerSize.
1228 StoreNoWriteBarrier(MachineRepresentation::kTagged, top,
1229 LoadRoot(Heap::kOnePointerFillerMapRootIndex));
1230 address.Bind(IntPtrAdd(no_runtime_result, IntPtrConstant(4)));
1231
1232 Goto(&done_filling);
1233
1234 BIND(&done_filling);
1235 }
1236
1237 no_runtime_result = BitcastWordToTagged(
1238 IntPtrAdd(address.value(), IntPtrConstant(kHeapObjectTag)));
1239
1240 result.Bind(no_runtime_result);
1241 Goto(&merge_runtime);
1242
1243 BIND(&merge_runtime);
1244 return result.value();
1245 }
1246
AllocateRawUnaligned(Node * size_in_bytes,AllocationFlags flags,Node * top_address,Node * limit_address)1247 Node* CodeStubAssembler::AllocateRawUnaligned(Node* size_in_bytes,
1248 AllocationFlags flags,
1249 Node* top_address,
1250 Node* limit_address) {
1251 DCHECK_EQ(flags & kDoubleAlignment, 0);
1252 return AllocateRaw(size_in_bytes, flags, top_address, limit_address);
1253 }
1254
AllocateRawDoubleAligned(Node * size_in_bytes,AllocationFlags flags,Node * top_address,Node * limit_address)1255 Node* CodeStubAssembler::AllocateRawDoubleAligned(Node* size_in_bytes,
1256 AllocationFlags flags,
1257 Node* top_address,
1258 Node* limit_address) {
1259 #if defined(V8_HOST_ARCH_32_BIT)
1260 return AllocateRaw(size_in_bytes, flags | kDoubleAlignment, top_address,
1261 limit_address);
1262 #elif defined(V8_HOST_ARCH_64_BIT)
1263 // Allocation on 64 bit machine is naturally double aligned
1264 return AllocateRaw(size_in_bytes, flags & ~kDoubleAlignment, top_address,
1265 limit_address);
1266 #else
1267 #error Architecture not supported
1268 #endif
1269 }
1270
AllocateInNewSpace(Node * size_in_bytes,AllocationFlags flags)1271 Node* CodeStubAssembler::AllocateInNewSpace(Node* size_in_bytes,
1272 AllocationFlags flags) {
1273 DCHECK(flags == kNone || flags == kDoubleAlignment);
1274 CSA_ASSERT(this, IsRegularHeapObjectSize(size_in_bytes));
1275 return Allocate(size_in_bytes, flags);
1276 }
1277
Allocate(Node * size_in_bytes,AllocationFlags flags)1278 Node* CodeStubAssembler::Allocate(Node* size_in_bytes, AllocationFlags flags) {
1279 Comment("Allocate");
1280 bool const new_space = !(flags & kPretenured);
1281 Node* top_address = ExternalConstant(
1282 new_space
1283 ? ExternalReference::new_space_allocation_top_address(isolate())
1284 : ExternalReference::old_space_allocation_top_address(isolate()));
1285 DCHECK_EQ(kPointerSize,
1286 ExternalReference::new_space_allocation_limit_address(isolate())
1287 .address() -
1288 ExternalReference::new_space_allocation_top_address(isolate())
1289 .address());
1290 DCHECK_EQ(kPointerSize,
1291 ExternalReference::old_space_allocation_limit_address(isolate())
1292 .address() -
1293 ExternalReference::old_space_allocation_top_address(isolate())
1294 .address());
1295 Node* limit_address = IntPtrAdd(top_address, IntPtrConstant(kPointerSize));
1296
1297 if (flags & kDoubleAlignment) {
1298 return AllocateRawDoubleAligned(size_in_bytes, flags, top_address,
1299 limit_address);
1300 } else {
1301 return AllocateRawUnaligned(size_in_bytes, flags, top_address,
1302 limit_address);
1303 }
1304 }
1305
AllocateInNewSpace(int size_in_bytes,AllocationFlags flags)1306 Node* CodeStubAssembler::AllocateInNewSpace(int size_in_bytes,
1307 AllocationFlags flags) {
1308 CHECK(flags == kNone || flags == kDoubleAlignment);
1309 DCHECK_LE(size_in_bytes, kMaxRegularHeapObjectSize);
1310 return CodeStubAssembler::Allocate(IntPtrConstant(size_in_bytes), flags);
1311 }
1312
Allocate(int size_in_bytes,AllocationFlags flags)1313 Node* CodeStubAssembler::Allocate(int size_in_bytes, AllocationFlags flags) {
1314 return CodeStubAssembler::Allocate(IntPtrConstant(size_in_bytes), flags);
1315 }
1316
InnerAllocate(Node * previous,Node * offset)1317 Node* CodeStubAssembler::InnerAllocate(Node* previous, Node* offset) {
1318 return BitcastWordToTagged(IntPtrAdd(BitcastTaggedToWord(previous), offset));
1319 }
1320
InnerAllocate(Node * previous,int offset)1321 Node* CodeStubAssembler::InnerAllocate(Node* previous, int offset) {
1322 return InnerAllocate(previous, IntPtrConstant(offset));
1323 }
1324
IsRegularHeapObjectSize(Node * size)1325 Node* CodeStubAssembler::IsRegularHeapObjectSize(Node* size) {
1326 return UintPtrLessThanOrEqual(size,
1327 IntPtrConstant(kMaxRegularHeapObjectSize));
1328 }
1329
BranchIfToBooleanIsTrue(Node * value,Label * if_true,Label * if_false)1330 void CodeStubAssembler::BranchIfToBooleanIsTrue(Node* value, Label* if_true,
1331 Label* if_false) {
1332 Label if_smi(this), if_notsmi(this), if_heapnumber(this, Label::kDeferred),
1333 if_bigint(this, Label::kDeferred);
1334 // Rule out false {value}.
1335 GotoIf(WordEqual(value, FalseConstant()), if_false);
1336
1337 // Check if {value} is a Smi or a HeapObject.
1338 Branch(TaggedIsSmi(value), &if_smi, &if_notsmi);
1339
1340 BIND(&if_smi);
1341 {
1342 // The {value} is a Smi, only need to check against zero.
1343 BranchIfSmiEqual(CAST(value), SmiConstant(0), if_false, if_true);
1344 }
1345
1346 BIND(&if_notsmi);
1347 {
1348 // Check if {value} is the empty string.
1349 GotoIf(IsEmptyString(value), if_false);
1350
1351 // The {value} is a HeapObject, load its map.
1352 Node* value_map = LoadMap(value);
1353
1354 // Only null, undefined and document.all have the undetectable bit set,
1355 // so we can return false immediately when that bit is set.
1356 GotoIf(IsUndetectableMap(value_map), if_false);
1357
1358 // We still need to handle numbers specially, but all other {value}s
1359 // that make it here yield true.
1360 GotoIf(IsHeapNumberMap(value_map), &if_heapnumber);
1361 Branch(IsBigInt(value), &if_bigint, if_true);
1362
1363 BIND(&if_heapnumber);
1364 {
1365 // Load the floating point value of {value}.
1366 Node* value_value = LoadObjectField(value, HeapNumber::kValueOffset,
1367 MachineType::Float64());
1368
1369 // Check if the floating point {value} is neither 0.0, -0.0 nor NaN.
1370 Branch(Float64LessThan(Float64Constant(0.0), Float64Abs(value_value)),
1371 if_true, if_false);
1372 }
1373
1374 BIND(&if_bigint);
1375 {
1376 Node* result =
1377 CallRuntime(Runtime::kBigIntToBoolean, NoContextConstant(), value);
1378 CSA_ASSERT(this, IsBoolean(result));
1379 Branch(WordEqual(result, TrueConstant()), if_true, if_false);
1380 }
1381 }
1382 }
1383
LoadFromFrame(int offset,MachineType rep)1384 Node* CodeStubAssembler::LoadFromFrame(int offset, MachineType rep) {
1385 Node* frame_pointer = LoadFramePointer();
1386 return Load(rep, frame_pointer, IntPtrConstant(offset));
1387 }
1388
LoadFromParentFrame(int offset,MachineType rep)1389 Node* CodeStubAssembler::LoadFromParentFrame(int offset, MachineType rep) {
1390 Node* frame_pointer = LoadParentFramePointer();
1391 return Load(rep, frame_pointer, IntPtrConstant(offset));
1392 }
1393
LoadTargetFromFrame()1394 TNode<JSFunction> CodeStubAssembler::LoadTargetFromFrame() {
1395 DCHECK(IsJSFunctionCall());
1396 return CAST(LoadFromFrame(StandardFrameConstants::kFunctionOffset,
1397 MachineType::TaggedPointer()));
1398 }
1399
LoadBufferObject(Node * buffer,int offset,MachineType rep)1400 Node* CodeStubAssembler::LoadBufferObject(Node* buffer, int offset,
1401 MachineType rep) {
1402 return Load(rep, buffer, IntPtrConstant(offset));
1403 }
1404
LoadObjectField(SloppyTNode<HeapObject> object,int offset,MachineType rep)1405 Node* CodeStubAssembler::LoadObjectField(SloppyTNode<HeapObject> object,
1406 int offset, MachineType rep) {
1407 CSA_ASSERT(this, IsStrongHeapObject(object));
1408 return Load(rep, object, IntPtrConstant(offset - kHeapObjectTag));
1409 }
1410
LoadObjectField(SloppyTNode<HeapObject> object,SloppyTNode<IntPtrT> offset,MachineType rep)1411 Node* CodeStubAssembler::LoadObjectField(SloppyTNode<HeapObject> object,
1412 SloppyTNode<IntPtrT> offset,
1413 MachineType rep) {
1414 CSA_ASSERT(this, IsStrongHeapObject(object));
1415 return Load(rep, object, IntPtrSub(offset, IntPtrConstant(kHeapObjectTag)));
1416 }
1417
LoadAndUntagObjectField(SloppyTNode<HeapObject> object,int offset)1418 TNode<IntPtrT> CodeStubAssembler::LoadAndUntagObjectField(
1419 SloppyTNode<HeapObject> object, int offset) {
1420 if (SmiValuesAre32Bits()) {
1421 #if V8_TARGET_LITTLE_ENDIAN
1422 offset += kPointerSize / 2;
1423 #endif
1424 return ChangeInt32ToIntPtr(
1425 LoadObjectField(object, offset, MachineType::Int32()));
1426 } else {
1427 return SmiToIntPtr(
1428 LoadObjectField(object, offset, MachineType::AnyTagged()));
1429 }
1430 }
1431
LoadAndUntagToWord32ObjectField(Node * object,int offset)1432 TNode<Int32T> CodeStubAssembler::LoadAndUntagToWord32ObjectField(Node* object,
1433 int offset) {
1434 if (SmiValuesAre32Bits()) {
1435 #if V8_TARGET_LITTLE_ENDIAN
1436 offset += kPointerSize / 2;
1437 #endif
1438 return UncheckedCast<Int32T>(
1439 LoadObjectField(object, offset, MachineType::Int32()));
1440 } else {
1441 return SmiToInt32(
1442 LoadObjectField(object, offset, MachineType::AnyTagged()));
1443 }
1444 }
1445
LoadAndUntagSmi(Node * base,int index)1446 TNode<IntPtrT> CodeStubAssembler::LoadAndUntagSmi(Node* base, int index) {
1447 if (SmiValuesAre32Bits()) {
1448 #if V8_TARGET_LITTLE_ENDIAN
1449 index += kPointerSize / 2;
1450 #endif
1451 return ChangeInt32ToIntPtr(
1452 Load(MachineType::Int32(), base, IntPtrConstant(index)));
1453 } else {
1454 return SmiToIntPtr(
1455 Load(MachineType::AnyTagged(), base, IntPtrConstant(index)));
1456 }
1457 }
1458
LoadAndUntagToWord32Root(Heap::RootListIndex root_index)1459 TNode<Int32T> CodeStubAssembler::LoadAndUntagToWord32Root(
1460 Heap::RootListIndex root_index) {
1461 Node* roots_array_start =
1462 ExternalConstant(ExternalReference::roots_array_start(isolate()));
1463 int index = root_index * kPointerSize;
1464 if (SmiValuesAre32Bits()) {
1465 #if V8_TARGET_LITTLE_ENDIAN
1466 index += kPointerSize / 2;
1467 #endif
1468 return UncheckedCast<Int32T>(
1469 Load(MachineType::Int32(), roots_array_start, IntPtrConstant(index)));
1470 } else {
1471 return SmiToInt32(Load(MachineType::AnyTagged(), roots_array_start,
1472 IntPtrConstant(index)));
1473 }
1474 }
1475
StoreAndTagSmi(Node * base,int offset,Node * value)1476 Node* CodeStubAssembler::StoreAndTagSmi(Node* base, int offset, Node* value) {
1477 if (SmiValuesAre32Bits()) {
1478 int zero_offset = offset + kPointerSize / 2;
1479 int payload_offset = offset;
1480 #if V8_TARGET_LITTLE_ENDIAN
1481 std::swap(zero_offset, payload_offset);
1482 #endif
1483 StoreNoWriteBarrier(MachineRepresentation::kWord32, base,
1484 IntPtrConstant(zero_offset), Int32Constant(0));
1485 return StoreNoWriteBarrier(MachineRepresentation::kWord32, base,
1486 IntPtrConstant(payload_offset),
1487 TruncateInt64ToInt32(value));
1488 } else {
1489 return StoreNoWriteBarrier(MachineRepresentation::kTaggedSigned, base,
1490 IntPtrConstant(offset), SmiTag(value));
1491 }
1492 }
1493
LoadHeapNumberValue(SloppyTNode<HeapNumber> object)1494 TNode<Float64T> CodeStubAssembler::LoadHeapNumberValue(
1495 SloppyTNode<HeapNumber> object) {
1496 return TNode<Float64T>::UncheckedCast(LoadObjectField(
1497 object, HeapNumber::kValueOffset, MachineType::Float64()));
1498 }
1499
LoadMap(SloppyTNode<HeapObject> object)1500 TNode<Map> CodeStubAssembler::LoadMap(SloppyTNode<HeapObject> object) {
1501 return UncheckedCast<Map>(LoadObjectField(object, HeapObject::kMapOffset));
1502 }
1503
LoadInstanceType(SloppyTNode<HeapObject> object)1504 TNode<Int32T> CodeStubAssembler::LoadInstanceType(
1505 SloppyTNode<HeapObject> object) {
1506 return LoadMapInstanceType(LoadMap(object));
1507 }
1508
HasInstanceType(SloppyTNode<HeapObject> object,InstanceType instance_type)1509 TNode<BoolT> CodeStubAssembler::HasInstanceType(SloppyTNode<HeapObject> object,
1510 InstanceType instance_type) {
1511 return InstanceTypeEqual(LoadInstanceType(object), instance_type);
1512 }
1513
DoesntHaveInstanceType(SloppyTNode<HeapObject> object,InstanceType instance_type)1514 TNode<BoolT> CodeStubAssembler::DoesntHaveInstanceType(
1515 SloppyTNode<HeapObject> object, InstanceType instance_type) {
1516 return Word32NotEqual(LoadInstanceType(object), Int32Constant(instance_type));
1517 }
1518
TaggedDoesntHaveInstanceType(SloppyTNode<HeapObject> any_tagged,InstanceType type)1519 TNode<BoolT> CodeStubAssembler::TaggedDoesntHaveInstanceType(
1520 SloppyTNode<HeapObject> any_tagged, InstanceType type) {
1521 /* return Phi <TaggedIsSmi(val), DoesntHaveInstanceType(val, type)> */
1522 TNode<BoolT> tagged_is_smi = TaggedIsSmi(any_tagged);
1523 return Select<BoolT>(
1524 tagged_is_smi, [=]() { return tagged_is_smi; },
1525 [=]() { return DoesntHaveInstanceType(any_tagged, type); });
1526 }
1527
LoadFastProperties(SloppyTNode<JSObject> object)1528 TNode<HeapObject> CodeStubAssembler::LoadFastProperties(
1529 SloppyTNode<JSObject> object) {
1530 CSA_SLOW_ASSERT(this, Word32BinaryNot(IsDictionaryMap(LoadMap(object))));
1531 TNode<Object> properties =
1532 LoadObjectField(object, JSObject::kPropertiesOrHashOffset);
1533 return Select<HeapObject>(TaggedIsSmi(properties),
1534 [=] { return EmptyFixedArrayConstant(); },
1535 [=] { return CAST(properties); });
1536 }
1537
LoadSlowProperties(SloppyTNode<JSObject> object)1538 TNode<HeapObject> CodeStubAssembler::LoadSlowProperties(
1539 SloppyTNode<JSObject> object) {
1540 CSA_SLOW_ASSERT(this, IsDictionaryMap(LoadMap(object)));
1541 TNode<Object> properties =
1542 LoadObjectField(object, JSObject::kPropertiesOrHashOffset);
1543 return Select<HeapObject>(TaggedIsSmi(properties),
1544 [=] { return EmptyPropertyDictionaryConstant(); },
1545 [=] { return CAST(properties); });
1546 }
1547
LoadElements(SloppyTNode<JSObject> object)1548 TNode<FixedArrayBase> CodeStubAssembler::LoadElements(
1549 SloppyTNode<JSObject> object) {
1550 return CAST(LoadObjectField(object, JSObject::kElementsOffset));
1551 }
1552
LoadJSArrayLength(SloppyTNode<JSArray> array)1553 TNode<Number> CodeStubAssembler::LoadJSArrayLength(SloppyTNode<JSArray> array) {
1554 CSA_ASSERT(this, IsJSArray(array));
1555 return CAST(LoadObjectField(array, JSArray::kLengthOffset));
1556 }
1557
LoadFastJSArrayLength(SloppyTNode<JSArray> array)1558 TNode<Smi> CodeStubAssembler::LoadFastJSArrayLength(
1559 SloppyTNode<JSArray> array) {
1560 TNode<Object> length = LoadJSArrayLength(array);
1561 CSA_ASSERT(this, IsFastElementsKind(LoadElementsKind(array)));
1562 // JSArray length is always a positive Smi for fast arrays.
1563 CSA_SLOW_ASSERT(this, TaggedIsPositiveSmi(length));
1564 return UncheckedCast<Smi>(length);
1565 }
1566
LoadFixedArrayBaseLength(SloppyTNode<FixedArrayBase> array)1567 TNode<Smi> CodeStubAssembler::LoadFixedArrayBaseLength(
1568 SloppyTNode<FixedArrayBase> array) {
1569 CSA_SLOW_ASSERT(this, IsNotWeakFixedArraySubclass(array));
1570 return CAST(LoadObjectField(array, FixedArrayBase::kLengthOffset));
1571 }
1572
LoadAndUntagFixedArrayBaseLength(SloppyTNode<FixedArrayBase> array)1573 TNode<IntPtrT> CodeStubAssembler::LoadAndUntagFixedArrayBaseLength(
1574 SloppyTNode<FixedArrayBase> array) {
1575 return LoadAndUntagObjectField(array, FixedArrayBase::kLengthOffset);
1576 }
1577
LoadFeedbackVectorLength(TNode<FeedbackVector> vector)1578 TNode<IntPtrT> CodeStubAssembler::LoadFeedbackVectorLength(
1579 TNode<FeedbackVector> vector) {
1580 return ChangeInt32ToIntPtr(
1581 LoadObjectField<Int32T>(vector, FeedbackVector::kLengthOffset));
1582 }
1583
LoadWeakFixedArrayLength(TNode<WeakFixedArray> array)1584 TNode<Smi> CodeStubAssembler::LoadWeakFixedArrayLength(
1585 TNode<WeakFixedArray> array) {
1586 return CAST(LoadObjectField(array, WeakFixedArray::kLengthOffset));
1587 }
1588
LoadAndUntagWeakFixedArrayLength(SloppyTNode<WeakFixedArray> array)1589 TNode<IntPtrT> CodeStubAssembler::LoadAndUntagWeakFixedArrayLength(
1590 SloppyTNode<WeakFixedArray> array) {
1591 return LoadAndUntagObjectField(array, WeakFixedArray::kLengthOffset);
1592 }
1593
LoadTypedArrayLength(TNode<JSTypedArray> typed_array)1594 TNode<Smi> CodeStubAssembler::LoadTypedArrayLength(
1595 TNode<JSTypedArray> typed_array) {
1596 return CAST(LoadObjectField(typed_array, JSTypedArray::kLengthOffset));
1597 }
1598
LoadMapBitField(SloppyTNode<Map> map)1599 TNode<Int32T> CodeStubAssembler::LoadMapBitField(SloppyTNode<Map> map) {
1600 CSA_SLOW_ASSERT(this, IsMap(map));
1601 return UncheckedCast<Int32T>(
1602 LoadObjectField(map, Map::kBitFieldOffset, MachineType::Uint8()));
1603 }
1604
LoadMapBitField2(SloppyTNode<Map> map)1605 TNode<Int32T> CodeStubAssembler::LoadMapBitField2(SloppyTNode<Map> map) {
1606 CSA_SLOW_ASSERT(this, IsMap(map));
1607 return UncheckedCast<Int32T>(
1608 LoadObjectField(map, Map::kBitField2Offset, MachineType::Uint8()));
1609 }
1610
LoadMapBitField3(SloppyTNode<Map> map)1611 TNode<Uint32T> CodeStubAssembler::LoadMapBitField3(SloppyTNode<Map> map) {
1612 CSA_SLOW_ASSERT(this, IsMap(map));
1613 return UncheckedCast<Uint32T>(
1614 LoadObjectField(map, Map::kBitField3Offset, MachineType::Uint32()));
1615 }
1616
LoadMapInstanceType(SloppyTNode<Map> map)1617 TNode<Int32T> CodeStubAssembler::LoadMapInstanceType(SloppyTNode<Map> map) {
1618 return UncheckedCast<Int32T>(
1619 LoadObjectField(map, Map::kInstanceTypeOffset, MachineType::Uint16()));
1620 }
1621
LoadMapElementsKind(SloppyTNode<Map> map)1622 TNode<Int32T> CodeStubAssembler::LoadMapElementsKind(SloppyTNode<Map> map) {
1623 CSA_SLOW_ASSERT(this, IsMap(map));
1624 Node* bit_field2 = LoadMapBitField2(map);
1625 return Signed(DecodeWord32<Map::ElementsKindBits>(bit_field2));
1626 }
1627
LoadElementsKind(SloppyTNode<HeapObject> object)1628 TNode<Int32T> CodeStubAssembler::LoadElementsKind(
1629 SloppyTNode<HeapObject> object) {
1630 return LoadMapElementsKind(LoadMap(object));
1631 }
1632
LoadMapDescriptors(SloppyTNode<Map> map)1633 TNode<DescriptorArray> CodeStubAssembler::LoadMapDescriptors(
1634 SloppyTNode<Map> map) {
1635 CSA_SLOW_ASSERT(this, IsMap(map));
1636 return CAST(LoadObjectField(map, Map::kDescriptorsOffset));
1637 }
1638
LoadMapPrototype(SloppyTNode<Map> map)1639 TNode<HeapObject> CodeStubAssembler::LoadMapPrototype(SloppyTNode<Map> map) {
1640 CSA_SLOW_ASSERT(this, IsMap(map));
1641 return CAST(LoadObjectField(map, Map::kPrototypeOffset));
1642 }
1643
LoadMapPrototypeInfo(SloppyTNode<Map> map,Label * if_no_proto_info)1644 TNode<PrototypeInfo> CodeStubAssembler::LoadMapPrototypeInfo(
1645 SloppyTNode<Map> map, Label* if_no_proto_info) {
1646 Label if_strong_heap_object(this);
1647 CSA_ASSERT(this, IsMap(map));
1648 TNode<MaybeObject> maybe_prototype_info =
1649 LoadMaybeWeakObjectField(map, Map::kTransitionsOrPrototypeInfoOffset);
1650 TVARIABLE(Object, prototype_info);
1651 DispatchMaybeObject(maybe_prototype_info, if_no_proto_info, if_no_proto_info,
1652 if_no_proto_info, &if_strong_heap_object,
1653 &prototype_info);
1654
1655 BIND(&if_strong_heap_object);
1656 GotoIfNot(WordEqual(LoadMap(CAST(prototype_info.value())),
1657 LoadRoot(Heap::kPrototypeInfoMapRootIndex)),
1658 if_no_proto_info);
1659 return CAST(prototype_info.value());
1660 }
1661
LoadMapInstanceSizeInWords(SloppyTNode<Map> map)1662 TNode<IntPtrT> CodeStubAssembler::LoadMapInstanceSizeInWords(
1663 SloppyTNode<Map> map) {
1664 CSA_SLOW_ASSERT(this, IsMap(map));
1665 return ChangeInt32ToIntPtr(LoadObjectField(
1666 map, Map::kInstanceSizeInWordsOffset, MachineType::Uint8()));
1667 }
1668
LoadMapInobjectPropertiesStartInWords(SloppyTNode<Map> map)1669 TNode<IntPtrT> CodeStubAssembler::LoadMapInobjectPropertiesStartInWords(
1670 SloppyTNode<Map> map) {
1671 CSA_SLOW_ASSERT(this, IsMap(map));
1672 // See Map::GetInObjectPropertiesStartInWords() for details.
1673 CSA_ASSERT(this, IsJSObjectMap(map));
1674 return ChangeInt32ToIntPtr(LoadObjectField(
1675 map, Map::kInObjectPropertiesStartOrConstructorFunctionIndexOffset,
1676 MachineType::Uint8()));
1677 }
1678
LoadMapConstructorFunctionIndex(SloppyTNode<Map> map)1679 TNode<IntPtrT> CodeStubAssembler::LoadMapConstructorFunctionIndex(
1680 SloppyTNode<Map> map) {
1681 CSA_SLOW_ASSERT(this, IsMap(map));
1682 // See Map::GetConstructorFunctionIndex() for details.
1683 CSA_ASSERT(this, IsPrimitiveInstanceType(LoadMapInstanceType(map)));
1684 return ChangeInt32ToIntPtr(LoadObjectField(
1685 map, Map::kInObjectPropertiesStartOrConstructorFunctionIndexOffset,
1686 MachineType::Uint8()));
1687 }
1688
LoadMapConstructor(SloppyTNode<Map> map)1689 TNode<Object> CodeStubAssembler::LoadMapConstructor(SloppyTNode<Map> map) {
1690 CSA_SLOW_ASSERT(this, IsMap(map));
1691 TVARIABLE(Object, result,
1692 LoadObjectField(map, Map::kConstructorOrBackPointerOffset));
1693
1694 Label done(this), loop(this, &result);
1695 Goto(&loop);
1696 BIND(&loop);
1697 {
1698 GotoIf(TaggedIsSmi(result.value()), &done);
1699 Node* is_map_type =
1700 InstanceTypeEqual(LoadInstanceType(CAST(result.value())), MAP_TYPE);
1701 GotoIfNot(is_map_type, &done);
1702 result = LoadObjectField(CAST(result.value()),
1703 Map::kConstructorOrBackPointerOffset);
1704 Goto(&loop);
1705 }
1706 BIND(&done);
1707 return result.value();
1708 }
1709
LoadMapEnumLength(SloppyTNode<Map> map)1710 Node* CodeStubAssembler::LoadMapEnumLength(SloppyTNode<Map> map) {
1711 CSA_SLOW_ASSERT(this, IsMap(map));
1712 Node* bit_field3 = LoadMapBitField3(map);
1713 return DecodeWordFromWord32<Map::EnumLengthBits>(bit_field3);
1714 }
1715
LoadMapBackPointer(SloppyTNode<Map> map)1716 TNode<Object> CodeStubAssembler::LoadMapBackPointer(SloppyTNode<Map> map) {
1717 TNode<HeapObject> object =
1718 CAST(LoadObjectField(map, Map::kConstructorOrBackPointerOffset));
1719 return Select<Object>(IsMap(object), [=] { return object; },
1720 [=] { return UndefinedConstant(); });
1721 }
1722
LoadJSReceiverIdentityHash(SloppyTNode<Object> receiver,Label * if_no_hash)1723 TNode<IntPtrT> CodeStubAssembler::LoadJSReceiverIdentityHash(
1724 SloppyTNode<Object> receiver, Label* if_no_hash) {
1725 TVARIABLE(IntPtrT, var_hash);
1726 Label done(this), if_smi(this), if_property_array(this),
1727 if_property_dictionary(this), if_fixed_array(this);
1728
1729 TNode<Object> properties_or_hash =
1730 LoadObjectField(TNode<HeapObject>::UncheckedCast(receiver),
1731 JSReceiver::kPropertiesOrHashOffset);
1732 GotoIf(TaggedIsSmi(properties_or_hash), &if_smi);
1733
1734 TNode<HeapObject> properties =
1735 TNode<HeapObject>::UncheckedCast(properties_or_hash);
1736 TNode<Int32T> properties_instance_type = LoadInstanceType(properties);
1737
1738 GotoIf(InstanceTypeEqual(properties_instance_type, PROPERTY_ARRAY_TYPE),
1739 &if_property_array);
1740 Branch(InstanceTypeEqual(properties_instance_type, NAME_DICTIONARY_TYPE),
1741 &if_property_dictionary, &if_fixed_array);
1742
1743 BIND(&if_fixed_array);
1744 {
1745 var_hash = IntPtrConstant(PropertyArray::kNoHashSentinel);
1746 Goto(&done);
1747 }
1748
1749 BIND(&if_smi);
1750 {
1751 var_hash = SmiUntag(TNode<Smi>::UncheckedCast(properties_or_hash));
1752 Goto(&done);
1753 }
1754
1755 BIND(&if_property_array);
1756 {
1757 TNode<IntPtrT> length_and_hash = LoadAndUntagObjectField(
1758 properties, PropertyArray::kLengthAndHashOffset);
1759 var_hash = TNode<IntPtrT>::UncheckedCast(
1760 DecodeWord<PropertyArray::HashField>(length_and_hash));
1761 Goto(&done);
1762 }
1763
1764 BIND(&if_property_dictionary);
1765 {
1766 var_hash = SmiUntag(CAST(LoadFixedArrayElement(
1767 CAST(properties), NameDictionary::kObjectHashIndex)));
1768 Goto(&done);
1769 }
1770
1771 BIND(&done);
1772 if (if_no_hash != nullptr) {
1773 GotoIf(IntPtrEqual(var_hash.value(),
1774 IntPtrConstant(PropertyArray::kNoHashSentinel)),
1775 if_no_hash);
1776 }
1777 return var_hash.value();
1778 }
1779
LoadNameHashField(SloppyTNode<Name> name)1780 TNode<Uint32T> CodeStubAssembler::LoadNameHashField(SloppyTNode<Name> name) {
1781 CSA_ASSERT(this, IsName(name));
1782 return LoadObjectField<Uint32T>(name, Name::kHashFieldOffset);
1783 }
1784
LoadNameHash(SloppyTNode<Name> name,Label * if_hash_not_computed)1785 TNode<Uint32T> CodeStubAssembler::LoadNameHash(SloppyTNode<Name> name,
1786 Label* if_hash_not_computed) {
1787 TNode<Uint32T> hash_field = LoadNameHashField(name);
1788 if (if_hash_not_computed != nullptr) {
1789 GotoIf(IsSetWord32(hash_field, Name::kHashNotComputedMask),
1790 if_hash_not_computed);
1791 }
1792 return Unsigned(Word32Shr(hash_field, Int32Constant(Name::kHashShift)));
1793 }
1794
LoadStringLengthAsWord(SloppyTNode<String> object)1795 TNode<IntPtrT> CodeStubAssembler::LoadStringLengthAsWord(
1796 SloppyTNode<String> object) {
1797 return SmiUntag(LoadStringLengthAsSmi(object));
1798 }
1799
LoadStringLengthAsSmi(SloppyTNode<String> object)1800 TNode<Smi> CodeStubAssembler::LoadStringLengthAsSmi(
1801 SloppyTNode<String> object) {
1802 CSA_ASSERT(this, IsString(object));
1803 return CAST(LoadObjectField(object, String::kLengthOffset,
1804 MachineType::TaggedPointer()));
1805 }
1806
PointerToSeqStringData(Node * seq_string)1807 Node* CodeStubAssembler::PointerToSeqStringData(Node* seq_string) {
1808 CSA_ASSERT(this, IsString(seq_string));
1809 CSA_ASSERT(this,
1810 IsSequentialStringInstanceType(LoadInstanceType(seq_string)));
1811 STATIC_ASSERT(SeqOneByteString::kHeaderSize == SeqTwoByteString::kHeaderSize);
1812 return IntPtrAdd(
1813 BitcastTaggedToWord(seq_string),
1814 IntPtrConstant(SeqOneByteString::kHeaderSize - kHeapObjectTag));
1815 }
1816
LoadJSValueValue(Node * object)1817 Node* CodeStubAssembler::LoadJSValueValue(Node* object) {
1818 CSA_ASSERT(this, IsJSValue(object));
1819 return LoadObjectField(object, JSValue::kValueOffset);
1820 }
1821
DispatchMaybeObject(TNode<MaybeObject> maybe_object,Label * if_smi,Label * if_cleared,Label * if_weak,Label * if_strong,TVariable<Object> * extracted)1822 void CodeStubAssembler::DispatchMaybeObject(TNode<MaybeObject> maybe_object,
1823 Label* if_smi, Label* if_cleared,
1824 Label* if_weak, Label* if_strong,
1825 TVariable<Object>* extracted) {
1826 Label inner_if_smi(this), inner_if_strong(this);
1827
1828 GotoIf(TaggedIsSmi(maybe_object), &inner_if_smi);
1829
1830 GotoIf(WordEqual(BitcastMaybeObjectToWord(maybe_object),
1831 IntPtrConstant(reinterpret_cast<intptr_t>(
1832 HeapObjectReference::ClearedValue()))),
1833 if_cleared);
1834
1835 GotoIf(WordEqual(WordAnd(BitcastMaybeObjectToWord(maybe_object),
1836 IntPtrConstant(kHeapObjectTagMask)),
1837 IntPtrConstant(kHeapObjectTag)),
1838 &inner_if_strong);
1839
1840 *extracted =
1841 BitcastWordToTagged(WordAnd(BitcastMaybeObjectToWord(maybe_object),
1842 IntPtrConstant(~kWeakHeapObjectMask)));
1843 Goto(if_weak);
1844
1845 BIND(&inner_if_smi);
1846 *extracted = CAST(maybe_object);
1847 Goto(if_smi);
1848
1849 BIND(&inner_if_strong);
1850 *extracted = CAST(maybe_object);
1851 Goto(if_strong);
1852 }
1853
IsStrongHeapObject(TNode<MaybeObject> value)1854 TNode<BoolT> CodeStubAssembler::IsStrongHeapObject(TNode<MaybeObject> value) {
1855 return WordEqual(WordAnd(BitcastMaybeObjectToWord(value),
1856 IntPtrConstant(kHeapObjectTagMask)),
1857 IntPtrConstant(kHeapObjectTag));
1858 }
1859
ToStrongHeapObject(TNode<MaybeObject> value,Label * if_not_strong)1860 TNode<HeapObject> CodeStubAssembler::ToStrongHeapObject(
1861 TNode<MaybeObject> value, Label* if_not_strong) {
1862 GotoIfNot(IsStrongHeapObject(value), if_not_strong);
1863 return CAST(value);
1864 }
1865
IsWeakOrClearedHeapObject(TNode<MaybeObject> value)1866 TNode<BoolT> CodeStubAssembler::IsWeakOrClearedHeapObject(
1867 TNode<MaybeObject> value) {
1868 return WordEqual(WordAnd(BitcastMaybeObjectToWord(value),
1869 IntPtrConstant(kHeapObjectTagMask)),
1870 IntPtrConstant(kWeakHeapObjectTag));
1871 }
1872
IsClearedWeakHeapObject(TNode<MaybeObject> value)1873 TNode<BoolT> CodeStubAssembler::IsClearedWeakHeapObject(
1874 TNode<MaybeObject> value) {
1875 return WordEqual(BitcastMaybeObjectToWord(value),
1876 IntPtrConstant(kClearedWeakHeapObject));
1877 }
1878
IsNotClearedWeakHeapObject(TNode<MaybeObject> value)1879 TNode<BoolT> CodeStubAssembler::IsNotClearedWeakHeapObject(
1880 TNode<MaybeObject> value) {
1881 return WordNotEqual(BitcastMaybeObjectToWord(value),
1882 IntPtrConstant(kClearedWeakHeapObject));
1883 }
1884
ToWeakHeapObject(TNode<MaybeObject> value)1885 TNode<HeapObject> CodeStubAssembler::ToWeakHeapObject(
1886 TNode<MaybeObject> value) {
1887 CSA_ASSERT(this, IsWeakOrClearedHeapObject(value));
1888 CSA_ASSERT(this, IsNotClearedWeakHeapObject(value));
1889 return UncheckedCast<HeapObject>(BitcastWordToTagged(WordAnd(
1890 BitcastMaybeObjectToWord(value), IntPtrConstant(~kWeakHeapObjectMask))));
1891 }
1892
ToWeakHeapObject(TNode<MaybeObject> value,Label * if_cleared)1893 TNode<HeapObject> CodeStubAssembler::ToWeakHeapObject(TNode<MaybeObject> value,
1894 Label* if_cleared) {
1895 GotoIf(IsClearedWeakHeapObject(value), if_cleared);
1896 return ToWeakHeapObject(value);
1897 }
1898
IsWeakReferenceTo(TNode<MaybeObject> object,TNode<Object> value)1899 TNode<BoolT> CodeStubAssembler::IsWeakReferenceTo(TNode<MaybeObject> object,
1900 TNode<Object> value) {
1901 return WordEqual(WordAnd(BitcastMaybeObjectToWord(object),
1902 IntPtrConstant(~kWeakHeapObjectMask)),
1903 BitcastTaggedToWord(value));
1904 }
1905
IsStrongReferenceTo(TNode<MaybeObject> object,TNode<Object> value)1906 TNode<BoolT> CodeStubAssembler::IsStrongReferenceTo(TNode<MaybeObject> object,
1907 TNode<Object> value) {
1908 return WordEqual(BitcastMaybeObjectToWord(object),
1909 BitcastTaggedToWord(value));
1910 }
1911
IsNotWeakReferenceTo(TNode<MaybeObject> object,TNode<Object> value)1912 TNode<BoolT> CodeStubAssembler::IsNotWeakReferenceTo(TNode<MaybeObject> object,
1913 TNode<Object> value) {
1914 return WordNotEqual(WordAnd(BitcastMaybeObjectToWord(object),
1915 IntPtrConstant(~kWeakHeapObjectMask)),
1916 BitcastTaggedToWord(value));
1917 }
1918
MakeWeak(TNode<HeapObject> value)1919 TNode<MaybeObject> CodeStubAssembler::MakeWeak(TNode<HeapObject> value) {
1920 return ReinterpretCast<MaybeObject>(BitcastWordToTagged(
1921 WordOr(BitcastTaggedToWord(value), IntPtrConstant(kWeakHeapObjectTag))));
1922 }
1923
LoadArrayElement(SloppyTNode<HeapObject> array,int array_header_size,Node * index_node,int additional_offset,ParameterMode parameter_mode,LoadSensitivity needs_poisoning)1924 TNode<MaybeObject> CodeStubAssembler::LoadArrayElement(
1925 SloppyTNode<HeapObject> array, int array_header_size, Node* index_node,
1926 int additional_offset, ParameterMode parameter_mode,
1927 LoadSensitivity needs_poisoning) {
1928 CSA_ASSERT(this, IntPtrGreaterThanOrEqual(
1929 ParameterToIntPtr(index_node, parameter_mode),
1930 IntPtrConstant(0)));
1931 DCHECK_EQ(additional_offset % kPointerSize, 0);
1932 int32_t header_size = array_header_size + additional_offset - kHeapObjectTag;
1933 TNode<IntPtrT> offset = ElementOffsetFromIndex(index_node, HOLEY_ELEMENTS,
1934 parameter_mode, header_size);
1935 STATIC_ASSERT(FixedArrayBase::kLengthOffset == WeakFixedArray::kLengthOffset);
1936 STATIC_ASSERT(FixedArrayBase::kLengthOffset ==
1937 PropertyArray::kLengthAndHashOffset);
1938 // Check that index_node + additional_offset <= object.length.
1939 // TODO(cbruni): Use proper LoadXXLength helpers
1940 CSA_ASSERT(
1941 this,
1942 IsOffsetInBounds(
1943 offset,
1944 Select<IntPtrT>(
1945 IsPropertyArray(array),
1946 [=] {
1947 TNode<IntPtrT> length_and_hash = LoadAndUntagObjectField(
1948 array, PropertyArray::kLengthAndHashOffset);
1949 return TNode<IntPtrT>::UncheckedCast(
1950 DecodeWord<PropertyArray::LengthField>(length_and_hash));
1951 },
1952 [=] {
1953 return LoadAndUntagObjectField(array,
1954 FixedArrayBase::kLengthOffset);
1955 }),
1956 FixedArray::kHeaderSize));
1957 return UncheckedCast<MaybeObject>(
1958 Load(MachineType::AnyTagged(), array, offset, needs_poisoning));
1959 }
1960
FixedArrayBoundsCheck(TNode<FixedArrayBase> array,Node * index,int additional_offset,ParameterMode parameter_mode)1961 void CodeStubAssembler::FixedArrayBoundsCheck(TNode<FixedArrayBase> array,
1962 Node* index,
1963 int additional_offset,
1964 ParameterMode parameter_mode) {
1965 if (!FLAG_fixed_array_bounds_checks) return;
1966 DCHECK_EQ(0, additional_offset % kPointerSize);
1967 if (parameter_mode == ParameterMode::SMI_PARAMETERS) {
1968 TNode<Smi> effective_index;
1969 Smi* constant_index;
1970 bool index_is_constant = ToSmiConstant(index, constant_index);
1971 if (index_is_constant) {
1972 effective_index = SmiConstant(Smi::ToInt(constant_index) +
1973 additional_offset / kPointerSize);
1974 } else if (additional_offset != 0) {
1975 effective_index =
1976 SmiAdd(CAST(index), SmiConstant(additional_offset / kPointerSize));
1977 } else {
1978 effective_index = CAST(index);
1979 }
1980 CSA_CHECK(this, SmiBelow(effective_index, LoadFixedArrayBaseLength(array)));
1981 } else {
1982 // IntPtrAdd does constant-folding automatically.
1983 TNode<IntPtrT> effective_index =
1984 IntPtrAdd(UncheckedCast<IntPtrT>(index),
1985 IntPtrConstant(additional_offset / kPointerSize));
1986 CSA_CHECK(this, UintPtrLessThan(effective_index,
1987 LoadAndUntagFixedArrayBaseLength(array)));
1988 }
1989 }
1990
LoadFixedArrayElement(TNode<FixedArray> object,Node * index_node,int additional_offset,ParameterMode parameter_mode,LoadSensitivity needs_poisoning)1991 TNode<Object> CodeStubAssembler::LoadFixedArrayElement(
1992 TNode<FixedArray> object, Node* index_node, int additional_offset,
1993 ParameterMode parameter_mode, LoadSensitivity needs_poisoning) {
1994 CSA_ASSERT(this, IsFixedArraySubclass(object));
1995 CSA_ASSERT(this, IsNotWeakFixedArraySubclass(object));
1996 FixedArrayBoundsCheck(object, index_node, additional_offset, parameter_mode);
1997 TNode<MaybeObject> element =
1998 LoadArrayElement(object, FixedArray::kHeaderSize, index_node,
1999 additional_offset, parameter_mode, needs_poisoning);
2000 return CAST(element);
2001 }
2002
LoadPropertyArrayElement(SloppyTNode<PropertyArray> object,SloppyTNode<IntPtrT> index)2003 TNode<Object> CodeStubAssembler::LoadPropertyArrayElement(
2004 SloppyTNode<PropertyArray> object, SloppyTNode<IntPtrT> index) {
2005 int additional_offset = 0;
2006 ParameterMode parameter_mode = INTPTR_PARAMETERS;
2007 LoadSensitivity needs_poisoning = LoadSensitivity::kSafe;
2008 STATIC_ASSERT(PropertyArray::kHeaderSize == FixedArray::kHeaderSize);
2009
2010 return CAST(LoadArrayElement(object, PropertyArray::kHeaderSize, index,
2011 additional_offset, parameter_mode,
2012 needs_poisoning));
2013 }
2014
LoadPropertyArrayLength(TNode<PropertyArray> object)2015 TNode<IntPtrT> CodeStubAssembler::LoadPropertyArrayLength(
2016 TNode<PropertyArray> object) {
2017 TNode<IntPtrT> value =
2018 LoadAndUntagObjectField(object, PropertyArray::kLengthAndHashOffset);
2019 return Signed(DecodeWord<PropertyArray::LengthField>(value));
2020 }
2021
LoadFixedTypedArrayBackingStore(TNode<FixedTypedArrayBase> typed_array)2022 TNode<RawPtrT> CodeStubAssembler::LoadFixedTypedArrayBackingStore(
2023 TNode<FixedTypedArrayBase> typed_array) {
2024 // Backing store = external_pointer + base_pointer.
2025 Node* external_pointer =
2026 LoadObjectField(typed_array, FixedTypedArrayBase::kExternalPointerOffset,
2027 MachineType::Pointer());
2028 Node* base_pointer =
2029 LoadObjectField(typed_array, FixedTypedArrayBase::kBasePointerOffset);
2030 return UncheckedCast<RawPtrT>(
2031 IntPtrAdd(external_pointer, BitcastTaggedToWord(base_pointer)));
2032 }
2033
LoadFixedBigInt64ArrayElementAsTagged(Node * data_pointer,Node * offset)2034 Node* CodeStubAssembler::LoadFixedBigInt64ArrayElementAsTagged(
2035 Node* data_pointer, Node* offset) {
2036 TVARIABLE(BigInt, var_result);
2037 Label done(this), if_zero(this);
2038 if (Is64()) {
2039 TNode<IntPtrT> value = UncheckedCast<IntPtrT>(
2040 Load(MachineType::IntPtr(), data_pointer, offset));
2041 Label if_positive(this), if_negative(this);
2042 GotoIf(IntPtrEqual(value, IntPtrConstant(0)), &if_zero);
2043 var_result = AllocateRawBigInt(IntPtrConstant(1));
2044 Branch(IntPtrGreaterThan(value, IntPtrConstant(0)), &if_positive,
2045 &if_negative);
2046
2047 BIND(&if_positive);
2048 {
2049 StoreBigIntBitfield(var_result.value(),
2050 IntPtrConstant(BigInt::SignBits::encode(false) |
2051 BigInt::LengthBits::encode(1)));
2052 StoreBigIntDigit(var_result.value(), 0, Unsigned(value));
2053 Goto(&done);
2054 }
2055
2056 BIND(&if_negative);
2057 {
2058 StoreBigIntBitfield(var_result.value(),
2059 IntPtrConstant(BigInt::SignBits::encode(true) |
2060 BigInt::LengthBits::encode(1)));
2061 StoreBigIntDigit(var_result.value(), 0,
2062 Unsigned(IntPtrSub(IntPtrConstant(0), value)));
2063 Goto(&done);
2064 }
2065 } else {
2066 DCHECK(!Is64());
2067 TVARIABLE(WordT, var_sign, IntPtrConstant(BigInt::SignBits::encode(false)));
2068 TVARIABLE(IntPtrT, var_low);
2069 TVARIABLE(IntPtrT, var_high);
2070 #if defined(V8_TARGET_BIG_ENDIAN)
2071 var_high = UncheckedCast<IntPtrT>(
2072 Load(MachineType::UintPtr(), data_pointer, offset));
2073 var_low = UncheckedCast<IntPtrT>(
2074 Load(MachineType::UintPtr(), data_pointer,
2075 Int32Add(offset, Int32Constant(kPointerSize))));
2076 #else
2077 var_low = UncheckedCast<IntPtrT>(
2078 Load(MachineType::UintPtr(), data_pointer, offset));
2079 var_high = UncheckedCast<IntPtrT>(
2080 Load(MachineType::UintPtr(), data_pointer,
2081 Int32Add(offset, Int32Constant(kPointerSize))));
2082 #endif
2083
2084 Label high_zero(this), negative(this), allocate_one_digit(this),
2085 allocate_two_digits(this);
2086
2087 GotoIf(WordEqual(var_high.value(), IntPtrConstant(0)), &high_zero);
2088 Branch(IntPtrLessThan(var_high.value(), IntPtrConstant(0)), &negative,
2089 &allocate_two_digits);
2090
2091 BIND(&high_zero);
2092 Branch(WordEqual(var_low.value(), IntPtrConstant(0)), &if_zero,
2093 &allocate_one_digit);
2094
2095 BIND(&negative);
2096 {
2097 var_sign = IntPtrConstant(BigInt::SignBits::encode(true));
2098 // We must negate the value by computing "0 - (high|low)", performing
2099 // both parts of the subtraction separately and manually taking care
2100 // of the carry bit (which is 1 iff low != 0).
2101 var_high = IntPtrSub(IntPtrConstant(0), var_high.value());
2102 Label carry(this), no_carry(this);
2103 Branch(WordEqual(var_low.value(), IntPtrConstant(0)), &no_carry, &carry);
2104 BIND(&carry);
2105 var_high = IntPtrSub(var_high.value(), IntPtrConstant(1));
2106 Goto(&no_carry);
2107 BIND(&no_carry);
2108 var_low = IntPtrSub(IntPtrConstant(0), var_low.value());
2109 // var_high was non-zero going into this block, but subtracting the
2110 // carry bit from it could bring us back onto the "one digit" path.
2111 Branch(WordEqual(var_high.value(), IntPtrConstant(0)),
2112 &allocate_one_digit, &allocate_two_digits);
2113 }
2114
2115 BIND(&allocate_one_digit);
2116 {
2117 var_result = AllocateRawBigInt(IntPtrConstant(1));
2118 StoreBigIntBitfield(
2119 var_result.value(),
2120 WordOr(var_sign.value(),
2121 IntPtrConstant(BigInt::LengthBits::encode(1))));
2122 StoreBigIntDigit(var_result.value(), 0, Unsigned(var_low.value()));
2123 Goto(&done);
2124 }
2125
2126 BIND(&allocate_two_digits);
2127 {
2128 var_result = AllocateRawBigInt(IntPtrConstant(2));
2129 StoreBigIntBitfield(
2130 var_result.value(),
2131 WordOr(var_sign.value(),
2132 IntPtrConstant(BigInt::LengthBits::encode(2))));
2133 StoreBigIntDigit(var_result.value(), 0, Unsigned(var_low.value()));
2134 StoreBigIntDigit(var_result.value(), 1, Unsigned(var_high.value()));
2135 Goto(&done);
2136 }
2137 }
2138 BIND(&if_zero);
2139 var_result = AllocateBigInt(IntPtrConstant(0));
2140 Goto(&done);
2141
2142 BIND(&done);
2143 return var_result.value();
2144 }
2145
LoadFixedBigUint64ArrayElementAsTagged(Node * data_pointer,Node * offset)2146 Node* CodeStubAssembler::LoadFixedBigUint64ArrayElementAsTagged(
2147 Node* data_pointer, Node* offset) {
2148 TVARIABLE(BigInt, var_result);
2149 Label if_zero(this), done(this);
2150 if (Is64()) {
2151 TNode<UintPtrT> value = UncheckedCast<UintPtrT>(
2152 Load(MachineType::UintPtr(), data_pointer, offset));
2153 GotoIf(IntPtrEqual(value, IntPtrConstant(0)), &if_zero);
2154 var_result = AllocateBigInt(IntPtrConstant(1));
2155 StoreBigIntDigit(var_result.value(), 0, value);
2156 Goto(&done);
2157 } else {
2158 DCHECK(!Is64());
2159 Label high_zero(this);
2160
2161 #if defined(V8_TARGET_BIG_ENDIAN)
2162 TNode<UintPtrT> high = UncheckedCast<UintPtrT>(
2163 Load(MachineType::UintPtr(), data_pointer, offset));
2164 TNode<UintPtrT> low = UncheckedCast<UintPtrT>(
2165 Load(MachineType::UintPtr(), data_pointer,
2166 Int32Add(offset, Int32Constant(kPointerSize))));
2167 #else
2168 TNode<UintPtrT> low = UncheckedCast<UintPtrT>(
2169 Load(MachineType::UintPtr(), data_pointer, offset));
2170 TNode<UintPtrT> high = UncheckedCast<UintPtrT>(
2171 Load(MachineType::UintPtr(), data_pointer,
2172 Int32Add(offset, Int32Constant(kPointerSize))));
2173 #endif
2174
2175 GotoIf(WordEqual(high, IntPtrConstant(0)), &high_zero);
2176 var_result = AllocateBigInt(IntPtrConstant(2));
2177 StoreBigIntDigit(var_result.value(), 0, low);
2178 StoreBigIntDigit(var_result.value(), 1, high);
2179 Goto(&done);
2180
2181 BIND(&high_zero);
2182 GotoIf(WordEqual(low, IntPtrConstant(0)), &if_zero);
2183 var_result = AllocateBigInt(IntPtrConstant(1));
2184 StoreBigIntDigit(var_result.value(), 0, low);
2185 Goto(&done);
2186 }
2187 BIND(&if_zero);
2188 var_result = AllocateBigInt(IntPtrConstant(0));
2189 Goto(&done);
2190
2191 BIND(&done);
2192 return var_result.value();
2193 }
2194
LoadFixedTypedArrayElementAsTagged(Node * data_pointer,Node * index_node,ElementsKind elements_kind,ParameterMode parameter_mode)2195 Node* CodeStubAssembler::LoadFixedTypedArrayElementAsTagged(
2196 Node* data_pointer, Node* index_node, ElementsKind elements_kind,
2197 ParameterMode parameter_mode) {
2198 Node* offset =
2199 ElementOffsetFromIndex(index_node, elements_kind, parameter_mode, 0);
2200 switch (elements_kind) {
2201 case UINT8_ELEMENTS: /* fall through */
2202 case UINT8_CLAMPED_ELEMENTS:
2203 return SmiFromInt32(Load(MachineType::Uint8(), data_pointer, offset));
2204 case INT8_ELEMENTS:
2205 return SmiFromInt32(Load(MachineType::Int8(), data_pointer, offset));
2206 case UINT16_ELEMENTS:
2207 return SmiFromInt32(Load(MachineType::Uint16(), data_pointer, offset));
2208 case INT16_ELEMENTS:
2209 return SmiFromInt32(Load(MachineType::Int16(), data_pointer, offset));
2210 case UINT32_ELEMENTS:
2211 return ChangeUint32ToTagged(
2212 Load(MachineType::Uint32(), data_pointer, offset));
2213 case INT32_ELEMENTS:
2214 return ChangeInt32ToTagged(
2215 Load(MachineType::Int32(), data_pointer, offset));
2216 case FLOAT32_ELEMENTS:
2217 return AllocateHeapNumberWithValue(ChangeFloat32ToFloat64(
2218 Load(MachineType::Float32(), data_pointer, offset)));
2219 case FLOAT64_ELEMENTS:
2220 return AllocateHeapNumberWithValue(
2221 Load(MachineType::Float64(), data_pointer, offset));
2222 case BIGINT64_ELEMENTS:
2223 return LoadFixedBigInt64ArrayElementAsTagged(data_pointer, offset);
2224 case BIGUINT64_ELEMENTS:
2225 return LoadFixedBigUint64ArrayElementAsTagged(data_pointer, offset);
2226 default:
2227 UNREACHABLE();
2228 }
2229 }
2230
LoadFixedTypedArrayElementAsTagged(TNode<WordT> data_pointer,TNode<Smi> index,TNode<Int32T> elements_kind)2231 TNode<Numeric> CodeStubAssembler::LoadFixedTypedArrayElementAsTagged(
2232 TNode<WordT> data_pointer, TNode<Smi> index, TNode<Int32T> elements_kind) {
2233 TVARIABLE(Numeric, var_result);
2234 Label done(this), if_unknown_type(this, Label::kDeferred);
2235 int32_t elements_kinds[] = {
2236 #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) TYPE##_ELEMENTS,
2237 TYPED_ARRAYS(TYPED_ARRAY_CASE)
2238 #undef TYPED_ARRAY_CASE
2239 };
2240
2241 #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) Label if_##type##array(this);
2242 TYPED_ARRAYS(TYPED_ARRAY_CASE)
2243 #undef TYPED_ARRAY_CASE
2244
2245 Label* elements_kind_labels[] = {
2246 #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) &if_##type##array,
2247 TYPED_ARRAYS(TYPED_ARRAY_CASE)
2248 #undef TYPED_ARRAY_CASE
2249 };
2250 STATIC_ASSERT(arraysize(elements_kinds) == arraysize(elements_kind_labels));
2251
2252 Switch(elements_kind, &if_unknown_type, elements_kinds, elements_kind_labels,
2253 arraysize(elements_kinds));
2254
2255 BIND(&if_unknown_type);
2256 Unreachable();
2257
2258 #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) \
2259 BIND(&if_##type##array); \
2260 { \
2261 var_result = CAST(LoadFixedTypedArrayElementAsTagged( \
2262 data_pointer, index, TYPE##_ELEMENTS, SMI_PARAMETERS)); \
2263 Goto(&done); \
2264 }
2265 TYPED_ARRAYS(TYPED_ARRAY_CASE)
2266 #undef TYPED_ARRAY_CASE
2267
2268 BIND(&done);
2269 return var_result.value();
2270 }
2271
StoreFixedTypedArrayElementFromTagged(TNode<Context> context,TNode<FixedTypedArrayBase> elements,TNode<Object> index_node,TNode<Object> value,ElementsKind elements_kind,ParameterMode parameter_mode)2272 void CodeStubAssembler::StoreFixedTypedArrayElementFromTagged(
2273 TNode<Context> context, TNode<FixedTypedArrayBase> elements,
2274 TNode<Object> index_node, TNode<Object> value, ElementsKind elements_kind,
2275 ParameterMode parameter_mode) {
2276 TNode<RawPtrT> data_pointer = LoadFixedTypedArrayBackingStore(elements);
2277 switch (elements_kind) {
2278 case UINT8_ELEMENTS:
2279 case UINT8_CLAMPED_ELEMENTS:
2280 case INT8_ELEMENTS:
2281 case UINT16_ELEMENTS:
2282 case INT16_ELEMENTS:
2283 StoreElement(data_pointer, elements_kind, index_node,
2284 SmiToInt32(CAST(value)), parameter_mode);
2285 break;
2286 case UINT32_ELEMENTS:
2287 case INT32_ELEMENTS:
2288 StoreElement(data_pointer, elements_kind, index_node,
2289 TruncateTaggedToWord32(context, value), parameter_mode);
2290 break;
2291 case FLOAT32_ELEMENTS:
2292 StoreElement(data_pointer, elements_kind, index_node,
2293 TruncateFloat64ToFloat32(LoadHeapNumberValue(CAST(value))),
2294 parameter_mode);
2295 break;
2296 case FLOAT64_ELEMENTS:
2297 StoreElement(data_pointer, elements_kind, index_node,
2298 LoadHeapNumberValue(CAST(value)), parameter_mode);
2299 break;
2300 case BIGUINT64_ELEMENTS:
2301 case BIGINT64_ELEMENTS: {
2302 TNode<IntPtrT> offset =
2303 ElementOffsetFromIndex(index_node, elements_kind, parameter_mode, 0);
2304 EmitBigTypedArrayElementStore(elements, data_pointer, offset,
2305 CAST(value));
2306 break;
2307 }
2308 default:
2309 UNREACHABLE();
2310 }
2311 }
2312
LoadFeedbackVectorSlot(Node * object,Node * slot_index_node,int additional_offset,ParameterMode parameter_mode)2313 TNode<MaybeObject> CodeStubAssembler::LoadFeedbackVectorSlot(
2314 Node* object, Node* slot_index_node, int additional_offset,
2315 ParameterMode parameter_mode) {
2316 CSA_SLOW_ASSERT(this, IsFeedbackVector(object));
2317 CSA_SLOW_ASSERT(this, MatchesParameterMode(slot_index_node, parameter_mode));
2318 int32_t header_size =
2319 FeedbackVector::kFeedbackSlotsOffset + additional_offset - kHeapObjectTag;
2320 Node* offset = ElementOffsetFromIndex(slot_index_node, HOLEY_ELEMENTS,
2321 parameter_mode, header_size);
2322 CSA_SLOW_ASSERT(
2323 this, IsOffsetInBounds(offset, LoadFeedbackVectorLength(CAST(object)),
2324 FeedbackVector::kHeaderSize));
2325 return UncheckedCast<MaybeObject>(
2326 Load(MachineType::AnyTagged(), object, offset));
2327 }
2328
LoadAndUntagToWord32ArrayElement(SloppyTNode<HeapObject> object,int array_header_size,Node * index_node,int additional_offset,ParameterMode parameter_mode)2329 TNode<Int32T> CodeStubAssembler::LoadAndUntagToWord32ArrayElement(
2330 SloppyTNode<HeapObject> object, int array_header_size, Node* index_node,
2331 int additional_offset, ParameterMode parameter_mode) {
2332 CSA_SLOW_ASSERT(this, MatchesParameterMode(index_node, parameter_mode));
2333 DCHECK_EQ(additional_offset % kPointerSize, 0);
2334 int endian_correction = 0;
2335 #if V8_TARGET_LITTLE_ENDIAN
2336 if (SmiValuesAre32Bits()) endian_correction = kPointerSize / 2;
2337 #endif
2338 int32_t header_size = array_header_size + additional_offset - kHeapObjectTag +
2339 endian_correction;
2340 Node* offset = ElementOffsetFromIndex(index_node, HOLEY_ELEMENTS,
2341 parameter_mode, header_size);
2342 STATIC_ASSERT(FixedArrayBase::kLengthOffset == WeakFixedArray::kLengthOffset);
2343 // Check that index_node + additional_offset <= object.length.
2344 // TODO(cbruni): Use proper LoadXXLength helpers
2345 CSA_ASSERT(this,
2346 IsOffsetInBounds(
2347 offset,
2348 LoadAndUntagObjectField(object, FixedArrayBase::kLengthOffset),
2349 FixedArray::kHeaderSize + endian_correction));
2350 if (SmiValuesAre32Bits()) {
2351 return UncheckedCast<Int32T>(Load(MachineType::Int32(), object, offset));
2352 } else {
2353 return SmiToInt32(Load(MachineType::AnyTagged(), object, offset));
2354 }
2355 }
2356
LoadAndUntagToWord32FixedArrayElement(SloppyTNode<HeapObject> object,Node * index_node,int additional_offset,ParameterMode parameter_mode)2357 TNode<Int32T> CodeStubAssembler::LoadAndUntagToWord32FixedArrayElement(
2358 SloppyTNode<HeapObject> object, Node* index_node, int additional_offset,
2359 ParameterMode parameter_mode) {
2360 CSA_SLOW_ASSERT(this, IsFixedArraySubclass(object));
2361 return LoadAndUntagToWord32ArrayElement(object, FixedArray::kHeaderSize,
2362 index_node, additional_offset,
2363 parameter_mode);
2364 }
2365
LoadWeakFixedArrayElement(TNode<WeakFixedArray> object,Node * index,int additional_offset,ParameterMode parameter_mode,LoadSensitivity needs_poisoning)2366 TNode<MaybeObject> CodeStubAssembler::LoadWeakFixedArrayElement(
2367 TNode<WeakFixedArray> object, Node* index, int additional_offset,
2368 ParameterMode parameter_mode, LoadSensitivity needs_poisoning) {
2369 return LoadArrayElement(object, WeakFixedArray::kHeaderSize, index,
2370 additional_offset, parameter_mode, needs_poisoning);
2371 }
2372
LoadFixedDoubleArrayElement(SloppyTNode<FixedDoubleArray> object,Node * index_node,MachineType machine_type,int additional_offset,ParameterMode parameter_mode,Label * if_hole)2373 TNode<Float64T> CodeStubAssembler::LoadFixedDoubleArrayElement(
2374 SloppyTNode<FixedDoubleArray> object, Node* index_node,
2375 MachineType machine_type, int additional_offset,
2376 ParameterMode parameter_mode, Label* if_hole) {
2377 CSA_ASSERT(this, IsFixedDoubleArray(object));
2378 DCHECK_EQ(additional_offset % kPointerSize, 0);
2379 CSA_SLOW_ASSERT(this, MatchesParameterMode(index_node, parameter_mode));
2380 int32_t header_size =
2381 FixedDoubleArray::kHeaderSize + additional_offset - kHeapObjectTag;
2382 TNode<IntPtrT> offset = ElementOffsetFromIndex(
2383 index_node, HOLEY_DOUBLE_ELEMENTS, parameter_mode, header_size);
2384 CSA_ASSERT(this, IsOffsetInBounds(
2385 offset, LoadAndUntagFixedArrayBaseLength(object),
2386 FixedDoubleArray::kHeaderSize, HOLEY_DOUBLE_ELEMENTS));
2387 return LoadDoubleWithHoleCheck(object, offset, if_hole, machine_type);
2388 }
2389
LoadFixedArrayBaseElementAsTagged(TNode<FixedArrayBase> elements,TNode<IntPtrT> index,TNode<Int32T> elements_kind,Label * if_accessor,Label * if_hole)2390 TNode<Object> CodeStubAssembler::LoadFixedArrayBaseElementAsTagged(
2391 TNode<FixedArrayBase> elements, TNode<IntPtrT> index,
2392 TNode<Int32T> elements_kind, Label* if_accessor, Label* if_hole) {
2393 TVARIABLE(Object, var_result);
2394 Label done(this), if_packed(this), if_holey(this), if_packed_double(this),
2395 if_holey_double(this), if_dictionary(this, Label::kDeferred);
2396
2397 int32_t kinds[] = {// Handled by if_packed.
2398 PACKED_SMI_ELEMENTS, PACKED_ELEMENTS,
2399 // Handled by if_holey.
2400 HOLEY_SMI_ELEMENTS, HOLEY_ELEMENTS,
2401 // Handled by if_packed_double.
2402 PACKED_DOUBLE_ELEMENTS,
2403 // Handled by if_holey_double.
2404 HOLEY_DOUBLE_ELEMENTS};
2405 Label* labels[] = {// PACKED_{SMI,}_ELEMENTS
2406 &if_packed, &if_packed,
2407 // HOLEY_{SMI,}_ELEMENTS
2408 &if_holey, &if_holey,
2409 // PACKED_DOUBLE_ELEMENTS
2410 &if_packed_double,
2411 // HOLEY_DOUBLE_ELEMENTS
2412 &if_holey_double};
2413 Switch(elements_kind, &if_dictionary, kinds, labels, arraysize(kinds));
2414
2415 BIND(&if_packed);
2416 {
2417 var_result = LoadFixedArrayElement(CAST(elements), index, 0);
2418 Goto(&done);
2419 }
2420
2421 BIND(&if_holey);
2422 {
2423 var_result = LoadFixedArrayElement(CAST(elements), index);
2424 Branch(WordEqual(var_result.value(), TheHoleConstant()), if_hole, &done);
2425 }
2426
2427 BIND(&if_packed_double);
2428 {
2429 var_result = AllocateHeapNumberWithValue(LoadFixedDoubleArrayElement(
2430 CAST(elements), index, MachineType::Float64()));
2431 Goto(&done);
2432 }
2433
2434 BIND(&if_holey_double);
2435 {
2436 var_result = AllocateHeapNumberWithValue(LoadFixedDoubleArrayElement(
2437 CAST(elements), index, MachineType::Float64(), 0, INTPTR_PARAMETERS,
2438 if_hole));
2439 Goto(&done);
2440 }
2441
2442 BIND(&if_dictionary);
2443 {
2444 CSA_ASSERT(this, IsDictionaryElementsKind(elements_kind));
2445 var_result = BasicLoadNumberDictionaryElement(CAST(elements), index,
2446 if_accessor, if_hole);
2447 Goto(&done);
2448 }
2449
2450 BIND(&done);
2451 return var_result.value();
2452 }
2453
LoadDoubleWithHoleCheck(SloppyTNode<Object> base,SloppyTNode<IntPtrT> offset,Label * if_hole,MachineType machine_type)2454 TNode<Float64T> CodeStubAssembler::LoadDoubleWithHoleCheck(
2455 SloppyTNode<Object> base, SloppyTNode<IntPtrT> offset, Label* if_hole,
2456 MachineType machine_type) {
2457 if (if_hole) {
2458 // TODO(ishell): Compare only the upper part for the hole once the
2459 // compiler is able to fold addition of already complex |offset| with
2460 // |kIeeeDoubleExponentWordOffset| into one addressing mode.
2461 if (Is64()) {
2462 Node* element = Load(MachineType::Uint64(), base, offset);
2463 GotoIf(Word64Equal(element, Int64Constant(kHoleNanInt64)), if_hole);
2464 } else {
2465 Node* element_upper = Load(
2466 MachineType::Uint32(), base,
2467 IntPtrAdd(offset, IntPtrConstant(kIeeeDoubleExponentWordOffset)));
2468 GotoIf(Word32Equal(element_upper, Int32Constant(kHoleNanUpper32)),
2469 if_hole);
2470 }
2471 }
2472 if (machine_type.IsNone()) {
2473 // This means the actual value is not needed.
2474 return TNode<Float64T>();
2475 }
2476 return UncheckedCast<Float64T>(Load(machine_type, base, offset));
2477 }
2478
LoadContextElement(SloppyTNode<Context> context,int slot_index)2479 TNode<Object> CodeStubAssembler::LoadContextElement(
2480 SloppyTNode<Context> context, int slot_index) {
2481 int offset = Context::SlotOffset(slot_index);
2482 return UncheckedCast<Object>(
2483 Load(MachineType::AnyTagged(), context, IntPtrConstant(offset)));
2484 }
2485
LoadContextElement(SloppyTNode<Context> context,SloppyTNode<IntPtrT> slot_index)2486 TNode<Object> CodeStubAssembler::LoadContextElement(
2487 SloppyTNode<Context> context, SloppyTNode<IntPtrT> slot_index) {
2488 Node* offset =
2489 IntPtrAdd(TimesPointerSize(slot_index),
2490 IntPtrConstant(Context::kHeaderSize - kHeapObjectTag));
2491 return UncheckedCast<Object>(Load(MachineType::AnyTagged(), context, offset));
2492 }
2493
StoreContextElement(SloppyTNode<Context> context,int slot_index,SloppyTNode<Object> value)2494 void CodeStubAssembler::StoreContextElement(SloppyTNode<Context> context,
2495 int slot_index,
2496 SloppyTNode<Object> value) {
2497 int offset = Context::SlotOffset(slot_index);
2498 Store(context, IntPtrConstant(offset), value);
2499 }
2500
StoreContextElement(SloppyTNode<Context> context,SloppyTNode<IntPtrT> slot_index,SloppyTNode<Object> value)2501 void CodeStubAssembler::StoreContextElement(SloppyTNode<Context> context,
2502 SloppyTNode<IntPtrT> slot_index,
2503 SloppyTNode<Object> value) {
2504 Node* offset =
2505 IntPtrAdd(TimesPointerSize(slot_index),
2506 IntPtrConstant(Context::kHeaderSize - kHeapObjectTag));
2507 Store(context, offset, value);
2508 }
2509
StoreContextElementNoWriteBarrier(SloppyTNode<Context> context,int slot_index,SloppyTNode<Object> value)2510 void CodeStubAssembler::StoreContextElementNoWriteBarrier(
2511 SloppyTNode<Context> context, int slot_index, SloppyTNode<Object> value) {
2512 int offset = Context::SlotOffset(slot_index);
2513 StoreNoWriteBarrier(MachineRepresentation::kTagged, context,
2514 IntPtrConstant(offset), value);
2515 }
2516
LoadNativeContext(SloppyTNode<Context> context)2517 TNode<Context> CodeStubAssembler::LoadNativeContext(
2518 SloppyTNode<Context> context) {
2519 return UncheckedCast<Context>(
2520 LoadContextElement(context, Context::NATIVE_CONTEXT_INDEX));
2521 }
2522
LoadModuleContext(SloppyTNode<Context> context)2523 TNode<Context> CodeStubAssembler::LoadModuleContext(
2524 SloppyTNode<Context> context) {
2525 Node* module_map = LoadRoot(Heap::kModuleContextMapRootIndex);
2526 Variable cur_context(this, MachineRepresentation::kTaggedPointer);
2527 cur_context.Bind(context);
2528
2529 Label context_found(this);
2530
2531 Variable* context_search_loop_variables[1] = {&cur_context};
2532 Label context_search(this, 1, context_search_loop_variables);
2533
2534 // Loop until cur_context->map() is module_map.
2535 Goto(&context_search);
2536 BIND(&context_search);
2537 {
2538 CSA_ASSERT(this, Word32BinaryNot(IsNativeContext(cur_context.value())));
2539 GotoIf(WordEqual(LoadMap(cur_context.value()), module_map), &context_found);
2540
2541 cur_context.Bind(
2542 LoadContextElement(cur_context.value(), Context::PREVIOUS_INDEX));
2543 Goto(&context_search);
2544 }
2545
2546 BIND(&context_found);
2547 return UncheckedCast<Context>(cur_context.value());
2548 }
2549
LoadJSArrayElementsMap(SloppyTNode<Int32T> kind,SloppyTNode<Context> native_context)2550 TNode<Map> CodeStubAssembler::LoadJSArrayElementsMap(
2551 SloppyTNode<Int32T> kind, SloppyTNode<Context> native_context) {
2552 CSA_ASSERT(this, IsFastElementsKind(kind));
2553 CSA_ASSERT(this, IsNativeContext(native_context));
2554 Node* offset = IntPtrAdd(IntPtrConstant(Context::FIRST_JS_ARRAY_MAP_SLOT),
2555 ChangeInt32ToIntPtr(kind));
2556 return UncheckedCast<Map>(LoadContextElement(native_context, offset));
2557 }
2558
LoadJSArrayElementsMap(ElementsKind kind,SloppyTNode<Context> native_context)2559 TNode<Map> CodeStubAssembler::LoadJSArrayElementsMap(
2560 ElementsKind kind, SloppyTNode<Context> native_context) {
2561 CSA_ASSERT(this, IsNativeContext(native_context));
2562 return UncheckedCast<Map>(
2563 LoadContextElement(native_context, Context::ArrayMapIndex(kind)));
2564 }
2565
IsGeneratorFunction(TNode<JSFunction> function)2566 TNode<BoolT> CodeStubAssembler::IsGeneratorFunction(
2567 TNode<JSFunction> function) {
2568 TNode<SharedFunctionInfo> const shared_function_info =
2569 CAST(LoadObjectField(function, JSFunction::kSharedFunctionInfoOffset));
2570
2571 TNode<Uint32T> const function_kind =
2572 DecodeWord32<SharedFunctionInfo::FunctionKindBits>(LoadObjectField(
2573 shared_function_info, SharedFunctionInfo::kFlagsOffset,
2574 MachineType::Uint32()));
2575
2576 return TNode<BoolT>::UncheckedCast(Word32Or(
2577 Word32Or(
2578 Word32Or(
2579 Word32Equal(function_kind,
2580 Int32Constant(FunctionKind::kAsyncGeneratorFunction)),
2581 Word32Equal(
2582 function_kind,
2583 Int32Constant(FunctionKind::kAsyncConciseGeneratorMethod))),
2584 Word32Equal(function_kind,
2585 Int32Constant(FunctionKind::kGeneratorFunction))),
2586 Word32Equal(function_kind,
2587 Int32Constant(FunctionKind::kConciseGeneratorMethod))));
2588 }
2589
HasPrototypeProperty(TNode<JSFunction> function,TNode<Map> map)2590 TNode<BoolT> CodeStubAssembler::HasPrototypeProperty(TNode<JSFunction> function,
2591 TNode<Map> map) {
2592 // (has_prototype_slot() && IsConstructor()) ||
2593 // IsGeneratorFunction(shared()->kind())
2594 uint32_t mask =
2595 Map::HasPrototypeSlotBit::kMask | Map::IsConstructorBit::kMask;
2596 return TNode<BoolT>::UncheckedCast(
2597 Word32Or(IsAllSetWord32(LoadMapBitField(map), mask),
2598 IsGeneratorFunction(function)));
2599 }
2600
GotoIfPrototypeRequiresRuntimeLookup(TNode<JSFunction> function,TNode<Map> map,Label * runtime)2601 void CodeStubAssembler::GotoIfPrototypeRequiresRuntimeLookup(
2602 TNode<JSFunction> function, TNode<Map> map, Label* runtime) {
2603 // !has_prototype_property() || has_non_instance_prototype()
2604 GotoIfNot(HasPrototypeProperty(function, map), runtime);
2605 GotoIf(IsSetWord32<Map::HasNonInstancePrototypeBit>(LoadMapBitField(map)),
2606 runtime);
2607 }
2608
LoadJSFunctionPrototype(Node * function,Label * if_bailout)2609 Node* CodeStubAssembler::LoadJSFunctionPrototype(Node* function,
2610 Label* if_bailout) {
2611 CSA_ASSERT(this, TaggedIsNotSmi(function));
2612 CSA_ASSERT(this, IsJSFunction(function));
2613 CSA_ASSERT(this, IsFunctionWithPrototypeSlotMap(LoadMap(function)));
2614 CSA_ASSERT(this, IsClearWord32<Map::HasNonInstancePrototypeBit>(
2615 LoadMapBitField(LoadMap(function))));
2616 Node* proto_or_map =
2617 LoadObjectField(function, JSFunction::kPrototypeOrInitialMapOffset);
2618 GotoIf(IsTheHole(proto_or_map), if_bailout);
2619
2620 VARIABLE(var_result, MachineRepresentation::kTagged, proto_or_map);
2621 Label done(this, &var_result);
2622 GotoIfNot(IsMap(proto_or_map), &done);
2623
2624 var_result.Bind(LoadMapPrototype(proto_or_map));
2625 Goto(&done);
2626
2627 BIND(&done);
2628 return var_result.value();
2629 }
2630
LoadSharedFunctionInfoBytecodeArray(Node * shared)2631 Node* CodeStubAssembler::LoadSharedFunctionInfoBytecodeArray(Node* shared) {
2632 CSA_ASSERT(this, TaggedIsNotSmi(shared));
2633 CSA_ASSERT(this, IsSharedFunctionInfo(shared));
2634
2635 Node* function_data =
2636 LoadObjectField(shared, SharedFunctionInfo::kFunctionDataOffset);
2637
2638 VARIABLE(var_result, MachineRepresentation::kTagged, function_data);
2639 Label done(this, &var_result);
2640
2641 GotoIfNot(HasInstanceType(function_data, INTERPRETER_DATA_TYPE), &done);
2642 Node* bytecode_array =
2643 LoadObjectField(function_data, InterpreterData::kBytecodeArrayOffset);
2644 var_result.Bind(bytecode_array);
2645 Goto(&done);
2646
2647 BIND(&done);
2648 return var_result.value();
2649 }
2650
StoreObjectByteNoWriteBarrier(TNode<HeapObject> object,int offset,TNode<Word32T> value)2651 void CodeStubAssembler::StoreObjectByteNoWriteBarrier(TNode<HeapObject> object,
2652 int offset,
2653 TNode<Word32T> value) {
2654 StoreNoWriteBarrier(MachineRepresentation::kWord8, object,
2655 IntPtrConstant(offset - kHeapObjectTag), value);
2656 }
2657
StoreHeapNumberValue(SloppyTNode<HeapNumber> object,SloppyTNode<Float64T> value)2658 void CodeStubAssembler::StoreHeapNumberValue(SloppyTNode<HeapNumber> object,
2659 SloppyTNode<Float64T> value) {
2660 StoreObjectFieldNoWriteBarrier(object, HeapNumber::kValueOffset, value,
2661 MachineRepresentation::kFloat64);
2662 }
2663
StoreMutableHeapNumberValue(SloppyTNode<MutableHeapNumber> object,SloppyTNode<Float64T> value)2664 void CodeStubAssembler::StoreMutableHeapNumberValue(
2665 SloppyTNode<MutableHeapNumber> object, SloppyTNode<Float64T> value) {
2666 StoreObjectFieldNoWriteBarrier(object, MutableHeapNumber::kValueOffset, value,
2667 MachineRepresentation::kFloat64);
2668 }
2669
StoreObjectField(Node * object,int offset,Node * value)2670 Node* CodeStubAssembler::StoreObjectField(
2671 Node* object, int offset, Node* value) {
2672 DCHECK_NE(HeapObject::kMapOffset, offset); // Use StoreMap instead.
2673 return Store(object, IntPtrConstant(offset - kHeapObjectTag), value);
2674 }
2675
StoreObjectField(Node * object,Node * offset,Node * value)2676 Node* CodeStubAssembler::StoreObjectField(Node* object, Node* offset,
2677 Node* value) {
2678 int const_offset;
2679 if (ToInt32Constant(offset, const_offset)) {
2680 return StoreObjectField(object, const_offset, value);
2681 }
2682 return Store(object, IntPtrSub(offset, IntPtrConstant(kHeapObjectTag)),
2683 value);
2684 }
2685
StoreObjectFieldNoWriteBarrier(Node * object,int offset,Node * value,MachineRepresentation rep)2686 Node* CodeStubAssembler::StoreObjectFieldNoWriteBarrier(
2687 Node* object, int offset, Node* value, MachineRepresentation rep) {
2688 return StoreNoWriteBarrier(rep, object,
2689 IntPtrConstant(offset - kHeapObjectTag), value);
2690 }
2691
StoreObjectFieldNoWriteBarrier(Node * object,Node * offset,Node * value,MachineRepresentation rep)2692 Node* CodeStubAssembler::StoreObjectFieldNoWriteBarrier(
2693 Node* object, Node* offset, Node* value, MachineRepresentation rep) {
2694 int const_offset;
2695 if (ToInt32Constant(offset, const_offset)) {
2696 return StoreObjectFieldNoWriteBarrier(object, const_offset, value, rep);
2697 }
2698 return StoreNoWriteBarrier(
2699 rep, object, IntPtrSub(offset, IntPtrConstant(kHeapObjectTag)), value);
2700 }
2701
StoreMap(Node * object,Node * map)2702 Node* CodeStubAssembler::StoreMap(Node* object, Node* map) {
2703 CSA_SLOW_ASSERT(this, IsMap(map));
2704 return StoreWithMapWriteBarrier(
2705 object, IntPtrConstant(HeapObject::kMapOffset - kHeapObjectTag), map);
2706 }
2707
StoreMapNoWriteBarrier(Node * object,Heap::RootListIndex map_root_index)2708 Node* CodeStubAssembler::StoreMapNoWriteBarrier(
2709 Node* object, Heap::RootListIndex map_root_index) {
2710 return StoreMapNoWriteBarrier(object, LoadRoot(map_root_index));
2711 }
2712
StoreMapNoWriteBarrier(Node * object,Node * map)2713 Node* CodeStubAssembler::StoreMapNoWriteBarrier(Node* object, Node* map) {
2714 CSA_SLOW_ASSERT(this, IsMap(map));
2715 return StoreNoWriteBarrier(
2716 MachineRepresentation::kTagged, object,
2717 IntPtrConstant(HeapObject::kMapOffset - kHeapObjectTag), map);
2718 }
2719
StoreObjectFieldRoot(Node * object,int offset,Heap::RootListIndex root_index)2720 Node* CodeStubAssembler::StoreObjectFieldRoot(Node* object, int offset,
2721 Heap::RootListIndex root_index) {
2722 if (Heap::RootIsImmortalImmovable(root_index)) {
2723 return StoreObjectFieldNoWriteBarrier(object, offset, LoadRoot(root_index));
2724 } else {
2725 return StoreObjectField(object, offset, LoadRoot(root_index));
2726 }
2727 }
2728
StoreJSArrayLength(TNode<JSArray> array,TNode<Smi> length)2729 Node* CodeStubAssembler::StoreJSArrayLength(TNode<JSArray> array,
2730 TNode<Smi> length) {
2731 return StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
2732 }
2733
StoreElements(TNode<Object> object,TNode<FixedArrayBase> elements)2734 Node* CodeStubAssembler::StoreElements(TNode<Object> object,
2735 TNode<FixedArrayBase> elements) {
2736 return StoreObjectField(object, JSObject::kElementsOffset, elements);
2737 }
2738
StoreFixedArrayOrPropertyArrayElement(Node * object,Node * index_node,Node * value,WriteBarrierMode barrier_mode,int additional_offset,ParameterMode parameter_mode)2739 void CodeStubAssembler::StoreFixedArrayOrPropertyArrayElement(
2740 Node* object, Node* index_node, Node* value, WriteBarrierMode barrier_mode,
2741 int additional_offset, ParameterMode parameter_mode) {
2742 CSA_SLOW_ASSERT(
2743 this, Word32Or(IsFixedArraySubclass(object), IsPropertyArray(object)));
2744 CSA_SLOW_ASSERT(this, MatchesParameterMode(index_node, parameter_mode));
2745 DCHECK(barrier_mode == SKIP_WRITE_BARRIER ||
2746 barrier_mode == UPDATE_WRITE_BARRIER);
2747 DCHECK_EQ(additional_offset % kPointerSize, 0);
2748 STATIC_ASSERT(FixedArray::kHeaderSize == PropertyArray::kHeaderSize);
2749 int header_size =
2750 FixedArray::kHeaderSize + additional_offset - kHeapObjectTag;
2751 Node* offset = ElementOffsetFromIndex(index_node, HOLEY_ELEMENTS,
2752 parameter_mode, header_size);
2753 STATIC_ASSERT(FixedArrayBase::kLengthOffset == WeakFixedArray::kLengthOffset);
2754 STATIC_ASSERT(FixedArrayBase::kLengthOffset ==
2755 PropertyArray::kLengthAndHashOffset);
2756 // Check that index_node + additional_offset <= object.length.
2757 // TODO(cbruni): Use proper LoadXXLength helpers
2758 CSA_ASSERT(
2759 this,
2760 IsOffsetInBounds(
2761 offset,
2762 Select<IntPtrT>(
2763 IsPropertyArray(object),
2764 [=] {
2765 TNode<IntPtrT> length_and_hash = LoadAndUntagObjectField(
2766 object, PropertyArray::kLengthAndHashOffset);
2767 return TNode<IntPtrT>::UncheckedCast(
2768 DecodeWord<PropertyArray::LengthField>(length_and_hash));
2769 },
2770 [=] {
2771 return LoadAndUntagObjectField(object,
2772 FixedArrayBase::kLengthOffset);
2773 }),
2774 FixedArray::kHeaderSize));
2775 if (barrier_mode == SKIP_WRITE_BARRIER) {
2776 StoreNoWriteBarrier(MachineRepresentation::kTagged, object, offset, value);
2777 } else {
2778 Store(object, offset, value);
2779 }
2780 }
2781
StoreFixedDoubleArrayElement(TNode<FixedDoubleArray> object,Node * index_node,TNode<Float64T> value,ParameterMode parameter_mode)2782 void CodeStubAssembler::StoreFixedDoubleArrayElement(
2783 TNode<FixedDoubleArray> object, Node* index_node, TNode<Float64T> value,
2784 ParameterMode parameter_mode) {
2785 CSA_ASSERT(this, IsFixedDoubleArray(object));
2786 CSA_SLOW_ASSERT(this, MatchesParameterMode(index_node, parameter_mode));
2787 FixedArrayBoundsCheck(object, index_node, 0, parameter_mode);
2788 Node* offset =
2789 ElementOffsetFromIndex(index_node, PACKED_DOUBLE_ELEMENTS, parameter_mode,
2790 FixedArray::kHeaderSize - kHeapObjectTag);
2791 MachineRepresentation rep = MachineRepresentation::kFloat64;
2792 StoreNoWriteBarrier(rep, object, offset, value);
2793 }
2794
StoreFeedbackVectorSlot(Node * object,Node * slot_index_node,Node * value,WriteBarrierMode barrier_mode,int additional_offset,ParameterMode parameter_mode)2795 Node* CodeStubAssembler::StoreFeedbackVectorSlot(Node* object,
2796 Node* slot_index_node,
2797 Node* value,
2798 WriteBarrierMode barrier_mode,
2799 int additional_offset,
2800 ParameterMode parameter_mode) {
2801 CSA_SLOW_ASSERT(this, IsFeedbackVector(object));
2802 CSA_SLOW_ASSERT(this, MatchesParameterMode(slot_index_node, parameter_mode));
2803 DCHECK_EQ(additional_offset % kPointerSize, 0);
2804 DCHECK(barrier_mode == SKIP_WRITE_BARRIER ||
2805 barrier_mode == UPDATE_WRITE_BARRIER);
2806 int header_size =
2807 FeedbackVector::kFeedbackSlotsOffset + additional_offset - kHeapObjectTag;
2808 Node* offset = ElementOffsetFromIndex(slot_index_node, HOLEY_ELEMENTS,
2809 parameter_mode, header_size);
2810 // Check that slot_index_node <= object.length.
2811 CSA_ASSERT(this,
2812 IsOffsetInBounds(offset, LoadFeedbackVectorLength(CAST(object)),
2813 FeedbackVector::kHeaderSize));
2814 if (barrier_mode == SKIP_WRITE_BARRIER) {
2815 return StoreNoWriteBarrier(MachineRepresentation::kTagged, object, offset,
2816 value);
2817 } else {
2818 return Store(object, offset, value);
2819 }
2820 }
2821
EnsureArrayLengthWritable(TNode<Map> map,Label * bailout)2822 void CodeStubAssembler::EnsureArrayLengthWritable(TNode<Map> map,
2823 Label* bailout) {
2824 // Don't support arrays in dictionary named property mode.
2825 GotoIf(IsDictionaryMap(map), bailout);
2826
2827 // Check whether the length property is writable. The length property is the
2828 // only default named property on arrays. It's nonconfigurable, hence is
2829 // guaranteed to stay the first property.
2830 TNode<DescriptorArray> descriptors = LoadMapDescriptors(map);
2831
2832 int length_index = JSArray::kLengthDescriptorIndex;
2833 #ifdef DEBUG
2834 TNode<Name> maybe_length = CAST(LoadWeakFixedArrayElement(
2835 descriptors, DescriptorArray::ToKeyIndex(length_index)));
2836 CSA_ASSERT(this,
2837 WordEqual(maybe_length, LoadRoot(Heap::klength_stringRootIndex)));
2838 #endif
2839
2840 TNode<Uint32T> details = LoadDetailsByKeyIndex(
2841 descriptors, IntPtrConstant(DescriptorArray::ToKeyIndex(length_index)));
2842 GotoIf(IsSetWord32(details, PropertyDetails::kAttributesReadOnlyMask),
2843 bailout);
2844 }
2845
EnsureArrayPushable(TNode<Map> map,Label * bailout)2846 TNode<Int32T> CodeStubAssembler::EnsureArrayPushable(TNode<Map> map,
2847 Label* bailout) {
2848 // Disallow pushing onto prototypes. It might be the JSArray prototype.
2849 // Disallow pushing onto non-extensible objects.
2850 Comment("Disallow pushing onto prototypes");
2851 Node* bit_field2 = LoadMapBitField2(map);
2852 int mask = Map::IsPrototypeMapBit::kMask | Map::IsExtensibleBit::kMask;
2853 Node* test = Word32And(bit_field2, Int32Constant(mask));
2854 GotoIf(Word32NotEqual(test, Int32Constant(Map::IsExtensibleBit::kMask)),
2855 bailout);
2856
2857 EnsureArrayLengthWritable(map, bailout);
2858
2859 TNode<Uint32T> kind = DecodeWord32<Map::ElementsKindBits>(bit_field2);
2860 return Signed(kind);
2861 }
2862
PossiblyGrowElementsCapacity(ParameterMode mode,ElementsKind kind,Node * array,Node * length,Variable * var_elements,Node * growth,Label * bailout)2863 void CodeStubAssembler::PossiblyGrowElementsCapacity(
2864 ParameterMode mode, ElementsKind kind, Node* array, Node* length,
2865 Variable* var_elements, Node* growth, Label* bailout) {
2866 Label fits(this, var_elements);
2867 Node* capacity =
2868 TaggedToParameter(LoadFixedArrayBaseLength(var_elements->value()), mode);
2869 // length and growth nodes are already in a ParameterMode appropriate
2870 // representation.
2871 Node* new_length = IntPtrOrSmiAdd(growth, length, mode);
2872 GotoIfNot(IntPtrOrSmiGreaterThan(new_length, capacity, mode), &fits);
2873 Node* new_capacity = CalculateNewElementsCapacity(new_length, mode);
2874 var_elements->Bind(GrowElementsCapacity(array, var_elements->value(), kind,
2875 kind, capacity, new_capacity, mode,
2876 bailout));
2877 Goto(&fits);
2878 BIND(&fits);
2879 }
2880
BuildAppendJSArray(ElementsKind kind,SloppyTNode<JSArray> array,CodeStubArguments * args,TVariable<IntPtrT> * arg_index,Label * bailout)2881 TNode<Smi> CodeStubAssembler::BuildAppendJSArray(ElementsKind kind,
2882 SloppyTNode<JSArray> array,
2883 CodeStubArguments* args,
2884 TVariable<IntPtrT>* arg_index,
2885 Label* bailout) {
2886 CSA_SLOW_ASSERT(this, IsJSArray(array));
2887 Comment("BuildAppendJSArray: %s", ElementsKindToString(kind));
2888 Label pre_bailout(this);
2889 Label success(this);
2890 TVARIABLE(Smi, var_tagged_length);
2891 ParameterMode mode = OptimalParameterMode();
2892 VARIABLE(var_length, OptimalParameterRepresentation(),
2893 TaggedToParameter(LoadFastJSArrayLength(array), mode));
2894 VARIABLE(var_elements, MachineRepresentation::kTagged, LoadElements(array));
2895
2896 // Resize the capacity of the fixed array if it doesn't fit.
2897 TNode<IntPtrT> first = arg_index->value();
2898 Node* growth = IntPtrToParameter(
2899 IntPtrSub(UncheckedCast<IntPtrT>(args->GetLength(INTPTR_PARAMETERS)),
2900 first),
2901 mode);
2902 PossiblyGrowElementsCapacity(mode, kind, array, var_length.value(),
2903 &var_elements, growth, &pre_bailout);
2904
2905 // Push each argument onto the end of the array now that there is enough
2906 // capacity.
2907 CodeStubAssembler::VariableList push_vars({&var_length}, zone());
2908 Node* elements = var_elements.value();
2909 args->ForEach(
2910 push_vars,
2911 [this, kind, mode, elements, &var_length, &pre_bailout](Node* arg) {
2912 TryStoreArrayElement(kind, mode, &pre_bailout, elements,
2913 var_length.value(), arg);
2914 Increment(&var_length, 1, mode);
2915 },
2916 first, nullptr);
2917 {
2918 TNode<Smi> length = ParameterToTagged(var_length.value(), mode);
2919 var_tagged_length = length;
2920 StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
2921 Goto(&success);
2922 }
2923
2924 BIND(&pre_bailout);
2925 {
2926 TNode<Smi> length = ParameterToTagged(var_length.value(), mode);
2927 var_tagged_length = length;
2928 Node* diff = SmiSub(length, LoadFastJSArrayLength(array));
2929 StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
2930 *arg_index = IntPtrAdd(arg_index->value(), SmiUntag(diff));
2931 Goto(bailout);
2932 }
2933
2934 BIND(&success);
2935 return var_tagged_length.value();
2936 }
2937
TryStoreArrayElement(ElementsKind kind,ParameterMode mode,Label * bailout,Node * elements,Node * index,Node * value)2938 void CodeStubAssembler::TryStoreArrayElement(ElementsKind kind,
2939 ParameterMode mode, Label* bailout,
2940 Node* elements, Node* index,
2941 Node* value) {
2942 if (IsSmiElementsKind(kind)) {
2943 GotoIf(TaggedIsNotSmi(value), bailout);
2944 } else if (IsDoubleElementsKind(kind)) {
2945 GotoIfNotNumber(value, bailout);
2946 }
2947 if (IsDoubleElementsKind(kind)) value = ChangeNumberToFloat64(value);
2948 StoreElement(elements, kind, index, value, mode);
2949 }
2950
BuildAppendJSArray(ElementsKind kind,Node * array,Node * value,Label * bailout)2951 void CodeStubAssembler::BuildAppendJSArray(ElementsKind kind, Node* array,
2952 Node* value, Label* bailout) {
2953 CSA_SLOW_ASSERT(this, IsJSArray(array));
2954 Comment("BuildAppendJSArray: %s", ElementsKindToString(kind));
2955 ParameterMode mode = OptimalParameterMode();
2956 VARIABLE(var_length, OptimalParameterRepresentation(),
2957 TaggedToParameter(LoadFastJSArrayLength(array), mode));
2958 VARIABLE(var_elements, MachineRepresentation::kTagged, LoadElements(array));
2959
2960 // Resize the capacity of the fixed array if it doesn't fit.
2961 Node* growth = IntPtrOrSmiConstant(1, mode);
2962 PossiblyGrowElementsCapacity(mode, kind, array, var_length.value(),
2963 &var_elements, growth, bailout);
2964
2965 // Push each argument onto the end of the array now that there is enough
2966 // capacity.
2967 TryStoreArrayElement(kind, mode, bailout, var_elements.value(),
2968 var_length.value(), value);
2969 Increment(&var_length, 1, mode);
2970
2971 Node* length = ParameterToTagged(var_length.value(), mode);
2972 StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
2973 }
2974
AllocateCellWithValue(Node * value,WriteBarrierMode mode)2975 Node* CodeStubAssembler::AllocateCellWithValue(Node* value,
2976 WriteBarrierMode mode) {
2977 Node* result = Allocate(Cell::kSize, kNone);
2978 StoreMapNoWriteBarrier(result, Heap::kCellMapRootIndex);
2979 StoreCellValue(result, value, mode);
2980 return result;
2981 }
2982
LoadCellValue(Node * cell)2983 Node* CodeStubAssembler::LoadCellValue(Node* cell) {
2984 CSA_SLOW_ASSERT(this, HasInstanceType(cell, CELL_TYPE));
2985 return LoadObjectField(cell, Cell::kValueOffset);
2986 }
2987
StoreCellValue(Node * cell,Node * value,WriteBarrierMode mode)2988 Node* CodeStubAssembler::StoreCellValue(Node* cell, Node* value,
2989 WriteBarrierMode mode) {
2990 CSA_SLOW_ASSERT(this, HasInstanceType(cell, CELL_TYPE));
2991 DCHECK(mode == SKIP_WRITE_BARRIER || mode == UPDATE_WRITE_BARRIER);
2992
2993 if (mode == UPDATE_WRITE_BARRIER) {
2994 return StoreObjectField(cell, Cell::kValueOffset, value);
2995 } else {
2996 return StoreObjectFieldNoWriteBarrier(cell, Cell::kValueOffset, value);
2997 }
2998 }
2999
AllocateHeapNumber()3000 TNode<HeapNumber> CodeStubAssembler::AllocateHeapNumber() {
3001 Node* result = Allocate(HeapNumber::kSize, kNone);
3002 Heap::RootListIndex heap_map_index = Heap::kHeapNumberMapRootIndex;
3003 StoreMapNoWriteBarrier(result, heap_map_index);
3004 return UncheckedCast<HeapNumber>(result);
3005 }
3006
AllocateHeapNumberWithValue(SloppyTNode<Float64T> value)3007 TNode<HeapNumber> CodeStubAssembler::AllocateHeapNumberWithValue(
3008 SloppyTNode<Float64T> value) {
3009 TNode<HeapNumber> result = AllocateHeapNumber();
3010 StoreHeapNumberValue(result, value);
3011 return result;
3012 }
3013
AllocateMutableHeapNumber()3014 TNode<MutableHeapNumber> CodeStubAssembler::AllocateMutableHeapNumber() {
3015 Node* result = Allocate(MutableHeapNumber::kSize, kNone);
3016 Heap::RootListIndex heap_map_index = Heap::kMutableHeapNumberMapRootIndex;
3017 StoreMapNoWriteBarrier(result, heap_map_index);
3018 return UncheckedCast<MutableHeapNumber>(result);
3019 }
3020
AllocateMutableHeapNumberWithValue(SloppyTNode<Float64T> value)3021 TNode<MutableHeapNumber> CodeStubAssembler::AllocateMutableHeapNumberWithValue(
3022 SloppyTNode<Float64T> value) {
3023 TNode<MutableHeapNumber> result = AllocateMutableHeapNumber();
3024 StoreMutableHeapNumberValue(result, value);
3025 return result;
3026 }
3027
AllocateBigInt(TNode<IntPtrT> length)3028 TNode<BigInt> CodeStubAssembler::AllocateBigInt(TNode<IntPtrT> length) {
3029 TNode<BigInt> result = AllocateRawBigInt(length);
3030 StoreBigIntBitfield(result, WordShl(length, BigInt::LengthBits::kShift));
3031 return result;
3032 }
3033
AllocateRawBigInt(TNode<IntPtrT> length)3034 TNode<BigInt> CodeStubAssembler::AllocateRawBigInt(TNode<IntPtrT> length) {
3035 // This is currently used only for 64-bit wide BigInts. If more general
3036 // applicability is required, a large-object check must be added.
3037 CSA_ASSERT(this, UintPtrLessThan(length, IntPtrConstant(3)));
3038
3039 TNode<IntPtrT> size = IntPtrAdd(IntPtrConstant(BigInt::kHeaderSize),
3040 Signed(WordShl(length, kPointerSizeLog2)));
3041 Node* raw_result = Allocate(size, kNone);
3042 StoreMapNoWriteBarrier(raw_result, Heap::kBigIntMapRootIndex);
3043 return UncheckedCast<BigInt>(raw_result);
3044 }
3045
StoreBigIntBitfield(TNode<BigInt> bigint,TNode<WordT> bitfield)3046 void CodeStubAssembler::StoreBigIntBitfield(TNode<BigInt> bigint,
3047 TNode<WordT> bitfield) {
3048 StoreObjectFieldNoWriteBarrier(bigint, BigInt::kBitfieldOffset, bitfield,
3049 MachineType::PointerRepresentation());
3050 }
3051
StoreBigIntDigit(TNode<BigInt> bigint,int digit_index,TNode<UintPtrT> digit)3052 void CodeStubAssembler::StoreBigIntDigit(TNode<BigInt> bigint, int digit_index,
3053 TNode<UintPtrT> digit) {
3054 StoreObjectFieldNoWriteBarrier(
3055 bigint, BigInt::kDigitsOffset + digit_index * kPointerSize, digit,
3056 UintPtrT::kMachineRepresentation);
3057 }
3058
LoadBigIntBitfield(TNode<BigInt> bigint)3059 TNode<WordT> CodeStubAssembler::LoadBigIntBitfield(TNode<BigInt> bigint) {
3060 return UncheckedCast<WordT>(
3061 LoadObjectField(bigint, BigInt::kBitfieldOffset, MachineType::UintPtr()));
3062 }
3063
LoadBigIntDigit(TNode<BigInt> bigint,int digit_index)3064 TNode<UintPtrT> CodeStubAssembler::LoadBigIntDigit(TNode<BigInt> bigint,
3065 int digit_index) {
3066 return UncheckedCast<UintPtrT>(LoadObjectField(
3067 bigint, BigInt::kDigitsOffset + digit_index * kPointerSize,
3068 MachineType::UintPtr()));
3069 }
3070
AllocateSeqOneByteString(int length,AllocationFlags flags)3071 TNode<String> CodeStubAssembler::AllocateSeqOneByteString(
3072 int length, AllocationFlags flags) {
3073 Comment("AllocateSeqOneByteString");
3074 if (length == 0) {
3075 return CAST(LoadRoot(Heap::kempty_stringRootIndex));
3076 }
3077 Node* result = Allocate(SeqOneByteString::SizeFor(length), flags);
3078 DCHECK(Heap::RootIsImmortalImmovable(Heap::kOneByteStringMapRootIndex));
3079 StoreMapNoWriteBarrier(result, Heap::kOneByteStringMapRootIndex);
3080 StoreObjectFieldNoWriteBarrier(result, SeqOneByteString::kLengthOffset,
3081 SmiConstant(length),
3082 MachineRepresentation::kTagged);
3083 StoreObjectFieldNoWriteBarrier(result, SeqOneByteString::kHashFieldSlot,
3084 IntPtrConstant(String::kEmptyHashField),
3085 MachineType::PointerRepresentation());
3086 return CAST(result);
3087 }
3088
IsZeroOrContext(SloppyTNode<Object> object)3089 TNode<BoolT> CodeStubAssembler::IsZeroOrContext(SloppyTNode<Object> object) {
3090 return Select<BoolT>(WordEqual(object, SmiConstant(0)),
3091 [=] { return Int32TrueConstant(); },
3092 [=] { return IsContext(CAST(object)); });
3093 }
3094
AllocateSeqOneByteString(Node * context,TNode<Smi> length,AllocationFlags flags)3095 TNode<String> CodeStubAssembler::AllocateSeqOneByteString(
3096 Node* context, TNode<Smi> length, AllocationFlags flags) {
3097 Comment("AllocateSeqOneByteString");
3098 CSA_SLOW_ASSERT(this, IsZeroOrContext(context));
3099 VARIABLE(var_result, MachineRepresentation::kTagged);
3100
3101 // Compute the SeqOneByteString size and check if it fits into new space.
3102 Label if_lengthiszero(this), if_sizeissmall(this),
3103 if_notsizeissmall(this, Label::kDeferred), if_join(this);
3104 GotoIf(SmiEqual(length, SmiConstant(0)), &if_lengthiszero);
3105
3106 Node* raw_size = GetArrayAllocationSize(
3107 SmiUntag(length), UINT8_ELEMENTS, INTPTR_PARAMETERS,
3108 SeqOneByteString::kHeaderSize + kObjectAlignmentMask);
3109 Node* size = WordAnd(raw_size, IntPtrConstant(~kObjectAlignmentMask));
3110 Branch(IntPtrLessThanOrEqual(size, IntPtrConstant(kMaxRegularHeapObjectSize)),
3111 &if_sizeissmall, &if_notsizeissmall);
3112
3113 BIND(&if_sizeissmall);
3114 {
3115 // Just allocate the SeqOneByteString in new space.
3116 Node* result = AllocateInNewSpace(size, flags);
3117 DCHECK(Heap::RootIsImmortalImmovable(Heap::kOneByteStringMapRootIndex));
3118 StoreMapNoWriteBarrier(result, Heap::kOneByteStringMapRootIndex);
3119 StoreObjectFieldNoWriteBarrier(result, SeqOneByteString::kLengthOffset,
3120 length, MachineRepresentation::kTagged);
3121 StoreObjectFieldNoWriteBarrier(result, SeqOneByteString::kHashFieldSlot,
3122 IntPtrConstant(String::kEmptyHashField),
3123 MachineType::PointerRepresentation());
3124 var_result.Bind(result);
3125 Goto(&if_join);
3126 }
3127
3128 BIND(&if_notsizeissmall);
3129 {
3130 // We might need to allocate in large object space, go to the runtime.
3131 Node* result =
3132 CallRuntime(Runtime::kAllocateSeqOneByteString, context, length);
3133 var_result.Bind(result);
3134 Goto(&if_join);
3135 }
3136
3137 BIND(&if_lengthiszero);
3138 {
3139 var_result.Bind(LoadRoot(Heap::kempty_stringRootIndex));
3140 Goto(&if_join);
3141 }
3142
3143 BIND(&if_join);
3144 return CAST(var_result.value());
3145 }
3146
AllocateSeqTwoByteString(int length,AllocationFlags flags)3147 TNode<String> CodeStubAssembler::AllocateSeqTwoByteString(
3148 int length, AllocationFlags flags) {
3149 Comment("AllocateSeqTwoByteString");
3150 if (length == 0) {
3151 return CAST(LoadRoot(Heap::kempty_stringRootIndex));
3152 }
3153 Node* result = Allocate(SeqTwoByteString::SizeFor(length), flags);
3154 DCHECK(Heap::RootIsImmortalImmovable(Heap::kStringMapRootIndex));
3155 StoreMapNoWriteBarrier(result, Heap::kStringMapRootIndex);
3156 StoreObjectFieldNoWriteBarrier(result, SeqTwoByteString::kLengthOffset,
3157 SmiConstant(Smi::FromInt(length)),
3158 MachineRepresentation::kTagged);
3159 StoreObjectFieldNoWriteBarrier(result, SeqTwoByteString::kHashFieldSlot,
3160 IntPtrConstant(String::kEmptyHashField),
3161 MachineType::PointerRepresentation());
3162 return CAST(result);
3163 }
3164
AllocateSeqTwoByteString(Node * context,TNode<Smi> length,AllocationFlags flags)3165 TNode<String> CodeStubAssembler::AllocateSeqTwoByteString(
3166 Node* context, TNode<Smi> length, AllocationFlags flags) {
3167 CSA_SLOW_ASSERT(this, IsZeroOrContext(context));
3168 Comment("AllocateSeqTwoByteString");
3169 VARIABLE(var_result, MachineRepresentation::kTagged);
3170
3171 // Compute the SeqTwoByteString size and check if it fits into new space.
3172 Label if_lengthiszero(this), if_sizeissmall(this),
3173 if_notsizeissmall(this, Label::kDeferred), if_join(this);
3174 GotoIf(SmiEqual(length, SmiConstant(0)), &if_lengthiszero);
3175
3176 Node* raw_size = GetArrayAllocationSize(
3177 SmiUntag(length), UINT16_ELEMENTS, INTPTR_PARAMETERS,
3178 SeqOneByteString::kHeaderSize + kObjectAlignmentMask);
3179 Node* size = WordAnd(raw_size, IntPtrConstant(~kObjectAlignmentMask));
3180 Branch(IntPtrLessThanOrEqual(size, IntPtrConstant(kMaxRegularHeapObjectSize)),
3181 &if_sizeissmall, &if_notsizeissmall);
3182
3183 BIND(&if_sizeissmall);
3184 {
3185 // Just allocate the SeqTwoByteString in new space.
3186 Node* result = AllocateInNewSpace(size, flags);
3187 DCHECK(Heap::RootIsImmortalImmovable(Heap::kStringMapRootIndex));
3188 StoreMapNoWriteBarrier(result, Heap::kStringMapRootIndex);
3189 StoreObjectFieldNoWriteBarrier(result, SeqTwoByteString::kLengthOffset,
3190 length, MachineRepresentation::kTagged);
3191 StoreObjectFieldNoWriteBarrier(result, SeqTwoByteString::kHashFieldSlot,
3192 IntPtrConstant(String::kEmptyHashField),
3193 MachineType::PointerRepresentation());
3194 var_result.Bind(result);
3195 Goto(&if_join);
3196 }
3197
3198 BIND(&if_notsizeissmall);
3199 {
3200 // We might need to allocate in large object space, go to the runtime.
3201 Node* result =
3202 CallRuntime(Runtime::kAllocateSeqTwoByteString, context, length);
3203 var_result.Bind(result);
3204 Goto(&if_join);
3205 }
3206
3207 BIND(&if_lengthiszero);
3208 {
3209 var_result.Bind(LoadRoot(Heap::kempty_stringRootIndex));
3210 Goto(&if_join);
3211 }
3212
3213 BIND(&if_join);
3214 return CAST(var_result.value());
3215 }
3216
AllocateSlicedString(Heap::RootListIndex map_root_index,TNode<Smi> length,TNode<String> parent,TNode<Smi> offset)3217 TNode<String> CodeStubAssembler::AllocateSlicedString(
3218 Heap::RootListIndex map_root_index, TNode<Smi> length, TNode<String> parent,
3219 TNode<Smi> offset) {
3220 DCHECK(map_root_index == Heap::kSlicedOneByteStringMapRootIndex ||
3221 map_root_index == Heap::kSlicedStringMapRootIndex);
3222 Node* result = Allocate(SlicedString::kSize);
3223 DCHECK(Heap::RootIsImmortalImmovable(map_root_index));
3224 StoreMapNoWriteBarrier(result, map_root_index);
3225 StoreObjectFieldNoWriteBarrier(result, SlicedString::kLengthOffset, length,
3226 MachineRepresentation::kTagged);
3227 StoreObjectFieldNoWriteBarrier(result, SlicedString::kHashFieldSlot,
3228 IntPtrConstant(String::kEmptyHashField),
3229 MachineType::PointerRepresentation());
3230 StoreObjectFieldNoWriteBarrier(result, SlicedString::kParentOffset, parent,
3231 MachineRepresentation::kTagged);
3232 StoreObjectFieldNoWriteBarrier(result, SlicedString::kOffsetOffset, offset,
3233 MachineRepresentation::kTagged);
3234 return CAST(result);
3235 }
3236
AllocateSlicedOneByteString(TNode<Smi> length,TNode<String> parent,TNode<Smi> offset)3237 TNode<String> CodeStubAssembler::AllocateSlicedOneByteString(
3238 TNode<Smi> length, TNode<String> parent, TNode<Smi> offset) {
3239 return AllocateSlicedString(Heap::kSlicedOneByteStringMapRootIndex, length,
3240 parent, offset);
3241 }
3242
AllocateSlicedTwoByteString(TNode<Smi> length,TNode<String> parent,TNode<Smi> offset)3243 TNode<String> CodeStubAssembler::AllocateSlicedTwoByteString(
3244 TNode<Smi> length, TNode<String> parent, TNode<Smi> offset) {
3245 return AllocateSlicedString(Heap::kSlicedStringMapRootIndex, length, parent,
3246 offset);
3247 }
3248
AllocateConsString(Heap::RootListIndex map_root_index,TNode<Smi> length,TNode<String> first,TNode<String> second,AllocationFlags flags)3249 TNode<String> CodeStubAssembler::AllocateConsString(
3250 Heap::RootListIndex map_root_index, TNode<Smi> length, TNode<String> first,
3251 TNode<String> second, AllocationFlags flags) {
3252 DCHECK(map_root_index == Heap::kConsOneByteStringMapRootIndex ||
3253 map_root_index == Heap::kConsStringMapRootIndex);
3254 Node* result = Allocate(ConsString::kSize, flags);
3255 DCHECK(Heap::RootIsImmortalImmovable(map_root_index));
3256 StoreMapNoWriteBarrier(result, map_root_index);
3257 StoreObjectFieldNoWriteBarrier(result, ConsString::kLengthOffset, length,
3258 MachineRepresentation::kTagged);
3259 StoreObjectFieldNoWriteBarrier(result, ConsString::kHashFieldSlot,
3260 IntPtrConstant(String::kEmptyHashField),
3261 MachineType::PointerRepresentation());
3262 bool const new_space = !(flags & kPretenured);
3263 if (new_space) {
3264 StoreObjectFieldNoWriteBarrier(result, ConsString::kFirstOffset, first,
3265 MachineRepresentation::kTagged);
3266 StoreObjectFieldNoWriteBarrier(result, ConsString::kSecondOffset, second,
3267 MachineRepresentation::kTagged);
3268 } else {
3269 StoreObjectField(result, ConsString::kFirstOffset, first);
3270 StoreObjectField(result, ConsString::kSecondOffset, second);
3271 }
3272 return CAST(result);
3273 }
3274
AllocateOneByteConsString(TNode<Smi> length,TNode<String> first,TNode<String> second,AllocationFlags flags)3275 TNode<String> CodeStubAssembler::AllocateOneByteConsString(
3276 TNode<Smi> length, TNode<String> first, TNode<String> second,
3277 AllocationFlags flags) {
3278 return AllocateConsString(Heap::kConsOneByteStringMapRootIndex, length, first,
3279 second, flags);
3280 }
3281
AllocateTwoByteConsString(TNode<Smi> length,TNode<String> first,TNode<String> second,AllocationFlags flags)3282 TNode<String> CodeStubAssembler::AllocateTwoByteConsString(
3283 TNode<Smi> length, TNode<String> first, TNode<String> second,
3284 AllocationFlags flags) {
3285 return AllocateConsString(Heap::kConsStringMapRootIndex, length, first,
3286 second, flags);
3287 }
3288
NewConsString(Node * context,TNode<Smi> length,TNode<String> left,TNode<String> right,AllocationFlags flags)3289 TNode<String> CodeStubAssembler::NewConsString(Node* context, TNode<Smi> length,
3290 TNode<String> left,
3291 TNode<String> right,
3292 AllocationFlags flags) {
3293 CSA_ASSERT(this, IsContext(context));
3294 // Added string can be a cons string.
3295 Comment("Allocating ConsString");
3296 Node* left_instance_type = LoadInstanceType(left);
3297 Node* right_instance_type = LoadInstanceType(right);
3298
3299 // Compute intersection and difference of instance types.
3300 Node* anded_instance_types =
3301 Word32And(left_instance_type, right_instance_type);
3302 Node* xored_instance_types =
3303 Word32Xor(left_instance_type, right_instance_type);
3304
3305 // We create a one-byte cons string if
3306 // 1. both strings are one-byte, or
3307 // 2. at least one of the strings is two-byte, but happens to contain only
3308 // one-byte characters.
3309 // To do this, we check
3310 // 1. if both strings are one-byte, or if the one-byte data hint is set in
3311 // both strings, or
3312 // 2. if one of the strings has the one-byte data hint set and the other
3313 // string is one-byte.
3314 STATIC_ASSERT(kOneByteStringTag != 0);
3315 STATIC_ASSERT(kOneByteDataHintTag != 0);
3316 Label one_byte_map(this);
3317 Label two_byte_map(this);
3318 TVARIABLE(String, result);
3319 Label done(this, &result);
3320 GotoIf(IsSetWord32(anded_instance_types,
3321 kStringEncodingMask | kOneByteDataHintTag),
3322 &one_byte_map);
3323 Branch(Word32NotEqual(Word32And(xored_instance_types,
3324 Int32Constant(kStringEncodingMask |
3325 kOneByteDataHintMask)),
3326 Int32Constant(kOneByteStringTag | kOneByteDataHintTag)),
3327 &two_byte_map, &one_byte_map);
3328
3329 BIND(&one_byte_map);
3330 Comment("One-byte ConsString");
3331 result = AllocateOneByteConsString(length, left, right, flags);
3332 Goto(&done);
3333
3334 BIND(&two_byte_map);
3335 Comment("Two-byte ConsString");
3336 result = AllocateTwoByteConsString(length, left, right, flags);
3337 Goto(&done);
3338
3339 BIND(&done);
3340
3341 return result.value();
3342 }
3343
AllocateNameDictionary(int at_least_space_for)3344 TNode<NameDictionary> CodeStubAssembler::AllocateNameDictionary(
3345 int at_least_space_for) {
3346 return AllocateNameDictionary(IntPtrConstant(at_least_space_for));
3347 }
3348
AllocateNameDictionary(TNode<IntPtrT> at_least_space_for)3349 TNode<NameDictionary> CodeStubAssembler::AllocateNameDictionary(
3350 TNode<IntPtrT> at_least_space_for) {
3351 CSA_ASSERT(this, UintPtrLessThanOrEqual(
3352 at_least_space_for,
3353 IntPtrConstant(NameDictionary::kMaxCapacity)));
3354 TNode<IntPtrT> capacity = HashTableComputeCapacity(at_least_space_for);
3355 return AllocateNameDictionaryWithCapacity(capacity);
3356 }
3357
AllocateNameDictionaryWithCapacity(TNode<IntPtrT> capacity)3358 TNode<NameDictionary> CodeStubAssembler::AllocateNameDictionaryWithCapacity(
3359 TNode<IntPtrT> capacity) {
3360 CSA_ASSERT(this, WordIsPowerOfTwo(capacity));
3361 CSA_ASSERT(this, IntPtrGreaterThan(capacity, IntPtrConstant(0)));
3362 TNode<IntPtrT> length = EntryToIndex<NameDictionary>(capacity);
3363 TNode<WordT> store_size = IntPtrAdd(
3364 TimesPointerSize(length), IntPtrConstant(NameDictionary::kHeaderSize));
3365
3366 TNode<NameDictionary> result =
3367 UncheckedCast<NameDictionary>(AllocateInNewSpace(store_size));
3368 Comment("Initialize NameDictionary");
3369 // Initialize FixedArray fields.
3370 DCHECK(Heap::RootIsImmortalImmovable(Heap::kNameDictionaryMapRootIndex));
3371 StoreMapNoWriteBarrier(result, Heap::kNameDictionaryMapRootIndex);
3372 StoreObjectFieldNoWriteBarrier(result, FixedArray::kLengthOffset,
3373 SmiFromIntPtr(length));
3374 // Initialized HashTable fields.
3375 TNode<Smi> zero = SmiConstant(0);
3376 StoreFixedArrayElement(result, NameDictionary::kNumberOfElementsIndex, zero,
3377 SKIP_WRITE_BARRIER);
3378 StoreFixedArrayElement(result, NameDictionary::kNumberOfDeletedElementsIndex,
3379 zero, SKIP_WRITE_BARRIER);
3380 StoreFixedArrayElement(result, NameDictionary::kCapacityIndex,
3381 SmiTag(capacity), SKIP_WRITE_BARRIER);
3382 // Initialize Dictionary fields.
3383 TNode<HeapObject> filler = UndefinedConstant();
3384 StoreFixedArrayElement(result, NameDictionary::kNextEnumerationIndexIndex,
3385 SmiConstant(PropertyDetails::kInitialIndex),
3386 SKIP_WRITE_BARRIER);
3387 StoreFixedArrayElement(result, NameDictionary::kObjectHashIndex,
3388 SmiConstant(PropertyArray::kNoHashSentinel),
3389 SKIP_WRITE_BARRIER);
3390
3391 // Initialize NameDictionary elements.
3392 TNode<WordT> result_word = BitcastTaggedToWord(result);
3393 TNode<WordT> start_address = IntPtrAdd(
3394 result_word, IntPtrConstant(NameDictionary::OffsetOfElementAt(
3395 NameDictionary::kElementsStartIndex) -
3396 kHeapObjectTag));
3397 TNode<WordT> end_address = IntPtrAdd(
3398 result_word, IntPtrSub(store_size, IntPtrConstant(kHeapObjectTag)));
3399 StoreFieldsNoWriteBarrier(start_address, end_address, filler);
3400 return result;
3401 }
3402
CopyNameDictionary(TNode<NameDictionary> dictionary,Label * large_object_fallback)3403 TNode<NameDictionary> CodeStubAssembler::CopyNameDictionary(
3404 TNode<NameDictionary> dictionary, Label* large_object_fallback) {
3405 Comment("Copy boilerplate property dict");
3406 TNode<IntPtrT> capacity = SmiUntag(GetCapacity<NameDictionary>(dictionary));
3407 CSA_ASSERT(this, IntPtrGreaterThanOrEqual(capacity, IntPtrConstant(0)));
3408 GotoIf(UintPtrGreaterThan(
3409 capacity, IntPtrConstant(NameDictionary::kMaxRegularCapacity)),
3410 large_object_fallback);
3411 TNode<NameDictionary> properties =
3412 AllocateNameDictionaryWithCapacity(capacity);
3413 TNode<IntPtrT> length = SmiUntag(LoadFixedArrayBaseLength(dictionary));
3414 CopyFixedArrayElements(PACKED_ELEMENTS, dictionary, properties, length,
3415 SKIP_WRITE_BARRIER, INTPTR_PARAMETERS);
3416 return properties;
3417 }
3418
3419 template <typename CollectionType>
AllocateOrderedHashTable()3420 Node* CodeStubAssembler::AllocateOrderedHashTable() {
3421 static const int kCapacity = CollectionType::kMinCapacity;
3422 static const int kBucketCount = kCapacity / CollectionType::kLoadFactor;
3423 static const int kDataTableLength = kCapacity * CollectionType::kEntrySize;
3424 static const int kFixedArrayLength =
3425 CollectionType::kHashTableStartIndex + kBucketCount + kDataTableLength;
3426 static const int kDataTableStartIndex =
3427 CollectionType::kHashTableStartIndex + kBucketCount;
3428
3429 STATIC_ASSERT(base::bits::IsPowerOfTwo(kCapacity));
3430 STATIC_ASSERT(kCapacity <= CollectionType::kMaxCapacity);
3431
3432 // Allocate the table and add the proper map.
3433 const ElementsKind elements_kind = HOLEY_ELEMENTS;
3434 TNode<IntPtrT> length_intptr = IntPtrConstant(kFixedArrayLength);
3435 TNode<Map> fixed_array_map = CAST(LoadRoot(
3436 static_cast<Heap::RootListIndex>(CollectionType::GetMapRootIndex())));
3437 TNode<FixedArray> table =
3438 CAST(AllocateFixedArray(elements_kind, length_intptr,
3439 kAllowLargeObjectAllocation, fixed_array_map));
3440
3441 // Initialize the OrderedHashTable fields.
3442 const WriteBarrierMode barrier_mode = SKIP_WRITE_BARRIER;
3443 StoreFixedArrayElement(table, CollectionType::kNumberOfElementsIndex,
3444 SmiConstant(0), barrier_mode);
3445 StoreFixedArrayElement(table, CollectionType::kNumberOfDeletedElementsIndex,
3446 SmiConstant(0), barrier_mode);
3447 StoreFixedArrayElement(table, CollectionType::kNumberOfBucketsIndex,
3448 SmiConstant(kBucketCount), barrier_mode);
3449
3450 // Fill the buckets with kNotFound.
3451 TNode<Smi> not_found = SmiConstant(CollectionType::kNotFound);
3452 STATIC_ASSERT(CollectionType::kHashTableStartIndex ==
3453 CollectionType::kNumberOfBucketsIndex + 1);
3454 STATIC_ASSERT((CollectionType::kHashTableStartIndex + kBucketCount) ==
3455 kDataTableStartIndex);
3456 for (int i = 0; i < kBucketCount; i++) {
3457 StoreFixedArrayElement(table, CollectionType::kHashTableStartIndex + i,
3458 not_found, barrier_mode);
3459 }
3460
3461 // Fill the data table with undefined.
3462 STATIC_ASSERT(kDataTableStartIndex + kDataTableLength == kFixedArrayLength);
3463 for (int i = 0; i < kDataTableLength; i++) {
3464 StoreFixedArrayElement(table, kDataTableStartIndex + i, UndefinedConstant(),
3465 barrier_mode);
3466 }
3467
3468 return table;
3469 }
3470
3471 template Node* CodeStubAssembler::AllocateOrderedHashTable<OrderedHashMap>();
3472 template Node* CodeStubAssembler::AllocateOrderedHashTable<OrderedHashSet>();
3473
3474 template <typename CollectionType>
AllocateSmallOrderedHashTable(TNode<IntPtrT> capacity)3475 TNode<CollectionType> CodeStubAssembler::AllocateSmallOrderedHashTable(
3476 TNode<IntPtrT> capacity) {
3477 CSA_ASSERT(this, WordIsPowerOfTwo(capacity));
3478 CSA_ASSERT(this, IntPtrLessThan(
3479 capacity, IntPtrConstant(CollectionType::kMaxCapacity)));
3480
3481 TNode<IntPtrT> data_table_start_offset =
3482 IntPtrConstant(CollectionType::kDataTableStartOffset);
3483
3484 TNode<IntPtrT> data_table_size = IntPtrMul(
3485 capacity, IntPtrConstant(CollectionType::kEntrySize * kPointerSize));
3486
3487 TNode<Int32T> hash_table_size =
3488 Int32Div(TruncateIntPtrToInt32(capacity),
3489 Int32Constant(CollectionType::kLoadFactor));
3490
3491 TNode<IntPtrT> hash_table_start_offset =
3492 IntPtrAdd(data_table_start_offset, data_table_size);
3493
3494 TNode<IntPtrT> hash_table_and_chain_table_size =
3495 IntPtrAdd(ChangeInt32ToIntPtr(hash_table_size), capacity);
3496
3497 TNode<IntPtrT> total_size =
3498 IntPtrAdd(hash_table_start_offset, hash_table_and_chain_table_size);
3499
3500 TNode<IntPtrT> total_size_word_aligned =
3501 IntPtrAdd(total_size, IntPtrConstant(kPointerSize - 1));
3502 total_size_word_aligned = ChangeInt32ToIntPtr(
3503 Int32Div(TruncateIntPtrToInt32(total_size_word_aligned),
3504 Int32Constant(kPointerSize)));
3505 total_size_word_aligned =
3506 UncheckedCast<IntPtrT>(TimesPointerSize(total_size_word_aligned));
3507
3508 // Allocate the table and add the proper map.
3509 TNode<Map> small_ordered_hash_map = CAST(LoadRoot(
3510 static_cast<Heap::RootListIndex>(CollectionType::GetMapRootIndex())));
3511 TNode<Object> table_obj = CAST(AllocateInNewSpace(total_size_word_aligned));
3512 StoreMapNoWriteBarrier(table_obj, small_ordered_hash_map);
3513 TNode<CollectionType> table = UncheckedCast<CollectionType>(table_obj);
3514
3515 // Initialize the SmallOrderedHashTable fields.
3516 StoreObjectByteNoWriteBarrier(
3517 table, CollectionType::kNumberOfBucketsOffset,
3518 Word32And(Int32Constant(0xFF), hash_table_size));
3519 StoreObjectByteNoWriteBarrier(table, CollectionType::kNumberOfElementsOffset,
3520 Int32Constant(0));
3521 StoreObjectByteNoWriteBarrier(
3522 table, CollectionType::kNumberOfDeletedElementsOffset, Int32Constant(0));
3523
3524 TNode<IntPtrT> table_address =
3525 IntPtrSub(BitcastTaggedToWord(table), IntPtrConstant(kHeapObjectTag));
3526 TNode<IntPtrT> hash_table_start_address =
3527 IntPtrAdd(table_address, hash_table_start_offset);
3528
3529 // Initialize the HashTable part.
3530 Node* memset = ExternalConstant(ExternalReference::libc_memset_function());
3531 CallCFunction3(MachineType::AnyTagged(), MachineType::Pointer(),
3532 MachineType::IntPtr(), MachineType::UintPtr(), memset,
3533 hash_table_start_address, IntPtrConstant(0xFF),
3534 hash_table_and_chain_table_size);
3535
3536 // Initialize the DataTable part.
3537 TNode<HeapObject> filler = TheHoleConstant();
3538 TNode<WordT> data_table_start_address =
3539 IntPtrAdd(table_address, data_table_start_offset);
3540 TNode<WordT> data_table_end_address =
3541 IntPtrAdd(data_table_start_address, data_table_size);
3542 StoreFieldsNoWriteBarrier(data_table_start_address, data_table_end_address,
3543 filler);
3544
3545 return table;
3546 }
3547
3548 template TNode<SmallOrderedHashMap>
3549 CodeStubAssembler::AllocateSmallOrderedHashTable<SmallOrderedHashMap>(
3550 TNode<IntPtrT> capacity);
3551 template TNode<SmallOrderedHashSet>
3552 CodeStubAssembler::AllocateSmallOrderedHashTable<SmallOrderedHashSet>(
3553 TNode<IntPtrT> capacity);
3554
3555 template <typename CollectionType>
FindOrderedHashTableEntry(Node * table,Node * hash,std::function<void (Node *,Label *,Label *)> key_compare,Variable * entry_start_position,Label * entry_found,Label * not_found)3556 void CodeStubAssembler::FindOrderedHashTableEntry(
3557 Node* table, Node* hash,
3558 std::function<void(Node*, Label*, Label*)> key_compare,
3559 Variable* entry_start_position, Label* entry_found, Label* not_found) {
3560 // Get the index of the bucket.
3561 Node* const number_of_buckets = SmiUntag(CAST(LoadFixedArrayElement(
3562 CAST(table), CollectionType::kNumberOfBucketsIndex)));
3563 Node* const bucket =
3564 WordAnd(hash, IntPtrSub(number_of_buckets, IntPtrConstant(1)));
3565 Node* const first_entry = SmiUntag(CAST(LoadFixedArrayElement(
3566 CAST(table), bucket,
3567 CollectionType::kHashTableStartIndex * kPointerSize)));
3568
3569 // Walk the bucket chain.
3570 Node* entry_start;
3571 Label if_key_found(this);
3572 {
3573 VARIABLE(var_entry, MachineType::PointerRepresentation(), first_entry);
3574 Label loop(this, {&var_entry, entry_start_position}),
3575 continue_next_entry(this);
3576 Goto(&loop);
3577 BIND(&loop);
3578
3579 // If the entry index is the not-found sentinel, we are done.
3580 GotoIf(
3581 WordEqual(var_entry.value(), IntPtrConstant(CollectionType::kNotFound)),
3582 not_found);
3583
3584 // Make sure the entry index is within range.
3585 CSA_ASSERT(
3586 this, UintPtrLessThan(
3587 var_entry.value(),
3588 SmiUntag(SmiAdd(
3589 CAST(LoadFixedArrayElement(
3590 CAST(table), CollectionType::kNumberOfElementsIndex)),
3591 CAST(LoadFixedArrayElement(
3592 CAST(table),
3593 CollectionType::kNumberOfDeletedElementsIndex))))));
3594
3595 // Compute the index of the entry relative to kHashTableStartIndex.
3596 entry_start =
3597 IntPtrAdd(IntPtrMul(var_entry.value(),
3598 IntPtrConstant(CollectionType::kEntrySize)),
3599 number_of_buckets);
3600
3601 // Load the key from the entry.
3602 Node* const candidate_key = LoadFixedArrayElement(
3603 CAST(table), entry_start,
3604 CollectionType::kHashTableStartIndex * kPointerSize);
3605
3606 key_compare(candidate_key, &if_key_found, &continue_next_entry);
3607
3608 BIND(&continue_next_entry);
3609 // Load the index of the next entry in the bucket chain.
3610 var_entry.Bind(SmiUntag(CAST(LoadFixedArrayElement(
3611 CAST(table), entry_start,
3612 (CollectionType::kHashTableStartIndex + CollectionType::kChainOffset) *
3613 kPointerSize))));
3614
3615 Goto(&loop);
3616 }
3617
3618 BIND(&if_key_found);
3619 entry_start_position->Bind(entry_start);
3620 Goto(entry_found);
3621 }
3622
3623 template void CodeStubAssembler::FindOrderedHashTableEntry<OrderedHashMap>(
3624 Node* table, Node* hash,
3625 std::function<void(Node*, Label*, Label*)> key_compare,
3626 Variable* entry_start_position, Label* entry_found, Label* not_found);
3627 template void CodeStubAssembler::FindOrderedHashTableEntry<OrderedHashSet>(
3628 Node* table, Node* hash,
3629 std::function<void(Node*, Label*, Label*)> key_compare,
3630 Variable* entry_start_position, Label* entry_found, Label* not_found);
3631
AllocateStruct(Node * map,AllocationFlags flags)3632 Node* CodeStubAssembler::AllocateStruct(Node* map, AllocationFlags flags) {
3633 Comment("AllocateStruct");
3634 CSA_ASSERT(this, IsMap(map));
3635 Node* size = TimesPointerSize(LoadMapInstanceSizeInWords(map));
3636 Node* object = Allocate(size, flags);
3637 StoreMapNoWriteBarrier(object, map);
3638 InitializeStructBody(object, map, size, Struct::kHeaderSize);
3639 return object;
3640 }
3641
InitializeStructBody(Node * object,Node * map,Node * size,int start_offset)3642 void CodeStubAssembler::InitializeStructBody(Node* object, Node* map,
3643 Node* size, int start_offset) {
3644 CSA_SLOW_ASSERT(this, IsMap(map));
3645 Comment("InitializeStructBody");
3646 Node* filler = UndefinedConstant();
3647 // Calculate the untagged field addresses.
3648 object = BitcastTaggedToWord(object);
3649 Node* start_address =
3650 IntPtrAdd(object, IntPtrConstant(start_offset - kHeapObjectTag));
3651 Node* end_address =
3652 IntPtrSub(IntPtrAdd(object, size), IntPtrConstant(kHeapObjectTag));
3653 StoreFieldsNoWriteBarrier(start_address, end_address, filler);
3654 }
3655
AllocateJSObjectFromMap(Node * map,Node * properties,Node * elements,AllocationFlags flags,SlackTrackingMode slack_tracking_mode)3656 Node* CodeStubAssembler::AllocateJSObjectFromMap(
3657 Node* map, Node* properties, Node* elements, AllocationFlags flags,
3658 SlackTrackingMode slack_tracking_mode) {
3659 CSA_ASSERT(this, IsMap(map));
3660 CSA_ASSERT(this, Word32BinaryNot(IsJSFunctionMap(map)));
3661 CSA_ASSERT(this, Word32BinaryNot(InstanceTypeEqual(LoadMapInstanceType(map),
3662 JS_GLOBAL_OBJECT_TYPE)));
3663 Node* instance_size = TimesPointerSize(LoadMapInstanceSizeInWords(map));
3664 Node* object = AllocateInNewSpace(instance_size, flags);
3665 StoreMapNoWriteBarrier(object, map);
3666 InitializeJSObjectFromMap(object, map, instance_size, properties, elements,
3667 slack_tracking_mode);
3668 return object;
3669 }
3670
InitializeJSObjectFromMap(Node * object,Node * map,Node * instance_size,Node * properties,Node * elements,SlackTrackingMode slack_tracking_mode)3671 void CodeStubAssembler::InitializeJSObjectFromMap(
3672 Node* object, Node* map, Node* instance_size, Node* properties,
3673 Node* elements, SlackTrackingMode slack_tracking_mode) {
3674 CSA_SLOW_ASSERT(this, IsMap(map));
3675 // This helper assumes that the object is in new-space, as guarded by the
3676 // check in AllocatedJSObjectFromMap.
3677 if (properties == nullptr) {
3678 CSA_ASSERT(this, Word32BinaryNot(IsDictionaryMap((map))));
3679 StoreObjectFieldRoot(object, JSObject::kPropertiesOrHashOffset,
3680 Heap::kEmptyFixedArrayRootIndex);
3681 } else {
3682 CSA_ASSERT(this, Word32Or(Word32Or(IsPropertyArray(properties),
3683 IsNameDictionary(properties)),
3684 IsEmptyFixedArray(properties)));
3685 StoreObjectFieldNoWriteBarrier(object, JSObject::kPropertiesOrHashOffset,
3686 properties);
3687 }
3688 if (elements == nullptr) {
3689 StoreObjectFieldRoot(object, JSObject::kElementsOffset,
3690 Heap::kEmptyFixedArrayRootIndex);
3691 } else {
3692 CSA_ASSERT(this, IsFixedArray(elements));
3693 StoreObjectFieldNoWriteBarrier(object, JSObject::kElementsOffset, elements);
3694 }
3695 if (slack_tracking_mode == kNoSlackTracking) {
3696 InitializeJSObjectBodyNoSlackTracking(object, map, instance_size);
3697 } else {
3698 DCHECK_EQ(slack_tracking_mode, kWithSlackTracking);
3699 InitializeJSObjectBodyWithSlackTracking(object, map, instance_size);
3700 }
3701 }
3702
InitializeJSObjectBodyNoSlackTracking(Node * object,Node * map,Node * instance_size,int start_offset)3703 void CodeStubAssembler::InitializeJSObjectBodyNoSlackTracking(
3704 Node* object, Node* map, Node* instance_size, int start_offset) {
3705 STATIC_ASSERT(Map::kNoSlackTracking == 0);
3706 CSA_ASSERT(
3707 this, IsClearWord32<Map::ConstructionCounterBits>(LoadMapBitField3(map)));
3708 InitializeFieldsWithRoot(object, IntPtrConstant(start_offset), instance_size,
3709 Heap::kUndefinedValueRootIndex);
3710 }
3711
InitializeJSObjectBodyWithSlackTracking(Node * object,Node * map,Node * instance_size)3712 void CodeStubAssembler::InitializeJSObjectBodyWithSlackTracking(
3713 Node* object, Node* map, Node* instance_size) {
3714 CSA_SLOW_ASSERT(this, IsMap(map));
3715 Comment("InitializeJSObjectBodyNoSlackTracking");
3716
3717 // Perform in-object slack tracking if requested.
3718 int start_offset = JSObject::kHeaderSize;
3719 Node* bit_field3 = LoadMapBitField3(map);
3720 Label end(this), slack_tracking(this), complete(this, Label::kDeferred);
3721 STATIC_ASSERT(Map::kNoSlackTracking == 0);
3722 GotoIf(IsSetWord32<Map::ConstructionCounterBits>(bit_field3),
3723 &slack_tracking);
3724 Comment("No slack tracking");
3725 InitializeJSObjectBodyNoSlackTracking(object, map, instance_size);
3726 Goto(&end);
3727
3728 BIND(&slack_tracking);
3729 {
3730 Comment("Decrease construction counter");
3731 // Slack tracking is only done on initial maps.
3732 CSA_ASSERT(this, IsUndefined(LoadMapBackPointer(map)));
3733 STATIC_ASSERT(Map::ConstructionCounterBits::kNext == 32);
3734 Node* new_bit_field3 = Int32Sub(
3735 bit_field3, Int32Constant(1 << Map::ConstructionCounterBits::kShift));
3736 StoreObjectFieldNoWriteBarrier(map, Map::kBitField3Offset, new_bit_field3,
3737 MachineRepresentation::kWord32);
3738 STATIC_ASSERT(Map::kSlackTrackingCounterEnd == 1);
3739
3740 // The object still has in-object slack therefore the |unsed_or_unused|
3741 // field contain the "used" value.
3742 Node* used_size = TimesPointerSize(ChangeUint32ToWord(
3743 LoadObjectField(map, Map::kUsedOrUnusedInstanceSizeInWordsOffset,
3744 MachineType::Uint8())));
3745
3746 Comment("iInitialize filler fields");
3747 InitializeFieldsWithRoot(object, used_size, instance_size,
3748 Heap::kOnePointerFillerMapRootIndex);
3749
3750 Comment("Initialize undefined fields");
3751 InitializeFieldsWithRoot(object, IntPtrConstant(start_offset), used_size,
3752 Heap::kUndefinedValueRootIndex);
3753
3754 STATIC_ASSERT(Map::kNoSlackTracking == 0);
3755 GotoIf(IsClearWord32<Map::ConstructionCounterBits>(new_bit_field3),
3756 &complete);
3757 Goto(&end);
3758 }
3759
3760 // Finalize the instance size.
3761 BIND(&complete);
3762 {
3763 // ComplextInobjectSlackTracking doesn't allocate and thus doesn't need a
3764 // context.
3765 CallRuntime(Runtime::kCompleteInobjectSlackTrackingForMap,
3766 NoContextConstant(), map);
3767 Goto(&end);
3768 }
3769
3770 BIND(&end);
3771 }
3772
StoreFieldsNoWriteBarrier(Node * start_address,Node * end_address,Node * value)3773 void CodeStubAssembler::StoreFieldsNoWriteBarrier(Node* start_address,
3774 Node* end_address,
3775 Node* value) {
3776 Comment("StoreFieldsNoWriteBarrier");
3777 CSA_ASSERT(this, WordIsWordAligned(start_address));
3778 CSA_ASSERT(this, WordIsWordAligned(end_address));
3779 BuildFastLoop(start_address, end_address,
3780 [this, value](Node* current) {
3781 StoreNoWriteBarrier(MachineRepresentation::kTagged, current,
3782 value);
3783 },
3784 kPointerSize, INTPTR_PARAMETERS, IndexAdvanceMode::kPost);
3785 }
3786
AllocateUninitializedJSArrayWithoutElements(Node * array_map,Node * length,Node * allocation_site)3787 Node* CodeStubAssembler::AllocateUninitializedJSArrayWithoutElements(
3788 Node* array_map, Node* length, Node* allocation_site) {
3789 Comment("begin allocation of JSArray without elements");
3790 CSA_SLOW_ASSERT(this, TaggedIsPositiveSmi(length));
3791 CSA_SLOW_ASSERT(this, IsMap(array_map));
3792 int base_size = JSArray::kSize;
3793 if (allocation_site != nullptr) {
3794 base_size += AllocationMemento::kSize;
3795 }
3796
3797 Node* size = IntPtrConstant(base_size);
3798 Node* array =
3799 AllocateUninitializedJSArray(array_map, length, allocation_site, size);
3800 return array;
3801 }
3802
3803 std::pair<Node*, Node*>
AllocateUninitializedJSArrayWithElements(ElementsKind kind,Node * array_map,Node * length,Node * allocation_site,Node * capacity,ParameterMode capacity_mode)3804 CodeStubAssembler::AllocateUninitializedJSArrayWithElements(
3805 ElementsKind kind, Node* array_map, Node* length, Node* allocation_site,
3806 Node* capacity, ParameterMode capacity_mode) {
3807 Comment("begin allocation of JSArray with elements");
3808 CSA_SLOW_ASSERT(this, TaggedIsPositiveSmi(length));
3809 CSA_SLOW_ASSERT(this, IsMap(array_map));
3810 int base_size = JSArray::kSize;
3811
3812 if (allocation_site != nullptr) {
3813 base_size += AllocationMemento::kSize;
3814 }
3815
3816 int elements_offset = base_size;
3817
3818 // Compute space for elements
3819 base_size += FixedArray::kHeaderSize;
3820 Node* size = ElementOffsetFromIndex(capacity, kind, capacity_mode, base_size);
3821
3822 Node* array =
3823 AllocateUninitializedJSArray(array_map, length, allocation_site, size);
3824
3825 Node* elements = InnerAllocate(array, elements_offset);
3826 StoreObjectFieldNoWriteBarrier(array, JSObject::kElementsOffset, elements);
3827 // Setup elements object.
3828 STATIC_ASSERT(FixedArrayBase::kHeaderSize == 2 * kPointerSize);
3829 Heap::RootListIndex elements_map_index =
3830 IsDoubleElementsKind(kind) ? Heap::kFixedDoubleArrayMapRootIndex
3831 : Heap::kFixedArrayMapRootIndex;
3832 DCHECK(Heap::RootIsImmortalImmovable(elements_map_index));
3833 StoreMapNoWriteBarrier(elements, elements_map_index);
3834 TNode<Smi> capacity_smi = ParameterToTagged(capacity, capacity_mode);
3835 CSA_ASSERT(this, SmiGreaterThan(capacity_smi, SmiConstant(0)));
3836 StoreObjectFieldNoWriteBarrier(elements, FixedArray::kLengthOffset,
3837 capacity_smi);
3838 return {array, elements};
3839 }
3840
AllocateUninitializedJSArray(Node * array_map,Node * length,Node * allocation_site,Node * size_in_bytes)3841 Node* CodeStubAssembler::AllocateUninitializedJSArray(Node* array_map,
3842 Node* length,
3843 Node* allocation_site,
3844 Node* size_in_bytes) {
3845 CSA_SLOW_ASSERT(this, TaggedIsPositiveSmi(length));
3846 CSA_SLOW_ASSERT(this, IsMap(array_map));
3847
3848 // Allocate space for the JSArray and the elements FixedArray in one go.
3849 Node* array = AllocateInNewSpace(size_in_bytes);
3850
3851 Comment("write JSArray headers");
3852 StoreMapNoWriteBarrier(array, array_map);
3853
3854 StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
3855
3856 StoreObjectFieldRoot(array, JSArray::kPropertiesOrHashOffset,
3857 Heap::kEmptyFixedArrayRootIndex);
3858
3859 if (allocation_site != nullptr) {
3860 InitializeAllocationMemento(array, IntPtrConstant(JSArray::kSize),
3861 allocation_site);
3862 }
3863 return array;
3864 }
3865
AllocateJSArray(ElementsKind kind,Node * array_map,Node * capacity,Node * length,Node * allocation_site,ParameterMode capacity_mode)3866 Node* CodeStubAssembler::AllocateJSArray(ElementsKind kind, Node* array_map,
3867 Node* capacity, Node* length,
3868 Node* allocation_site,
3869 ParameterMode capacity_mode) {
3870 CSA_SLOW_ASSERT(this, IsMap(array_map));
3871 CSA_SLOW_ASSERT(this, TaggedIsPositiveSmi(length));
3872 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity, capacity_mode));
3873
3874 int capacity_as_constant;
3875 Node *array = nullptr, *elements = nullptr;
3876 if (IsIntPtrOrSmiConstantZero(capacity, capacity_mode)) {
3877 // Array is empty. Use the shared empty fixed array instead of allocating a
3878 // new one.
3879 array = AllocateUninitializedJSArrayWithoutElements(array_map, length,
3880 allocation_site);
3881 StoreObjectFieldRoot(array, JSArray::kElementsOffset,
3882 Heap::kEmptyFixedArrayRootIndex);
3883 } else if (TryGetIntPtrOrSmiConstantValue(capacity, &capacity_as_constant,
3884 capacity_mode) &&
3885 capacity_as_constant > 0) {
3886 // Allocate both array and elements object, and initialize the JSArray.
3887 std::tie(array, elements) = AllocateUninitializedJSArrayWithElements(
3888 kind, array_map, length, allocation_site, capacity, capacity_mode);
3889 // Fill in the elements with holes.
3890 FillFixedArrayWithValue(kind, elements,
3891 IntPtrOrSmiConstant(0, capacity_mode), capacity,
3892 Heap::kTheHoleValueRootIndex, capacity_mode);
3893 } else {
3894 Label out(this), empty(this), nonempty(this);
3895 VARIABLE(var_array, MachineRepresentation::kTagged);
3896
3897 Branch(SmiEqual(ParameterToTagged(capacity, capacity_mode), SmiConstant(0)),
3898 &empty, &nonempty);
3899
3900 BIND(&empty);
3901 {
3902 // Array is empty. Use the shared empty fixed array instead of allocating
3903 // a new one.
3904 var_array.Bind(AllocateUninitializedJSArrayWithoutElements(
3905 array_map, length, allocation_site));
3906 StoreObjectFieldRoot(var_array.value(), JSArray::kElementsOffset,
3907 Heap::kEmptyFixedArrayRootIndex);
3908 Goto(&out);
3909 }
3910
3911 BIND(&nonempty);
3912 {
3913 // Allocate both array and elements object, and initialize the JSArray.
3914 Node* array;
3915 std::tie(array, elements) = AllocateUninitializedJSArrayWithElements(
3916 kind, array_map, length, allocation_site, capacity, capacity_mode);
3917 var_array.Bind(array);
3918 // Fill in the elements with holes.
3919 FillFixedArrayWithValue(kind, elements,
3920 IntPtrOrSmiConstant(0, capacity_mode), capacity,
3921 Heap::kTheHoleValueRootIndex, capacity_mode);
3922 Goto(&out);
3923 }
3924
3925 BIND(&out);
3926 array = var_array.value();
3927 }
3928
3929 return array;
3930 }
3931
ExtractFastJSArray(Node * context,Node * array,Node * begin,Node * count,ParameterMode mode,Node * capacity,Node * allocation_site)3932 Node* CodeStubAssembler::ExtractFastJSArray(Node* context, Node* array,
3933 Node* begin, Node* count,
3934 ParameterMode mode, Node* capacity,
3935 Node* allocation_site) {
3936 Node* original_array_map = LoadMap(array);
3937 Node* elements_kind = LoadMapElementsKind(original_array_map);
3938
3939 // Use the cannonical map for the Array's ElementsKind
3940 Node* native_context = LoadNativeContext(context);
3941 Node* array_map = LoadJSArrayElementsMap(elements_kind, native_context);
3942
3943 Node* new_elements =
3944 ExtractFixedArray(LoadElements(array), begin, count, capacity,
3945 ExtractFixedArrayFlag::kAllFixedArrays, mode);
3946
3947 Node* result = AllocateUninitializedJSArrayWithoutElements(
3948 array_map, ParameterToTagged(count, mode), allocation_site);
3949 StoreObjectField(result, JSObject::kElementsOffset, new_elements);
3950 return result;
3951 }
3952
CloneFastJSArray(Node * context,Node * array,ParameterMode mode,Node * allocation_site)3953 Node* CodeStubAssembler::CloneFastJSArray(Node* context, Node* array,
3954 ParameterMode mode,
3955 Node* allocation_site) {
3956 Node* original_array_map = LoadMap(array);
3957 Node* elements_kind = LoadMapElementsKind(original_array_map);
3958
3959 Node* length = LoadJSArrayLength(array);
3960 Node* new_elements = ExtractFixedArray(
3961 LoadElements(array), IntPtrOrSmiConstant(0, mode),
3962 TaggedToParameter(length, mode), nullptr,
3963 ExtractFixedArrayFlag::kAllFixedArraysDontCopyCOW, mode);
3964
3965 // Use the cannonical map for the Array's ElementsKind
3966 Node* native_context = LoadNativeContext(context);
3967 Node* array_map = LoadJSArrayElementsMap(elements_kind, native_context);
3968
3969 Node* result = AllocateUninitializedJSArrayWithoutElements(array_map, length,
3970 allocation_site);
3971 StoreObjectField(result, JSObject::kElementsOffset, new_elements);
3972 return result;
3973 }
3974
AllocateFixedArray(ElementsKind kind,Node * capacity,ParameterMode mode,AllocationFlags flags,SloppyTNode<Map> fixed_array_map)3975 TNode<FixedArrayBase> CodeStubAssembler::AllocateFixedArray(
3976 ElementsKind kind, Node* capacity, ParameterMode mode,
3977 AllocationFlags flags, SloppyTNode<Map> fixed_array_map) {
3978 Comment("AllocateFixedArray");
3979 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity, mode));
3980 CSA_ASSERT(this, IntPtrOrSmiGreaterThan(capacity,
3981 IntPtrOrSmiConstant(0, mode), mode));
3982 TNode<IntPtrT> total_size = GetFixedArrayAllocationSize(capacity, kind, mode);
3983
3984 if (IsDoubleElementsKind(kind)) flags |= kDoubleAlignment;
3985 // Allocate both array and elements object, and initialize the JSArray.
3986 Node* array = Allocate(total_size, flags);
3987 if (fixed_array_map != nullptr) {
3988 // Conservatively only skip the write barrier if there are no allocation
3989 // flags, this ensures that the object hasn't ended up in LOS. Note that the
3990 // fixed array map is currently always immortal and technically wouldn't
3991 // need the write barrier even in LOS, but it's better to not take chances
3992 // in case this invariant changes later, since it's difficult to enforce
3993 // locally here.
3994 if (flags == CodeStubAssembler::kNone) {
3995 StoreMapNoWriteBarrier(array, fixed_array_map);
3996 } else {
3997 StoreMap(array, fixed_array_map);
3998 }
3999 } else {
4000 Heap::RootListIndex map_index = IsDoubleElementsKind(kind)
4001 ? Heap::kFixedDoubleArrayMapRootIndex
4002 : Heap::kFixedArrayMapRootIndex;
4003 DCHECK(Heap::RootIsImmortalImmovable(map_index));
4004 StoreMapNoWriteBarrier(array, map_index);
4005 }
4006 StoreObjectFieldNoWriteBarrier(array, FixedArray::kLengthOffset,
4007 ParameterToTagged(capacity, mode));
4008 return UncheckedCast<FixedArray>(array);
4009 }
4010
ExtractFixedArray(Node * fixed_array,Node * first,Node * count,Node * capacity,ExtractFixedArrayFlags extract_flags,ParameterMode parameter_mode)4011 TNode<FixedArrayBase> CodeStubAssembler::ExtractFixedArray(
4012 Node* fixed_array, Node* first, Node* count, Node* capacity,
4013 ExtractFixedArrayFlags extract_flags, ParameterMode parameter_mode) {
4014 VARIABLE(var_result, MachineRepresentation::kTagged);
4015 VARIABLE(var_fixed_array_map, MachineRepresentation::kTagged);
4016 const AllocationFlags flags =
4017 (extract_flags & ExtractFixedArrayFlag::kNewSpaceAllocationOnly)
4018 ? CodeStubAssembler::kNone
4019 : CodeStubAssembler::kAllowLargeObjectAllocation;
4020 if (first == nullptr) {
4021 first = IntPtrOrSmiConstant(0, parameter_mode);
4022 }
4023 if (count == nullptr) {
4024 count =
4025 IntPtrOrSmiSub(TaggedToParameter(LoadFixedArrayBaseLength(fixed_array),
4026 parameter_mode),
4027 first, parameter_mode);
4028
4029 CSA_ASSERT(
4030 this, IntPtrOrSmiLessThanOrEqual(IntPtrOrSmiConstant(0, parameter_mode),
4031 count, parameter_mode));
4032 }
4033 if (capacity == nullptr) {
4034 capacity = count;
4035 } else {
4036 CSA_ASSERT(this, Word32BinaryNot(IntPtrOrSmiGreaterThan(
4037 IntPtrOrSmiAdd(first, count, parameter_mode), capacity,
4038 parameter_mode)));
4039 }
4040
4041 Label if_fixed_double_array(this), empty(this), cow(this),
4042 done(this, {&var_result, &var_fixed_array_map});
4043 var_fixed_array_map.Bind(LoadMap(fixed_array));
4044 GotoIf(WordEqual(IntPtrOrSmiConstant(0, parameter_mode), capacity), &empty);
4045
4046 if (extract_flags & ExtractFixedArrayFlag::kFixedDoubleArrays) {
4047 if (extract_flags & ExtractFixedArrayFlag::kFixedArrays) {
4048 GotoIf(IsFixedDoubleArrayMap(var_fixed_array_map.value()),
4049 &if_fixed_double_array);
4050 } else {
4051 CSA_ASSERT(this, IsFixedDoubleArrayMap(var_fixed_array_map.value()));
4052 }
4053 } else {
4054 DCHECK(extract_flags & ExtractFixedArrayFlag::kFixedArrays);
4055 CSA_ASSERT(this, Word32BinaryNot(
4056 IsFixedDoubleArrayMap(var_fixed_array_map.value())));
4057 }
4058
4059 if (extract_flags & ExtractFixedArrayFlag::kFixedArrays) {
4060 Label new_space_check(this, {&var_fixed_array_map});
4061 Branch(WordEqual(var_fixed_array_map.value(),
4062 LoadRoot(Heap::kFixedCOWArrayMapRootIndex)),
4063 &cow, &new_space_check);
4064
4065 BIND(&new_space_check);
4066
4067 bool handle_old_space = true;
4068 if (extract_flags & ExtractFixedArrayFlag::kNewSpaceAllocationOnly) {
4069 handle_old_space = false;
4070 CSA_ASSERT(this, Word32BinaryNot(FixedArraySizeDoesntFitInNewSpace(
4071 count, FixedArray::kHeaderSize, parameter_mode)));
4072 } else {
4073 int constant_count;
4074 handle_old_space =
4075 !TryGetIntPtrOrSmiConstantValue(count, &constant_count,
4076 parameter_mode) ||
4077 (constant_count >
4078 FixedArray::GetMaxLengthForNewSpaceAllocation(PACKED_ELEMENTS));
4079 }
4080
4081 Label old_space(this, Label::kDeferred);
4082 if (handle_old_space) {
4083 GotoIfFixedArraySizeDoesntFitInNewSpace(
4084 capacity, &old_space, FixedArray::kHeaderSize, parameter_mode);
4085 }
4086
4087 Comment("Copy PACKED_ELEMENTS new space");
4088
4089 ElementsKind kind = PACKED_ELEMENTS;
4090 Node* to_elements =
4091 AllocateFixedArray(kind, capacity, parameter_mode,
4092 AllocationFlag::kNone, var_fixed_array_map.value());
4093 var_result.Bind(to_elements);
4094 CopyFixedArrayElements(kind, fixed_array, kind, to_elements, first, count,
4095 capacity, SKIP_WRITE_BARRIER, parameter_mode);
4096 Goto(&done);
4097
4098 if (handle_old_space) {
4099 BIND(&old_space);
4100 {
4101 Comment("Copy PACKED_ELEMENTS old space");
4102
4103 to_elements = AllocateFixedArray(kind, capacity, parameter_mode, flags,
4104 var_fixed_array_map.value());
4105 var_result.Bind(to_elements);
4106 CopyFixedArrayElements(kind, fixed_array, kind, to_elements, first,
4107 count, capacity, UPDATE_WRITE_BARRIER,
4108 parameter_mode);
4109 Goto(&done);
4110 }
4111 }
4112
4113 BIND(&cow);
4114 {
4115 if (extract_flags & ExtractFixedArrayFlag::kDontCopyCOW) {
4116 Branch(WordNotEqual(IntPtrOrSmiConstant(0, parameter_mode), first),
4117 &new_space_check, [&] {
4118 var_result.Bind(fixed_array);
4119 Goto(&done);
4120 });
4121 } else {
4122 var_fixed_array_map.Bind(LoadRoot(Heap::kFixedArrayMapRootIndex));
4123 Goto(&new_space_check);
4124 }
4125 }
4126 } else {
4127 Goto(&if_fixed_double_array);
4128 }
4129
4130 if (extract_flags & ExtractFixedArrayFlag::kFixedDoubleArrays) {
4131 BIND(&if_fixed_double_array);
4132
4133 Comment("Copy PACKED_DOUBLE_ELEMENTS");
4134
4135 ElementsKind kind = PACKED_DOUBLE_ELEMENTS;
4136 Node* to_elements = AllocateFixedArray(kind, capacity, parameter_mode,
4137 flags, var_fixed_array_map.value());
4138 var_result.Bind(to_elements);
4139 CopyFixedArrayElements(kind, fixed_array, kind, to_elements, first, count,
4140 capacity, SKIP_WRITE_BARRIER, parameter_mode);
4141
4142 Goto(&done);
4143 }
4144
4145 BIND(&empty);
4146 {
4147 Comment("Copy empty array");
4148
4149 var_result.Bind(EmptyFixedArrayConstant());
4150 Goto(&done);
4151 }
4152
4153 BIND(&done);
4154 return UncheckedCast<FixedArray>(var_result.value());
4155 }
4156
InitializePropertyArrayLength(Node * property_array,Node * length,ParameterMode mode)4157 void CodeStubAssembler::InitializePropertyArrayLength(Node* property_array,
4158 Node* length,
4159 ParameterMode mode) {
4160 CSA_SLOW_ASSERT(this, IsPropertyArray(property_array));
4161 CSA_ASSERT(
4162 this, IntPtrOrSmiGreaterThan(length, IntPtrOrSmiConstant(0, mode), mode));
4163 CSA_ASSERT(
4164 this,
4165 IntPtrOrSmiLessThanOrEqual(
4166 length, IntPtrOrSmiConstant(PropertyArray::LengthField::kMax, mode),
4167 mode));
4168 StoreObjectFieldNoWriteBarrier(
4169 property_array, PropertyArray::kLengthAndHashOffset,
4170 ParameterToTagged(length, mode), MachineRepresentation::kTaggedSigned);
4171 }
4172
AllocatePropertyArray(Node * capacity_node,ParameterMode mode,AllocationFlags flags)4173 Node* CodeStubAssembler::AllocatePropertyArray(Node* capacity_node,
4174 ParameterMode mode,
4175 AllocationFlags flags) {
4176 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity_node, mode));
4177 CSA_ASSERT(this, IntPtrOrSmiGreaterThan(capacity_node,
4178 IntPtrOrSmiConstant(0, mode), mode));
4179 Node* total_size = GetPropertyArrayAllocationSize(capacity_node, mode);
4180
4181 Node* array = Allocate(total_size, flags);
4182 Heap::RootListIndex map_index = Heap::kPropertyArrayMapRootIndex;
4183 DCHECK(Heap::RootIsImmortalImmovable(map_index));
4184 StoreMapNoWriteBarrier(array, map_index);
4185 InitializePropertyArrayLength(array, capacity_node, mode);
4186 return array;
4187 }
4188
FillPropertyArrayWithUndefined(Node * array,Node * from_node,Node * to_node,ParameterMode mode)4189 void CodeStubAssembler::FillPropertyArrayWithUndefined(Node* array,
4190 Node* from_node,
4191 Node* to_node,
4192 ParameterMode mode) {
4193 CSA_SLOW_ASSERT(this, MatchesParameterMode(from_node, mode));
4194 CSA_SLOW_ASSERT(this, MatchesParameterMode(to_node, mode));
4195 CSA_SLOW_ASSERT(this, IsPropertyArray(array));
4196 ElementsKind kind = PACKED_ELEMENTS;
4197 Node* value = UndefinedConstant();
4198 BuildFastFixedArrayForEach(array, kind, from_node, to_node,
4199 [this, value](Node* array, Node* offset) {
4200 StoreNoWriteBarrier(
4201 MachineRepresentation::kTagged, array,
4202 offset, value);
4203 },
4204 mode);
4205 }
4206
FillFixedArrayWithValue(ElementsKind kind,Node * array,Node * from_node,Node * to_node,Heap::RootListIndex value_root_index,ParameterMode mode)4207 void CodeStubAssembler::FillFixedArrayWithValue(
4208 ElementsKind kind, Node* array, Node* from_node, Node* to_node,
4209 Heap::RootListIndex value_root_index, ParameterMode mode) {
4210 CSA_SLOW_ASSERT(this, MatchesParameterMode(from_node, mode));
4211 CSA_SLOW_ASSERT(this, MatchesParameterMode(to_node, mode));
4212 CSA_SLOW_ASSERT(this, IsFixedArrayWithKind(array, kind));
4213 DCHECK(value_root_index == Heap::kTheHoleValueRootIndex ||
4214 value_root_index == Heap::kUndefinedValueRootIndex);
4215
4216 // Determine the value to initialize the {array} based
4217 // on the {value_root_index} and the elements {kind}.
4218 Node* value = LoadRoot(value_root_index);
4219 if (IsDoubleElementsKind(kind)) {
4220 value = LoadHeapNumberValue(value);
4221 }
4222
4223 BuildFastFixedArrayForEach(
4224 array, kind, from_node, to_node,
4225 [this, value, kind](Node* array, Node* offset) {
4226 if (IsDoubleElementsKind(kind)) {
4227 StoreNoWriteBarrier(MachineRepresentation::kFloat64, array, offset,
4228 value);
4229 } else {
4230 StoreNoWriteBarrier(MachineRepresentation::kTagged, array, offset,
4231 value);
4232 }
4233 },
4234 mode);
4235 }
4236
FillFixedArrayWithSmiZero(TNode<FixedArray> array,TNode<IntPtrT> length)4237 void CodeStubAssembler::FillFixedArrayWithSmiZero(TNode<FixedArray> array,
4238 TNode<IntPtrT> length) {
4239 CSA_ASSERT(this, WordEqual(length, LoadAndUntagFixedArrayBaseLength(array)));
4240
4241 TNode<IntPtrT> byte_length = TimesPointerSize(length);
4242 CSA_ASSERT(this, UintPtrLessThan(length, byte_length));
4243
4244 static const int32_t fa_base_data_offset =
4245 FixedArray::kHeaderSize - kHeapObjectTag;
4246 TNode<IntPtrT> backing_store = IntPtrAdd(BitcastTaggedToWord(array),
4247 IntPtrConstant(fa_base_data_offset));
4248
4249 // Call out to memset to perform initialization.
4250 TNode<ExternalReference> memset =
4251 ExternalConstant(ExternalReference::libc_memset_function());
4252 STATIC_ASSERT(kSizetSize == kIntptrSize);
4253 CallCFunction3(MachineType::Pointer(), MachineType::Pointer(),
4254 MachineType::IntPtr(), MachineType::UintPtr(), memset,
4255 backing_store, IntPtrConstant(0), byte_length);
4256 }
4257
FillFixedDoubleArrayWithZero(TNode<FixedDoubleArray> array,TNode<IntPtrT> length)4258 void CodeStubAssembler::FillFixedDoubleArrayWithZero(
4259 TNode<FixedDoubleArray> array, TNode<IntPtrT> length) {
4260 CSA_ASSERT(this, WordEqual(length, LoadAndUntagFixedArrayBaseLength(array)));
4261
4262 TNode<IntPtrT> byte_length = TimesDoubleSize(length);
4263 CSA_ASSERT(this, UintPtrLessThan(length, byte_length));
4264
4265 static const int32_t fa_base_data_offset =
4266 FixedDoubleArray::kHeaderSize - kHeapObjectTag;
4267 TNode<IntPtrT> backing_store = IntPtrAdd(BitcastTaggedToWord(array),
4268 IntPtrConstant(fa_base_data_offset));
4269
4270 // Call out to memset to perform initialization.
4271 TNode<ExternalReference> memset =
4272 ExternalConstant(ExternalReference::libc_memset_function());
4273 STATIC_ASSERT(kSizetSize == kIntptrSize);
4274 CallCFunction3(MachineType::Pointer(), MachineType::Pointer(),
4275 MachineType::IntPtr(), MachineType::UintPtr(), memset,
4276 backing_store, IntPtrConstant(0), byte_length);
4277 }
4278
CopyFixedArrayElements(ElementsKind from_kind,Node * from_array,ElementsKind to_kind,Node * to_array,Node * first_element,Node * element_count,Node * capacity,WriteBarrierMode barrier_mode,ParameterMode mode)4279 void CodeStubAssembler::CopyFixedArrayElements(
4280 ElementsKind from_kind, Node* from_array, ElementsKind to_kind,
4281 Node* to_array, Node* first_element, Node* element_count, Node* capacity,
4282 WriteBarrierMode barrier_mode, ParameterMode mode) {
4283 CSA_SLOW_ASSERT(this, MatchesParameterMode(element_count, mode));
4284 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity, mode));
4285 CSA_SLOW_ASSERT(this, IsFixedArrayWithKindOrEmpty(from_array, from_kind));
4286 CSA_SLOW_ASSERT(this, IsFixedArrayWithKindOrEmpty(to_array, to_kind));
4287 STATIC_ASSERT(FixedArray::kHeaderSize == FixedDoubleArray::kHeaderSize);
4288 const int first_element_offset = FixedArray::kHeaderSize - kHeapObjectTag;
4289 Comment("[ CopyFixedArrayElements");
4290
4291 // Typed array elements are not supported.
4292 DCHECK(!IsFixedTypedArrayElementsKind(from_kind));
4293 DCHECK(!IsFixedTypedArrayElementsKind(to_kind));
4294
4295 Label done(this);
4296 bool from_double_elements = IsDoubleElementsKind(from_kind);
4297 bool to_double_elements = IsDoubleElementsKind(to_kind);
4298 bool doubles_to_objects_conversion =
4299 IsDoubleElementsKind(from_kind) && IsObjectElementsKind(to_kind);
4300 bool needs_write_barrier =
4301 doubles_to_objects_conversion ||
4302 (barrier_mode == UPDATE_WRITE_BARRIER && IsObjectElementsKind(to_kind));
4303 bool element_offset_matches =
4304 !needs_write_barrier && (Is64() || IsDoubleElementsKind(from_kind) ==
4305 IsDoubleElementsKind(to_kind));
4306 Node* double_hole =
4307 Is64() ? ReinterpretCast<UintPtrT>(Int64Constant(kHoleNanInt64))
4308 : ReinterpretCast<UintPtrT>(Int32Constant(kHoleNanLower32));
4309
4310 if (doubles_to_objects_conversion) {
4311 // If the copy might trigger a GC, make sure that the FixedArray is
4312 // pre-initialized with holes to make sure that it's always in a
4313 // consistent state.
4314 FillFixedArrayWithValue(to_kind, to_array, IntPtrOrSmiConstant(0, mode),
4315 capacity, Heap::kTheHoleValueRootIndex, mode);
4316 } else if (element_count != capacity) {
4317 FillFixedArrayWithValue(to_kind, to_array, element_count, capacity,
4318 Heap::kTheHoleValueRootIndex, mode);
4319 }
4320
4321 Node* first_from_element_offset =
4322 ElementOffsetFromIndex(first_element, from_kind, mode, 0);
4323 Node* limit_offset = IntPtrAdd(first_from_element_offset,
4324 IntPtrConstant(first_element_offset));
4325 VARIABLE(
4326 var_from_offset, MachineType::PointerRepresentation(),
4327 ElementOffsetFromIndex(IntPtrOrSmiAdd(first_element, element_count, mode),
4328 from_kind, mode, first_element_offset));
4329 // This second variable is used only when the element sizes of source and
4330 // destination arrays do not match.
4331 VARIABLE(var_to_offset, MachineType::PointerRepresentation());
4332 if (element_offset_matches) {
4333 var_to_offset.Bind(var_from_offset.value());
4334 } else {
4335 var_to_offset.Bind(ElementOffsetFromIndex(element_count, to_kind, mode,
4336 first_element_offset));
4337 }
4338
4339 Variable* vars[] = {&var_from_offset, &var_to_offset};
4340 Label decrement(this, 2, vars);
4341
4342 Node* to_array_adjusted =
4343 element_offset_matches
4344 ? IntPtrSub(BitcastTaggedToWord(to_array), first_from_element_offset)
4345 : to_array;
4346
4347 Branch(WordEqual(var_from_offset.value(), limit_offset), &done, &decrement);
4348
4349 BIND(&decrement);
4350 {
4351 Node* from_offset = IntPtrSub(
4352 var_from_offset.value(),
4353 IntPtrConstant(from_double_elements ? kDoubleSize : kPointerSize));
4354 var_from_offset.Bind(from_offset);
4355
4356 Node* to_offset;
4357 if (element_offset_matches) {
4358 to_offset = from_offset;
4359 } else {
4360 to_offset = IntPtrSub(
4361 var_to_offset.value(),
4362 IntPtrConstant(to_double_elements ? kDoubleSize : kPointerSize));
4363 var_to_offset.Bind(to_offset);
4364 }
4365
4366 Label next_iter(this), store_double_hole(this);
4367 Label* if_hole;
4368 if (doubles_to_objects_conversion) {
4369 // The target elements array is already preinitialized with holes, so we
4370 // can just proceed with the next iteration.
4371 if_hole = &next_iter;
4372 } else if (IsDoubleElementsKind(to_kind)) {
4373 if_hole = &store_double_hole;
4374 } else {
4375 // In all the other cases don't check for holes and copy the data as is.
4376 if_hole = nullptr;
4377 }
4378
4379 Node* value = LoadElementAndPrepareForStore(
4380 from_array, var_from_offset.value(), from_kind, to_kind, if_hole);
4381
4382 if (needs_write_barrier) {
4383 CHECK_EQ(to_array, to_array_adjusted);
4384 Store(to_array_adjusted, to_offset, value);
4385 } else if (to_double_elements) {
4386 StoreNoWriteBarrier(MachineRepresentation::kFloat64, to_array_adjusted,
4387 to_offset, value);
4388 } else {
4389 StoreNoWriteBarrier(MachineRepresentation::kTagged, to_array_adjusted,
4390 to_offset, value);
4391 }
4392 Goto(&next_iter);
4393
4394 if (if_hole == &store_double_hole) {
4395 BIND(&store_double_hole);
4396 // Don't use doubles to store the hole double, since manipulating the
4397 // signaling NaN used for the hole in C++, e.g. with bit_cast, will
4398 // change its value on ia32 (the x87 stack is used to return values
4399 // and stores to the stack silently clear the signalling bit).
4400 //
4401 // TODO(danno): When we have a Float32/Float64 wrapper class that
4402 // preserves double bits during manipulation, remove this code/change
4403 // this to an indexed Float64 store.
4404 if (Is64()) {
4405 StoreNoWriteBarrier(MachineRepresentation::kWord64, to_array_adjusted,
4406 to_offset, double_hole);
4407 } else {
4408 StoreNoWriteBarrier(MachineRepresentation::kWord32, to_array_adjusted,
4409 to_offset, double_hole);
4410 StoreNoWriteBarrier(MachineRepresentation::kWord32, to_array_adjusted,
4411 IntPtrAdd(to_offset, IntPtrConstant(kPointerSize)),
4412 double_hole);
4413 }
4414 Goto(&next_iter);
4415 }
4416
4417 BIND(&next_iter);
4418 Node* compare = WordNotEqual(from_offset, limit_offset);
4419 Branch(compare, &decrement, &done);
4420 }
4421
4422 BIND(&done);
4423 Comment("] CopyFixedArrayElements");
4424 }
4425
HeapObjectToFixedArray(TNode<HeapObject> base,Label * cast_fail)4426 TNode<FixedArray> CodeStubAssembler::HeapObjectToFixedArray(
4427 TNode<HeapObject> base, Label* cast_fail) {
4428 Label fixed_array(this);
4429 TNode<Map> map = LoadMap(base);
4430 GotoIf(WordEqual(map, LoadRoot(Heap::kFixedArrayMapRootIndex)), &fixed_array);
4431 GotoIf(WordNotEqual(map, LoadRoot(Heap::kFixedCOWArrayMapRootIndex)),
4432 cast_fail);
4433 Goto(&fixed_array);
4434 BIND(&fixed_array);
4435 return UncheckedCast<FixedArray>(base);
4436 }
4437
CopyPropertyArrayValues(Node * from_array,Node * to_array,Node * property_count,WriteBarrierMode barrier_mode,ParameterMode mode)4438 void CodeStubAssembler::CopyPropertyArrayValues(Node* from_array,
4439 Node* to_array,
4440 Node* property_count,
4441 WriteBarrierMode barrier_mode,
4442 ParameterMode mode) {
4443 CSA_SLOW_ASSERT(this, MatchesParameterMode(property_count, mode));
4444 CSA_SLOW_ASSERT(this, Word32Or(IsPropertyArray(from_array),
4445 IsEmptyFixedArray(from_array)));
4446 CSA_SLOW_ASSERT(this, IsPropertyArray(to_array));
4447 Comment("[ CopyPropertyArrayValues");
4448
4449 bool needs_write_barrier = barrier_mode == UPDATE_WRITE_BARRIER;
4450 Node* start = IntPtrOrSmiConstant(0, mode);
4451 ElementsKind kind = PACKED_ELEMENTS;
4452 BuildFastFixedArrayForEach(
4453 from_array, kind, start, property_count,
4454 [this, to_array, needs_write_barrier](Node* array, Node* offset) {
4455 Node* value = Load(MachineType::AnyTagged(), array, offset);
4456
4457 if (needs_write_barrier) {
4458 Store(to_array, offset, value);
4459 } else {
4460 StoreNoWriteBarrier(MachineRepresentation::kTagged, to_array, offset,
4461 value);
4462 }
4463 },
4464 mode);
4465 Comment("] CopyPropertyArrayValues");
4466 }
4467
CopyStringCharacters(Node * from_string,Node * to_string,TNode<IntPtrT> from_index,TNode<IntPtrT> to_index,TNode<IntPtrT> character_count,String::Encoding from_encoding,String::Encoding to_encoding)4468 void CodeStubAssembler::CopyStringCharacters(Node* from_string, Node* to_string,
4469 TNode<IntPtrT> from_index,
4470 TNode<IntPtrT> to_index,
4471 TNode<IntPtrT> character_count,
4472 String::Encoding from_encoding,
4473 String::Encoding to_encoding) {
4474 // Cannot assert IsString(from_string) and IsString(to_string) here because
4475 // CSA::SubString can pass in faked sequential strings when handling external
4476 // subject strings.
4477 bool from_one_byte = from_encoding == String::ONE_BYTE_ENCODING;
4478 bool to_one_byte = to_encoding == String::ONE_BYTE_ENCODING;
4479 DCHECK_IMPLIES(to_one_byte, from_one_byte);
4480 Comment("CopyStringCharacters %s -> %s",
4481 from_one_byte ? "ONE_BYTE_ENCODING" : "TWO_BYTE_ENCODING",
4482 to_one_byte ? "ONE_BYTE_ENCODING" : "TWO_BYTE_ENCODING");
4483
4484 ElementsKind from_kind = from_one_byte ? UINT8_ELEMENTS : UINT16_ELEMENTS;
4485 ElementsKind to_kind = to_one_byte ? UINT8_ELEMENTS : UINT16_ELEMENTS;
4486 STATIC_ASSERT(SeqOneByteString::kHeaderSize == SeqTwoByteString::kHeaderSize);
4487 int header_size = SeqOneByteString::kHeaderSize - kHeapObjectTag;
4488 Node* from_offset = ElementOffsetFromIndex(from_index, from_kind,
4489 INTPTR_PARAMETERS, header_size);
4490 Node* to_offset =
4491 ElementOffsetFromIndex(to_index, to_kind, INTPTR_PARAMETERS, header_size);
4492 Node* byte_count =
4493 ElementOffsetFromIndex(character_count, from_kind, INTPTR_PARAMETERS);
4494 Node* limit_offset = IntPtrAdd(from_offset, byte_count);
4495
4496 // Prepare the fast loop
4497 MachineType type =
4498 from_one_byte ? MachineType::Uint8() : MachineType::Uint16();
4499 MachineRepresentation rep = to_one_byte ? MachineRepresentation::kWord8
4500 : MachineRepresentation::kWord16;
4501 int from_increment = 1 << ElementsKindToShiftSize(from_kind);
4502 int to_increment = 1 << ElementsKindToShiftSize(to_kind);
4503
4504 VARIABLE(current_to_offset, MachineType::PointerRepresentation(), to_offset);
4505 VariableList vars({¤t_to_offset}, zone());
4506 int to_index_constant = 0, from_index_constant = 0;
4507 bool index_same = (from_encoding == to_encoding) &&
4508 (from_index == to_index ||
4509 (ToInt32Constant(from_index, from_index_constant) &&
4510 ToInt32Constant(to_index, to_index_constant) &&
4511 from_index_constant == to_index_constant));
4512 BuildFastLoop(vars, from_offset, limit_offset,
4513 [this, from_string, to_string, ¤t_to_offset, to_increment,
4514 type, rep, index_same](Node* offset) {
4515 Node* value = Load(type, from_string, offset);
4516 StoreNoWriteBarrier(
4517 rep, to_string,
4518 index_same ? offset : current_to_offset.value(), value);
4519 if (!index_same) {
4520 Increment(¤t_to_offset, to_increment);
4521 }
4522 },
4523 from_increment, INTPTR_PARAMETERS, IndexAdvanceMode::kPost);
4524 }
4525
LoadElementAndPrepareForStore(Node * array,Node * offset,ElementsKind from_kind,ElementsKind to_kind,Label * if_hole)4526 Node* CodeStubAssembler::LoadElementAndPrepareForStore(Node* array,
4527 Node* offset,
4528 ElementsKind from_kind,
4529 ElementsKind to_kind,
4530 Label* if_hole) {
4531 CSA_ASSERT(this, IsFixedArrayWithKind(array, from_kind));
4532 if (IsDoubleElementsKind(from_kind)) {
4533 Node* value =
4534 LoadDoubleWithHoleCheck(array, offset, if_hole, MachineType::Float64());
4535 if (!IsDoubleElementsKind(to_kind)) {
4536 value = AllocateHeapNumberWithValue(value);
4537 }
4538 return value;
4539
4540 } else {
4541 Node* value = Load(MachineType::AnyTagged(), array, offset);
4542 if (if_hole) {
4543 GotoIf(WordEqual(value, TheHoleConstant()), if_hole);
4544 }
4545 if (IsDoubleElementsKind(to_kind)) {
4546 if (IsSmiElementsKind(from_kind)) {
4547 value = SmiToFloat64(value);
4548 } else {
4549 value = LoadHeapNumberValue(value);
4550 }
4551 }
4552 return value;
4553 }
4554 }
4555
CalculateNewElementsCapacity(Node * old_capacity,ParameterMode mode)4556 Node* CodeStubAssembler::CalculateNewElementsCapacity(Node* old_capacity,
4557 ParameterMode mode) {
4558 CSA_SLOW_ASSERT(this, MatchesParameterMode(old_capacity, mode));
4559 Node* half_old_capacity = WordOrSmiShr(old_capacity, 1, mode);
4560 Node* new_capacity = IntPtrOrSmiAdd(half_old_capacity, old_capacity, mode);
4561 Node* padding =
4562 IntPtrOrSmiConstant(JSObject::kMinAddedElementsCapacity, mode);
4563 return IntPtrOrSmiAdd(new_capacity, padding, mode);
4564 }
4565
TryGrowElementsCapacity(Node * object,Node * elements,ElementsKind kind,Node * key,Label * bailout)4566 Node* CodeStubAssembler::TryGrowElementsCapacity(Node* object, Node* elements,
4567 ElementsKind kind, Node* key,
4568 Label* bailout) {
4569 CSA_SLOW_ASSERT(this, TaggedIsNotSmi(object));
4570 CSA_SLOW_ASSERT(this, IsFixedArrayWithKindOrEmpty(elements, kind));
4571 CSA_SLOW_ASSERT(this, TaggedIsSmi(key));
4572 Node* capacity = LoadFixedArrayBaseLength(elements);
4573
4574 ParameterMode mode = OptimalParameterMode();
4575 capacity = TaggedToParameter(capacity, mode);
4576 key = TaggedToParameter(key, mode);
4577
4578 return TryGrowElementsCapacity(object, elements, kind, key, capacity, mode,
4579 bailout);
4580 }
4581
TryGrowElementsCapacity(Node * object,Node * elements,ElementsKind kind,Node * key,Node * capacity,ParameterMode mode,Label * bailout)4582 Node* CodeStubAssembler::TryGrowElementsCapacity(Node* object, Node* elements,
4583 ElementsKind kind, Node* key,
4584 Node* capacity,
4585 ParameterMode mode,
4586 Label* bailout) {
4587 Comment("TryGrowElementsCapacity");
4588 CSA_SLOW_ASSERT(this, TaggedIsNotSmi(object));
4589 CSA_SLOW_ASSERT(this, IsFixedArrayWithKindOrEmpty(elements, kind));
4590 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity, mode));
4591 CSA_SLOW_ASSERT(this, MatchesParameterMode(key, mode));
4592
4593 // If the gap growth is too big, fall back to the runtime.
4594 Node* max_gap = IntPtrOrSmiConstant(JSObject::kMaxGap, mode);
4595 Node* max_capacity = IntPtrOrSmiAdd(capacity, max_gap, mode);
4596 GotoIf(UintPtrOrSmiGreaterThanOrEqual(key, max_capacity, mode), bailout);
4597
4598 // Calculate the capacity of the new backing store.
4599 Node* new_capacity = CalculateNewElementsCapacity(
4600 IntPtrOrSmiAdd(key, IntPtrOrSmiConstant(1, mode), mode), mode);
4601 return GrowElementsCapacity(object, elements, kind, kind, capacity,
4602 new_capacity, mode, bailout);
4603 }
4604
GrowElementsCapacity(Node * object,Node * elements,ElementsKind from_kind,ElementsKind to_kind,Node * capacity,Node * new_capacity,ParameterMode mode,Label * bailout)4605 Node* CodeStubAssembler::GrowElementsCapacity(
4606 Node* object, Node* elements, ElementsKind from_kind, ElementsKind to_kind,
4607 Node* capacity, Node* new_capacity, ParameterMode mode, Label* bailout) {
4608 Comment("[ GrowElementsCapacity");
4609 CSA_SLOW_ASSERT(this, TaggedIsNotSmi(object));
4610 CSA_SLOW_ASSERT(this, IsFixedArrayWithKindOrEmpty(elements, from_kind));
4611 CSA_SLOW_ASSERT(this, MatchesParameterMode(capacity, mode));
4612 CSA_SLOW_ASSERT(this, MatchesParameterMode(new_capacity, mode));
4613
4614 // If size of the allocation for the new capacity doesn't fit in a page
4615 // that we can bump-pointer allocate from, fall back to the runtime.
4616 int max_size = FixedArrayBase::GetMaxLengthForNewSpaceAllocation(to_kind);
4617 GotoIf(UintPtrOrSmiGreaterThanOrEqual(
4618 new_capacity, IntPtrOrSmiConstant(max_size, mode), mode),
4619 bailout);
4620
4621 // Allocate the new backing store.
4622 Node* new_elements = AllocateFixedArray(to_kind, new_capacity, mode);
4623
4624 // Copy the elements from the old elements store to the new.
4625 // The size-check above guarantees that the |new_elements| is allocated
4626 // in new space so we can skip the write barrier.
4627 CopyFixedArrayElements(from_kind, elements, to_kind, new_elements, capacity,
4628 new_capacity, SKIP_WRITE_BARRIER, mode);
4629
4630 StoreObjectField(object, JSObject::kElementsOffset, new_elements);
4631 Comment("] GrowElementsCapacity");
4632 return new_elements;
4633 }
4634
InitializeAllocationMemento(Node * base,Node * base_allocation_size,Node * allocation_site)4635 void CodeStubAssembler::InitializeAllocationMemento(Node* base,
4636 Node* base_allocation_size,
4637 Node* allocation_site) {
4638 Comment("[Initialize AllocationMemento");
4639 Node* memento = InnerAllocate(base, base_allocation_size);
4640 StoreMapNoWriteBarrier(memento, Heap::kAllocationMementoMapRootIndex);
4641 StoreObjectFieldNoWriteBarrier(
4642 memento, AllocationMemento::kAllocationSiteOffset, allocation_site);
4643 if (FLAG_allocation_site_pretenuring) {
4644 TNode<Int32T> count = UncheckedCast<Int32T>(LoadObjectField(
4645 allocation_site, AllocationSite::kPretenureCreateCountOffset,
4646 MachineType::Int32()));
4647
4648 TNode<Int32T> incremented_count = Int32Add(count, Int32Constant(1));
4649 StoreObjectFieldNoWriteBarrier(
4650 allocation_site, AllocationSite::kPretenureCreateCountOffset,
4651 incremented_count, MachineRepresentation::kWord32);
4652 }
4653 Comment("]");
4654 }
4655
TryTaggedToFloat64(Node * value,Label * if_valueisnotnumber)4656 Node* CodeStubAssembler::TryTaggedToFloat64(Node* value,
4657 Label* if_valueisnotnumber) {
4658 Label out(this);
4659 VARIABLE(var_result, MachineRepresentation::kFloat64);
4660
4661 // Check if the {value} is a Smi or a HeapObject.
4662 Label if_valueissmi(this), if_valueisnotsmi(this);
4663 Branch(TaggedIsSmi(value), &if_valueissmi, &if_valueisnotsmi);
4664
4665 BIND(&if_valueissmi);
4666 {
4667 // Convert the Smi {value}.
4668 var_result.Bind(SmiToFloat64(value));
4669 Goto(&out);
4670 }
4671
4672 BIND(&if_valueisnotsmi);
4673 {
4674 // Check if {value} is a HeapNumber.
4675 Label if_valueisheapnumber(this);
4676 Branch(IsHeapNumber(value), &if_valueisheapnumber, if_valueisnotnumber);
4677
4678 BIND(&if_valueisheapnumber);
4679 {
4680 // Load the floating point value.
4681 var_result.Bind(LoadHeapNumberValue(value));
4682 Goto(&out);
4683 }
4684 }
4685 BIND(&out);
4686 return var_result.value();
4687 }
4688
TruncateTaggedToFloat64(Node * context,Node * value)4689 Node* CodeStubAssembler::TruncateTaggedToFloat64(Node* context, Node* value) {
4690 // We might need to loop once due to ToNumber conversion.
4691 VARIABLE(var_value, MachineRepresentation::kTagged);
4692 VARIABLE(var_result, MachineRepresentation::kFloat64);
4693 Label loop(this, &var_value), done_loop(this, &var_result);
4694 var_value.Bind(value);
4695 Goto(&loop);
4696 BIND(&loop);
4697 {
4698 Label if_valueisnotnumber(this, Label::kDeferred);
4699
4700 // Load the current {value}.
4701 value = var_value.value();
4702
4703 // Convert {value} to Float64 if it is a number and convert it to a number
4704 // otherwise.
4705 Node* const result = TryTaggedToFloat64(value, &if_valueisnotnumber);
4706 var_result.Bind(result);
4707 Goto(&done_loop);
4708
4709 BIND(&if_valueisnotnumber);
4710 {
4711 // Convert the {value} to a Number first.
4712 var_value.Bind(CallBuiltin(Builtins::kNonNumberToNumber, context, value));
4713 Goto(&loop);
4714 }
4715 }
4716 BIND(&done_loop);
4717 return var_result.value();
4718 }
4719
TruncateTaggedToWord32(Node * context,Node * value)4720 Node* CodeStubAssembler::TruncateTaggedToWord32(Node* context, Node* value) {
4721 VARIABLE(var_result, MachineRepresentation::kWord32);
4722 Label done(this);
4723 TaggedToWord32OrBigIntImpl<Object::Conversion::kToNumber>(context, value,
4724 &done, &var_result);
4725 BIND(&done);
4726 return var_result.value();
4727 }
4728
4729 // Truncate {value} to word32 and jump to {if_number} if it is a Number,
4730 // or find that it is a BigInt and jump to {if_bigint}.
TaggedToWord32OrBigInt(Node * context,Node * value,Label * if_number,Variable * var_word32,Label * if_bigint,Variable * var_bigint)4731 void CodeStubAssembler::TaggedToWord32OrBigInt(Node* context, Node* value,
4732 Label* if_number,
4733 Variable* var_word32,
4734 Label* if_bigint,
4735 Variable* var_bigint) {
4736 TaggedToWord32OrBigIntImpl<Object::Conversion::kToNumeric>(
4737 context, value, if_number, var_word32, if_bigint, var_bigint);
4738 }
4739
4740 // Truncate {value} to word32 and jump to {if_number} if it is a Number,
4741 // or find that it is a BigInt and jump to {if_bigint}. In either case,
4742 // store the type feedback in {var_feedback}.
TaggedToWord32OrBigIntWithFeedback(Node * context,Node * value,Label * if_number,Variable * var_word32,Label * if_bigint,Variable * var_bigint,Variable * var_feedback)4743 void CodeStubAssembler::TaggedToWord32OrBigIntWithFeedback(
4744 Node* context, Node* value, Label* if_number, Variable* var_word32,
4745 Label* if_bigint, Variable* var_bigint, Variable* var_feedback) {
4746 TaggedToWord32OrBigIntImpl<Object::Conversion::kToNumeric>(
4747 context, value, if_number, var_word32, if_bigint, var_bigint,
4748 var_feedback);
4749 }
4750
4751 template <Object::Conversion conversion>
TaggedToWord32OrBigIntImpl(Node * context,Node * value,Label * if_number,Variable * var_word32,Label * if_bigint,Variable * var_bigint,Variable * var_feedback)4752 void CodeStubAssembler::TaggedToWord32OrBigIntImpl(
4753 Node* context, Node* value, Label* if_number, Variable* var_word32,
4754 Label* if_bigint, Variable* var_bigint, Variable* var_feedback) {
4755 DCHECK(var_word32->rep() == MachineRepresentation::kWord32);
4756 DCHECK(var_bigint == nullptr ||
4757 var_bigint->rep() == MachineRepresentation::kTagged);
4758 DCHECK(var_feedback == nullptr ||
4759 var_feedback->rep() == MachineRepresentation::kTaggedSigned);
4760
4761 // We might need to loop after conversion.
4762 VARIABLE(var_value, MachineRepresentation::kTagged, value);
4763 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kNone);
4764 Variable* loop_vars[] = {&var_value, var_feedback};
4765 int num_vars =
4766 var_feedback != nullptr ? arraysize(loop_vars) : arraysize(loop_vars) - 1;
4767 Label loop(this, num_vars, loop_vars);
4768 Goto(&loop);
4769 BIND(&loop);
4770 {
4771 value = var_value.value();
4772 Label not_smi(this), is_heap_number(this), is_oddball(this),
4773 is_bigint(this);
4774 GotoIf(TaggedIsNotSmi(value), ¬_smi);
4775
4776 // {value} is a Smi.
4777 var_word32->Bind(SmiToInt32(value));
4778 CombineFeedback(var_feedback, BinaryOperationFeedback::kSignedSmall);
4779 Goto(if_number);
4780
4781 BIND(¬_smi);
4782 Node* map = LoadMap(value);
4783 GotoIf(IsHeapNumberMap(map), &is_heap_number);
4784 Node* instance_type = LoadMapInstanceType(map);
4785 if (conversion == Object::Conversion::kToNumeric) {
4786 GotoIf(IsBigIntInstanceType(instance_type), &is_bigint);
4787 }
4788
4789 // Not HeapNumber (or BigInt if conversion == kToNumeric).
4790 {
4791 if (var_feedback != nullptr) {
4792 // We do not require an Or with earlier feedback here because once we
4793 // convert the value to a Numeric, we cannot reach this path. We can
4794 // only reach this path on the first pass when the feedback is kNone.
4795 CSA_ASSERT(this, SmiEqual(CAST(var_feedback->value()),
4796 SmiConstant(BinaryOperationFeedback::kNone)));
4797 }
4798 GotoIf(InstanceTypeEqual(instance_type, ODDBALL_TYPE), &is_oddball);
4799 // Not an oddball either -> convert.
4800 auto builtin = conversion == Object::Conversion::kToNumeric
4801 ? Builtins::kNonNumberToNumeric
4802 : Builtins::kNonNumberToNumber;
4803 var_value.Bind(CallBuiltin(builtin, context, value));
4804 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kAny);
4805 Goto(&loop);
4806
4807 BIND(&is_oddball);
4808 var_value.Bind(LoadObjectField(value, Oddball::kToNumberOffset));
4809 OverwriteFeedback(var_feedback,
4810 BinaryOperationFeedback::kNumberOrOddball);
4811 Goto(&loop);
4812 }
4813
4814 BIND(&is_heap_number);
4815 var_word32->Bind(TruncateHeapNumberValueToWord32(value));
4816 CombineFeedback(var_feedback, BinaryOperationFeedback::kNumber);
4817 Goto(if_number);
4818
4819 if (conversion == Object::Conversion::kToNumeric) {
4820 BIND(&is_bigint);
4821 var_bigint->Bind(value);
4822 CombineFeedback(var_feedback, BinaryOperationFeedback::kBigInt);
4823 Goto(if_bigint);
4824 }
4825 }
4826 }
4827
TruncateHeapNumberValueToWord32(Node * object)4828 Node* CodeStubAssembler::TruncateHeapNumberValueToWord32(Node* object) {
4829 Node* value = LoadHeapNumberValue(object);
4830 return TruncateFloat64ToWord32(value);
4831 }
4832
TryHeapNumberToSmi(TNode<HeapNumber> number,TVariable<Smi> & var_result_smi,Label * if_smi)4833 void CodeStubAssembler::TryHeapNumberToSmi(TNode<HeapNumber> number,
4834 TVariable<Smi>& var_result_smi,
4835 Label* if_smi) {
4836 TNode<Float64T> value = LoadHeapNumberValue(number);
4837 TryFloat64ToSmi(value, var_result_smi, if_smi);
4838 }
4839
TryFloat64ToSmi(TNode<Float64T> value,TVariable<Smi> & var_result_smi,Label * if_smi)4840 void CodeStubAssembler::TryFloat64ToSmi(TNode<Float64T> value,
4841 TVariable<Smi>& var_result_smi,
4842 Label* if_smi) {
4843 TNode<Int32T> value32 = RoundFloat64ToInt32(value);
4844 TNode<Float64T> value64 = ChangeInt32ToFloat64(value32);
4845
4846 Label if_int32(this), if_heap_number(this, Label::kDeferred);
4847
4848 GotoIfNot(Float64Equal(value, value64), &if_heap_number);
4849 GotoIfNot(Word32Equal(value32, Int32Constant(0)), &if_int32);
4850 Branch(Int32LessThan(UncheckedCast<Int32T>(Float64ExtractHighWord32(value)),
4851 Int32Constant(0)),
4852 &if_heap_number, &if_int32);
4853
4854 TVARIABLE(Number, var_result);
4855 BIND(&if_int32);
4856 {
4857 if (SmiValuesAre32Bits()) {
4858 var_result_smi = SmiTag(ChangeInt32ToIntPtr(value32));
4859 } else {
4860 DCHECK(SmiValuesAre31Bits());
4861 TNode<PairT<Int32T, BoolT>> pair = Int32AddWithOverflow(value32, value32);
4862 TNode<BoolT> overflow = Projection<1>(pair);
4863 GotoIf(overflow, &if_heap_number);
4864 var_result_smi =
4865 BitcastWordToTaggedSigned(ChangeInt32ToIntPtr(Projection<0>(pair)));
4866 }
4867 Goto(if_smi);
4868 }
4869 BIND(&if_heap_number);
4870 }
4871
ChangeFloat64ToTagged(SloppyTNode<Float64T> value)4872 TNode<Number> CodeStubAssembler::ChangeFloat64ToTagged(
4873 SloppyTNode<Float64T> value) {
4874 Label if_smi(this), done(this);
4875 TVARIABLE(Smi, var_smi_result);
4876 TVARIABLE(Number, var_result);
4877 TryFloat64ToSmi(value, var_smi_result, &if_smi);
4878
4879 var_result = AllocateHeapNumberWithValue(value);
4880 Goto(&done);
4881
4882 BIND(&if_smi);
4883 {
4884 var_result = var_smi_result.value();
4885 Goto(&done);
4886 }
4887 BIND(&done);
4888 return var_result.value();
4889 }
4890
ChangeInt32ToTagged(SloppyTNode<Int32T> value)4891 TNode<Number> CodeStubAssembler::ChangeInt32ToTagged(
4892 SloppyTNode<Int32T> value) {
4893 if (SmiValuesAre32Bits()) {
4894 return SmiTag(ChangeInt32ToIntPtr(value));
4895 }
4896 DCHECK(SmiValuesAre31Bits());
4897 TVARIABLE(Number, var_result);
4898 TNode<PairT<Int32T, BoolT>> pair = Int32AddWithOverflow(value, value);
4899 TNode<BoolT> overflow = Projection<1>(pair);
4900 Label if_overflow(this, Label::kDeferred), if_notoverflow(this),
4901 if_join(this);
4902 Branch(overflow, &if_overflow, &if_notoverflow);
4903 BIND(&if_overflow);
4904 {
4905 TNode<Float64T> value64 = ChangeInt32ToFloat64(value);
4906 TNode<HeapNumber> result = AllocateHeapNumberWithValue(value64);
4907 var_result = result;
4908 Goto(&if_join);
4909 }
4910 BIND(&if_notoverflow);
4911 {
4912 TNode<IntPtrT> almost_tagged_value =
4913 ChangeInt32ToIntPtr(Projection<0>(pair));
4914 TNode<Smi> result = BitcastWordToTaggedSigned(almost_tagged_value);
4915 var_result = result;
4916 Goto(&if_join);
4917 }
4918 BIND(&if_join);
4919 return var_result.value();
4920 }
4921
ChangeUint32ToTagged(SloppyTNode<Uint32T> value)4922 TNode<Number> CodeStubAssembler::ChangeUint32ToTagged(
4923 SloppyTNode<Uint32T> value) {
4924 Label if_overflow(this, Label::kDeferred), if_not_overflow(this),
4925 if_join(this);
4926 TVARIABLE(Number, var_result);
4927 // If {value} > 2^31 - 1, we need to store it in a HeapNumber.
4928 Branch(Uint32LessThan(Int32Constant(Smi::kMaxValue), value), &if_overflow,
4929 &if_not_overflow);
4930
4931 BIND(&if_not_overflow);
4932 {
4933 if (SmiValuesAre32Bits()) {
4934 var_result =
4935 SmiTag(ReinterpretCast<IntPtrT>(ChangeUint32ToUint64(value)));
4936 } else {
4937 DCHECK(SmiValuesAre31Bits());
4938 // If tagging {value} results in an overflow, we need to use a HeapNumber
4939 // to represent it.
4940 // TODO(tebbi): This overflow can never happen.
4941 TNode<PairT<Int32T, BoolT>> pair = Int32AddWithOverflow(
4942 UncheckedCast<Int32T>(value), UncheckedCast<Int32T>(value));
4943 TNode<BoolT> overflow = Projection<1>(pair);
4944 GotoIf(overflow, &if_overflow);
4945
4946 TNode<IntPtrT> almost_tagged_value =
4947 ChangeInt32ToIntPtr(Projection<0>(pair));
4948 var_result = BitcastWordToTaggedSigned(almost_tagged_value);
4949 }
4950 }
4951 Goto(&if_join);
4952
4953 BIND(&if_overflow);
4954 {
4955 TNode<Float64T> float64_value = ChangeUint32ToFloat64(value);
4956 var_result = AllocateHeapNumberWithValue(float64_value);
4957 }
4958 Goto(&if_join);
4959
4960 BIND(&if_join);
4961 return var_result.value();
4962 }
4963
ToThisString(Node * context,Node * value,char const * method_name)4964 TNode<String> CodeStubAssembler::ToThisString(Node* context, Node* value,
4965 char const* method_name) {
4966 VARIABLE(var_value, MachineRepresentation::kTagged, value);
4967
4968 // Check if the {value} is a Smi or a HeapObject.
4969 Label if_valueissmi(this, Label::kDeferred), if_valueisnotsmi(this),
4970 if_valueisstring(this);
4971 Branch(TaggedIsSmi(value), &if_valueissmi, &if_valueisnotsmi);
4972 BIND(&if_valueisnotsmi);
4973 {
4974 // Load the instance type of the {value}.
4975 Node* value_instance_type = LoadInstanceType(value);
4976
4977 // Check if the {value} is already String.
4978 Label if_valueisnotstring(this, Label::kDeferred);
4979 Branch(IsStringInstanceType(value_instance_type), &if_valueisstring,
4980 &if_valueisnotstring);
4981 BIND(&if_valueisnotstring);
4982 {
4983 // Check if the {value} is null.
4984 Label if_valueisnullorundefined(this, Label::kDeferred);
4985 GotoIf(IsNullOrUndefined(value), &if_valueisnullorundefined);
4986 // Convert the {value} to a String.
4987 var_value.Bind(CallBuiltin(Builtins::kToString, context, value));
4988 Goto(&if_valueisstring);
4989
4990 BIND(&if_valueisnullorundefined);
4991 {
4992 // The {value} is either null or undefined.
4993 ThrowTypeError(context, MessageTemplate::kCalledOnNullOrUndefined,
4994 method_name);
4995 }
4996 }
4997 }
4998 BIND(&if_valueissmi);
4999 {
5000 // The {value} is a Smi, convert it to a String.
5001 var_value.Bind(CallBuiltin(Builtins::kNumberToString, context, value));
5002 Goto(&if_valueisstring);
5003 }
5004 BIND(&if_valueisstring);
5005 return CAST(var_value.value());
5006 }
5007
ChangeNumberToUint32(TNode<Number> value)5008 TNode<Uint32T> CodeStubAssembler::ChangeNumberToUint32(TNode<Number> value) {
5009 TVARIABLE(Uint32T, var_result);
5010 Label if_smi(this), if_heapnumber(this, Label::kDeferred), done(this);
5011 Branch(TaggedIsSmi(value), &if_smi, &if_heapnumber);
5012 BIND(&if_smi);
5013 {
5014 var_result = Unsigned(SmiToInt32(CAST(value)));
5015 Goto(&done);
5016 }
5017 BIND(&if_heapnumber);
5018 {
5019 var_result = ChangeFloat64ToUint32(LoadHeapNumberValue(CAST(value)));
5020 Goto(&done);
5021 }
5022 BIND(&done);
5023 return var_result.value();
5024 }
5025
ChangeNumberToFloat64(SloppyTNode<Number> value)5026 TNode<Float64T> CodeStubAssembler::ChangeNumberToFloat64(
5027 SloppyTNode<Number> value) {
5028 // TODO(tebbi): Remove assert once argument is TNode instead of SloppyTNode.
5029 CSA_SLOW_ASSERT(this, IsNumber(value));
5030 TVARIABLE(Float64T, result);
5031 Label smi(this);
5032 Label done(this, &result);
5033 GotoIf(TaggedIsSmi(value), &smi);
5034 result = LoadHeapNumberValue(CAST(value));
5035 Goto(&done);
5036
5037 BIND(&smi);
5038 {
5039 result = SmiToFloat64(CAST(value));
5040 Goto(&done);
5041 }
5042
5043 BIND(&done);
5044 return result.value();
5045 }
5046
ChangeNonnegativeNumberToUintPtr(TNode<Number> value)5047 TNode<UintPtrT> CodeStubAssembler::ChangeNonnegativeNumberToUintPtr(
5048 TNode<Number> value) {
5049 TVARIABLE(UintPtrT, result);
5050 Label done(this, &result);
5051 Branch(TaggedIsSmi(value),
5052 [&] {
5053 TNode<Smi> value_smi = CAST(value);
5054 CSA_SLOW_ASSERT(this, SmiLessThan(SmiConstant(-1), value_smi));
5055 result = UncheckedCast<UintPtrT>(SmiToIntPtr(value_smi));
5056 Goto(&done);
5057 },
5058 [&] {
5059 TNode<HeapNumber> value_hn = CAST(value);
5060 result = ChangeFloat64ToUintPtr(LoadHeapNumberValue(value_hn));
5061 Goto(&done);
5062 });
5063
5064 BIND(&done);
5065 return result.value();
5066 }
5067
TimesPointerSize(SloppyTNode<WordT> value)5068 TNode<WordT> CodeStubAssembler::TimesPointerSize(SloppyTNode<WordT> value) {
5069 return WordShl(value, kPointerSizeLog2);
5070 }
5071
TimesDoubleSize(SloppyTNode<WordT> value)5072 TNode<WordT> CodeStubAssembler::TimesDoubleSize(SloppyTNode<WordT> value) {
5073 return WordShl(value, kDoubleSizeLog2);
5074 }
5075
ToThisValue(Node * context,Node * value,PrimitiveType primitive_type,char const * method_name)5076 Node* CodeStubAssembler::ToThisValue(Node* context, Node* value,
5077 PrimitiveType primitive_type,
5078 char const* method_name) {
5079 // We might need to loop once due to JSValue unboxing.
5080 VARIABLE(var_value, MachineRepresentation::kTagged, value);
5081 Label loop(this, &var_value), done_loop(this),
5082 done_throw(this, Label::kDeferred);
5083 Goto(&loop);
5084 BIND(&loop);
5085 {
5086 // Load the current {value}.
5087 value = var_value.value();
5088
5089 // Check if the {value} is a Smi or a HeapObject.
5090 GotoIf(TaggedIsSmi(value), (primitive_type == PrimitiveType::kNumber)
5091 ? &done_loop
5092 : &done_throw);
5093
5094 // Load the map of the {value}.
5095 Node* value_map = LoadMap(value);
5096
5097 // Load the instance type of the {value}.
5098 Node* value_instance_type = LoadMapInstanceType(value_map);
5099
5100 // Check if {value} is a JSValue.
5101 Label if_valueisvalue(this, Label::kDeferred), if_valueisnotvalue(this);
5102 Branch(InstanceTypeEqual(value_instance_type, JS_VALUE_TYPE),
5103 &if_valueisvalue, &if_valueisnotvalue);
5104
5105 BIND(&if_valueisvalue);
5106 {
5107 // Load the actual value from the {value}.
5108 var_value.Bind(LoadObjectField(value, JSValue::kValueOffset));
5109 Goto(&loop);
5110 }
5111
5112 BIND(&if_valueisnotvalue);
5113 {
5114 switch (primitive_type) {
5115 case PrimitiveType::kBoolean:
5116 GotoIf(WordEqual(value_map, BooleanMapConstant()), &done_loop);
5117 break;
5118 case PrimitiveType::kNumber:
5119 GotoIf(WordEqual(value_map, HeapNumberMapConstant()), &done_loop);
5120 break;
5121 case PrimitiveType::kString:
5122 GotoIf(IsStringInstanceType(value_instance_type), &done_loop);
5123 break;
5124 case PrimitiveType::kSymbol:
5125 GotoIf(WordEqual(value_map, SymbolMapConstant()), &done_loop);
5126 break;
5127 }
5128 Goto(&done_throw);
5129 }
5130 }
5131
5132 BIND(&done_throw);
5133 {
5134 const char* primitive_name = nullptr;
5135 switch (primitive_type) {
5136 case PrimitiveType::kBoolean:
5137 primitive_name = "Boolean";
5138 break;
5139 case PrimitiveType::kNumber:
5140 primitive_name = "Number";
5141 break;
5142 case PrimitiveType::kString:
5143 primitive_name = "String";
5144 break;
5145 case PrimitiveType::kSymbol:
5146 primitive_name = "Symbol";
5147 break;
5148 }
5149 CHECK_NOT_NULL(primitive_name);
5150
5151 // The {value} is not a compatible receiver for this method.
5152 ThrowTypeError(context, MessageTemplate::kNotGeneric, method_name,
5153 primitive_name);
5154 }
5155
5156 BIND(&done_loop);
5157 return var_value.value();
5158 }
5159
ThrowIfNotInstanceType(Node * context,Node * value,InstanceType instance_type,char const * method_name)5160 Node* CodeStubAssembler::ThrowIfNotInstanceType(Node* context, Node* value,
5161 InstanceType instance_type,
5162 char const* method_name) {
5163 Label out(this), throw_exception(this, Label::kDeferred);
5164 VARIABLE(var_value_map, MachineRepresentation::kTagged);
5165
5166 GotoIf(TaggedIsSmi(value), &throw_exception);
5167
5168 // Load the instance type of the {value}.
5169 var_value_map.Bind(LoadMap(value));
5170 Node* const value_instance_type = LoadMapInstanceType(var_value_map.value());
5171
5172 Branch(Word32Equal(value_instance_type, Int32Constant(instance_type)), &out,
5173 &throw_exception);
5174
5175 // The {value} is not a compatible receiver for this method.
5176 BIND(&throw_exception);
5177 ThrowTypeError(context, MessageTemplate::kIncompatibleMethodReceiver,
5178 StringConstant(method_name), value);
5179
5180 BIND(&out);
5181 return var_value_map.value();
5182 }
5183
ThrowIfNotJSReceiver(Node * context,Node * value,MessageTemplate::Template msg_template,const char * method_name)5184 Node* CodeStubAssembler::ThrowIfNotJSReceiver(
5185 Node* context, Node* value, MessageTemplate::Template msg_template,
5186 const char* method_name) {
5187 Label out(this), throw_exception(this, Label::kDeferred);
5188 VARIABLE(var_value_map, MachineRepresentation::kTagged);
5189
5190 GotoIf(TaggedIsSmi(value), &throw_exception);
5191
5192 // Load the instance type of the {value}.
5193 var_value_map.Bind(LoadMap(value));
5194 Node* const value_instance_type = LoadMapInstanceType(var_value_map.value());
5195
5196 Branch(IsJSReceiverInstanceType(value_instance_type), &out, &throw_exception);
5197
5198 // The {value} is not a compatible receiver for this method.
5199 BIND(&throw_exception);
5200 ThrowTypeError(context, msg_template, method_name);
5201
5202 BIND(&out);
5203 return var_value_map.value();
5204 }
5205
ThrowRangeError(Node * context,MessageTemplate::Template message,Node * arg0,Node * arg1,Node * arg2)5206 void CodeStubAssembler::ThrowRangeError(Node* context,
5207 MessageTemplate::Template message,
5208 Node* arg0, Node* arg1, Node* arg2) {
5209 Node* template_index = SmiConstant(message);
5210 if (arg0 == nullptr) {
5211 CallRuntime(Runtime::kThrowRangeError, context, template_index);
5212 } else if (arg1 == nullptr) {
5213 CallRuntime(Runtime::kThrowRangeError, context, template_index, arg0);
5214 } else if (arg2 == nullptr) {
5215 CallRuntime(Runtime::kThrowRangeError, context, template_index, arg0, arg1);
5216 } else {
5217 CallRuntime(Runtime::kThrowRangeError, context, template_index, arg0, arg1,
5218 arg2);
5219 }
5220 Unreachable();
5221 }
5222
ThrowTypeError(Node * context,MessageTemplate::Template message,char const * arg0,char const * arg1)5223 void CodeStubAssembler::ThrowTypeError(Node* context,
5224 MessageTemplate::Template message,
5225 char const* arg0, char const* arg1) {
5226 Node* arg0_node = nullptr;
5227 if (arg0) arg0_node = StringConstant(arg0);
5228 Node* arg1_node = nullptr;
5229 if (arg1) arg1_node = StringConstant(arg1);
5230 ThrowTypeError(context, message, arg0_node, arg1_node);
5231 }
5232
ThrowTypeError(Node * context,MessageTemplate::Template message,Node * arg0,Node * arg1,Node * arg2)5233 void CodeStubAssembler::ThrowTypeError(Node* context,
5234 MessageTemplate::Template message,
5235 Node* arg0, Node* arg1, Node* arg2) {
5236 Node* template_index = SmiConstant(message);
5237 if (arg0 == nullptr) {
5238 CallRuntime(Runtime::kThrowTypeError, context, template_index);
5239 } else if (arg1 == nullptr) {
5240 CallRuntime(Runtime::kThrowTypeError, context, template_index, arg0);
5241 } else if (arg2 == nullptr) {
5242 CallRuntime(Runtime::kThrowTypeError, context, template_index, arg0, arg1);
5243 } else {
5244 CallRuntime(Runtime::kThrowTypeError, context, template_index, arg0, arg1,
5245 arg2);
5246 }
5247 Unreachable();
5248 }
5249
InstanceTypeEqual(SloppyTNode<Int32T> instance_type,int type)5250 TNode<BoolT> CodeStubAssembler::InstanceTypeEqual(
5251 SloppyTNode<Int32T> instance_type, int type) {
5252 return Word32Equal(instance_type, Int32Constant(type));
5253 }
5254
IsDictionaryMap(SloppyTNode<Map> map)5255 TNode<BoolT> CodeStubAssembler::IsDictionaryMap(SloppyTNode<Map> map) {
5256 CSA_SLOW_ASSERT(this, IsMap(map));
5257 Node* bit_field3 = LoadMapBitField3(map);
5258 return IsSetWord32<Map::IsDictionaryMapBit>(bit_field3);
5259 }
5260
IsExtensibleMap(SloppyTNode<Map> map)5261 TNode<BoolT> CodeStubAssembler::IsExtensibleMap(SloppyTNode<Map> map) {
5262 CSA_ASSERT(this, IsMap(map));
5263 return IsSetWord32<Map::IsExtensibleBit>(LoadMapBitField2(map));
5264 }
5265
IsCallableMap(SloppyTNode<Map> map)5266 TNode<BoolT> CodeStubAssembler::IsCallableMap(SloppyTNode<Map> map) {
5267 CSA_ASSERT(this, IsMap(map));
5268 return IsSetWord32<Map::IsCallableBit>(LoadMapBitField(map));
5269 }
5270
IsDeprecatedMap(SloppyTNode<Map> map)5271 TNode<BoolT> CodeStubAssembler::IsDeprecatedMap(SloppyTNode<Map> map) {
5272 CSA_ASSERT(this, IsMap(map));
5273 return IsSetWord32<Map::IsDeprecatedBit>(LoadMapBitField3(map));
5274 }
5275
IsUndetectableMap(SloppyTNode<Map> map)5276 TNode<BoolT> CodeStubAssembler::IsUndetectableMap(SloppyTNode<Map> map) {
5277 CSA_ASSERT(this, IsMap(map));
5278 return IsSetWord32<Map::IsUndetectableBit>(LoadMapBitField(map));
5279 }
5280
IsNoElementsProtectorCellInvalid()5281 TNode<BoolT> CodeStubAssembler::IsNoElementsProtectorCellInvalid() {
5282 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5283 Node* cell = LoadRoot(Heap::kNoElementsProtectorRootIndex);
5284 Node* cell_value = LoadObjectField(cell, PropertyCell::kValueOffset);
5285 return WordEqual(cell_value, invalid);
5286 }
5287
IsPromiseResolveProtectorCellInvalid()5288 TNode<BoolT> CodeStubAssembler::IsPromiseResolveProtectorCellInvalid() {
5289 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5290 Node* cell = LoadRoot(Heap::kPromiseResolveProtectorRootIndex);
5291 Node* cell_value = LoadObjectField(cell, Cell::kValueOffset);
5292 return WordEqual(cell_value, invalid);
5293 }
5294
IsPromiseThenProtectorCellInvalid()5295 TNode<BoolT> CodeStubAssembler::IsPromiseThenProtectorCellInvalid() {
5296 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5297 Node* cell = LoadRoot(Heap::kPromiseThenProtectorRootIndex);
5298 Node* cell_value = LoadObjectField(cell, PropertyCell::kValueOffset);
5299 return WordEqual(cell_value, invalid);
5300 }
5301
IsArraySpeciesProtectorCellInvalid()5302 TNode<BoolT> CodeStubAssembler::IsArraySpeciesProtectorCellInvalid() {
5303 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5304 Node* cell = LoadRoot(Heap::kArraySpeciesProtectorRootIndex);
5305 Node* cell_value = LoadObjectField(cell, PropertyCell::kValueOffset);
5306 return WordEqual(cell_value, invalid);
5307 }
5308
IsTypedArraySpeciesProtectorCellInvalid()5309 TNode<BoolT> CodeStubAssembler::IsTypedArraySpeciesProtectorCellInvalid() {
5310 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5311 Node* cell = LoadRoot(Heap::kTypedArraySpeciesProtectorRootIndex);
5312 Node* cell_value = LoadObjectField(cell, PropertyCell::kValueOffset);
5313 return WordEqual(cell_value, invalid);
5314 }
5315
IsPromiseSpeciesProtectorCellInvalid()5316 TNode<BoolT> CodeStubAssembler::IsPromiseSpeciesProtectorCellInvalid() {
5317 Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
5318 Node* cell = LoadRoot(Heap::kPromiseSpeciesProtectorRootIndex);
5319 Node* cell_value = LoadObjectField(cell, PropertyCell::kValueOffset);
5320 return WordEqual(cell_value, invalid);
5321 }
5322
IsPrototypeInitialArrayPrototype(SloppyTNode<Context> context,SloppyTNode<Map> map)5323 TNode<BoolT> CodeStubAssembler::IsPrototypeInitialArrayPrototype(
5324 SloppyTNode<Context> context, SloppyTNode<Map> map) {
5325 Node* const native_context = LoadNativeContext(context);
5326 Node* const initial_array_prototype = LoadContextElement(
5327 native_context, Context::INITIAL_ARRAY_PROTOTYPE_INDEX);
5328 Node* proto = LoadMapPrototype(map);
5329 return WordEqual(proto, initial_array_prototype);
5330 }
5331
IsPrototypeTypedArrayPrototype(SloppyTNode<Context> context,SloppyTNode<Map> map)5332 TNode<BoolT> CodeStubAssembler::IsPrototypeTypedArrayPrototype(
5333 SloppyTNode<Context> context, SloppyTNode<Map> map) {
5334 TNode<Context> const native_context = LoadNativeContext(context);
5335 TNode<Object> const typed_array_prototype =
5336 LoadContextElement(native_context, Context::TYPED_ARRAY_PROTOTYPE_INDEX);
5337 TNode<HeapObject> proto = LoadMapPrototype(map);
5338 TNode<HeapObject> proto_of_proto = Select<HeapObject>(
5339 IsJSObject(proto), [=] { return LoadMapPrototype(LoadMap(proto)); },
5340 [=] { return NullConstant(); });
5341 return WordEqual(proto_of_proto, typed_array_prototype);
5342 }
5343
TaggedIsCallable(TNode<Object> object)5344 TNode<BoolT> CodeStubAssembler::TaggedIsCallable(TNode<Object> object) {
5345 return Select<BoolT>(
5346 TaggedIsSmi(object), [=] { return Int32FalseConstant(); },
5347 [=] {
5348 return IsCallableMap(LoadMap(UncheckedCast<HeapObject>(object)));
5349 });
5350 }
5351
IsCallable(SloppyTNode<HeapObject> object)5352 TNode<BoolT> CodeStubAssembler::IsCallable(SloppyTNode<HeapObject> object) {
5353 return IsCallableMap(LoadMap(object));
5354 }
5355
IsCell(SloppyTNode<HeapObject> object)5356 TNode<BoolT> CodeStubAssembler::IsCell(SloppyTNode<HeapObject> object) {
5357 return WordEqual(LoadMap(object), LoadRoot(Heap::kCellMapRootIndex));
5358 }
5359
IsCode(SloppyTNode<HeapObject> object)5360 TNode<BoolT> CodeStubAssembler::IsCode(SloppyTNode<HeapObject> object) {
5361 return HasInstanceType(object, CODE_TYPE);
5362 }
5363
IsConstructorMap(SloppyTNode<Map> map)5364 TNode<BoolT> CodeStubAssembler::IsConstructorMap(SloppyTNode<Map> map) {
5365 CSA_ASSERT(this, IsMap(map));
5366 return IsSetWord32<Map::IsConstructorBit>(LoadMapBitField(map));
5367 }
5368
IsConstructor(SloppyTNode<HeapObject> object)5369 TNode<BoolT> CodeStubAssembler::IsConstructor(SloppyTNode<HeapObject> object) {
5370 return IsConstructorMap(LoadMap(object));
5371 }
5372
IsFunctionWithPrototypeSlotMap(SloppyTNode<Map> map)5373 TNode<BoolT> CodeStubAssembler::IsFunctionWithPrototypeSlotMap(
5374 SloppyTNode<Map> map) {
5375 CSA_ASSERT(this, IsMap(map));
5376 return IsSetWord32<Map::HasPrototypeSlotBit>(LoadMapBitField(map));
5377 }
5378
IsSpecialReceiverInstanceType(TNode<Int32T> instance_type)5379 TNode<BoolT> CodeStubAssembler::IsSpecialReceiverInstanceType(
5380 TNode<Int32T> instance_type) {
5381 STATIC_ASSERT(JS_GLOBAL_OBJECT_TYPE <= LAST_SPECIAL_RECEIVER_TYPE);
5382 return Int32LessThanOrEqual(instance_type,
5383 Int32Constant(LAST_SPECIAL_RECEIVER_TYPE));
5384 }
5385
IsCustomElementsReceiverInstanceType(TNode<Int32T> instance_type)5386 TNode<BoolT> CodeStubAssembler::IsCustomElementsReceiverInstanceType(
5387 TNode<Int32T> instance_type) {
5388 return Int32LessThanOrEqual(instance_type,
5389 Int32Constant(LAST_CUSTOM_ELEMENTS_RECEIVER));
5390 }
5391
IsStringInstanceType(SloppyTNode<Int32T> instance_type)5392 TNode<BoolT> CodeStubAssembler::IsStringInstanceType(
5393 SloppyTNode<Int32T> instance_type) {
5394 STATIC_ASSERT(INTERNALIZED_STRING_TYPE == FIRST_TYPE);
5395 return Int32LessThan(instance_type, Int32Constant(FIRST_NONSTRING_TYPE));
5396 }
5397
IsOneByteStringInstanceType(SloppyTNode<Int32T> instance_type)5398 TNode<BoolT> CodeStubAssembler::IsOneByteStringInstanceType(
5399 SloppyTNode<Int32T> instance_type) {
5400 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5401 return Word32Equal(
5402 Word32And(instance_type, Int32Constant(kStringEncodingMask)),
5403 Int32Constant(kOneByteStringTag));
5404 }
5405
IsSequentialStringInstanceType(SloppyTNode<Int32T> instance_type)5406 TNode<BoolT> CodeStubAssembler::IsSequentialStringInstanceType(
5407 SloppyTNode<Int32T> instance_type) {
5408 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5409 return Word32Equal(
5410 Word32And(instance_type, Int32Constant(kStringRepresentationMask)),
5411 Int32Constant(kSeqStringTag));
5412 }
5413
IsConsStringInstanceType(SloppyTNode<Int32T> instance_type)5414 TNode<BoolT> CodeStubAssembler::IsConsStringInstanceType(
5415 SloppyTNode<Int32T> instance_type) {
5416 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5417 return Word32Equal(
5418 Word32And(instance_type, Int32Constant(kStringRepresentationMask)),
5419 Int32Constant(kConsStringTag));
5420 }
5421
IsIndirectStringInstanceType(SloppyTNode<Int32T> instance_type)5422 TNode<BoolT> CodeStubAssembler::IsIndirectStringInstanceType(
5423 SloppyTNode<Int32T> instance_type) {
5424 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5425 STATIC_ASSERT(kIsIndirectStringMask == 0x1);
5426 STATIC_ASSERT(kIsIndirectStringTag == 0x1);
5427 return UncheckedCast<BoolT>(
5428 Word32And(instance_type, Int32Constant(kIsIndirectStringMask)));
5429 }
5430
IsExternalStringInstanceType(SloppyTNode<Int32T> instance_type)5431 TNode<BoolT> CodeStubAssembler::IsExternalStringInstanceType(
5432 SloppyTNode<Int32T> instance_type) {
5433 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5434 return Word32Equal(
5435 Word32And(instance_type, Int32Constant(kStringRepresentationMask)),
5436 Int32Constant(kExternalStringTag));
5437 }
5438
IsShortExternalStringInstanceType(SloppyTNode<Int32T> instance_type)5439 TNode<BoolT> CodeStubAssembler::IsShortExternalStringInstanceType(
5440 SloppyTNode<Int32T> instance_type) {
5441 CSA_ASSERT(this, IsStringInstanceType(instance_type));
5442 STATIC_ASSERT(kShortExternalStringTag != 0);
5443 return IsSetWord32(instance_type, kShortExternalStringMask);
5444 }
5445
IsJSReceiverInstanceType(SloppyTNode<Int32T> instance_type)5446 TNode<BoolT> CodeStubAssembler::IsJSReceiverInstanceType(
5447 SloppyTNode<Int32T> instance_type) {
5448 STATIC_ASSERT(LAST_JS_RECEIVER_TYPE == LAST_TYPE);
5449 return Int32GreaterThanOrEqual(instance_type,
5450 Int32Constant(FIRST_JS_RECEIVER_TYPE));
5451 }
5452
IsJSReceiverMap(SloppyTNode<Map> map)5453 TNode<BoolT> CodeStubAssembler::IsJSReceiverMap(SloppyTNode<Map> map) {
5454 return IsJSReceiverInstanceType(LoadMapInstanceType(map));
5455 }
5456
IsJSReceiver(SloppyTNode<HeapObject> object)5457 TNode<BoolT> CodeStubAssembler::IsJSReceiver(SloppyTNode<HeapObject> object) {
5458 return IsJSReceiverMap(LoadMap(object));
5459 }
5460
IsNullOrJSReceiver(SloppyTNode<HeapObject> object)5461 TNode<BoolT> CodeStubAssembler::IsNullOrJSReceiver(
5462 SloppyTNode<HeapObject> object) {
5463 return UncheckedCast<BoolT>(Word32Or(IsJSReceiver(object), IsNull(object)));
5464 }
5465
IsNullOrUndefined(SloppyTNode<Object> value)5466 TNode<BoolT> CodeStubAssembler::IsNullOrUndefined(SloppyTNode<Object> value) {
5467 return UncheckedCast<BoolT>(Word32Or(IsUndefined(value), IsNull(value)));
5468 }
5469
IsJSGlobalProxyInstanceType(SloppyTNode<Int32T> instance_type)5470 TNode<BoolT> CodeStubAssembler::IsJSGlobalProxyInstanceType(
5471 SloppyTNode<Int32T> instance_type) {
5472 return InstanceTypeEqual(instance_type, JS_GLOBAL_PROXY_TYPE);
5473 }
5474
IsJSObjectInstanceType(SloppyTNode<Int32T> instance_type)5475 TNode<BoolT> CodeStubAssembler::IsJSObjectInstanceType(
5476 SloppyTNode<Int32T> instance_type) {
5477 STATIC_ASSERT(LAST_JS_OBJECT_TYPE == LAST_TYPE);
5478 return Int32GreaterThanOrEqual(instance_type,
5479 Int32Constant(FIRST_JS_OBJECT_TYPE));
5480 }
5481
IsJSObjectMap(SloppyTNode<Map> map)5482 TNode<BoolT> CodeStubAssembler::IsJSObjectMap(SloppyTNode<Map> map) {
5483 CSA_ASSERT(this, IsMap(map));
5484 return IsJSObjectInstanceType(LoadMapInstanceType(map));
5485 }
5486
IsJSObject(SloppyTNode<HeapObject> object)5487 TNode<BoolT> CodeStubAssembler::IsJSObject(SloppyTNode<HeapObject> object) {
5488 return IsJSObjectMap(LoadMap(object));
5489 }
5490
IsJSPromiseMap(SloppyTNode<Map> map)5491 TNode<BoolT> CodeStubAssembler::IsJSPromiseMap(SloppyTNode<Map> map) {
5492 CSA_ASSERT(this, IsMap(map));
5493 return InstanceTypeEqual(LoadMapInstanceType(map), JS_PROMISE_TYPE);
5494 }
5495
IsJSPromise(SloppyTNode<HeapObject> object)5496 TNode<BoolT> CodeStubAssembler::IsJSPromise(SloppyTNode<HeapObject> object) {
5497 return IsJSPromiseMap(LoadMap(object));
5498 }
5499
IsJSProxy(SloppyTNode<HeapObject> object)5500 TNode<BoolT> CodeStubAssembler::IsJSProxy(SloppyTNode<HeapObject> object) {
5501 return HasInstanceType(object, JS_PROXY_TYPE);
5502 }
5503
IsJSGlobalProxy(SloppyTNode<HeapObject> object)5504 TNode<BoolT> CodeStubAssembler::IsJSGlobalProxy(
5505 SloppyTNode<HeapObject> object) {
5506 return HasInstanceType(object, JS_GLOBAL_PROXY_TYPE);
5507 }
5508
IsMap(SloppyTNode<HeapObject> map)5509 TNode<BoolT> CodeStubAssembler::IsMap(SloppyTNode<HeapObject> map) {
5510 return IsMetaMap(LoadMap(map));
5511 }
5512
IsJSValueInstanceType(SloppyTNode<Int32T> instance_type)5513 TNode<BoolT> CodeStubAssembler::IsJSValueInstanceType(
5514 SloppyTNode<Int32T> instance_type) {
5515 return InstanceTypeEqual(instance_type, JS_VALUE_TYPE);
5516 }
5517
IsJSValue(SloppyTNode<HeapObject> object)5518 TNode<BoolT> CodeStubAssembler::IsJSValue(SloppyTNode<HeapObject> object) {
5519 return IsJSValueMap(LoadMap(object));
5520 }
5521
IsJSValueMap(SloppyTNode<Map> map)5522 TNode<BoolT> CodeStubAssembler::IsJSValueMap(SloppyTNode<Map> map) {
5523 return IsJSValueInstanceType(LoadMapInstanceType(map));
5524 }
5525
IsJSArrayInstanceType(SloppyTNode<Int32T> instance_type)5526 TNode<BoolT> CodeStubAssembler::IsJSArrayInstanceType(
5527 SloppyTNode<Int32T> instance_type) {
5528 return InstanceTypeEqual(instance_type, JS_ARRAY_TYPE);
5529 }
5530
IsJSArray(SloppyTNode<HeapObject> object)5531 TNode<BoolT> CodeStubAssembler::IsJSArray(SloppyTNode<HeapObject> object) {
5532 return IsJSArrayMap(LoadMap(object));
5533 }
5534
IsJSArrayMap(SloppyTNode<Map> map)5535 TNode<BoolT> CodeStubAssembler::IsJSArrayMap(SloppyTNode<Map> map) {
5536 return IsJSArrayInstanceType(LoadMapInstanceType(map));
5537 }
5538
IsJSArrayIterator(SloppyTNode<HeapObject> object)5539 TNode<BoolT> CodeStubAssembler::IsJSArrayIterator(
5540 SloppyTNode<HeapObject> object) {
5541 return HasInstanceType(object, JS_ARRAY_ITERATOR_TYPE);
5542 }
5543
IsJSAsyncGeneratorObject(SloppyTNode<HeapObject> object)5544 TNode<BoolT> CodeStubAssembler::IsJSAsyncGeneratorObject(
5545 SloppyTNode<HeapObject> object) {
5546 return HasInstanceType(object, JS_ASYNC_GENERATOR_OBJECT_TYPE);
5547 }
5548
IsContext(SloppyTNode<HeapObject> object)5549 TNode<BoolT> CodeStubAssembler::IsContext(SloppyTNode<HeapObject> object) {
5550 Node* instance_type = LoadInstanceType(object);
5551 return UncheckedCast<BoolT>(Word32And(
5552 Int32GreaterThanOrEqual(instance_type, Int32Constant(FIRST_CONTEXT_TYPE)),
5553 Int32LessThanOrEqual(instance_type, Int32Constant(LAST_CONTEXT_TYPE))));
5554 }
5555
IsFixedArray(SloppyTNode<HeapObject> object)5556 TNode<BoolT> CodeStubAssembler::IsFixedArray(SloppyTNode<HeapObject> object) {
5557 return HasInstanceType(object, FIXED_ARRAY_TYPE);
5558 }
5559
IsFixedArraySubclass(SloppyTNode<HeapObject> object)5560 TNode<BoolT> CodeStubAssembler::IsFixedArraySubclass(
5561 SloppyTNode<HeapObject> object) {
5562 Node* instance_type = LoadInstanceType(object);
5563 return UncheckedCast<BoolT>(
5564 Word32And(Int32GreaterThanOrEqual(instance_type,
5565 Int32Constant(FIRST_FIXED_ARRAY_TYPE)),
5566 Int32LessThanOrEqual(instance_type,
5567 Int32Constant(LAST_FIXED_ARRAY_TYPE))));
5568 }
5569
IsNotWeakFixedArraySubclass(SloppyTNode<HeapObject> object)5570 TNode<BoolT> CodeStubAssembler::IsNotWeakFixedArraySubclass(
5571 SloppyTNode<HeapObject> object) {
5572 Node* instance_type = LoadInstanceType(object);
5573 return UncheckedCast<BoolT>(Word32Or(
5574 Int32LessThan(instance_type, Int32Constant(FIRST_WEAK_FIXED_ARRAY_TYPE)),
5575 Int32GreaterThan(instance_type,
5576 Int32Constant(LAST_WEAK_FIXED_ARRAY_TYPE))));
5577 }
5578
IsPromiseCapability(SloppyTNode<HeapObject> object)5579 TNode<BoolT> CodeStubAssembler::IsPromiseCapability(
5580 SloppyTNode<HeapObject> object) {
5581 return HasInstanceType(object, PROMISE_CAPABILITY_TYPE);
5582 }
5583
IsPropertyArray(SloppyTNode<HeapObject> object)5584 TNode<BoolT> CodeStubAssembler::IsPropertyArray(
5585 SloppyTNode<HeapObject> object) {
5586 return HasInstanceType(object, PROPERTY_ARRAY_TYPE);
5587 }
5588
5589 // This complicated check is due to elements oddities. If a smi array is empty
5590 // after Array.p.shift, it is replaced by the empty array constant. If it is
5591 // later filled with a double element, we try to grow it but pass in a double
5592 // elements kind. Usually this would cause a size mismatch (since the source
5593 // fixed array has HOLEY_ELEMENTS and destination has
5594 // HOLEY_DOUBLE_ELEMENTS), but we don't have to worry about it when the
5595 // source array is empty.
5596 // TODO(jgruber): It might we worth creating an empty_double_array constant to
5597 // simplify this case.
IsFixedArrayWithKindOrEmpty(SloppyTNode<HeapObject> object,ElementsKind kind)5598 TNode<BoolT> CodeStubAssembler::IsFixedArrayWithKindOrEmpty(
5599 SloppyTNode<HeapObject> object, ElementsKind kind) {
5600 Label out(this);
5601 TVARIABLE(BoolT, var_result, Int32TrueConstant());
5602
5603 GotoIf(IsFixedArrayWithKind(object, kind), &out);
5604
5605 TNode<Smi> const length = LoadFixedArrayBaseLength(CAST(object));
5606 GotoIf(SmiEqual(length, SmiConstant(0)), &out);
5607
5608 var_result = Int32FalseConstant();
5609 Goto(&out);
5610
5611 BIND(&out);
5612 return var_result.value();
5613 }
5614
IsFixedArrayWithKind(SloppyTNode<HeapObject> object,ElementsKind kind)5615 TNode<BoolT> CodeStubAssembler::IsFixedArrayWithKind(
5616 SloppyTNode<HeapObject> object, ElementsKind kind) {
5617 if (IsDoubleElementsKind(kind)) {
5618 return IsFixedDoubleArray(object);
5619 } else {
5620 DCHECK(IsSmiOrObjectElementsKind(kind));
5621 return IsFixedArraySubclass(object);
5622 }
5623 }
5624
IsBoolean(SloppyTNode<HeapObject> object)5625 TNode<BoolT> CodeStubAssembler::IsBoolean(SloppyTNode<HeapObject> object) {
5626 return IsBooleanMap(LoadMap(object));
5627 }
5628
IsPropertyCell(SloppyTNode<HeapObject> object)5629 TNode<BoolT> CodeStubAssembler::IsPropertyCell(SloppyTNode<HeapObject> object) {
5630 return IsPropertyCellMap(LoadMap(object));
5631 }
5632
IsAccessorInfo(SloppyTNode<HeapObject> object)5633 TNode<BoolT> CodeStubAssembler::IsAccessorInfo(SloppyTNode<HeapObject> object) {
5634 return IsAccessorInfoMap(LoadMap(object));
5635 }
5636
IsAccessorPair(SloppyTNode<HeapObject> object)5637 TNode<BoolT> CodeStubAssembler::IsAccessorPair(SloppyTNode<HeapObject> object) {
5638 return IsAccessorPairMap(LoadMap(object));
5639 }
5640
IsAllocationSite(SloppyTNode<HeapObject> object)5641 TNode<BoolT> CodeStubAssembler::IsAllocationSite(
5642 SloppyTNode<HeapObject> object) {
5643 return IsAllocationSiteInstanceType(LoadInstanceType(object));
5644 }
5645
IsAnyHeapNumber(SloppyTNode<HeapObject> object)5646 TNode<BoolT> CodeStubAssembler::IsAnyHeapNumber(
5647 SloppyTNode<HeapObject> object) {
5648 return UncheckedCast<BoolT>(
5649 Word32Or(IsMutableHeapNumber(object), IsHeapNumber(object)));
5650 }
5651
IsHeapNumber(SloppyTNode<HeapObject> object)5652 TNode<BoolT> CodeStubAssembler::IsHeapNumber(SloppyTNode<HeapObject> object) {
5653 return IsHeapNumberMap(LoadMap(object));
5654 }
5655
IsMutableHeapNumber(SloppyTNode<HeapObject> object)5656 TNode<BoolT> CodeStubAssembler::IsMutableHeapNumber(
5657 SloppyTNode<HeapObject> object) {
5658 return IsMutableHeapNumberMap(LoadMap(object));
5659 }
5660
IsFeedbackCell(SloppyTNode<HeapObject> object)5661 TNode<BoolT> CodeStubAssembler::IsFeedbackCell(SloppyTNode<HeapObject> object) {
5662 return HasInstanceType(object, FEEDBACK_CELL_TYPE);
5663 }
5664
IsFeedbackVector(SloppyTNode<HeapObject> object)5665 TNode<BoolT> CodeStubAssembler::IsFeedbackVector(
5666 SloppyTNode<HeapObject> object) {
5667 return IsFeedbackVectorMap(LoadMap(object));
5668 }
5669
IsName(SloppyTNode<HeapObject> object)5670 TNode<BoolT> CodeStubAssembler::IsName(SloppyTNode<HeapObject> object) {
5671 return Int32LessThanOrEqual(LoadInstanceType(object),
5672 Int32Constant(LAST_NAME_TYPE));
5673 }
5674
IsString(SloppyTNode<HeapObject> object)5675 TNode<BoolT> CodeStubAssembler::IsString(SloppyTNode<HeapObject> object) {
5676 return IsStringInstanceType(LoadInstanceType(object));
5677 }
5678
IsSymbolInstanceType(SloppyTNode<Int32T> instance_type)5679 TNode<BoolT> CodeStubAssembler::IsSymbolInstanceType(
5680 SloppyTNode<Int32T> instance_type) {
5681 return InstanceTypeEqual(instance_type, SYMBOL_TYPE);
5682 }
5683
IsSymbol(SloppyTNode<HeapObject> object)5684 TNode<BoolT> CodeStubAssembler::IsSymbol(SloppyTNode<HeapObject> object) {
5685 return IsSymbolMap(LoadMap(object));
5686 }
5687
IsBigIntInstanceType(SloppyTNode<Int32T> instance_type)5688 TNode<BoolT> CodeStubAssembler::IsBigIntInstanceType(
5689 SloppyTNode<Int32T> instance_type) {
5690 return InstanceTypeEqual(instance_type, BIGINT_TYPE);
5691 }
5692
IsBigInt(SloppyTNode<HeapObject> object)5693 TNode<BoolT> CodeStubAssembler::IsBigInt(SloppyTNode<HeapObject> object) {
5694 return IsBigIntInstanceType(LoadInstanceType(object));
5695 }
5696
IsPrimitiveInstanceType(SloppyTNode<Int32T> instance_type)5697 TNode<BoolT> CodeStubAssembler::IsPrimitiveInstanceType(
5698 SloppyTNode<Int32T> instance_type) {
5699 return Int32LessThanOrEqual(instance_type,
5700 Int32Constant(LAST_PRIMITIVE_TYPE));
5701 }
5702
IsPrivateSymbol(SloppyTNode<HeapObject> object)5703 TNode<BoolT> CodeStubAssembler::IsPrivateSymbol(
5704 SloppyTNode<HeapObject> object) {
5705 return Select<BoolT>(
5706 IsSymbol(object),
5707 [=] {
5708 TNode<Symbol> symbol = CAST(object);
5709 TNode<Int32T> flags =
5710 SmiToInt32(LoadObjectField<Smi>(symbol, Symbol::kFlagsOffset));
5711 return IsSetWord32(flags, 1 << Symbol::kPrivateBit);
5712 },
5713 [=] { return Int32FalseConstant(); });
5714 }
5715
IsNativeContext(SloppyTNode<HeapObject> object)5716 TNode<BoolT> CodeStubAssembler::IsNativeContext(
5717 SloppyTNode<HeapObject> object) {
5718 return WordEqual(LoadMap(object), LoadRoot(Heap::kNativeContextMapRootIndex));
5719 }
5720
IsFixedDoubleArray(SloppyTNode<HeapObject> object)5721 TNode<BoolT> CodeStubAssembler::IsFixedDoubleArray(
5722 SloppyTNode<HeapObject> object) {
5723 return WordEqual(LoadMap(object), FixedDoubleArrayMapConstant());
5724 }
5725
IsHashTable(SloppyTNode<HeapObject> object)5726 TNode<BoolT> CodeStubAssembler::IsHashTable(SloppyTNode<HeapObject> object) {
5727 Node* instance_type = LoadInstanceType(object);
5728 return UncheckedCast<BoolT>(
5729 Word32And(Int32GreaterThanOrEqual(instance_type,
5730 Int32Constant(FIRST_HASH_TABLE_TYPE)),
5731 Int32LessThanOrEqual(instance_type,
5732 Int32Constant(LAST_HASH_TABLE_TYPE))));
5733 }
5734
IsEphemeronHashTable(SloppyTNode<HeapObject> object)5735 TNode<BoolT> CodeStubAssembler::IsEphemeronHashTable(
5736 SloppyTNode<HeapObject> object) {
5737 return HasInstanceType(object, EPHEMERON_HASH_TABLE_TYPE);
5738 }
5739
IsNameDictionary(SloppyTNode<HeapObject> object)5740 TNode<BoolT> CodeStubAssembler::IsNameDictionary(
5741 SloppyTNode<HeapObject> object) {
5742 return HasInstanceType(object, NAME_DICTIONARY_TYPE);
5743 }
5744
IsGlobalDictionary(SloppyTNode<HeapObject> object)5745 TNode<BoolT> CodeStubAssembler::IsGlobalDictionary(
5746 SloppyTNode<HeapObject> object) {
5747 return HasInstanceType(object, GLOBAL_DICTIONARY_TYPE);
5748 }
5749
IsNumberDictionary(SloppyTNode<HeapObject> object)5750 TNode<BoolT> CodeStubAssembler::IsNumberDictionary(
5751 SloppyTNode<HeapObject> object) {
5752 return HasInstanceType(object, NUMBER_DICTIONARY_TYPE);
5753 }
5754
IsJSGeneratorObject(SloppyTNode<HeapObject> object)5755 TNode<BoolT> CodeStubAssembler::IsJSGeneratorObject(
5756 SloppyTNode<HeapObject> object) {
5757 return HasInstanceType(object, JS_GENERATOR_OBJECT_TYPE);
5758 }
5759
IsJSFunctionInstanceType(SloppyTNode<Int32T> instance_type)5760 TNode<BoolT> CodeStubAssembler::IsJSFunctionInstanceType(
5761 SloppyTNode<Int32T> instance_type) {
5762 return InstanceTypeEqual(instance_type, JS_FUNCTION_TYPE);
5763 }
5764
IsAllocationSiteInstanceType(SloppyTNode<Int32T> instance_type)5765 TNode<BoolT> CodeStubAssembler::IsAllocationSiteInstanceType(
5766 SloppyTNode<Int32T> instance_type) {
5767 return InstanceTypeEqual(instance_type, ALLOCATION_SITE_TYPE);
5768 }
5769
IsJSFunction(SloppyTNode<HeapObject> object)5770 TNode<BoolT> CodeStubAssembler::IsJSFunction(SloppyTNode<HeapObject> object) {
5771 return IsJSFunctionMap(LoadMap(object));
5772 }
5773
IsJSFunctionMap(SloppyTNode<Map> map)5774 TNode<BoolT> CodeStubAssembler::IsJSFunctionMap(SloppyTNode<Map> map) {
5775 return IsJSFunctionInstanceType(LoadMapInstanceType(map));
5776 }
5777
IsJSTypedArray(SloppyTNode<HeapObject> object)5778 TNode<BoolT> CodeStubAssembler::IsJSTypedArray(SloppyTNode<HeapObject> object) {
5779 return HasInstanceType(object, JS_TYPED_ARRAY_TYPE);
5780 }
5781
IsJSArrayBuffer(SloppyTNode<HeapObject> object)5782 TNode<BoolT> CodeStubAssembler::IsJSArrayBuffer(
5783 SloppyTNode<HeapObject> object) {
5784 return HasInstanceType(object, JS_ARRAY_BUFFER_TYPE);
5785 }
5786
IsJSDataView(TNode<HeapObject> object)5787 TNode<BoolT> CodeStubAssembler::IsJSDataView(TNode<HeapObject> object) {
5788 return HasInstanceType(object, JS_DATA_VIEW_TYPE);
5789 }
5790
IsFixedTypedArray(SloppyTNode<HeapObject> object)5791 TNode<BoolT> CodeStubAssembler::IsFixedTypedArray(
5792 SloppyTNode<HeapObject> object) {
5793 TNode<Int32T> instance_type = LoadInstanceType(object);
5794 return UncheckedCast<BoolT>(Word32And(
5795 Int32GreaterThanOrEqual(instance_type,
5796 Int32Constant(FIRST_FIXED_TYPED_ARRAY_TYPE)),
5797 Int32LessThanOrEqual(instance_type,
5798 Int32Constant(LAST_FIXED_TYPED_ARRAY_TYPE))));
5799 }
5800
IsJSRegExp(SloppyTNode<HeapObject> object)5801 TNode<BoolT> CodeStubAssembler::IsJSRegExp(SloppyTNode<HeapObject> object) {
5802 return HasInstanceType(object, JS_REGEXP_TYPE);
5803 }
5804
IsNumber(SloppyTNode<Object> object)5805 TNode<BoolT> CodeStubAssembler::IsNumber(SloppyTNode<Object> object) {
5806 return Select<BoolT>(TaggedIsSmi(object), [=] { return Int32TrueConstant(); },
5807 [=] { return IsHeapNumber(CAST(object)); });
5808 }
5809
IsNumeric(SloppyTNode<Object> object)5810 TNode<BoolT> CodeStubAssembler::IsNumeric(SloppyTNode<Object> object) {
5811 return Select<BoolT>(
5812 TaggedIsSmi(object), [=] { return Int32TrueConstant(); },
5813 [=] {
5814 return UncheckedCast<BoolT>(
5815 Word32Or(IsHeapNumber(CAST(object)), IsBigInt(CAST(object))));
5816 });
5817 }
5818
IsNumberNormalized(SloppyTNode<Number> number)5819 TNode<BoolT> CodeStubAssembler::IsNumberNormalized(SloppyTNode<Number> number) {
5820 TVARIABLE(BoolT, var_result, Int32TrueConstant());
5821 Label out(this);
5822
5823 GotoIf(TaggedIsSmi(number), &out);
5824
5825 TNode<Float64T> value = LoadHeapNumberValue(CAST(number));
5826 TNode<Float64T> smi_min =
5827 Float64Constant(static_cast<double>(Smi::kMinValue));
5828 TNode<Float64T> smi_max =
5829 Float64Constant(static_cast<double>(Smi::kMaxValue));
5830
5831 GotoIf(Float64LessThan(value, smi_min), &out);
5832 GotoIf(Float64GreaterThan(value, smi_max), &out);
5833 GotoIfNot(Float64Equal(value, value), &out); // NaN.
5834
5835 var_result = Int32FalseConstant();
5836 Goto(&out);
5837
5838 BIND(&out);
5839 return var_result.value();
5840 }
5841
IsNumberPositive(SloppyTNode<Number> number)5842 TNode<BoolT> CodeStubAssembler::IsNumberPositive(SloppyTNode<Number> number) {
5843 return Select<BoolT>(TaggedIsSmi(number),
5844 [=] { return TaggedIsPositiveSmi(number); },
5845 [=] { return IsHeapNumberPositive(CAST(number)); });
5846 }
5847
5848 // TODO(cbruni): Use TNode<HeapNumber> instead of custom name.
IsHeapNumberPositive(TNode<HeapNumber> number)5849 TNode<BoolT> CodeStubAssembler::IsHeapNumberPositive(TNode<HeapNumber> number) {
5850 TNode<Float64T> value = LoadHeapNumberValue(number);
5851 TNode<Float64T> float_zero = Float64Constant(0.);
5852 return Float64GreaterThanOrEqual(value, float_zero);
5853 }
5854
IsNumberNonNegativeSafeInteger(TNode<Number> number)5855 TNode<BoolT> CodeStubAssembler::IsNumberNonNegativeSafeInteger(
5856 TNode<Number> number) {
5857 return Select<BoolT>(
5858 // TODO(cbruni): Introduce TaggedIsNonNegateSmi to avoid confusion.
5859 TaggedIsSmi(number), [=] { return TaggedIsPositiveSmi(number); },
5860 [=] {
5861 TNode<HeapNumber> heap_number = CAST(number);
5862 return Select<BoolT>(IsInteger(heap_number),
5863 [=] { return IsHeapNumberPositive(heap_number); },
5864 [=] { return Int32FalseConstant(); });
5865 });
5866 }
5867
IsSafeInteger(TNode<Object> number)5868 TNode<BoolT> CodeStubAssembler::IsSafeInteger(TNode<Object> number) {
5869 return Select<BoolT>(
5870 TaggedIsSmi(number), [=] { return Int32TrueConstant(); },
5871 [=] {
5872 return Select<BoolT>(
5873 IsHeapNumber(CAST(number)),
5874 [=] { return IsSafeInteger(UncheckedCast<HeapNumber>(number)); },
5875 [=] { return Int32FalseConstant(); });
5876 });
5877 }
5878
IsSafeInteger(TNode<HeapNumber> number)5879 TNode<BoolT> CodeStubAssembler::IsSafeInteger(TNode<HeapNumber> number) {
5880 // Load the actual value of {number}.
5881 TNode<Float64T> number_value = LoadHeapNumberValue(number);
5882 // Truncate the value of {number} to an integer (or an infinity).
5883 TNode<Float64T> integer = Float64Trunc(number_value);
5884
5885 return Select<BoolT>(
5886 // Check if {number}s value matches the integer (ruling out the
5887 // infinities).
5888 Float64Equal(Float64Sub(number_value, integer), Float64Constant(0.0)),
5889 [=] {
5890 // Check if the {integer} value is in safe integer range.
5891 return Float64LessThanOrEqual(Float64Abs(integer),
5892 Float64Constant(kMaxSafeInteger));
5893 },
5894 [=] { return Int32FalseConstant(); });
5895 }
5896
IsInteger(TNode<Object> number)5897 TNode<BoolT> CodeStubAssembler::IsInteger(TNode<Object> number) {
5898 return Select<BoolT>(
5899 TaggedIsSmi(number), [=] { return Int32TrueConstant(); },
5900 [=] {
5901 return Select<BoolT>(
5902 IsHeapNumber(CAST(number)),
5903 [=] { return IsInteger(UncheckedCast<HeapNumber>(number)); },
5904 [=] { return Int32FalseConstant(); });
5905 });
5906 }
5907
IsInteger(TNode<HeapNumber> number)5908 TNode<BoolT> CodeStubAssembler::IsInteger(TNode<HeapNumber> number) {
5909 TNode<Float64T> number_value = LoadHeapNumberValue(number);
5910 // Truncate the value of {number} to an integer (or an infinity).
5911 TNode<Float64T> integer = Float64Trunc(number_value);
5912 // Check if {number}s value matches the integer (ruling out the infinities).
5913 return Float64Equal(Float64Sub(number_value, integer), Float64Constant(0.0));
5914 }
5915
IsHeapNumberUint32(TNode<HeapNumber> number)5916 TNode<BoolT> CodeStubAssembler::IsHeapNumberUint32(TNode<HeapNumber> number) {
5917 // Check that the HeapNumber is a valid uint32
5918 return Select<BoolT>(
5919 IsHeapNumberPositive(number),
5920 [=] {
5921 TNode<Float64T> value = LoadHeapNumberValue(number);
5922 TNode<Uint32T> int_value = Unsigned(TruncateFloat64ToWord32(value));
5923 return Float64Equal(value, ChangeUint32ToFloat64(int_value));
5924 },
5925 [=] { return Int32FalseConstant(); });
5926 }
5927
IsNumberArrayIndex(TNode<Number> number)5928 TNode<BoolT> CodeStubAssembler::IsNumberArrayIndex(TNode<Number> number) {
5929 return Select<BoolT>(TaggedIsSmi(number),
5930 [=] { return TaggedIsPositiveSmi(number); },
5931 [=] { return IsHeapNumberUint32(CAST(number)); });
5932 }
5933
FixedArraySizeDoesntFitInNewSpace(Node * element_count,int base_size,ParameterMode mode)5934 Node* CodeStubAssembler::FixedArraySizeDoesntFitInNewSpace(Node* element_count,
5935 int base_size,
5936 ParameterMode mode) {
5937 int max_newspace_elements =
5938 (kMaxRegularHeapObjectSize - base_size) / kPointerSize;
5939 return IntPtrOrSmiGreaterThan(
5940 element_count, IntPtrOrSmiConstant(max_newspace_elements, mode), mode);
5941 }
5942
StringCharCodeAt(SloppyTNode<String> string,SloppyTNode<IntPtrT> index)5943 TNode<Int32T> CodeStubAssembler::StringCharCodeAt(SloppyTNode<String> string,
5944 SloppyTNode<IntPtrT> index) {
5945 CSA_ASSERT(this, IsString(string));
5946
5947 CSA_ASSERT(this, IntPtrGreaterThanOrEqual(index, IntPtrConstant(0)));
5948 CSA_ASSERT(this, IntPtrLessThan(index, LoadStringLengthAsWord(string)));
5949
5950 TVARIABLE(Int32T, var_result);
5951
5952 Label return_result(this), if_runtime(this, Label::kDeferred),
5953 if_stringistwobyte(this), if_stringisonebyte(this);
5954
5955 ToDirectStringAssembler to_direct(state(), string);
5956 to_direct.TryToDirect(&if_runtime);
5957 Node* const offset = IntPtrAdd(index, to_direct.offset());
5958 Node* const instance_type = to_direct.instance_type();
5959
5960 Node* const string_data = to_direct.PointerToData(&if_runtime);
5961
5962 // Check if the {string} is a TwoByteSeqString or a OneByteSeqString.
5963 Branch(IsOneByteStringInstanceType(instance_type), &if_stringisonebyte,
5964 &if_stringistwobyte);
5965
5966 BIND(&if_stringisonebyte);
5967 {
5968 var_result =
5969 UncheckedCast<Int32T>(Load(MachineType::Uint8(), string_data, offset));
5970 Goto(&return_result);
5971 }
5972
5973 BIND(&if_stringistwobyte);
5974 {
5975 var_result =
5976 UncheckedCast<Int32T>(Load(MachineType::Uint16(), string_data,
5977 WordShl(offset, IntPtrConstant(1))));
5978 Goto(&return_result);
5979 }
5980
5981 BIND(&if_runtime);
5982 {
5983 Node* result = CallRuntime(Runtime::kStringCharCodeAt, NoContextConstant(),
5984 string, SmiTag(index));
5985 var_result = SmiToInt32(result);
5986 Goto(&return_result);
5987 }
5988
5989 BIND(&return_result);
5990 return var_result.value();
5991 }
5992
StringFromSingleCharCode(TNode<Int32T> code)5993 TNode<String> CodeStubAssembler::StringFromSingleCharCode(TNode<Int32T> code) {
5994 VARIABLE(var_result, MachineRepresentation::kTagged);
5995
5996 // Check if the {code} is a one-byte char code.
5997 Label if_codeisonebyte(this), if_codeistwobyte(this, Label::kDeferred),
5998 if_done(this);
5999 Branch(Int32LessThanOrEqual(code, Int32Constant(String::kMaxOneByteCharCode)),
6000 &if_codeisonebyte, &if_codeistwobyte);
6001 BIND(&if_codeisonebyte);
6002 {
6003 // Load the isolate wide single character string cache.
6004 TNode<FixedArray> cache =
6005 CAST(LoadRoot(Heap::kSingleCharacterStringCacheRootIndex));
6006 TNode<IntPtrT> code_index = Signed(ChangeUint32ToWord(code));
6007
6008 // Check if we have an entry for the {code} in the single character string
6009 // cache already.
6010 Label if_entryisundefined(this, Label::kDeferred),
6011 if_entryisnotundefined(this);
6012 Node* entry = LoadFixedArrayElement(cache, code_index);
6013 Branch(IsUndefined(entry), &if_entryisundefined, &if_entryisnotundefined);
6014
6015 BIND(&if_entryisundefined);
6016 {
6017 // Allocate a new SeqOneByteString for {code} and store it in the {cache}.
6018 TNode<String> result = AllocateSeqOneByteString(1);
6019 StoreNoWriteBarrier(
6020 MachineRepresentation::kWord8, result,
6021 IntPtrConstant(SeqOneByteString::kHeaderSize - kHeapObjectTag), code);
6022 StoreFixedArrayElement(cache, code_index, result);
6023 var_result.Bind(result);
6024 Goto(&if_done);
6025 }
6026
6027 BIND(&if_entryisnotundefined);
6028 {
6029 // Return the entry from the {cache}.
6030 var_result.Bind(entry);
6031 Goto(&if_done);
6032 }
6033 }
6034
6035 BIND(&if_codeistwobyte);
6036 {
6037 // Allocate a new SeqTwoByteString for {code}.
6038 Node* result = AllocateSeqTwoByteString(1);
6039 StoreNoWriteBarrier(
6040 MachineRepresentation::kWord16, result,
6041 IntPtrConstant(SeqTwoByteString::kHeaderSize - kHeapObjectTag), code);
6042 var_result.Bind(result);
6043 Goto(&if_done);
6044 }
6045
6046 BIND(&if_done);
6047 CSA_ASSERT(this, IsString(var_result.value()));
6048 return CAST(var_result.value());
6049 }
6050
6051 // A wrapper around CopyStringCharacters which determines the correct string
6052 // encoding, allocates a corresponding sequential string, and then copies the
6053 // given character range using CopyStringCharacters.
6054 // |from_string| must be a sequential string.
6055 // 0 <= |from_index| <= |from_index| + |character_count| < from_string.length.
AllocAndCopyStringCharacters(Node * from,Node * from_instance_type,TNode<IntPtrT> from_index,TNode<Smi> character_count)6056 TNode<String> CodeStubAssembler::AllocAndCopyStringCharacters(
6057 Node* from, Node* from_instance_type, TNode<IntPtrT> from_index,
6058 TNode<Smi> character_count) {
6059 Label end(this), one_byte_sequential(this), two_byte_sequential(this);
6060 TVARIABLE(String, var_result);
6061
6062 Branch(IsOneByteStringInstanceType(from_instance_type), &one_byte_sequential,
6063 &two_byte_sequential);
6064
6065 // The subject string is a sequential one-byte string.
6066 BIND(&one_byte_sequential);
6067 {
6068 TNode<String> result =
6069 AllocateSeqOneByteString(NoContextConstant(), character_count);
6070 CopyStringCharacters(from, result, from_index, IntPtrConstant(0),
6071 SmiUntag(character_count), String::ONE_BYTE_ENCODING,
6072 String::ONE_BYTE_ENCODING);
6073 var_result = result;
6074 Goto(&end);
6075 }
6076
6077 // The subject string is a sequential two-byte string.
6078 BIND(&two_byte_sequential);
6079 {
6080 TNode<String> result =
6081 AllocateSeqTwoByteString(NoContextConstant(), character_count);
6082 CopyStringCharacters(from, result, from_index, IntPtrConstant(0),
6083 SmiUntag(character_count), String::TWO_BYTE_ENCODING,
6084 String::TWO_BYTE_ENCODING);
6085 var_result = result;
6086 Goto(&end);
6087 }
6088
6089 BIND(&end);
6090 return var_result.value();
6091 }
6092
SubString(TNode<String> string,TNode<IntPtrT> from,TNode<IntPtrT> to)6093 TNode<String> CodeStubAssembler::SubString(TNode<String> string,
6094 TNode<IntPtrT> from,
6095 TNode<IntPtrT> to) {
6096 TVARIABLE(String, var_result);
6097 ToDirectStringAssembler to_direct(state(), string);
6098 Label end(this), runtime(this);
6099
6100 TNode<IntPtrT> const substr_length = IntPtrSub(to, from);
6101 TNode<IntPtrT> const string_length = LoadStringLengthAsWord(string);
6102
6103 // Begin dispatching based on substring length.
6104
6105 Label original_string_or_invalid_length(this);
6106 GotoIf(UintPtrGreaterThanOrEqual(substr_length, string_length),
6107 &original_string_or_invalid_length);
6108
6109 // A real substring (substr_length < string_length).
6110
6111 Label single_char(this);
6112 GotoIf(IntPtrEqual(substr_length, IntPtrConstant(1)), &single_char);
6113
6114 // TODO(jgruber): Add an additional case for substring of length == 0?
6115
6116 // Deal with different string types: update the index if necessary
6117 // and extract the underlying string.
6118
6119 TNode<String> direct_string = to_direct.TryToDirect(&runtime);
6120 TNode<IntPtrT> offset = IntPtrAdd(from, to_direct.offset());
6121 Node* const instance_type = to_direct.instance_type();
6122
6123 // The subject string can only be external or sequential string of either
6124 // encoding at this point.
6125 Label external_string(this);
6126 {
6127 if (FLAG_string_slices) {
6128 Label next(this);
6129
6130 // Short slice. Copy instead of slicing.
6131 GotoIf(IntPtrLessThan(substr_length,
6132 IntPtrConstant(SlicedString::kMinLength)),
6133 &next);
6134
6135 // Allocate new sliced string.
6136
6137 Counters* counters = isolate()->counters();
6138 IncrementCounter(counters->sub_string_native(), 1);
6139
6140 Label one_byte_slice(this), two_byte_slice(this);
6141 Branch(IsOneByteStringInstanceType(to_direct.instance_type()),
6142 &one_byte_slice, &two_byte_slice);
6143
6144 BIND(&one_byte_slice);
6145 {
6146 var_result = AllocateSlicedOneByteString(SmiTag(substr_length),
6147 direct_string, SmiTag(offset));
6148 Goto(&end);
6149 }
6150
6151 BIND(&two_byte_slice);
6152 {
6153 var_result = AllocateSlicedTwoByteString(SmiTag(substr_length),
6154 direct_string, SmiTag(offset));
6155 Goto(&end);
6156 }
6157
6158 BIND(&next);
6159 }
6160
6161 // The subject string can only be external or sequential string of either
6162 // encoding at this point.
6163 GotoIf(to_direct.is_external(), &external_string);
6164
6165 var_result = AllocAndCopyStringCharacters(direct_string, instance_type,
6166 offset, SmiTag(substr_length));
6167
6168 Counters* counters = isolate()->counters();
6169 IncrementCounter(counters->sub_string_native(), 1);
6170
6171 Goto(&end);
6172 }
6173
6174 // Handle external string.
6175 BIND(&external_string);
6176 {
6177 Node* const fake_sequential_string = to_direct.PointerToString(&runtime);
6178
6179 var_result = AllocAndCopyStringCharacters(
6180 fake_sequential_string, instance_type, offset, SmiTag(substr_length));
6181
6182 Counters* counters = isolate()->counters();
6183 IncrementCounter(counters->sub_string_native(), 1);
6184
6185 Goto(&end);
6186 }
6187
6188 // Substrings of length 1 are generated through CharCodeAt and FromCharCode.
6189 BIND(&single_char);
6190 {
6191 TNode<Int32T> char_code = StringCharCodeAt(string, from);
6192 var_result = StringFromSingleCharCode(char_code);
6193 Goto(&end);
6194 }
6195
6196 BIND(&original_string_or_invalid_length);
6197 {
6198 CSA_ASSERT(this, IntPtrEqual(substr_length, string_length));
6199
6200 // Equal length - check if {from, to} == {0, str.length}.
6201 GotoIf(UintPtrGreaterThan(from, IntPtrConstant(0)), &runtime);
6202
6203 // Return the original string (substr_length == string_length).
6204
6205 Counters* counters = isolate()->counters();
6206 IncrementCounter(counters->sub_string_native(), 1);
6207
6208 var_result = string;
6209 Goto(&end);
6210 }
6211
6212 // Fall back to a runtime call.
6213 BIND(&runtime);
6214 {
6215 var_result =
6216 CAST(CallRuntime(Runtime::kStringSubstring, NoContextConstant(), string,
6217 SmiTag(from), SmiTag(to)));
6218 Goto(&end);
6219 }
6220
6221 BIND(&end);
6222 return var_result.value();
6223 }
6224
ToDirectStringAssembler(compiler::CodeAssemblerState * state,Node * string,Flags flags)6225 ToDirectStringAssembler::ToDirectStringAssembler(
6226 compiler::CodeAssemblerState* state, Node* string, Flags flags)
6227 : CodeStubAssembler(state),
6228 var_string_(this, MachineRepresentation::kTagged, string),
6229 var_instance_type_(this, MachineRepresentation::kWord32),
6230 var_offset_(this, MachineType::PointerRepresentation()),
6231 var_is_external_(this, MachineRepresentation::kWord32),
6232 flags_(flags) {
6233 CSA_ASSERT(this, TaggedIsNotSmi(string));
6234 CSA_ASSERT(this, IsString(string));
6235
6236 var_string_.Bind(string);
6237 var_offset_.Bind(IntPtrConstant(0));
6238 var_instance_type_.Bind(LoadInstanceType(string));
6239 var_is_external_.Bind(Int32Constant(0));
6240 }
6241
TryToDirect(Label * if_bailout)6242 TNode<String> ToDirectStringAssembler::TryToDirect(Label* if_bailout) {
6243 VariableList vars({&var_string_, &var_offset_, &var_instance_type_}, zone());
6244 Label dispatch(this, vars);
6245 Label if_iscons(this);
6246 Label if_isexternal(this);
6247 Label if_issliced(this);
6248 Label if_isthin(this);
6249 Label out(this);
6250
6251 Branch(IsSequentialStringInstanceType(var_instance_type_.value()), &out,
6252 &dispatch);
6253
6254 // Dispatch based on string representation.
6255 BIND(&dispatch);
6256 {
6257 int32_t values[] = {
6258 kSeqStringTag, kConsStringTag, kExternalStringTag,
6259 kSlicedStringTag, kThinStringTag,
6260 };
6261 Label* labels[] = {
6262 &out, &if_iscons, &if_isexternal, &if_issliced, &if_isthin,
6263 };
6264 STATIC_ASSERT(arraysize(values) == arraysize(labels));
6265
6266 Node* const representation = Word32And(
6267 var_instance_type_.value(), Int32Constant(kStringRepresentationMask));
6268 Switch(representation, if_bailout, values, labels, arraysize(values));
6269 }
6270
6271 // Cons string. Check whether it is flat, then fetch first part.
6272 // Flat cons strings have an empty second part.
6273 BIND(&if_iscons);
6274 {
6275 Node* const string = var_string_.value();
6276 GotoIfNot(IsEmptyString(LoadObjectField(string, ConsString::kSecondOffset)),
6277 if_bailout);
6278
6279 Node* const lhs = LoadObjectField(string, ConsString::kFirstOffset);
6280 var_string_.Bind(lhs);
6281 var_instance_type_.Bind(LoadInstanceType(lhs));
6282
6283 Goto(&dispatch);
6284 }
6285
6286 // Sliced string. Fetch parent and correct start index by offset.
6287 BIND(&if_issliced);
6288 {
6289 if (!FLAG_string_slices || (flags_ & kDontUnpackSlicedStrings)) {
6290 Goto(if_bailout);
6291 } else {
6292 Node* const string = var_string_.value();
6293 Node* const sliced_offset =
6294 LoadAndUntagObjectField(string, SlicedString::kOffsetOffset);
6295 var_offset_.Bind(IntPtrAdd(var_offset_.value(), sliced_offset));
6296
6297 Node* const parent = LoadObjectField(string, SlicedString::kParentOffset);
6298 var_string_.Bind(parent);
6299 var_instance_type_.Bind(LoadInstanceType(parent));
6300
6301 Goto(&dispatch);
6302 }
6303 }
6304
6305 // Thin string. Fetch the actual string.
6306 BIND(&if_isthin);
6307 {
6308 Node* const string = var_string_.value();
6309 Node* const actual_string =
6310 LoadObjectField(string, ThinString::kActualOffset);
6311 Node* const actual_instance_type = LoadInstanceType(actual_string);
6312
6313 var_string_.Bind(actual_string);
6314 var_instance_type_.Bind(actual_instance_type);
6315
6316 Goto(&dispatch);
6317 }
6318
6319 // External string.
6320 BIND(&if_isexternal);
6321 var_is_external_.Bind(Int32Constant(1));
6322 Goto(&out);
6323
6324 BIND(&out);
6325 return CAST(var_string_.value());
6326 }
6327
TryToSequential(StringPointerKind ptr_kind,Label * if_bailout)6328 TNode<RawPtrT> ToDirectStringAssembler::TryToSequential(
6329 StringPointerKind ptr_kind, Label* if_bailout) {
6330 CHECK(ptr_kind == PTR_TO_DATA || ptr_kind == PTR_TO_STRING);
6331
6332 TVARIABLE(RawPtrT, var_result);
6333 Label out(this), if_issequential(this), if_isexternal(this, Label::kDeferred);
6334 Branch(is_external(), &if_isexternal, &if_issequential);
6335
6336 BIND(&if_issequential);
6337 {
6338 STATIC_ASSERT(SeqOneByteString::kHeaderSize ==
6339 SeqTwoByteString::kHeaderSize);
6340 TNode<IntPtrT> result = BitcastTaggedToWord(var_string_.value());
6341 if (ptr_kind == PTR_TO_DATA) {
6342 result = IntPtrAdd(result, IntPtrConstant(SeqOneByteString::kHeaderSize -
6343 kHeapObjectTag));
6344 }
6345 var_result = ReinterpretCast<RawPtrT>(result);
6346 Goto(&out);
6347 }
6348
6349 BIND(&if_isexternal);
6350 {
6351 GotoIf(IsShortExternalStringInstanceType(var_instance_type_.value()),
6352 if_bailout);
6353
6354 TNode<String> string = CAST(var_string_.value());
6355 TNode<IntPtrT> result =
6356 LoadObjectField<IntPtrT>(string, ExternalString::kResourceDataOffset);
6357 if (ptr_kind == PTR_TO_STRING) {
6358 result = IntPtrSub(result, IntPtrConstant(SeqOneByteString::kHeaderSize -
6359 kHeapObjectTag));
6360 }
6361 var_result = ReinterpretCast<RawPtrT>(result);
6362 Goto(&out);
6363 }
6364
6365 BIND(&out);
6366 return var_result.value();
6367 }
6368
BranchIfCanDerefIndirectString(Node * string,Node * instance_type,Label * can_deref,Label * cannot_deref)6369 void CodeStubAssembler::BranchIfCanDerefIndirectString(Node* string,
6370 Node* instance_type,
6371 Label* can_deref,
6372 Label* cannot_deref) {
6373 CSA_ASSERT(this, IsString(string));
6374 Node* representation =
6375 Word32And(instance_type, Int32Constant(kStringRepresentationMask));
6376 GotoIf(Word32Equal(representation, Int32Constant(kThinStringTag)), can_deref);
6377 GotoIf(Word32NotEqual(representation, Int32Constant(kConsStringTag)),
6378 cannot_deref);
6379 // Cons string.
6380 Node* rhs = LoadObjectField(string, ConsString::kSecondOffset);
6381 GotoIf(IsEmptyString(rhs), can_deref);
6382 Goto(cannot_deref);
6383 }
6384
DerefIndirectString(TNode<String> string,TNode<Int32T> instance_type,Label * cannot_deref)6385 Node* CodeStubAssembler::DerefIndirectString(TNode<String> string,
6386 TNode<Int32T> instance_type,
6387 Label* cannot_deref) {
6388 Label deref(this);
6389 BranchIfCanDerefIndirectString(string, instance_type, &deref, cannot_deref);
6390 BIND(&deref);
6391 STATIC_ASSERT(ThinString::kActualOffset == ConsString::kFirstOffset);
6392 return LoadObjectField(string, ThinString::kActualOffset);
6393 }
6394
DerefIndirectString(Variable * var_string,Node * instance_type)6395 void CodeStubAssembler::DerefIndirectString(Variable* var_string,
6396 Node* instance_type) {
6397 #ifdef DEBUG
6398 Label can_deref(this), cannot_deref(this);
6399 BranchIfCanDerefIndirectString(var_string->value(), instance_type, &can_deref,
6400 &cannot_deref);
6401 BIND(&cannot_deref);
6402 DebugBreak(); // Should be able to dereference string.
6403 Goto(&can_deref);
6404 BIND(&can_deref);
6405 #endif // DEBUG
6406
6407 STATIC_ASSERT(ThinString::kActualOffset == ConsString::kFirstOffset);
6408 var_string->Bind(
6409 LoadObjectField(var_string->value(), ThinString::kActualOffset));
6410 }
6411
MaybeDerefIndirectString(Variable * var_string,Node * instance_type,Label * did_deref,Label * cannot_deref)6412 void CodeStubAssembler::MaybeDerefIndirectString(Variable* var_string,
6413 Node* instance_type,
6414 Label* did_deref,
6415 Label* cannot_deref) {
6416 Label deref(this);
6417 BranchIfCanDerefIndirectString(var_string->value(), instance_type, &deref,
6418 cannot_deref);
6419
6420 BIND(&deref);
6421 {
6422 DerefIndirectString(var_string, instance_type);
6423 Goto(did_deref);
6424 }
6425 }
6426
MaybeDerefIndirectStrings(Variable * var_left,Node * left_instance_type,Variable * var_right,Node * right_instance_type,Label * did_something)6427 void CodeStubAssembler::MaybeDerefIndirectStrings(Variable* var_left,
6428 Node* left_instance_type,
6429 Variable* var_right,
6430 Node* right_instance_type,
6431 Label* did_something) {
6432 Label did_nothing_left(this), did_something_left(this),
6433 didnt_do_anything(this);
6434 MaybeDerefIndirectString(var_left, left_instance_type, &did_something_left,
6435 &did_nothing_left);
6436
6437 BIND(&did_something_left);
6438 {
6439 MaybeDerefIndirectString(var_right, right_instance_type, did_something,
6440 did_something);
6441 }
6442
6443 BIND(&did_nothing_left);
6444 {
6445 MaybeDerefIndirectString(var_right, right_instance_type, did_something,
6446 &didnt_do_anything);
6447 }
6448
6449 BIND(&didnt_do_anything);
6450 // Fall through if neither string was an indirect string.
6451 }
6452
StringAdd(Node * context,TNode<String> left,TNode<String> right,AllocationFlags flags)6453 TNode<String> CodeStubAssembler::StringAdd(Node* context, TNode<String> left,
6454 TNode<String> right,
6455 AllocationFlags flags) {
6456 TVARIABLE(String, result);
6457 Label check_right(this), runtime(this, Label::kDeferred), cons(this),
6458 done(this, &result), done_native(this, &result);
6459 Counters* counters = isolate()->counters();
6460
6461 TNode<Smi> left_length = LoadStringLengthAsSmi(left);
6462 GotoIf(SmiNotEqual(SmiConstant(0), left_length), &check_right);
6463 result = right;
6464 Goto(&done_native);
6465
6466 BIND(&check_right);
6467 TNode<Smi> right_length = LoadStringLengthAsSmi(right);
6468 GotoIf(SmiNotEqual(SmiConstant(0), right_length), &cons);
6469 result = left;
6470 Goto(&done_native);
6471
6472 BIND(&cons);
6473 {
6474 TNode<Smi> new_length = SmiAdd(left_length, right_length);
6475
6476 // If new length is greater than String::kMaxLength, goto runtime to
6477 // throw. Note: we also need to invalidate the string length protector, so
6478 // can't just throw here directly.
6479 GotoIf(SmiAbove(new_length, SmiConstant(String::kMaxLength)), &runtime);
6480
6481 TVARIABLE(String, var_left, left);
6482 TVARIABLE(String, var_right, right);
6483 Variable* input_vars[2] = {&var_left, &var_right};
6484 Label non_cons(this, 2, input_vars);
6485 Label slow(this, Label::kDeferred);
6486 GotoIf(SmiLessThan(new_length, SmiConstant(ConsString::kMinLength)),
6487 &non_cons);
6488
6489 result = NewConsString(context, new_length, var_left.value(),
6490 var_right.value(), flags);
6491 Goto(&done_native);
6492
6493 BIND(&non_cons);
6494
6495 Comment("Full string concatenate");
6496 Node* left_instance_type = LoadInstanceType(var_left.value());
6497 Node* right_instance_type = LoadInstanceType(var_right.value());
6498 // Compute intersection and difference of instance types.
6499
6500 Node* ored_instance_types =
6501 Word32Or(left_instance_type, right_instance_type);
6502 Node* xored_instance_types =
6503 Word32Xor(left_instance_type, right_instance_type);
6504
6505 // Check if both strings have the same encoding and both are sequential.
6506 GotoIf(IsSetWord32(xored_instance_types, kStringEncodingMask), &runtime);
6507 GotoIf(IsSetWord32(ored_instance_types, kStringRepresentationMask), &slow);
6508
6509 TNode<IntPtrT> word_left_length = SmiUntag(left_length);
6510 TNode<IntPtrT> word_right_length = SmiUntag(right_length);
6511
6512 Label two_byte(this);
6513 GotoIf(Word32Equal(Word32And(ored_instance_types,
6514 Int32Constant(kStringEncodingMask)),
6515 Int32Constant(kTwoByteStringTag)),
6516 &two_byte);
6517 // One-byte sequential string case
6518 result = AllocateSeqOneByteString(context, new_length);
6519 CopyStringCharacters(var_left.value(), result.value(), IntPtrConstant(0),
6520 IntPtrConstant(0), word_left_length,
6521 String::ONE_BYTE_ENCODING, String::ONE_BYTE_ENCODING);
6522 CopyStringCharacters(var_right.value(), result.value(), IntPtrConstant(0),
6523 word_left_length, word_right_length,
6524 String::ONE_BYTE_ENCODING, String::ONE_BYTE_ENCODING);
6525 Goto(&done_native);
6526
6527 BIND(&two_byte);
6528 {
6529 // Two-byte sequential string case
6530 result = AllocateSeqTwoByteString(context, new_length);
6531 CopyStringCharacters(var_left.value(), result.value(), IntPtrConstant(0),
6532 IntPtrConstant(0), word_left_length,
6533 String::TWO_BYTE_ENCODING,
6534 String::TWO_BYTE_ENCODING);
6535 CopyStringCharacters(var_right.value(), result.value(), IntPtrConstant(0),
6536 word_left_length, word_right_length,
6537 String::TWO_BYTE_ENCODING,
6538 String::TWO_BYTE_ENCODING);
6539 Goto(&done_native);
6540 }
6541
6542 BIND(&slow);
6543 {
6544 // Try to unwrap indirect strings, restart the above attempt on success.
6545 MaybeDerefIndirectStrings(&var_left, left_instance_type, &var_right,
6546 right_instance_type, &non_cons);
6547 Goto(&runtime);
6548 }
6549 }
6550 BIND(&runtime);
6551 {
6552 result = CAST(CallRuntime(Runtime::kStringAdd, context, left, right));
6553 Goto(&done);
6554 }
6555
6556 BIND(&done_native);
6557 {
6558 IncrementCounter(counters->string_add_native(), 1);
6559 Goto(&done);
6560 }
6561
6562 BIND(&done);
6563 return result.value();
6564 }
6565
StringFromSingleCodePoint(TNode<Int32T> codepoint,UnicodeEncoding encoding)6566 TNode<String> CodeStubAssembler::StringFromSingleCodePoint(
6567 TNode<Int32T> codepoint, UnicodeEncoding encoding) {
6568 VARIABLE(var_result, MachineRepresentation::kTagged, EmptyStringConstant());
6569
6570 Label if_isword16(this), if_isword32(this), return_result(this);
6571
6572 Branch(Uint32LessThan(codepoint, Int32Constant(0x10000)), &if_isword16,
6573 &if_isword32);
6574
6575 BIND(&if_isword16);
6576 {
6577 var_result.Bind(StringFromSingleCharCode(codepoint));
6578 Goto(&return_result);
6579 }
6580
6581 BIND(&if_isword32);
6582 {
6583 switch (encoding) {
6584 case UnicodeEncoding::UTF16:
6585 break;
6586 case UnicodeEncoding::UTF32: {
6587 // Convert UTF32 to UTF16 code units, and store as a 32 bit word.
6588 Node* lead_offset = Int32Constant(0xD800 - (0x10000 >> 10));
6589
6590 // lead = (codepoint >> 10) + LEAD_OFFSET
6591 Node* lead =
6592 Int32Add(Word32Shr(codepoint, Int32Constant(10)), lead_offset);
6593
6594 // trail = (codepoint & 0x3FF) + 0xDC00;
6595 Node* trail = Int32Add(Word32And(codepoint, Int32Constant(0x3FF)),
6596 Int32Constant(0xDC00));
6597
6598 // codpoint = (trail << 16) | lead;
6599 codepoint = Signed(Word32Or(Word32Shl(trail, Int32Constant(16)), lead));
6600 break;
6601 }
6602 }
6603
6604 Node* value = AllocateSeqTwoByteString(2);
6605 StoreNoWriteBarrier(
6606 MachineRepresentation::kWord32, value,
6607 IntPtrConstant(SeqTwoByteString::kHeaderSize - kHeapObjectTag),
6608 codepoint);
6609 var_result.Bind(value);
6610 Goto(&return_result);
6611 }
6612
6613 BIND(&return_result);
6614 return CAST(var_result.value());
6615 }
6616
StringToNumber(TNode<String> input)6617 TNode<Number> CodeStubAssembler::StringToNumber(TNode<String> input) {
6618 Label runtime(this, Label::kDeferred);
6619 Label end(this);
6620
6621 TVARIABLE(Number, var_result);
6622
6623 // Check if string has a cached array index.
6624 TNode<Uint32T> hash = LoadNameHashField(input);
6625 GotoIf(IsSetWord32(hash, Name::kDoesNotContainCachedArrayIndexMask),
6626 &runtime);
6627
6628 var_result =
6629 SmiTag(Signed(DecodeWordFromWord32<String::ArrayIndexValueBits>(hash)));
6630 Goto(&end);
6631
6632 BIND(&runtime);
6633 {
6634 var_result =
6635 CAST(CallRuntime(Runtime::kStringToNumber, NoContextConstant(), input));
6636 Goto(&end);
6637 }
6638
6639 BIND(&end);
6640 return var_result.value();
6641 }
6642
NumberToString(TNode<Number> input)6643 TNode<String> CodeStubAssembler::NumberToString(TNode<Number> input) {
6644 TVARIABLE(String, result);
6645 TVARIABLE(Smi, smi_input);
6646 Label runtime(this, Label::kDeferred), if_smi(this), if_heap_number(this),
6647 done(this, &result);
6648
6649 // Load the number string cache.
6650 Node* number_string_cache = LoadRoot(Heap::kNumberStringCacheRootIndex);
6651
6652 // Make the hash mask from the length of the number string cache. It
6653 // contains two elements (number and string) for each cache entry.
6654 // TODO(ishell): cleanup mask handling.
6655 Node* mask =
6656 BitcastTaggedToWord(LoadFixedArrayBaseLength(number_string_cache));
6657 TNode<IntPtrT> one = IntPtrConstant(1);
6658 mask = IntPtrSub(mask, one);
6659
6660 GotoIfNot(TaggedIsSmi(input), &if_heap_number);
6661 smi_input = CAST(input);
6662 Goto(&if_smi);
6663
6664 BIND(&if_heap_number);
6665 {
6666 TNode<HeapNumber> heap_number_input = CAST(input);
6667 // Try normalizing the HeapNumber.
6668 TryHeapNumberToSmi(heap_number_input, smi_input, &if_smi);
6669
6670 // Make a hash from the two 32-bit values of the double.
6671 TNode<Int32T> low =
6672 LoadObjectField<Int32T>(heap_number_input, HeapNumber::kValueOffset);
6673 TNode<Int32T> high = LoadObjectField<Int32T>(
6674 heap_number_input, HeapNumber::kValueOffset + kIntSize);
6675 TNode<Word32T> hash = Word32Xor(low, high);
6676 TNode<WordT> word_hash = WordShl(ChangeInt32ToIntPtr(hash), one);
6677 TNode<WordT> index =
6678 WordAnd(word_hash, WordSar(mask, SmiShiftBitsConstant()));
6679
6680 // Cache entry's key must be a heap number
6681 Node* number_key = LoadFixedArrayElement(CAST(number_string_cache), index);
6682 GotoIf(TaggedIsSmi(number_key), &runtime);
6683 GotoIfNot(IsHeapNumber(number_key), &runtime);
6684
6685 // Cache entry's key must match the heap number value we're looking for.
6686 Node* low_compare = LoadObjectField(number_key, HeapNumber::kValueOffset,
6687 MachineType::Int32());
6688 Node* high_compare = LoadObjectField(
6689 number_key, HeapNumber::kValueOffset + kIntSize, MachineType::Int32());
6690 GotoIfNot(Word32Equal(low, low_compare), &runtime);
6691 GotoIfNot(Word32Equal(high, high_compare), &runtime);
6692
6693 // Heap number match, return value from cache entry.
6694 result = CAST(
6695 LoadFixedArrayElement(CAST(number_string_cache), index, kPointerSize));
6696 Goto(&done);
6697 }
6698
6699 BIND(&if_smi);
6700 {
6701 // Load the smi key, make sure it matches the smi we're looking for.
6702 Node* smi_index = BitcastWordToTagged(
6703 WordAnd(WordShl(BitcastTaggedToWord(smi_input.value()), one), mask));
6704 Node* smi_key = LoadFixedArrayElement(CAST(number_string_cache), smi_index,
6705 0, SMI_PARAMETERS);
6706 GotoIf(WordNotEqual(smi_key, smi_input.value()), &runtime);
6707
6708 // Smi match, return value from cache entry.
6709 result = CAST(LoadFixedArrayElement(CAST(number_string_cache), smi_index,
6710 kPointerSize, SMI_PARAMETERS));
6711 Goto(&done);
6712 }
6713
6714 BIND(&runtime);
6715 {
6716 // No cache entry, go to the runtime.
6717 result =
6718 CAST(CallRuntime(Runtime::kNumberToString, NoContextConstant(), input));
6719 Goto(&done);
6720 }
6721 BIND(&done);
6722 return result.value();
6723 }
6724
ToName(SloppyTNode<Context> context,SloppyTNode<Object> value)6725 TNode<Name> CodeStubAssembler::ToName(SloppyTNode<Context> context,
6726 SloppyTNode<Object> value) {
6727 Label end(this);
6728 TVARIABLE(Name, var_result);
6729
6730 Label is_number(this);
6731 GotoIf(TaggedIsSmi(value), &is_number);
6732
6733 Label not_name(this);
6734 TNode<Int32T> value_instance_type = LoadInstanceType(CAST(value));
6735 STATIC_ASSERT(FIRST_NAME_TYPE == FIRST_TYPE);
6736 GotoIf(Int32GreaterThan(value_instance_type, Int32Constant(LAST_NAME_TYPE)),
6737 ¬_name);
6738
6739 var_result = CAST(value);
6740 Goto(&end);
6741
6742 BIND(&is_number);
6743 {
6744 var_result = CAST(CallBuiltin(Builtins::kNumberToString, context, value));
6745 Goto(&end);
6746 }
6747
6748 BIND(¬_name);
6749 {
6750 GotoIf(InstanceTypeEqual(value_instance_type, HEAP_NUMBER_TYPE),
6751 &is_number);
6752
6753 Label not_oddball(this);
6754 GotoIfNot(InstanceTypeEqual(value_instance_type, ODDBALL_TYPE),
6755 ¬_oddball);
6756
6757 var_result = LoadObjectField<String>(CAST(value), Oddball::kToStringOffset);
6758 Goto(&end);
6759
6760 BIND(¬_oddball);
6761 {
6762 var_result = CAST(CallRuntime(Runtime::kToName, context, value));
6763 Goto(&end);
6764 }
6765 }
6766
6767 BIND(&end);
6768 return var_result.value();
6769 }
6770
NonNumberToNumberOrNumeric(Node * context,Node * input,Object::Conversion mode,BigIntHandling bigint_handling)6771 Node* CodeStubAssembler::NonNumberToNumberOrNumeric(
6772 Node* context, Node* input, Object::Conversion mode,
6773 BigIntHandling bigint_handling) {
6774 CSA_ASSERT(this, Word32BinaryNot(TaggedIsSmi(input)));
6775 CSA_ASSERT(this, Word32BinaryNot(IsHeapNumber(input)));
6776
6777 // We might need to loop once here due to ToPrimitive conversions.
6778 VARIABLE(var_input, MachineRepresentation::kTagged, input);
6779 VARIABLE(var_result, MachineRepresentation::kTagged);
6780 Label loop(this, &var_input);
6781 Label end(this);
6782 Goto(&loop);
6783 BIND(&loop);
6784 {
6785 // Load the current {input} value (known to be a HeapObject).
6786 Node* input = var_input.value();
6787
6788 // Dispatch on the {input} instance type.
6789 Node* input_instance_type = LoadInstanceType(input);
6790 Label if_inputisstring(this), if_inputisoddball(this),
6791 if_inputisbigint(this), if_inputisreceiver(this, Label::kDeferred),
6792 if_inputisother(this, Label::kDeferred);
6793 GotoIf(IsStringInstanceType(input_instance_type), &if_inputisstring);
6794 GotoIf(IsBigIntInstanceType(input_instance_type), &if_inputisbigint);
6795 GotoIf(InstanceTypeEqual(input_instance_type, ODDBALL_TYPE),
6796 &if_inputisoddball);
6797 Branch(IsJSReceiverInstanceType(input_instance_type), &if_inputisreceiver,
6798 &if_inputisother);
6799
6800 BIND(&if_inputisstring);
6801 {
6802 // The {input} is a String, use the fast stub to convert it to a Number.
6803 TNode<String> string_input = CAST(input);
6804 var_result.Bind(StringToNumber(string_input));
6805 Goto(&end);
6806 }
6807
6808 BIND(&if_inputisbigint);
6809 if (mode == Object::Conversion::kToNumeric) {
6810 var_result.Bind(input);
6811 Goto(&end);
6812 } else {
6813 DCHECK_EQ(mode, Object::Conversion::kToNumber);
6814 if (bigint_handling == BigIntHandling::kThrow) {
6815 Goto(&if_inputisother);
6816 } else {
6817 DCHECK_EQ(bigint_handling, BigIntHandling::kConvertToNumber);
6818 var_result.Bind(CallRuntime(Runtime::kBigIntToNumber, context, input));
6819 Goto(&end);
6820 }
6821 }
6822
6823 BIND(&if_inputisoddball);
6824 {
6825 // The {input} is an Oddball, we just need to load the Number value of it.
6826 var_result.Bind(LoadObjectField(input, Oddball::kToNumberOffset));
6827 Goto(&end);
6828 }
6829
6830 BIND(&if_inputisreceiver);
6831 {
6832 // The {input} is a JSReceiver, we need to convert it to a Primitive first
6833 // using the ToPrimitive type conversion, preferably yielding a Number.
6834 Callable callable = CodeFactory::NonPrimitiveToPrimitive(
6835 isolate(), ToPrimitiveHint::kNumber);
6836 Node* result = CallStub(callable, context, input);
6837
6838 // Check if the {result} is already a Number/Numeric.
6839 Label if_done(this), if_notdone(this);
6840 Branch(mode == Object::Conversion::kToNumber ? IsNumber(result)
6841 : IsNumeric(result),
6842 &if_done, &if_notdone);
6843
6844 BIND(&if_done);
6845 {
6846 // The ToPrimitive conversion already gave us a Number/Numeric, so we're
6847 // done.
6848 var_result.Bind(result);
6849 Goto(&end);
6850 }
6851
6852 BIND(&if_notdone);
6853 {
6854 // We now have a Primitive {result}, but it's not yet a Number/Numeric.
6855 var_input.Bind(result);
6856 Goto(&loop);
6857 }
6858 }
6859
6860 BIND(&if_inputisother);
6861 {
6862 // The {input} is something else (e.g. Symbol), let the runtime figure
6863 // out the correct exception.
6864 // Note: We cannot tail call to the runtime here, as js-to-wasm
6865 // trampolines also use this code currently, and they declare all
6866 // outgoing parameters as untagged, while we would push a tagged
6867 // object here.
6868 auto function_id = mode == Object::Conversion::kToNumber
6869 ? Runtime::kToNumber
6870 : Runtime::kToNumeric;
6871 var_result.Bind(CallRuntime(function_id, context, input));
6872 Goto(&end);
6873 }
6874 }
6875
6876 BIND(&end);
6877 if (mode == Object::Conversion::kToNumeric) {
6878 CSA_ASSERT(this, IsNumeric(var_result.value()));
6879 } else {
6880 DCHECK_EQ(mode, Object::Conversion::kToNumber);
6881 CSA_ASSERT(this, IsNumber(var_result.value()));
6882 }
6883 return var_result.value();
6884 }
6885
NonNumberToNumber(SloppyTNode<Context> context,SloppyTNode<HeapObject> input,BigIntHandling bigint_handling)6886 TNode<Number> CodeStubAssembler::NonNumberToNumber(
6887 SloppyTNode<Context> context, SloppyTNode<HeapObject> input,
6888 BigIntHandling bigint_handling) {
6889 return CAST(NonNumberToNumberOrNumeric(
6890 context, input, Object::Conversion::kToNumber, bigint_handling));
6891 }
6892
NonNumberToNumeric(SloppyTNode<Context> context,SloppyTNode<HeapObject> input)6893 TNode<Numeric> CodeStubAssembler::NonNumberToNumeric(
6894 SloppyTNode<Context> context, SloppyTNode<HeapObject> input) {
6895 Node* result = NonNumberToNumberOrNumeric(context, input,
6896 Object::Conversion::kToNumeric);
6897 CSA_SLOW_ASSERT(this, IsNumeric(result));
6898 return UncheckedCast<Numeric>(result);
6899 }
6900
ToNumber_Inline(SloppyTNode<Context> context,SloppyTNode<Object> input)6901 TNode<Number> CodeStubAssembler::ToNumber_Inline(SloppyTNode<Context> context,
6902 SloppyTNode<Object> input) {
6903 TVARIABLE(Number, var_result);
6904 Label end(this), not_smi(this, Label::kDeferred);
6905
6906 GotoIfNot(TaggedIsSmi(input), ¬_smi);
6907 var_result = CAST(input);
6908 Goto(&end);
6909
6910 BIND(¬_smi);
6911 {
6912 var_result =
6913 Select<Number>(IsHeapNumber(CAST(input)), [=] { return CAST(input); },
6914 [=] {
6915 return CAST(CallBuiltin(Builtins::kNonNumberToNumber,
6916 context, input));
6917 });
6918 Goto(&end);
6919 }
6920
6921 BIND(&end);
6922 return var_result.value();
6923 }
6924
ToNumber(SloppyTNode<Context> context,SloppyTNode<Object> input,BigIntHandling bigint_handling)6925 TNode<Number> CodeStubAssembler::ToNumber(SloppyTNode<Context> context,
6926 SloppyTNode<Object> input,
6927 BigIntHandling bigint_handling) {
6928 TVARIABLE(Number, var_result);
6929 Label end(this);
6930
6931 Label not_smi(this, Label::kDeferred);
6932 GotoIfNot(TaggedIsSmi(input), ¬_smi);
6933 TNode<Smi> input_smi = CAST(input);
6934 var_result = input_smi;
6935 Goto(&end);
6936
6937 BIND(¬_smi);
6938 {
6939 Label not_heap_number(this, Label::kDeferred);
6940 TNode<HeapObject> input_ho = CAST(input);
6941 GotoIfNot(IsHeapNumber(input_ho), ¬_heap_number);
6942
6943 TNode<HeapNumber> input_hn = CAST(input_ho);
6944 var_result = input_hn;
6945 Goto(&end);
6946
6947 BIND(¬_heap_number);
6948 {
6949 var_result = NonNumberToNumber(context, input_ho, bigint_handling);
6950 Goto(&end);
6951 }
6952 }
6953
6954 BIND(&end);
6955 return var_result.value();
6956 }
6957
ToBigInt(SloppyTNode<Context> context,SloppyTNode<Object> input)6958 TNode<BigInt> CodeStubAssembler::ToBigInt(SloppyTNode<Context> context,
6959 SloppyTNode<Object> input) {
6960 TVARIABLE(BigInt, var_result);
6961 Label if_bigint(this), done(this), if_throw(this);
6962
6963 GotoIf(TaggedIsSmi(input), &if_throw);
6964 GotoIf(IsBigInt(CAST(input)), &if_bigint);
6965 var_result = CAST(CallRuntime(Runtime::kToBigInt, context, input));
6966 Goto(&done);
6967
6968 BIND(&if_bigint);
6969 var_result = CAST(input);
6970 Goto(&done);
6971
6972 BIND(&if_throw);
6973 ThrowTypeError(context, MessageTemplate::kBigIntFromObject, input);
6974
6975 BIND(&done);
6976 return var_result.value();
6977 }
6978
TaggedToNumeric(Node * context,Node * value,Label * done,Variable * var_numeric)6979 void CodeStubAssembler::TaggedToNumeric(Node* context, Node* value, Label* done,
6980 Variable* var_numeric) {
6981 TaggedToNumeric(context, value, done, var_numeric, nullptr);
6982 }
6983
TaggedToNumericWithFeedback(Node * context,Node * value,Label * done,Variable * var_numeric,Variable * var_feedback)6984 void CodeStubAssembler::TaggedToNumericWithFeedback(Node* context, Node* value,
6985 Label* done,
6986 Variable* var_numeric,
6987 Variable* var_feedback) {
6988 DCHECK_NOT_NULL(var_feedback);
6989 TaggedToNumeric(context, value, done, var_numeric, var_feedback);
6990 }
6991
TaggedToNumeric(Node * context,Node * value,Label * done,Variable * var_numeric,Variable * var_feedback)6992 void CodeStubAssembler::TaggedToNumeric(Node* context, Node* value, Label* done,
6993 Variable* var_numeric,
6994 Variable* var_feedback) {
6995 var_numeric->Bind(value);
6996 Label if_smi(this), if_heapnumber(this), if_bigint(this), if_oddball(this);
6997 GotoIf(TaggedIsSmi(value), &if_smi);
6998 Node* map = LoadMap(value);
6999 GotoIf(IsHeapNumberMap(map), &if_heapnumber);
7000 Node* instance_type = LoadMapInstanceType(map);
7001 GotoIf(IsBigIntInstanceType(instance_type), &if_bigint);
7002
7003 // {value} is not a Numeric yet.
7004 GotoIf(Word32Equal(instance_type, Int32Constant(ODDBALL_TYPE)), &if_oddball);
7005 var_numeric->Bind(CallBuiltin(Builtins::kNonNumberToNumeric, context, value));
7006 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kAny);
7007 Goto(done);
7008
7009 BIND(&if_smi);
7010 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kSignedSmall);
7011 Goto(done);
7012
7013 BIND(&if_heapnumber);
7014 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kNumber);
7015 Goto(done);
7016
7017 BIND(&if_bigint);
7018 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kBigInt);
7019 Goto(done);
7020
7021 BIND(&if_oddball);
7022 OverwriteFeedback(var_feedback, BinaryOperationFeedback::kNumberOrOddball);
7023 var_numeric->Bind(LoadObjectField(value, Oddball::kToNumberOffset));
7024 Goto(done);
7025 }
7026
7027 // ES#sec-touint32
ToUint32(SloppyTNode<Context> context,SloppyTNode<Object> input)7028 TNode<Number> CodeStubAssembler::ToUint32(SloppyTNode<Context> context,
7029 SloppyTNode<Object> input) {
7030 Node* const float_zero = Float64Constant(0.0);
7031 Node* const float_two_32 = Float64Constant(static_cast<double>(1ULL << 32));
7032
7033 Label out(this);
7034
7035 VARIABLE(var_result, MachineRepresentation::kTagged, input);
7036
7037 // Early exit for positive smis.
7038 {
7039 // TODO(jgruber): This branch and the recheck below can be removed once we
7040 // have a ToNumber with multiple exits.
7041 Label next(this, Label::kDeferred);
7042 Branch(TaggedIsPositiveSmi(input), &out, &next);
7043 BIND(&next);
7044 }
7045
7046 Node* const number = ToNumber(context, input);
7047 var_result.Bind(number);
7048
7049 // Perhaps we have a positive smi now.
7050 {
7051 Label next(this, Label::kDeferred);
7052 Branch(TaggedIsPositiveSmi(number), &out, &next);
7053 BIND(&next);
7054 }
7055
7056 Label if_isnegativesmi(this), if_isheapnumber(this);
7057 Branch(TaggedIsSmi(number), &if_isnegativesmi, &if_isheapnumber);
7058
7059 BIND(&if_isnegativesmi);
7060 {
7061 Node* const uint32_value = SmiToInt32(number);
7062 Node* float64_value = ChangeUint32ToFloat64(uint32_value);
7063 var_result.Bind(AllocateHeapNumberWithValue(float64_value));
7064 Goto(&out);
7065 }
7066
7067 BIND(&if_isheapnumber);
7068 {
7069 Label return_zero(this);
7070 Node* const value = LoadHeapNumberValue(number);
7071
7072 {
7073 // +-0.
7074 Label next(this);
7075 Branch(Float64Equal(value, float_zero), &return_zero, &next);
7076 BIND(&next);
7077 }
7078
7079 {
7080 // NaN.
7081 Label next(this);
7082 Branch(Float64Equal(value, value), &next, &return_zero);
7083 BIND(&next);
7084 }
7085
7086 {
7087 // +Infinity.
7088 Label next(this);
7089 Node* const positive_infinity =
7090 Float64Constant(std::numeric_limits<double>::infinity());
7091 Branch(Float64Equal(value, positive_infinity), &return_zero, &next);
7092 BIND(&next);
7093 }
7094
7095 {
7096 // -Infinity.
7097 Label next(this);
7098 Node* const negative_infinity =
7099 Float64Constant(-1.0 * std::numeric_limits<double>::infinity());
7100 Branch(Float64Equal(value, negative_infinity), &return_zero, &next);
7101 BIND(&next);
7102 }
7103
7104 // * Let int be the mathematical value that is the same sign as number and
7105 // whose magnitude is floor(abs(number)).
7106 // * Let int32bit be int modulo 2^32.
7107 // * Return int32bit.
7108 {
7109 Node* x = Float64Trunc(value);
7110 x = Float64Mod(x, float_two_32);
7111 x = Float64Add(x, float_two_32);
7112 x = Float64Mod(x, float_two_32);
7113
7114 Node* const result = ChangeFloat64ToTagged(x);
7115 var_result.Bind(result);
7116 Goto(&out);
7117 }
7118
7119 BIND(&return_zero);
7120 {
7121 var_result.Bind(SmiConstant(0));
7122 Goto(&out);
7123 }
7124 }
7125
7126 BIND(&out);
7127 return CAST(var_result.value());
7128 }
7129
ToString(SloppyTNode<Context> context,SloppyTNode<Object> input)7130 TNode<String> CodeStubAssembler::ToString(SloppyTNode<Context> context,
7131 SloppyTNode<Object> input) {
7132 Label is_number(this);
7133 Label runtime(this, Label::kDeferred), done(this);
7134 VARIABLE(result, MachineRepresentation::kTagged);
7135 GotoIf(TaggedIsSmi(input), &is_number);
7136
7137 TNode<Map> input_map = LoadMap(CAST(input));
7138 TNode<Int32T> input_instance_type = LoadMapInstanceType(input_map);
7139
7140 result.Bind(input);
7141 GotoIf(IsStringInstanceType(input_instance_type), &done);
7142
7143 Label not_heap_number(this);
7144 Branch(IsHeapNumberMap(input_map), &is_number, ¬_heap_number);
7145
7146 BIND(&is_number);
7147 TNode<Number> number_input = CAST(input);
7148 result.Bind(NumberToString(number_input));
7149 Goto(&done);
7150
7151 BIND(¬_heap_number);
7152 {
7153 GotoIfNot(InstanceTypeEqual(input_instance_type, ODDBALL_TYPE), &runtime);
7154 result.Bind(LoadObjectField(CAST(input), Oddball::kToStringOffset));
7155 Goto(&done);
7156 }
7157
7158 BIND(&runtime);
7159 {
7160 result.Bind(CallRuntime(Runtime::kToString, context, input));
7161 Goto(&done);
7162 }
7163
7164 BIND(&done);
7165 return CAST(result.value());
7166 }
7167
ToString_Inline(SloppyTNode<Context> context,SloppyTNode<Object> input)7168 TNode<String> CodeStubAssembler::ToString_Inline(SloppyTNode<Context> context,
7169 SloppyTNode<Object> input) {
7170 VARIABLE(var_result, MachineRepresentation::kTagged, input);
7171 Label stub_call(this, Label::kDeferred), out(this);
7172
7173 GotoIf(TaggedIsSmi(input), &stub_call);
7174 Branch(IsString(CAST(input)), &out, &stub_call);
7175
7176 BIND(&stub_call);
7177 var_result.Bind(CallBuiltin(Builtins::kToString, context, input));
7178 Goto(&out);
7179
7180 BIND(&out);
7181 return CAST(var_result.value());
7182 }
7183
JSReceiverToPrimitive(Node * context,Node * input)7184 Node* CodeStubAssembler::JSReceiverToPrimitive(Node* context, Node* input) {
7185 Label if_isreceiver(this, Label::kDeferred), if_isnotreceiver(this);
7186 VARIABLE(result, MachineRepresentation::kTagged);
7187 Label done(this, &result);
7188
7189 BranchIfJSReceiver(input, &if_isreceiver, &if_isnotreceiver);
7190
7191 BIND(&if_isreceiver);
7192 {
7193 // Convert {input} to a primitive first passing Number hint.
7194 Callable callable = CodeFactory::NonPrimitiveToPrimitive(isolate());
7195 result.Bind(CallStub(callable, context, input));
7196 Goto(&done);
7197 }
7198
7199 BIND(&if_isnotreceiver);
7200 {
7201 result.Bind(input);
7202 Goto(&done);
7203 }
7204
7205 BIND(&done);
7206 return result.value();
7207 }
7208
ToObject(SloppyTNode<Context> context,SloppyTNode<Object> input)7209 TNode<JSReceiver> CodeStubAssembler::ToObject(SloppyTNode<Context> context,
7210 SloppyTNode<Object> input) {
7211 return CAST(CallBuiltin(Builtins::kToObject, context, input));
7212 }
7213
ToObject_Inline(TNode<Context> context,TNode<Object> input)7214 TNode<JSReceiver> CodeStubAssembler::ToObject_Inline(TNode<Context> context,
7215 TNode<Object> input) {
7216 TVARIABLE(JSReceiver, result);
7217 Label if_isreceiver(this), if_isnotreceiver(this, Label::kDeferred);
7218 Label done(this);
7219
7220 BranchIfJSReceiver(input, &if_isreceiver, &if_isnotreceiver);
7221
7222 BIND(&if_isreceiver);
7223 {
7224 result = CAST(input);
7225 Goto(&done);
7226 }
7227
7228 BIND(&if_isnotreceiver);
7229 {
7230 result = ToObject(context, input);
7231 Goto(&done);
7232 }
7233
7234 BIND(&done);
7235 return result.value();
7236 }
7237
ToSmiIndex(TNode<Object> input,TNode<Context> context,Label * range_error)7238 TNode<Smi> CodeStubAssembler::ToSmiIndex(TNode<Object> input,
7239 TNode<Context> context,
7240 Label* range_error) {
7241 TVARIABLE(Smi, result);
7242 Label check_undefined(this), return_zero(this), defined(this),
7243 negative_check(this), done(this);
7244
7245 GotoIfNot(TaggedIsSmi(input), &check_undefined);
7246 result = CAST(input);
7247 Goto(&negative_check);
7248
7249 BIND(&check_undefined);
7250 Branch(IsUndefined(input), &return_zero, &defined);
7251
7252 BIND(&defined);
7253 TNode<Number> integer_input =
7254 CAST(CallBuiltin(Builtins::kToInteger_TruncateMinusZero, context, input));
7255 GotoIfNot(TaggedIsSmi(integer_input), range_error);
7256 result = CAST(integer_input);
7257 Goto(&negative_check);
7258
7259 BIND(&negative_check);
7260 Branch(SmiLessThan(result.value(), SmiConstant(0)), range_error, &done);
7261
7262 BIND(&return_zero);
7263 result = SmiConstant(0);
7264 Goto(&done);
7265
7266 BIND(&done);
7267 return result.value();
7268 }
7269
ToSmiLength(TNode<Object> input,TNode<Context> context,Label * range_error)7270 TNode<Smi> CodeStubAssembler::ToSmiLength(TNode<Object> input,
7271 TNode<Context> context,
7272 Label* range_error) {
7273 TVARIABLE(Smi, result);
7274 Label to_integer(this), negative_check(this),
7275 heap_number_negative_check(this), return_zero(this), done(this);
7276
7277 GotoIfNot(TaggedIsSmi(input), &to_integer);
7278 result = CAST(input);
7279 Goto(&negative_check);
7280
7281 BIND(&to_integer);
7282 {
7283 TNode<Number> integer_input = CAST(
7284 CallBuiltin(Builtins::kToInteger_TruncateMinusZero, context, input));
7285 GotoIfNot(TaggedIsSmi(integer_input), &heap_number_negative_check);
7286 result = CAST(integer_input);
7287 Goto(&negative_check);
7288
7289 // integer_input can still be a negative HeapNumber here.
7290 BIND(&heap_number_negative_check);
7291 TNode<HeapNumber> heap_number_input = CAST(integer_input);
7292 Branch(IsTrue(CallBuiltin(Builtins::kLessThan, context, heap_number_input,
7293 SmiConstant(0))),
7294 &return_zero, range_error);
7295 }
7296
7297 BIND(&negative_check);
7298 Branch(SmiLessThan(result.value(), SmiConstant(0)), &return_zero, &done);
7299
7300 BIND(&return_zero);
7301 result = SmiConstant(0);
7302 Goto(&done);
7303
7304 BIND(&done);
7305 return result.value();
7306 }
7307
ToLength_Inline(SloppyTNode<Context> context,SloppyTNode<Object> input)7308 TNode<Number> CodeStubAssembler::ToLength_Inline(SloppyTNode<Context> context,
7309 SloppyTNode<Object> input) {
7310 TNode<Smi> smi_zero = SmiConstant(0);
7311 return Select<Number>(
7312 TaggedIsSmi(input), [=] { return SmiMax(CAST(input), smi_zero); },
7313 [=] { return CAST(CallBuiltin(Builtins::kToLength, context, input)); });
7314 }
7315
ToInteger_Inline(SloppyTNode<Context> context,SloppyTNode<Object> input,ToIntegerTruncationMode mode)7316 TNode<Number> CodeStubAssembler::ToInteger_Inline(
7317 SloppyTNode<Context> context, SloppyTNode<Object> input,
7318 ToIntegerTruncationMode mode) {
7319 Builtins::Name builtin = (mode == kNoTruncation)
7320 ? Builtins::kToInteger
7321 : Builtins::kToInteger_TruncateMinusZero;
7322 return Select<Number>(
7323 TaggedIsSmi(input), [=] { return CAST(input); },
7324 [=] { return CAST(CallBuiltin(builtin, context, input)); });
7325 }
7326
ToInteger(SloppyTNode<Context> context,SloppyTNode<Object> input,ToIntegerTruncationMode mode)7327 TNode<Number> CodeStubAssembler::ToInteger(SloppyTNode<Context> context,
7328 SloppyTNode<Object> input,
7329 ToIntegerTruncationMode mode) {
7330 // We might need to loop once for ToNumber conversion.
7331 TVARIABLE(Object, var_arg, input);
7332 Label loop(this, &var_arg), out(this);
7333 Goto(&loop);
7334 BIND(&loop);
7335 {
7336 // Shared entry points.
7337 Label return_zero(this, Label::kDeferred);
7338
7339 // Load the current {arg} value.
7340 TNode<Object> arg = var_arg.value();
7341
7342 // Check if {arg} is a Smi.
7343 GotoIf(TaggedIsSmi(arg), &out);
7344
7345 // Check if {arg} is a HeapNumber.
7346 Label if_argisheapnumber(this),
7347 if_argisnotheapnumber(this, Label::kDeferred);
7348 Branch(IsHeapNumber(CAST(arg)), &if_argisheapnumber,
7349 &if_argisnotheapnumber);
7350
7351 BIND(&if_argisheapnumber);
7352 {
7353 TNode<HeapNumber> arg_hn = CAST(arg);
7354 // Load the floating-point value of {arg}.
7355 Node* arg_value = LoadHeapNumberValue(arg_hn);
7356
7357 // Check if {arg} is NaN.
7358 GotoIfNot(Float64Equal(arg_value, arg_value), &return_zero);
7359
7360 // Truncate {arg} towards zero.
7361 TNode<Float64T> value = Float64Trunc(arg_value);
7362
7363 if (mode == kTruncateMinusZero) {
7364 // Truncate -0.0 to 0.
7365 GotoIf(Float64Equal(value, Float64Constant(0.0)), &return_zero);
7366 }
7367
7368 var_arg = ChangeFloat64ToTagged(value);
7369 Goto(&out);
7370 }
7371
7372 BIND(&if_argisnotheapnumber);
7373 {
7374 // Need to convert {arg} to a Number first.
7375 var_arg = UncheckedCast<Object>(
7376 CallBuiltin(Builtins::kNonNumberToNumber, context, arg));
7377 Goto(&loop);
7378 }
7379
7380 BIND(&return_zero);
7381 var_arg = SmiConstant(0);
7382 Goto(&out);
7383 }
7384
7385 BIND(&out);
7386 if (mode == kTruncateMinusZero) {
7387 CSA_ASSERT(this, IsNumberNormalized(CAST(var_arg.value())));
7388 }
7389 return CAST(var_arg.value());
7390 }
7391
DecodeWord32(SloppyTNode<Word32T> word32,uint32_t shift,uint32_t mask)7392 TNode<Uint32T> CodeStubAssembler::DecodeWord32(SloppyTNode<Word32T> word32,
7393 uint32_t shift, uint32_t mask) {
7394 return UncheckedCast<Uint32T>(Word32Shr(
7395 Word32And(word32, Int32Constant(mask)), static_cast<int>(shift)));
7396 }
7397
DecodeWord(SloppyTNode<WordT> word,uint32_t shift,uint32_t mask)7398 TNode<UintPtrT> CodeStubAssembler::DecodeWord(SloppyTNode<WordT> word,
7399 uint32_t shift, uint32_t mask) {
7400 return Unsigned(
7401 WordShr(WordAnd(word, IntPtrConstant(mask)), static_cast<int>(shift)));
7402 }
7403
UpdateWord(TNode<WordT> word,TNode<WordT> value,uint32_t shift,uint32_t mask)7404 TNode<WordT> CodeStubAssembler::UpdateWord(TNode<WordT> word,
7405 TNode<WordT> value, uint32_t shift,
7406 uint32_t mask) {
7407 TNode<WordT> encoded_value = WordShl(value, static_cast<int>(shift));
7408 TNode<IntPtrT> inverted_mask = IntPtrConstant(~static_cast<intptr_t>(mask));
7409 // Ensure the {value} fits fully in the mask.
7410 CSA_ASSERT(this, WordEqual(WordAnd(encoded_value, inverted_mask),
7411 IntPtrConstant(0)));
7412 return WordOr(WordAnd(word, inverted_mask), encoded_value);
7413 }
7414
SetCounter(StatsCounter * counter,int value)7415 void CodeStubAssembler::SetCounter(StatsCounter* counter, int value) {
7416 if (FLAG_native_code_counters && counter->Enabled()) {
7417 Node* counter_address =
7418 ExternalConstant(ExternalReference::Create(counter));
7419 StoreNoWriteBarrier(MachineRepresentation::kWord32, counter_address,
7420 Int32Constant(value));
7421 }
7422 }
7423
IncrementCounter(StatsCounter * counter,int delta)7424 void CodeStubAssembler::IncrementCounter(StatsCounter* counter, int delta) {
7425 DCHECK_GT(delta, 0);
7426 if (FLAG_native_code_counters && counter->Enabled()) {
7427 Node* counter_address =
7428 ExternalConstant(ExternalReference::Create(counter));
7429 Node* value = Load(MachineType::Int32(), counter_address);
7430 value = Int32Add(value, Int32Constant(delta));
7431 StoreNoWriteBarrier(MachineRepresentation::kWord32, counter_address, value);
7432 }
7433 }
7434
DecrementCounter(StatsCounter * counter,int delta)7435 void CodeStubAssembler::DecrementCounter(StatsCounter* counter, int delta) {
7436 DCHECK_GT(delta, 0);
7437 if (FLAG_native_code_counters && counter->Enabled()) {
7438 Node* counter_address =
7439 ExternalConstant(ExternalReference::Create(counter));
7440 Node* value = Load(MachineType::Int32(), counter_address);
7441 value = Int32Sub(value, Int32Constant(delta));
7442 StoreNoWriteBarrier(MachineRepresentation::kWord32, counter_address, value);
7443 }
7444 }
7445
Increment(Variable * variable,int value,ParameterMode mode)7446 void CodeStubAssembler::Increment(Variable* variable, int value,
7447 ParameterMode mode) {
7448 DCHECK_IMPLIES(mode == INTPTR_PARAMETERS,
7449 variable->rep() == MachineType::PointerRepresentation());
7450 DCHECK_IMPLIES(mode == SMI_PARAMETERS,
7451 variable->rep() == MachineRepresentation::kTagged ||
7452 variable->rep() == MachineRepresentation::kTaggedSigned);
7453 variable->Bind(IntPtrOrSmiAdd(variable->value(),
7454 IntPtrOrSmiConstant(value, mode), mode));
7455 }
7456
Use(Label * label)7457 void CodeStubAssembler::Use(Label* label) {
7458 GotoIf(Word32Equal(Int32Constant(0), Int32Constant(1)), label);
7459 }
7460
TryToName(Node * key,Label * if_keyisindex,Variable * var_index,Label * if_keyisunique,Variable * var_unique,Label * if_bailout,Label * if_notinternalized)7461 void CodeStubAssembler::TryToName(Node* key, Label* if_keyisindex,
7462 Variable* var_index, Label* if_keyisunique,
7463 Variable* var_unique, Label* if_bailout,
7464 Label* if_notinternalized) {
7465 DCHECK_EQ(MachineType::PointerRepresentation(), var_index->rep());
7466 DCHECK_EQ(MachineRepresentation::kTagged, var_unique->rep());
7467 Comment("TryToName");
7468
7469 Label if_hascachedindex(this), if_keyisnotindex(this), if_thinstring(this),
7470 if_keyisother(this, Label::kDeferred);
7471 // Handle Smi and HeapNumber keys.
7472 var_index->Bind(TryToIntptr(key, &if_keyisnotindex));
7473 Goto(if_keyisindex);
7474
7475 BIND(&if_keyisnotindex);
7476 Node* key_map = LoadMap(key);
7477 var_unique->Bind(key);
7478 // Symbols are unique.
7479 GotoIf(IsSymbolMap(key_map), if_keyisunique);
7480 Node* key_instance_type = LoadMapInstanceType(key_map);
7481 // Miss if |key| is not a String.
7482 STATIC_ASSERT(FIRST_NAME_TYPE == FIRST_TYPE);
7483 GotoIfNot(IsStringInstanceType(key_instance_type), &if_keyisother);
7484
7485 // |key| is a String. Check if it has a cached array index.
7486 Node* hash = LoadNameHashField(key);
7487 GotoIf(IsClearWord32(hash, Name::kDoesNotContainCachedArrayIndexMask),
7488 &if_hascachedindex);
7489 // No cached array index. If the string knows that it contains an index,
7490 // then it must be an uncacheable index. Handle this case in the runtime.
7491 GotoIf(IsClearWord32(hash, Name::kIsNotArrayIndexMask), if_bailout);
7492 // Check if we have a ThinString.
7493 GotoIf(InstanceTypeEqual(key_instance_type, THIN_STRING_TYPE),
7494 &if_thinstring);
7495 GotoIf(InstanceTypeEqual(key_instance_type, THIN_ONE_BYTE_STRING_TYPE),
7496 &if_thinstring);
7497 // Finally, check if |key| is internalized.
7498 STATIC_ASSERT(kNotInternalizedTag != 0);
7499 GotoIf(IsSetWord32(key_instance_type, kIsNotInternalizedMask),
7500 if_notinternalized != nullptr ? if_notinternalized : if_bailout);
7501 Goto(if_keyisunique);
7502
7503 BIND(&if_thinstring);
7504 var_unique->Bind(LoadObjectField(key, ThinString::kActualOffset));
7505 Goto(if_keyisunique);
7506
7507 BIND(&if_hascachedindex);
7508 var_index->Bind(DecodeWordFromWord32<Name::ArrayIndexValueBits>(hash));
7509 Goto(if_keyisindex);
7510
7511 BIND(&if_keyisother);
7512 GotoIfNot(InstanceTypeEqual(key_instance_type, ODDBALL_TYPE), if_bailout);
7513 var_unique->Bind(LoadObjectField(key, Oddball::kToStringOffset));
7514 Goto(if_keyisunique);
7515 }
7516
TryInternalizeString(Node * string,Label * if_index,Variable * var_index,Label * if_internalized,Variable * var_internalized,Label * if_not_internalized,Label * if_bailout)7517 void CodeStubAssembler::TryInternalizeString(
7518 Node* string, Label* if_index, Variable* var_index, Label* if_internalized,
7519 Variable* var_internalized, Label* if_not_internalized, Label* if_bailout) {
7520 DCHECK(var_index->rep() == MachineType::PointerRepresentation());
7521 DCHECK_EQ(var_internalized->rep(), MachineRepresentation::kTagged);
7522 CSA_SLOW_ASSERT(this, IsString(string));
7523 Node* function =
7524 ExternalConstant(ExternalReference::try_internalize_string_function());
7525 Node* const isolate_ptr =
7526 ExternalConstant(ExternalReference::isolate_address(isolate()));
7527 Node* result =
7528 CallCFunction2(MachineType::AnyTagged(), MachineType::Pointer(),
7529 MachineType::AnyTagged(), function, isolate_ptr, string);
7530 Label internalized(this);
7531 GotoIf(TaggedIsNotSmi(result), &internalized);
7532 Node* word_result = SmiUntag(result);
7533 GotoIf(WordEqual(word_result, IntPtrConstant(ResultSentinel::kNotFound)),
7534 if_not_internalized);
7535 GotoIf(WordEqual(word_result, IntPtrConstant(ResultSentinel::kUnsupported)),
7536 if_bailout);
7537 var_index->Bind(word_result);
7538 Goto(if_index);
7539
7540 BIND(&internalized);
7541 var_internalized->Bind(result);
7542 Goto(if_internalized);
7543 }
7544
7545 template <typename Dictionary>
EntryToIndex(TNode<IntPtrT> entry,int field_index)7546 TNode<IntPtrT> CodeStubAssembler::EntryToIndex(TNode<IntPtrT> entry,
7547 int field_index) {
7548 TNode<IntPtrT> entry_index =
7549 IntPtrMul(entry, IntPtrConstant(Dictionary::kEntrySize));
7550 return IntPtrAdd(entry_index, IntPtrConstant(Dictionary::kElementsStartIndex +
7551 field_index));
7552 }
7553
LoadDetailsByKeyIndex(TNode<DescriptorArray> container,TNode<IntPtrT> key_index)7554 TNode<Uint32T> CodeStubAssembler::LoadDetailsByKeyIndex(
7555 TNode<DescriptorArray> container, TNode<IntPtrT> key_index) {
7556 const int kKeyToDetailsOffset =
7557 (DescriptorArray::kEntryDetailsIndex - DescriptorArray::kEntryKeyIndex) *
7558 kPointerSize;
7559 return Unsigned(LoadAndUntagToWord32ArrayElement(
7560 container, WeakFixedArray::kHeaderSize, key_index, kKeyToDetailsOffset));
7561 }
7562
LoadValueByKeyIndex(TNode<DescriptorArray> container,TNode<IntPtrT> key_index)7563 TNode<Object> CodeStubAssembler::LoadValueByKeyIndex(
7564 TNode<DescriptorArray> container, TNode<IntPtrT> key_index) {
7565 const int kKeyToValueOffset =
7566 (DescriptorArray::kEntryValueIndex - DescriptorArray::kEntryKeyIndex) *
7567 kPointerSize;
7568 return CAST(
7569 LoadWeakFixedArrayElement(container, key_index, kKeyToValueOffset));
7570 }
7571
LoadFieldTypeByKeyIndex(TNode<DescriptorArray> container,TNode<IntPtrT> key_index)7572 TNode<MaybeObject> CodeStubAssembler::LoadFieldTypeByKeyIndex(
7573 TNode<DescriptorArray> container, TNode<IntPtrT> key_index) {
7574 const int kKeyToValueOffset =
7575 (DescriptorArray::kEntryValueIndex - DescriptorArray::kEntryKeyIndex) *
7576 kPointerSize;
7577 return LoadWeakFixedArrayElement(container, key_index, kKeyToValueOffset);
7578 }
7579
7580 template TNode<IntPtrT> CodeStubAssembler::EntryToIndex<NameDictionary>(
7581 TNode<IntPtrT>, int);
7582 template TNode<IntPtrT> CodeStubAssembler::EntryToIndex<GlobalDictionary>(
7583 TNode<IntPtrT>, int);
7584 template TNode<IntPtrT> CodeStubAssembler::EntryToIndex<NumberDictionary>(
7585 TNode<IntPtrT>, int);
7586
7587 // This must be kept in sync with HashTableBase::ComputeCapacity().
HashTableComputeCapacity(TNode<IntPtrT> at_least_space_for)7588 TNode<IntPtrT> CodeStubAssembler::HashTableComputeCapacity(
7589 TNode<IntPtrT> at_least_space_for) {
7590 TNode<IntPtrT> capacity = IntPtrRoundUpToPowerOfTwo32(
7591 IntPtrAdd(at_least_space_for, WordShr(at_least_space_for, 1)));
7592 return IntPtrMax(capacity, IntPtrConstant(HashTableBase::kMinCapacity));
7593 }
7594
IntPtrMax(SloppyTNode<IntPtrT> left,SloppyTNode<IntPtrT> right)7595 TNode<IntPtrT> CodeStubAssembler::IntPtrMax(SloppyTNode<IntPtrT> left,
7596 SloppyTNode<IntPtrT> right) {
7597 intptr_t left_constant;
7598 intptr_t right_constant;
7599 if (ToIntPtrConstant(left, left_constant) &&
7600 ToIntPtrConstant(right, right_constant)) {
7601 return IntPtrConstant(std::max(left_constant, right_constant));
7602 }
7603 return SelectConstant<IntPtrT>(IntPtrGreaterThanOrEqual(left, right), left,
7604 right);
7605 }
7606
IntPtrMin(SloppyTNode<IntPtrT> left,SloppyTNode<IntPtrT> right)7607 TNode<IntPtrT> CodeStubAssembler::IntPtrMin(SloppyTNode<IntPtrT> left,
7608 SloppyTNode<IntPtrT> right) {
7609 intptr_t left_constant;
7610 intptr_t right_constant;
7611 if (ToIntPtrConstant(left, left_constant) &&
7612 ToIntPtrConstant(right, right_constant)) {
7613 return IntPtrConstant(std::min(left_constant, right_constant));
7614 }
7615 return SelectConstant<IntPtrT>(IntPtrLessThanOrEqual(left, right), left,
7616 right);
7617 }
7618
7619 template <>
LoadName(TNode<HeapObject> key)7620 TNode<HeapObject> CodeStubAssembler::LoadName<NameDictionary>(
7621 TNode<HeapObject> key) {
7622 CSA_ASSERT(this, Word32Or(IsTheHole(key), IsName(key)));
7623 return key;
7624 }
7625
7626 template <>
LoadName(TNode<HeapObject> key)7627 TNode<HeapObject> CodeStubAssembler::LoadName<GlobalDictionary>(
7628 TNode<HeapObject> key) {
7629 TNode<PropertyCell> property_cell = CAST(key);
7630 return CAST(LoadObjectField(property_cell, PropertyCell::kNameOffset));
7631 }
7632
7633 template <typename Dictionary>
NameDictionaryLookup(TNode<Dictionary> dictionary,TNode<Name> unique_name,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found,int inlined_probes,LookupMode mode)7634 void CodeStubAssembler::NameDictionaryLookup(
7635 TNode<Dictionary> dictionary, TNode<Name> unique_name, Label* if_found,
7636 TVariable<IntPtrT>* var_name_index, Label* if_not_found, int inlined_probes,
7637 LookupMode mode) {
7638 static_assert(std::is_same<Dictionary, NameDictionary>::value ||
7639 std::is_same<Dictionary, GlobalDictionary>::value,
7640 "Unexpected NameDictionary");
7641 DCHECK_EQ(MachineType::PointerRepresentation(), var_name_index->rep());
7642 DCHECK_IMPLIES(mode == kFindInsertionIndex,
7643 inlined_probes == 0 && if_found == nullptr);
7644 Comment("NameDictionaryLookup");
7645
7646 TNode<IntPtrT> capacity = SmiUntag(GetCapacity<Dictionary>(dictionary));
7647 TNode<WordT> mask = IntPtrSub(capacity, IntPtrConstant(1));
7648 TNode<WordT> hash = ChangeUint32ToWord(LoadNameHash(unique_name));
7649
7650 // See Dictionary::FirstProbe().
7651 TNode<IntPtrT> count = IntPtrConstant(0);
7652 TNode<IntPtrT> entry = Signed(WordAnd(hash, mask));
7653 Node* undefined = UndefinedConstant();
7654
7655 for (int i = 0; i < inlined_probes; i++) {
7656 TNode<IntPtrT> index = EntryToIndex<Dictionary>(entry);
7657 *var_name_index = index;
7658
7659 TNode<HeapObject> current = CAST(LoadFixedArrayElement(dictionary, index));
7660 GotoIf(WordEqual(current, undefined), if_not_found);
7661 current = LoadName<Dictionary>(current);
7662 GotoIf(WordEqual(current, unique_name), if_found);
7663
7664 // See Dictionary::NextProbe().
7665 count = IntPtrConstant(i + 1);
7666 entry = Signed(WordAnd(IntPtrAdd(entry, count), mask));
7667 }
7668 if (mode == kFindInsertionIndex) {
7669 // Appease the variable merging algorithm for "Goto(&loop)" below.
7670 *var_name_index = IntPtrConstant(0);
7671 }
7672
7673 TVARIABLE(IntPtrT, var_count, count);
7674 TVARIABLE(IntPtrT, var_entry, entry);
7675 Variable* loop_vars[] = {&var_count, &var_entry, var_name_index};
7676 Label loop(this, 3, loop_vars);
7677 Goto(&loop);
7678 BIND(&loop);
7679 {
7680 TNode<IntPtrT> entry = var_entry.value();
7681
7682 TNode<IntPtrT> index = EntryToIndex<Dictionary>(entry);
7683 *var_name_index = index;
7684
7685 TNode<HeapObject> current = CAST(LoadFixedArrayElement(dictionary, index));
7686 GotoIf(WordEqual(current, undefined), if_not_found);
7687 if (mode == kFindExisting) {
7688 current = LoadName<Dictionary>(current);
7689 GotoIf(WordEqual(current, unique_name), if_found);
7690 } else {
7691 DCHECK_EQ(kFindInsertionIndex, mode);
7692 GotoIf(WordEqual(current, TheHoleConstant()), if_not_found);
7693 }
7694
7695 // See Dictionary::NextProbe().
7696 Increment(&var_count);
7697 entry = Signed(WordAnd(IntPtrAdd(entry, var_count.value()), mask));
7698
7699 var_entry = entry;
7700 Goto(&loop);
7701 }
7702 }
7703
7704 // Instantiate template methods to workaround GCC compilation issue.
7705 template void CodeStubAssembler::NameDictionaryLookup<NameDictionary>(
7706 TNode<NameDictionary>, TNode<Name>, Label*, TVariable<IntPtrT>*, Label*,
7707 int, LookupMode);
7708 template void CodeStubAssembler::NameDictionaryLookup<GlobalDictionary>(
7709 TNode<GlobalDictionary>, TNode<Name>, Label*, TVariable<IntPtrT>*, Label*,
7710 int, LookupMode);
7711
ComputeIntegerHash(Node * key)7712 Node* CodeStubAssembler::ComputeIntegerHash(Node* key) {
7713 return ComputeIntegerHash(key, IntPtrConstant(kZeroHashSeed));
7714 }
7715
ComputeIntegerHash(Node * key,Node * seed)7716 Node* CodeStubAssembler::ComputeIntegerHash(Node* key, Node* seed) {
7717 // See v8::internal::ComputeIntegerHash()
7718 Node* hash = TruncateIntPtrToInt32(key);
7719 hash = Word32Xor(hash, seed);
7720 hash = Int32Add(Word32Xor(hash, Int32Constant(0xFFFFFFFF)),
7721 Word32Shl(hash, Int32Constant(15)));
7722 hash = Word32Xor(hash, Word32Shr(hash, Int32Constant(12)));
7723 hash = Int32Add(hash, Word32Shl(hash, Int32Constant(2)));
7724 hash = Word32Xor(hash, Word32Shr(hash, Int32Constant(4)));
7725 hash = Int32Mul(hash, Int32Constant(2057));
7726 hash = Word32Xor(hash, Word32Shr(hash, Int32Constant(16)));
7727 return Word32And(hash, Int32Constant(0x3FFFFFFF));
7728 }
7729
NumberDictionaryLookup(TNode<NumberDictionary> dictionary,TNode<IntPtrT> intptr_index,Label * if_found,TVariable<IntPtrT> * var_entry,Label * if_not_found)7730 void CodeStubAssembler::NumberDictionaryLookup(
7731 TNode<NumberDictionary> dictionary, TNode<IntPtrT> intptr_index,
7732 Label* if_found, TVariable<IntPtrT>* var_entry, Label* if_not_found) {
7733 CSA_ASSERT(this, IsNumberDictionary(dictionary));
7734 DCHECK_EQ(MachineType::PointerRepresentation(), var_entry->rep());
7735 Comment("NumberDictionaryLookup");
7736
7737 TNode<IntPtrT> capacity = SmiUntag(GetCapacity<NumberDictionary>(dictionary));
7738 TNode<WordT> mask = IntPtrSub(capacity, IntPtrConstant(1));
7739
7740 TNode<Int32T> int32_seed;
7741
7742 if (Is64()) {
7743 int32_seed = TruncateInt64ToInt32(HashSeed());
7744 } else {
7745 int32_seed = HashSeedLow();
7746 }
7747
7748 TNode<WordT> hash =
7749 ChangeUint32ToWord(ComputeIntegerHash(intptr_index, int32_seed));
7750 Node* key_as_float64 = RoundIntPtrToFloat64(intptr_index);
7751
7752 // See Dictionary::FirstProbe().
7753 TNode<IntPtrT> count = IntPtrConstant(0);
7754 TNode<IntPtrT> entry = Signed(WordAnd(hash, mask));
7755
7756 Node* undefined = UndefinedConstant();
7757 Node* the_hole = TheHoleConstant();
7758
7759 TVARIABLE(IntPtrT, var_count, count);
7760 Variable* loop_vars[] = {&var_count, var_entry};
7761 Label loop(this, 2, loop_vars);
7762 *var_entry = entry;
7763 Goto(&loop);
7764 BIND(&loop);
7765 {
7766 TNode<IntPtrT> entry = var_entry->value();
7767
7768 TNode<IntPtrT> index = EntryToIndex<NumberDictionary>(entry);
7769 Node* current = LoadFixedArrayElement(dictionary, index);
7770 GotoIf(WordEqual(current, undefined), if_not_found);
7771 Label next_probe(this);
7772 {
7773 Label if_currentissmi(this), if_currentisnotsmi(this);
7774 Branch(TaggedIsSmi(current), &if_currentissmi, &if_currentisnotsmi);
7775 BIND(&if_currentissmi);
7776 {
7777 Node* current_value = SmiUntag(current);
7778 Branch(WordEqual(current_value, intptr_index), if_found, &next_probe);
7779 }
7780 BIND(&if_currentisnotsmi);
7781 {
7782 GotoIf(WordEqual(current, the_hole), &next_probe);
7783 // Current must be the Number.
7784 Node* current_value = LoadHeapNumberValue(current);
7785 Branch(Float64Equal(current_value, key_as_float64), if_found,
7786 &next_probe);
7787 }
7788 }
7789
7790 BIND(&next_probe);
7791 // See Dictionary::NextProbe().
7792 Increment(&var_count);
7793 entry = Signed(WordAnd(IntPtrAdd(entry, var_count.value()), mask));
7794
7795 *var_entry = entry;
7796 Goto(&loop);
7797 }
7798 }
7799
BasicLoadNumberDictionaryElement(TNode<NumberDictionary> dictionary,TNode<IntPtrT> intptr_index,Label * not_data,Label * if_hole)7800 TNode<Object> CodeStubAssembler::BasicLoadNumberDictionaryElement(
7801 TNode<NumberDictionary> dictionary, TNode<IntPtrT> intptr_index,
7802 Label* not_data, Label* if_hole) {
7803 TVARIABLE(IntPtrT, var_entry);
7804 Label if_found(this);
7805 NumberDictionaryLookup(dictionary, intptr_index, &if_found, &var_entry,
7806 if_hole);
7807 BIND(&if_found);
7808
7809 // Check that the value is a data property.
7810 TNode<IntPtrT> index = EntryToIndex<NumberDictionary>(var_entry.value());
7811 TNode<Uint32T> details =
7812 LoadDetailsByKeyIndex<NumberDictionary>(dictionary, index);
7813 TNode<Uint32T> kind = DecodeWord32<PropertyDetails::KindField>(details);
7814 // TODO(jkummerow): Support accessors without missing?
7815 GotoIfNot(Word32Equal(kind, Int32Constant(kData)), not_data);
7816 // Finally, load the value.
7817 return LoadValueByKeyIndex<NumberDictionary>(dictionary, index);
7818 }
7819
BasicStoreNumberDictionaryElement(TNode<NumberDictionary> dictionary,TNode<IntPtrT> intptr_index,TNode<Object> value,Label * not_data,Label * if_hole,Label * read_only)7820 void CodeStubAssembler::BasicStoreNumberDictionaryElement(
7821 TNode<NumberDictionary> dictionary, TNode<IntPtrT> intptr_index,
7822 TNode<Object> value, Label* not_data, Label* if_hole, Label* read_only) {
7823 TVARIABLE(IntPtrT, var_entry);
7824 Label if_found(this);
7825 NumberDictionaryLookup(dictionary, intptr_index, &if_found, &var_entry,
7826 if_hole);
7827 BIND(&if_found);
7828
7829 // Check that the value is a data property.
7830 TNode<IntPtrT> index = EntryToIndex<NumberDictionary>(var_entry.value());
7831 TNode<Uint32T> details =
7832 LoadDetailsByKeyIndex<NumberDictionary>(dictionary, index);
7833 TNode<Uint32T> kind = DecodeWord32<PropertyDetails::KindField>(details);
7834 // TODO(jkummerow): Support accessors without missing?
7835 GotoIfNot(Word32Equal(kind, Int32Constant(kData)), not_data);
7836
7837 // Check that the property is writeable.
7838 GotoIf(IsSetWord32(details, PropertyDetails::kAttributesReadOnlyMask),
7839 read_only);
7840
7841 // Finally, store the value.
7842 StoreValueByKeyIndex<NumberDictionary>(dictionary, index, value);
7843 }
7844
7845 template <class Dictionary>
FindInsertionEntry(TNode<Dictionary> dictionary,TNode<Name> key,TVariable<IntPtrT> * var_key_index)7846 void CodeStubAssembler::FindInsertionEntry(TNode<Dictionary> dictionary,
7847 TNode<Name> key,
7848 TVariable<IntPtrT>* var_key_index) {
7849 UNREACHABLE();
7850 }
7851
7852 template <>
FindInsertionEntry(TNode<NameDictionary> dictionary,TNode<Name> key,TVariable<IntPtrT> * var_key_index)7853 void CodeStubAssembler::FindInsertionEntry<NameDictionary>(
7854 TNode<NameDictionary> dictionary, TNode<Name> key,
7855 TVariable<IntPtrT>* var_key_index) {
7856 Label done(this);
7857 NameDictionaryLookup<NameDictionary>(dictionary, key, nullptr, var_key_index,
7858 &done, 0, kFindInsertionIndex);
7859 BIND(&done);
7860 }
7861
7862 template <class Dictionary>
InsertEntry(TNode<Dictionary> dictionary,TNode<Name> key,TNode<Object> value,TNode<IntPtrT> index,TNode<Smi> enum_index)7863 void CodeStubAssembler::InsertEntry(TNode<Dictionary> dictionary,
7864 TNode<Name> key, TNode<Object> value,
7865 TNode<IntPtrT> index,
7866 TNode<Smi> enum_index) {
7867 UNREACHABLE(); // Use specializations instead.
7868 }
7869
7870 template <>
InsertEntry(TNode<NameDictionary> dictionary,TNode<Name> name,TNode<Object> value,TNode<IntPtrT> index,TNode<Smi> enum_index)7871 void CodeStubAssembler::InsertEntry<NameDictionary>(
7872 TNode<NameDictionary> dictionary, TNode<Name> name, TNode<Object> value,
7873 TNode<IntPtrT> index, TNode<Smi> enum_index) {
7874 // Store name and value.
7875 StoreFixedArrayElement(dictionary, index, name);
7876 StoreValueByKeyIndex<NameDictionary>(dictionary, index, value);
7877
7878 // Prepare details of the new property.
7879 PropertyDetails d(kData, NONE, PropertyCellType::kNoCell);
7880 enum_index =
7881 SmiShl(enum_index, PropertyDetails::DictionaryStorageField::kShift);
7882 // We OR over the actual index below, so we expect the initial value to be 0.
7883 DCHECK_EQ(0, d.dictionary_index());
7884 TVARIABLE(Smi, var_details, SmiOr(SmiConstant(d.AsSmi()), enum_index));
7885
7886 // Private names must be marked non-enumerable.
7887 Label not_private(this, &var_details);
7888 GotoIfNot(IsPrivateSymbol(name), ¬_private);
7889 TNode<Smi> dont_enum =
7890 SmiShl(SmiConstant(DONT_ENUM), PropertyDetails::AttributesField::kShift);
7891 var_details = SmiOr(var_details.value(), dont_enum);
7892 Goto(¬_private);
7893 BIND(¬_private);
7894
7895 // Finally, store the details.
7896 StoreDetailsByKeyIndex<NameDictionary>(dictionary, index,
7897 var_details.value());
7898 }
7899
7900 template <>
InsertEntry(TNode<GlobalDictionary> dictionary,TNode<Name> key,TNode<Object> value,TNode<IntPtrT> index,TNode<Smi> enum_index)7901 void CodeStubAssembler::InsertEntry<GlobalDictionary>(
7902 TNode<GlobalDictionary> dictionary, TNode<Name> key, TNode<Object> value,
7903 TNode<IntPtrT> index, TNode<Smi> enum_index) {
7904 UNIMPLEMENTED();
7905 }
7906
7907 template <class Dictionary>
Add(TNode<Dictionary> dictionary,TNode<Name> key,TNode<Object> value,Label * bailout)7908 void CodeStubAssembler::Add(TNode<Dictionary> dictionary, TNode<Name> key,
7909 TNode<Object> value, Label* bailout) {
7910 CSA_ASSERT(this, Word32BinaryNot(IsEmptyPropertyDictionary(dictionary)));
7911 TNode<Smi> capacity = GetCapacity<Dictionary>(dictionary);
7912 TNode<Smi> nof = GetNumberOfElements<Dictionary>(dictionary);
7913 TNode<Smi> new_nof = SmiAdd(nof, SmiConstant(1));
7914 // Require 33% to still be free after adding additional_elements.
7915 // Computing "x + (x >> 1)" on a Smi x does not return a valid Smi!
7916 // But that's OK here because it's only used for a comparison.
7917 TNode<Smi> required_capacity_pseudo_smi = SmiAdd(new_nof, SmiShr(new_nof, 1));
7918 GotoIf(SmiBelow(capacity, required_capacity_pseudo_smi), bailout);
7919 // Require rehashing if more than 50% of free elements are deleted elements.
7920 TNode<Smi> deleted = GetNumberOfDeletedElements<Dictionary>(dictionary);
7921 CSA_ASSERT(this, SmiAbove(capacity, new_nof));
7922 TNode<Smi> half_of_free_elements = SmiShr(SmiSub(capacity, new_nof), 1);
7923 GotoIf(SmiAbove(deleted, half_of_free_elements), bailout);
7924
7925 TNode<Smi> enum_index = GetNextEnumerationIndex<Dictionary>(dictionary);
7926 TNode<Smi> new_enum_index = SmiAdd(enum_index, SmiConstant(1));
7927 TNode<Smi> max_enum_index =
7928 SmiConstant(PropertyDetails::DictionaryStorageField::kMax);
7929 GotoIf(SmiAbove(new_enum_index, max_enum_index), bailout);
7930
7931 // No more bailouts after this point.
7932 // Operations from here on can have side effects.
7933
7934 SetNextEnumerationIndex<Dictionary>(dictionary, new_enum_index);
7935 SetNumberOfElements<Dictionary>(dictionary, new_nof);
7936
7937 TVARIABLE(IntPtrT, var_key_index);
7938 FindInsertionEntry<Dictionary>(dictionary, key, &var_key_index);
7939 InsertEntry<Dictionary>(dictionary, key, value, var_key_index.value(),
7940 enum_index);
7941 }
7942
7943 template void CodeStubAssembler::Add<NameDictionary>(TNode<NameDictionary>,
7944 TNode<Name>, TNode<Object>,
7945 Label*);
7946
7947 template <typename Array>
LookupLinear(TNode<Name> unique_name,TNode<Array> array,TNode<Uint32T> number_of_valid_entries,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found)7948 void CodeStubAssembler::LookupLinear(TNode<Name> unique_name,
7949 TNode<Array> array,
7950 TNode<Uint32T> number_of_valid_entries,
7951 Label* if_found,
7952 TVariable<IntPtrT>* var_name_index,
7953 Label* if_not_found) {
7954 static_assert(std::is_base_of<FixedArray, Array>::value ||
7955 std::is_base_of<WeakFixedArray, Array>::value,
7956 "T must be a descendant of FixedArray or a WeakFixedArray");
7957 Comment("LookupLinear");
7958 TNode<IntPtrT> first_inclusive = IntPtrConstant(Array::ToKeyIndex(0));
7959 TNode<IntPtrT> factor = IntPtrConstant(Array::kEntrySize);
7960 TNode<IntPtrT> last_exclusive = IntPtrAdd(
7961 first_inclusive,
7962 IntPtrMul(ChangeInt32ToIntPtr(number_of_valid_entries), factor));
7963
7964 BuildFastLoop(last_exclusive, first_inclusive,
7965 [=](SloppyTNode<IntPtrT> name_index) {
7966 TNode<MaybeObject> element =
7967 LoadArrayElement(array, Array::kHeaderSize, name_index);
7968 TNode<Name> candidate_name = CAST(element);
7969 *var_name_index = name_index;
7970 GotoIf(WordEqual(candidate_name, unique_name), if_found);
7971 },
7972 -Array::kEntrySize, INTPTR_PARAMETERS, IndexAdvanceMode::kPre);
7973 Goto(if_not_found);
7974 }
7975
7976 template <>
NumberOfEntries(TNode<DescriptorArray> descriptors)7977 TNode<Uint32T> CodeStubAssembler::NumberOfEntries<DescriptorArray>(
7978 TNode<DescriptorArray> descriptors) {
7979 return Unsigned(LoadAndUntagToWord32ArrayElement(
7980 descriptors, WeakFixedArray::kHeaderSize,
7981 IntPtrConstant(DescriptorArray::kDescriptorLengthIndex)));
7982 }
7983
7984 template <>
NumberOfEntries(TNode<TransitionArray> transitions)7985 TNode<Uint32T> CodeStubAssembler::NumberOfEntries<TransitionArray>(
7986 TNode<TransitionArray> transitions) {
7987 TNode<IntPtrT> length = LoadAndUntagWeakFixedArrayLength(transitions);
7988 return Select<Uint32T>(
7989 UintPtrLessThan(length, IntPtrConstant(TransitionArray::kFirstIndex)),
7990 [=] { return Unsigned(Int32Constant(0)); },
7991 [=] {
7992 return Unsigned(LoadAndUntagToWord32ArrayElement(
7993 transitions, WeakFixedArray::kHeaderSize,
7994 IntPtrConstant(TransitionArray::kTransitionLengthIndex)));
7995 });
7996 }
7997
7998 template <typename Array>
EntryIndexToIndex(TNode<Uint32T> entry_index)7999 TNode<IntPtrT> CodeStubAssembler::EntryIndexToIndex(
8000 TNode<Uint32T> entry_index) {
8001 TNode<Int32T> entry_size = Int32Constant(Array::kEntrySize);
8002 TNode<Word32T> index = Int32Mul(entry_index, entry_size);
8003 return ChangeInt32ToIntPtr(index);
8004 }
8005
8006 template <typename Array>
ToKeyIndex(TNode<Uint32T> entry_index)8007 TNode<IntPtrT> CodeStubAssembler::ToKeyIndex(TNode<Uint32T> entry_index) {
8008 return IntPtrAdd(IntPtrConstant(Array::ToKeyIndex(0)),
8009 EntryIndexToIndex<Array>(entry_index));
8010 }
8011
8012 template TNode<IntPtrT> CodeStubAssembler::ToKeyIndex<DescriptorArray>(
8013 TNode<Uint32T>);
8014 template TNode<IntPtrT> CodeStubAssembler::ToKeyIndex<TransitionArray>(
8015 TNode<Uint32T>);
8016
8017 template <>
GetSortedKeyIndex(TNode<DescriptorArray> descriptors,TNode<Uint32T> descriptor_number)8018 TNode<Uint32T> CodeStubAssembler::GetSortedKeyIndex<DescriptorArray>(
8019 TNode<DescriptorArray> descriptors, TNode<Uint32T> descriptor_number) {
8020 TNode<Uint32T> details =
8021 DescriptorArrayGetDetails(descriptors, descriptor_number);
8022 return DecodeWord32<PropertyDetails::DescriptorPointer>(details);
8023 }
8024
8025 template <>
GetSortedKeyIndex(TNode<TransitionArray> transitions,TNode<Uint32T> transition_number)8026 TNode<Uint32T> CodeStubAssembler::GetSortedKeyIndex<TransitionArray>(
8027 TNode<TransitionArray> transitions, TNode<Uint32T> transition_number) {
8028 return transition_number;
8029 }
8030
8031 template <typename Array>
GetKey(TNode<Array> array,TNode<Uint32T> entry_index)8032 TNode<Name> CodeStubAssembler::GetKey(TNode<Array> array,
8033 TNode<Uint32T> entry_index) {
8034 static_assert(std::is_base_of<FixedArray, Array>::value ||
8035 std::is_base_of<WeakFixedArray, Array>::value,
8036 "T must be a descendant of FixedArray or a TransitionArray");
8037 const int key_offset = Array::ToKeyIndex(0) * kPointerSize;
8038 TNode<MaybeObject> element =
8039 LoadArrayElement(array, Array::kHeaderSize,
8040 EntryIndexToIndex<Array>(entry_index), key_offset);
8041 return CAST(element);
8042 }
8043
8044 template TNode<Name> CodeStubAssembler::GetKey<DescriptorArray>(
8045 TNode<DescriptorArray>, TNode<Uint32T>);
8046 template TNode<Name> CodeStubAssembler::GetKey<TransitionArray>(
8047 TNode<TransitionArray>, TNode<Uint32T>);
8048
DescriptorArrayGetDetails(TNode<DescriptorArray> descriptors,TNode<Uint32T> descriptor_number)8049 TNode<Uint32T> CodeStubAssembler::DescriptorArrayGetDetails(
8050 TNode<DescriptorArray> descriptors, TNode<Uint32T> descriptor_number) {
8051 const int details_offset = DescriptorArray::ToDetailsIndex(0) * kPointerSize;
8052 return Unsigned(LoadAndUntagToWord32ArrayElement(
8053 descriptors, WeakFixedArray::kHeaderSize,
8054 EntryIndexToIndex<DescriptorArray>(descriptor_number), details_offset));
8055 }
8056
8057 template <typename Array>
LookupBinary(TNode<Name> unique_name,TNode<Array> array,TNode<Uint32T> number_of_valid_entries,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found)8058 void CodeStubAssembler::LookupBinary(TNode<Name> unique_name,
8059 TNode<Array> array,
8060 TNode<Uint32T> number_of_valid_entries,
8061 Label* if_found,
8062 TVariable<IntPtrT>* var_name_index,
8063 Label* if_not_found) {
8064 Comment("LookupBinary");
8065 TVARIABLE(Uint32T, var_low, Unsigned(Int32Constant(0)));
8066 TNode<Uint32T> limit =
8067 Unsigned(Int32Sub(NumberOfEntries<Array>(array), Int32Constant(1)));
8068 TVARIABLE(Uint32T, var_high, limit);
8069 TNode<Uint32T> hash = LoadNameHashField(unique_name);
8070 CSA_ASSERT(this, Word32NotEqual(hash, Int32Constant(0)));
8071
8072 // Assume non-empty array.
8073 CSA_ASSERT(this, Uint32LessThanOrEqual(var_low.value(), var_high.value()));
8074
8075 Label binary_loop(this, {&var_high, &var_low});
8076 Goto(&binary_loop);
8077 BIND(&binary_loop);
8078 {
8079 // mid = low + (high - low) / 2 (to avoid overflow in "(low + high) / 2").
8080 TNode<Uint32T> mid = Unsigned(
8081 Int32Add(var_low.value(),
8082 Word32Shr(Int32Sub(var_high.value(), var_low.value()), 1)));
8083 // mid_name = array->GetSortedKey(mid).
8084 TNode<Uint32T> sorted_key_index = GetSortedKeyIndex<Array>(array, mid);
8085 TNode<Name> mid_name = GetKey<Array>(array, sorted_key_index);
8086
8087 TNode<Uint32T> mid_hash = LoadNameHashField(mid_name);
8088
8089 Label mid_greater(this), mid_less(this), merge(this);
8090 Branch(Uint32GreaterThanOrEqual(mid_hash, hash), &mid_greater, &mid_less);
8091 BIND(&mid_greater);
8092 {
8093 var_high = mid;
8094 Goto(&merge);
8095 }
8096 BIND(&mid_less);
8097 {
8098 var_low = Unsigned(Int32Add(mid, Int32Constant(1)));
8099 Goto(&merge);
8100 }
8101 BIND(&merge);
8102 GotoIf(Word32NotEqual(var_low.value(), var_high.value()), &binary_loop);
8103 }
8104
8105 Label scan_loop(this, &var_low);
8106 Goto(&scan_loop);
8107 BIND(&scan_loop);
8108 {
8109 GotoIf(Int32GreaterThan(var_low.value(), limit), if_not_found);
8110
8111 TNode<Uint32T> sort_index =
8112 GetSortedKeyIndex<Array>(array, var_low.value());
8113 TNode<Name> current_name = GetKey<Array>(array, sort_index);
8114 TNode<Uint32T> current_hash = LoadNameHashField(current_name);
8115 GotoIf(Word32NotEqual(current_hash, hash), if_not_found);
8116 Label next(this);
8117 GotoIf(WordNotEqual(current_name, unique_name), &next);
8118 GotoIf(Uint32GreaterThanOrEqual(sort_index, number_of_valid_entries),
8119 if_not_found);
8120 *var_name_index = ToKeyIndex<Array>(sort_index);
8121 Goto(if_found);
8122
8123 BIND(&next);
8124 var_low = Unsigned(Int32Add(var_low.value(), Int32Constant(1)));
8125 Goto(&scan_loop);
8126 }
8127 }
8128
DescriptorArrayForEach(VariableList & variable_list,TNode<Uint32T> start_descriptor,TNode<Uint32T> end_descriptor,const ForEachDescriptorBodyFunction & body)8129 void CodeStubAssembler::DescriptorArrayForEach(
8130 VariableList& variable_list, TNode<Uint32T> start_descriptor,
8131 TNode<Uint32T> end_descriptor, const ForEachDescriptorBodyFunction& body) {
8132 TNode<IntPtrT> start_index =
8133 IntPtrAdd(IntPtrConstant(DescriptorArray::ToKeyIndex(0)),
8134 EntryIndexToIndex<DescriptorArray>(start_descriptor));
8135
8136 TNode<IntPtrT> end_index =
8137 IntPtrAdd(IntPtrConstant(DescriptorArray::ToKeyIndex(0)),
8138 EntryIndexToIndex<DescriptorArray>(end_descriptor));
8139
8140 BuildFastLoop(variable_list, start_index, end_index,
8141 [=](Node* index) {
8142 TNode<UintPtrT> descriptor_key_index =
8143 TNode<UintPtrT>::UncheckedCast(index);
8144 body(descriptor_key_index);
8145 },
8146 DescriptorArray::kEntrySize, INTPTR_PARAMETERS,
8147 IndexAdvanceMode::kPost);
8148 }
8149
DescriptorLookup(SloppyTNode<Name> unique_name,SloppyTNode<DescriptorArray> descriptors,SloppyTNode<Uint32T> bitfield3,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found)8150 void CodeStubAssembler::DescriptorLookup(
8151 SloppyTNode<Name> unique_name, SloppyTNode<DescriptorArray> descriptors,
8152 SloppyTNode<Uint32T> bitfield3, Label* if_found,
8153 TVariable<IntPtrT>* var_name_index, Label* if_not_found) {
8154 Comment("DescriptorArrayLookup");
8155 TNode<Uint32T> nof = DecodeWord32<Map::NumberOfOwnDescriptorsBits>(bitfield3);
8156 Lookup<DescriptorArray>(unique_name, descriptors, nof, if_found,
8157 var_name_index, if_not_found);
8158 }
8159
TransitionLookup(SloppyTNode<Name> unique_name,SloppyTNode<TransitionArray> transitions,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found)8160 void CodeStubAssembler::TransitionLookup(
8161 SloppyTNode<Name> unique_name, SloppyTNode<TransitionArray> transitions,
8162 Label* if_found, TVariable<IntPtrT>* var_name_index, Label* if_not_found) {
8163 Comment("TransitionArrayLookup");
8164 TNode<Uint32T> number_of_valid_transitions =
8165 NumberOfEntries<TransitionArray>(transitions);
8166 Lookup<TransitionArray>(unique_name, transitions, number_of_valid_transitions,
8167 if_found, var_name_index, if_not_found);
8168 }
8169
8170 template <typename Array>
Lookup(TNode<Name> unique_name,TNode<Array> array,TNode<Uint32T> number_of_valid_entries,Label * if_found,TVariable<IntPtrT> * var_name_index,Label * if_not_found)8171 void CodeStubAssembler::Lookup(TNode<Name> unique_name, TNode<Array> array,
8172 TNode<Uint32T> number_of_valid_entries,
8173 Label* if_found,
8174 TVariable<IntPtrT>* var_name_index,
8175 Label* if_not_found) {
8176 Comment("ArrayLookup");
8177 if (!number_of_valid_entries) {
8178 number_of_valid_entries = NumberOfEntries(array);
8179 }
8180 GotoIf(Word32Equal(number_of_valid_entries, Int32Constant(0)), if_not_found);
8181 Label linear_search(this), binary_search(this);
8182 const int kMaxElementsForLinearSearch = 32;
8183 Branch(Uint32LessThanOrEqual(number_of_valid_entries,
8184 Int32Constant(kMaxElementsForLinearSearch)),
8185 &linear_search, &binary_search);
8186 BIND(&linear_search);
8187 {
8188 LookupLinear<Array>(unique_name, array, number_of_valid_entries, if_found,
8189 var_name_index, if_not_found);
8190 }
8191 BIND(&binary_search);
8192 {
8193 LookupBinary<Array>(unique_name, array, number_of_valid_entries, if_found,
8194 var_name_index, if_not_found);
8195 }
8196 }
8197
IsSimpleObjectMap(TNode<Map> map)8198 TNode<BoolT> CodeStubAssembler::IsSimpleObjectMap(TNode<Map> map) {
8199 uint32_t mask =
8200 Map::HasNamedInterceptorBit::kMask | Map::IsAccessCheckNeededBit::kMask;
8201 // !IsSpecialReceiverType && !IsNamedInterceptor && !IsAccessCheckNeeded
8202 return Select<BoolT>(
8203 IsSpecialReceiverInstanceType(LoadMapInstanceType(map)),
8204 [=] { return Int32FalseConstant(); },
8205 [=] { return IsClearWord32(LoadMapBitField(map), mask); });
8206 }
8207
TryLookupPropertyInSimpleObject(TNode<JSObject> object,TNode<Map> map,TNode<Name> unique_name,Label * if_found_fast,Label * if_found_dict,TVariable<HeapObject> * var_meta_storage,TVariable<IntPtrT> * var_name_index,Label * if_not_found)8208 void CodeStubAssembler::TryLookupPropertyInSimpleObject(
8209 TNode<JSObject> object, TNode<Map> map, TNode<Name> unique_name,
8210 Label* if_found_fast, Label* if_found_dict,
8211 TVariable<HeapObject>* var_meta_storage, TVariable<IntPtrT>* var_name_index,
8212 Label* if_not_found) {
8213 CSA_ASSERT(this, IsSimpleObjectMap(map));
8214
8215 TNode<Uint32T> bit_field3 = LoadMapBitField3(map);
8216 Label if_isfastmap(this), if_isslowmap(this);
8217 Branch(IsSetWord32<Map::IsDictionaryMapBit>(bit_field3), &if_isslowmap,
8218 &if_isfastmap);
8219 BIND(&if_isfastmap);
8220 {
8221 TNode<DescriptorArray> descriptors = LoadMapDescriptors(map);
8222 *var_meta_storage = descriptors;
8223
8224 DescriptorLookup(unique_name, descriptors, bit_field3, if_found_fast,
8225 var_name_index, if_not_found);
8226 }
8227 BIND(&if_isslowmap);
8228 {
8229 TNode<NameDictionary> dictionary = CAST(LoadSlowProperties(object));
8230 *var_meta_storage = dictionary;
8231
8232 NameDictionaryLookup<NameDictionary>(dictionary, unique_name, if_found_dict,
8233 var_name_index, if_not_found);
8234 }
8235 }
8236
TryLookupProperty(SloppyTNode<JSObject> object,SloppyTNode<Map> map,SloppyTNode<Int32T> instance_type,SloppyTNode<Name> unique_name,Label * if_found_fast,Label * if_found_dict,Label * if_found_global,TVariable<HeapObject> * var_meta_storage,TVariable<IntPtrT> * var_name_index,Label * if_not_found,Label * if_bailout)8237 void CodeStubAssembler::TryLookupProperty(
8238 SloppyTNode<JSObject> object, SloppyTNode<Map> map,
8239 SloppyTNode<Int32T> instance_type, SloppyTNode<Name> unique_name,
8240 Label* if_found_fast, Label* if_found_dict, Label* if_found_global,
8241 TVariable<HeapObject>* var_meta_storage, TVariable<IntPtrT>* var_name_index,
8242 Label* if_not_found, Label* if_bailout) {
8243 Label if_objectisspecial(this);
8244 GotoIf(IsSpecialReceiverInstanceType(instance_type), &if_objectisspecial);
8245
8246 TryLookupPropertyInSimpleObject(object, map, unique_name, if_found_fast,
8247 if_found_dict, var_meta_storage,
8248 var_name_index, if_not_found);
8249
8250 BIND(&if_objectisspecial);
8251 {
8252 // Handle global object here and bailout for other special objects.
8253 GotoIfNot(InstanceTypeEqual(instance_type, JS_GLOBAL_OBJECT_TYPE),
8254 if_bailout);
8255
8256 // Handle interceptors and access checks in runtime.
8257 TNode<Int32T> bit_field = LoadMapBitField(map);
8258 int mask =
8259 Map::HasNamedInterceptorBit::kMask | Map::IsAccessCheckNeededBit::kMask;
8260 GotoIf(IsSetWord32(bit_field, mask), if_bailout);
8261
8262 TNode<GlobalDictionary> dictionary = CAST(LoadSlowProperties(object));
8263 *var_meta_storage = dictionary;
8264
8265 NameDictionaryLookup<GlobalDictionary>(
8266 dictionary, unique_name, if_found_global, var_name_index, if_not_found);
8267 }
8268 }
8269
TryHasOwnProperty(Node * object,Node * map,Node * instance_type,Node * unique_name,Label * if_found,Label * if_not_found,Label * if_bailout)8270 void CodeStubAssembler::TryHasOwnProperty(Node* object, Node* map,
8271 Node* instance_type,
8272 Node* unique_name, Label* if_found,
8273 Label* if_not_found,
8274 Label* if_bailout) {
8275 Comment("TryHasOwnProperty");
8276 TVARIABLE(HeapObject, var_meta_storage);
8277 TVARIABLE(IntPtrT, var_name_index);
8278
8279 Label if_found_global(this);
8280 TryLookupProperty(object, map, instance_type, unique_name, if_found, if_found,
8281 &if_found_global, &var_meta_storage, &var_name_index,
8282 if_not_found, if_bailout);
8283
8284 BIND(&if_found_global);
8285 {
8286 VARIABLE(var_value, MachineRepresentation::kTagged);
8287 VARIABLE(var_details, MachineRepresentation::kWord32);
8288 // Check if the property cell is not deleted.
8289 LoadPropertyFromGlobalDictionary(var_meta_storage.value(),
8290 var_name_index.value(), &var_value,
8291 &var_details, if_not_found);
8292 Goto(if_found);
8293 }
8294 }
8295
GetMethod(Node * context,Node * object,Handle<Name> name,Label * if_null_or_undefined)8296 Node* CodeStubAssembler::GetMethod(Node* context, Node* object,
8297 Handle<Name> name,
8298 Label* if_null_or_undefined) {
8299 Node* method = GetProperty(context, object, name);
8300
8301 GotoIf(IsUndefined(method), if_null_or_undefined);
8302 GotoIf(IsNull(method), if_null_or_undefined);
8303
8304 return method;
8305 }
8306
LoadPropertyFromFastObject(Node * object,Node * map,TNode<DescriptorArray> descriptors,Node * name_index,Variable * var_details,Variable * var_value)8307 void CodeStubAssembler::LoadPropertyFromFastObject(
8308 Node* object, Node* map, TNode<DescriptorArray> descriptors,
8309 Node* name_index, Variable* var_details, Variable* var_value) {
8310 DCHECK_EQ(MachineRepresentation::kWord32, var_details->rep());
8311 DCHECK_EQ(MachineRepresentation::kTagged, var_value->rep());
8312
8313 Node* details =
8314 LoadDetailsByKeyIndex(descriptors, UncheckedCast<IntPtrT>(name_index));
8315 var_details->Bind(details);
8316
8317 LoadPropertyFromFastObject(object, map, descriptors, name_index, details,
8318 var_value);
8319 }
8320
LoadPropertyFromFastObject(Node * object,Node * map,TNode<DescriptorArray> descriptors,Node * name_index,Node * details,Variable * var_value)8321 void CodeStubAssembler::LoadPropertyFromFastObject(
8322 Node* object, Node* map, TNode<DescriptorArray> descriptors,
8323 Node* name_index, Node* details, Variable* var_value) {
8324 Comment("[ LoadPropertyFromFastObject");
8325
8326 Node* location = DecodeWord32<PropertyDetails::LocationField>(details);
8327
8328 Label if_in_field(this), if_in_descriptor(this), done(this);
8329 Branch(Word32Equal(location, Int32Constant(kField)), &if_in_field,
8330 &if_in_descriptor);
8331 BIND(&if_in_field);
8332 {
8333 Node* field_index =
8334 DecodeWordFromWord32<PropertyDetails::FieldIndexField>(details);
8335 Node* representation =
8336 DecodeWord32<PropertyDetails::RepresentationField>(details);
8337
8338 field_index =
8339 IntPtrAdd(field_index, LoadMapInobjectPropertiesStartInWords(map));
8340 Node* instance_size_in_words = LoadMapInstanceSizeInWords(map);
8341
8342 Label if_inobject(this), if_backing_store(this);
8343 VARIABLE(var_double_value, MachineRepresentation::kFloat64);
8344 Label rebox_double(this, &var_double_value);
8345 Branch(UintPtrLessThan(field_index, instance_size_in_words), &if_inobject,
8346 &if_backing_store);
8347 BIND(&if_inobject);
8348 {
8349 Comment("if_inobject");
8350 Node* field_offset = TimesPointerSize(field_index);
8351
8352 Label if_double(this), if_tagged(this);
8353 Branch(Word32NotEqual(representation,
8354 Int32Constant(Representation::kDouble)),
8355 &if_tagged, &if_double);
8356 BIND(&if_tagged);
8357 {
8358 var_value->Bind(LoadObjectField(object, field_offset));
8359 Goto(&done);
8360 }
8361 BIND(&if_double);
8362 {
8363 if (FLAG_unbox_double_fields) {
8364 var_double_value.Bind(
8365 LoadObjectField(object, field_offset, MachineType::Float64()));
8366 } else {
8367 Node* mutable_heap_number = LoadObjectField(object, field_offset);
8368 var_double_value.Bind(LoadHeapNumberValue(mutable_heap_number));
8369 }
8370 Goto(&rebox_double);
8371 }
8372 }
8373 BIND(&if_backing_store);
8374 {
8375 Comment("if_backing_store");
8376 Node* properties = LoadFastProperties(object);
8377 field_index = IntPtrSub(field_index, instance_size_in_words);
8378 Node* value = LoadPropertyArrayElement(properties, field_index);
8379
8380 Label if_double(this), if_tagged(this);
8381 Branch(Word32NotEqual(representation,
8382 Int32Constant(Representation::kDouble)),
8383 &if_tagged, &if_double);
8384 BIND(&if_tagged);
8385 {
8386 var_value->Bind(value);
8387 Goto(&done);
8388 }
8389 BIND(&if_double);
8390 {
8391 var_double_value.Bind(LoadHeapNumberValue(value));
8392 Goto(&rebox_double);
8393 }
8394 }
8395 BIND(&rebox_double);
8396 {
8397 Comment("rebox_double");
8398 Node* heap_number = AllocateHeapNumberWithValue(var_double_value.value());
8399 var_value->Bind(heap_number);
8400 Goto(&done);
8401 }
8402 }
8403 BIND(&if_in_descriptor);
8404 {
8405 var_value->Bind(
8406 LoadValueByKeyIndex(descriptors, UncheckedCast<IntPtrT>(name_index)));
8407 Goto(&done);
8408 }
8409 BIND(&done);
8410
8411 Comment("] LoadPropertyFromFastObject");
8412 }
8413
LoadPropertyFromNameDictionary(Node * dictionary,Node * name_index,Variable * var_details,Variable * var_value)8414 void CodeStubAssembler::LoadPropertyFromNameDictionary(Node* dictionary,
8415 Node* name_index,
8416 Variable* var_details,
8417 Variable* var_value) {
8418 Comment("LoadPropertyFromNameDictionary");
8419 CSA_ASSERT(this, IsNameDictionary(dictionary));
8420
8421 var_details->Bind(
8422 LoadDetailsByKeyIndex<NameDictionary>(dictionary, name_index));
8423 var_value->Bind(LoadValueByKeyIndex<NameDictionary>(dictionary, name_index));
8424
8425 Comment("] LoadPropertyFromNameDictionary");
8426 }
8427
LoadPropertyFromGlobalDictionary(Node * dictionary,Node * name_index,Variable * var_details,Variable * var_value,Label * if_deleted)8428 void CodeStubAssembler::LoadPropertyFromGlobalDictionary(Node* dictionary,
8429 Node* name_index,
8430 Variable* var_details,
8431 Variable* var_value,
8432 Label* if_deleted) {
8433 Comment("[ LoadPropertyFromGlobalDictionary");
8434 CSA_ASSERT(this, IsGlobalDictionary(dictionary));
8435
8436 Node* property_cell = LoadFixedArrayElement(CAST(dictionary), name_index);
8437 CSA_ASSERT(this, IsPropertyCell(property_cell));
8438
8439 Node* value = LoadObjectField(property_cell, PropertyCell::kValueOffset);
8440 GotoIf(WordEqual(value, TheHoleConstant()), if_deleted);
8441
8442 var_value->Bind(value);
8443
8444 Node* details = LoadAndUntagToWord32ObjectField(property_cell,
8445 PropertyCell::kDetailsOffset);
8446 var_details->Bind(details);
8447
8448 Comment("] LoadPropertyFromGlobalDictionary");
8449 }
8450
8451 // |value| is the property backing store's contents, which is either a value
8452 // or an accessor pair, as specified by |details|.
8453 // Returns either the original value, or the result of the getter call.
CallGetterIfAccessor(Node * value,Node * details,Node * context,Node * receiver,Label * if_bailout,GetOwnPropertyMode mode)8454 TNode<Object> CodeStubAssembler::CallGetterIfAccessor(
8455 Node* value, Node* details, Node* context, Node* receiver,
8456 Label* if_bailout, GetOwnPropertyMode mode) {
8457 VARIABLE(var_value, MachineRepresentation::kTagged, value);
8458 Label done(this), if_accessor_info(this, Label::kDeferred);
8459
8460 Node* kind = DecodeWord32<PropertyDetails::KindField>(details);
8461 GotoIf(Word32Equal(kind, Int32Constant(kData)), &done);
8462
8463 // Accessor case.
8464 GotoIfNot(IsAccessorPair(value), &if_accessor_info);
8465
8466 // AccessorPair case.
8467 {
8468 if (mode == kCallJSGetter) {
8469 Node* accessor_pair = value;
8470 Node* getter =
8471 LoadObjectField(accessor_pair, AccessorPair::kGetterOffset);
8472 Node* getter_map = LoadMap(getter);
8473 Node* instance_type = LoadMapInstanceType(getter_map);
8474 // FunctionTemplateInfo getters are not supported yet.
8475 GotoIf(InstanceTypeEqual(instance_type, FUNCTION_TEMPLATE_INFO_TYPE),
8476 if_bailout);
8477
8478 // Return undefined if the {getter} is not callable.
8479 var_value.Bind(UndefinedConstant());
8480 GotoIfNot(IsCallableMap(getter_map), &done);
8481
8482 // Call the accessor.
8483 Callable callable = CodeFactory::Call(isolate());
8484 Node* result = CallJS(callable, context, getter, receiver);
8485 var_value.Bind(result);
8486 }
8487 Goto(&done);
8488 }
8489
8490 // AccessorInfo case.
8491 BIND(&if_accessor_info);
8492 {
8493 Node* accessor_info = value;
8494 CSA_ASSERT(this, IsAccessorInfo(value));
8495 CSA_ASSERT(this, TaggedIsNotSmi(receiver));
8496 Label if_array(this), if_function(this), if_value(this);
8497
8498 // Dispatch based on {receiver} instance type.
8499 Node* receiver_map = LoadMap(receiver);
8500 Node* receiver_instance_type = LoadMapInstanceType(receiver_map);
8501 GotoIf(IsJSArrayInstanceType(receiver_instance_type), &if_array);
8502 GotoIf(IsJSFunctionInstanceType(receiver_instance_type), &if_function);
8503 Branch(IsJSValueInstanceType(receiver_instance_type), &if_value,
8504 if_bailout);
8505
8506 // JSArray AccessorInfo case.
8507 BIND(&if_array);
8508 {
8509 // We only deal with the "length" accessor on JSArray.
8510 GotoIfNot(IsLengthString(
8511 LoadObjectField(accessor_info, AccessorInfo::kNameOffset)),
8512 if_bailout);
8513 var_value.Bind(LoadJSArrayLength(receiver));
8514 Goto(&done);
8515 }
8516
8517 // JSFunction AccessorInfo case.
8518 BIND(&if_function);
8519 {
8520 // We only deal with the "prototype" accessor on JSFunction here.
8521 GotoIfNot(IsPrototypeString(
8522 LoadObjectField(accessor_info, AccessorInfo::kNameOffset)),
8523 if_bailout);
8524
8525 GotoIfPrototypeRequiresRuntimeLookup(CAST(receiver), CAST(receiver_map),
8526 if_bailout);
8527 var_value.Bind(LoadJSFunctionPrototype(receiver, if_bailout));
8528 Goto(&done);
8529 }
8530
8531 // JSValue AccessorInfo case.
8532 BIND(&if_value);
8533 {
8534 // We only deal with the "length" accessor on JSValue string wrappers.
8535 GotoIfNot(IsLengthString(
8536 LoadObjectField(accessor_info, AccessorInfo::kNameOffset)),
8537 if_bailout);
8538 Node* receiver_value = LoadJSValueValue(receiver);
8539 GotoIfNot(TaggedIsNotSmi(receiver_value), if_bailout);
8540 GotoIfNot(IsString(receiver_value), if_bailout);
8541 var_value.Bind(LoadStringLengthAsSmi(receiver_value));
8542 Goto(&done);
8543 }
8544 }
8545
8546 BIND(&done);
8547 return UncheckedCast<Object>(var_value.value());
8548 }
8549
TryGetOwnProperty(Node * context,Node * receiver,Node * object,Node * map,Node * instance_type,Node * unique_name,Label * if_found_value,Variable * var_value,Label * if_not_found,Label * if_bailout)8550 void CodeStubAssembler::TryGetOwnProperty(
8551 Node* context, Node* receiver, Node* object, Node* map, Node* instance_type,
8552 Node* unique_name, Label* if_found_value, Variable* var_value,
8553 Label* if_not_found, Label* if_bailout) {
8554 TryGetOwnProperty(context, receiver, object, map, instance_type, unique_name,
8555 if_found_value, var_value, nullptr, nullptr, if_not_found,
8556 if_bailout, kCallJSGetter);
8557 }
8558
TryGetOwnProperty(Node * context,Node * receiver,Node * object,Node * map,Node * instance_type,Node * unique_name,Label * if_found_value,Variable * var_value,Variable * var_details,Variable * var_raw_value,Label * if_not_found,Label * if_bailout,GetOwnPropertyMode mode)8559 void CodeStubAssembler::TryGetOwnProperty(
8560 Node* context, Node* receiver, Node* object, Node* map, Node* instance_type,
8561 Node* unique_name, Label* if_found_value, Variable* var_value,
8562 Variable* var_details, Variable* var_raw_value, Label* if_not_found,
8563 Label* if_bailout, GetOwnPropertyMode mode) {
8564 DCHECK_EQ(MachineRepresentation::kTagged, var_value->rep());
8565 Comment("TryGetOwnProperty");
8566
8567 TVARIABLE(HeapObject, var_meta_storage);
8568 TVARIABLE(IntPtrT, var_entry);
8569
8570 Label if_found_fast(this), if_found_dict(this), if_found_global(this);
8571
8572 VARIABLE(local_var_details, MachineRepresentation::kWord32);
8573 if (!var_details) {
8574 var_details = &local_var_details;
8575 }
8576 Label if_found(this);
8577
8578 TryLookupProperty(object, map, instance_type, unique_name, &if_found_fast,
8579 &if_found_dict, &if_found_global, &var_meta_storage,
8580 &var_entry, if_not_found, if_bailout);
8581 BIND(&if_found_fast);
8582 {
8583 TNode<DescriptorArray> descriptors = CAST(var_meta_storage.value());
8584 Node* name_index = var_entry.value();
8585
8586 LoadPropertyFromFastObject(object, map, descriptors, name_index,
8587 var_details, var_value);
8588 Goto(&if_found);
8589 }
8590 BIND(&if_found_dict);
8591 {
8592 Node* dictionary = var_meta_storage.value();
8593 Node* entry = var_entry.value();
8594 LoadPropertyFromNameDictionary(dictionary, entry, var_details, var_value);
8595 Goto(&if_found);
8596 }
8597 BIND(&if_found_global);
8598 {
8599 Node* dictionary = var_meta_storage.value();
8600 Node* entry = var_entry.value();
8601
8602 LoadPropertyFromGlobalDictionary(dictionary, entry, var_details, var_value,
8603 if_not_found);
8604 Goto(&if_found);
8605 }
8606 // Here we have details and value which could be an accessor.
8607 BIND(&if_found);
8608 {
8609 // TODO(ishell): Execute C++ accessor in case of accessor info
8610 if (var_raw_value) {
8611 var_raw_value->Bind(var_value->value());
8612 }
8613 Node* value = CallGetterIfAccessor(var_value->value(), var_details->value(),
8614 context, receiver, if_bailout, mode);
8615 var_value->Bind(value);
8616 Goto(if_found_value);
8617 }
8618 }
8619
TryLookupElement(Node * object,Node * map,SloppyTNode<Int32T> instance_type,SloppyTNode<IntPtrT> intptr_index,Label * if_found,Label * if_absent,Label * if_not_found,Label * if_bailout)8620 void CodeStubAssembler::TryLookupElement(Node* object, Node* map,
8621 SloppyTNode<Int32T> instance_type,
8622 SloppyTNode<IntPtrT> intptr_index,
8623 Label* if_found, Label* if_absent,
8624 Label* if_not_found,
8625 Label* if_bailout) {
8626 // Handle special objects in runtime.
8627 GotoIf(IsSpecialReceiverInstanceType(instance_type), if_bailout);
8628
8629 Node* elements_kind = LoadMapElementsKind(map);
8630
8631 // TODO(verwaest): Support other elements kinds as well.
8632 Label if_isobjectorsmi(this), if_isdouble(this), if_isdictionary(this),
8633 if_isfaststringwrapper(this), if_isslowstringwrapper(this), if_oob(this),
8634 if_typedarray(this);
8635 // clang-format off
8636 int32_t values[] = {
8637 // Handled by {if_isobjectorsmi}.
8638 PACKED_SMI_ELEMENTS, HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS,
8639 HOLEY_ELEMENTS,
8640 // Handled by {if_isdouble}.
8641 PACKED_DOUBLE_ELEMENTS, HOLEY_DOUBLE_ELEMENTS,
8642 // Handled by {if_isdictionary}.
8643 DICTIONARY_ELEMENTS,
8644 // Handled by {if_isfaststringwrapper}.
8645 FAST_STRING_WRAPPER_ELEMENTS,
8646 // Handled by {if_isslowstringwrapper}.
8647 SLOW_STRING_WRAPPER_ELEMENTS,
8648 // Handled by {if_not_found}.
8649 NO_ELEMENTS,
8650 // Handled by {if_typed_array}.
8651 UINT8_ELEMENTS,
8652 INT8_ELEMENTS,
8653 UINT16_ELEMENTS,
8654 INT16_ELEMENTS,
8655 UINT32_ELEMENTS,
8656 INT32_ELEMENTS,
8657 FLOAT32_ELEMENTS,
8658 FLOAT64_ELEMENTS,
8659 UINT8_CLAMPED_ELEMENTS,
8660 BIGUINT64_ELEMENTS,
8661 BIGINT64_ELEMENTS,
8662 };
8663 Label* labels[] = {
8664 &if_isobjectorsmi, &if_isobjectorsmi, &if_isobjectorsmi,
8665 &if_isobjectorsmi,
8666 &if_isdouble, &if_isdouble,
8667 &if_isdictionary,
8668 &if_isfaststringwrapper,
8669 &if_isslowstringwrapper,
8670 if_not_found,
8671 &if_typedarray,
8672 &if_typedarray,
8673 &if_typedarray,
8674 &if_typedarray,
8675 &if_typedarray,
8676 &if_typedarray,
8677 &if_typedarray,
8678 &if_typedarray,
8679 &if_typedarray,
8680 &if_typedarray,
8681 &if_typedarray,
8682 };
8683 // clang-format on
8684 STATIC_ASSERT(arraysize(values) == arraysize(labels));
8685 Switch(elements_kind, if_bailout, values, labels, arraysize(values));
8686
8687 BIND(&if_isobjectorsmi);
8688 {
8689 TNode<FixedArray> elements = CAST(LoadElements(object));
8690 TNode<IntPtrT> length = LoadAndUntagFixedArrayBaseLength(elements);
8691
8692 GotoIfNot(UintPtrLessThan(intptr_index, length), &if_oob);
8693
8694 TNode<Object> element = LoadFixedArrayElement(elements, intptr_index);
8695 TNode<Oddball> the_hole = TheHoleConstant();
8696 Branch(WordEqual(element, the_hole), if_not_found, if_found);
8697 }
8698 BIND(&if_isdouble);
8699 {
8700 TNode<FixedArrayBase> elements = LoadElements(object);
8701 TNode<IntPtrT> length = LoadAndUntagFixedArrayBaseLength(elements);
8702
8703 GotoIfNot(UintPtrLessThan(intptr_index, length), &if_oob);
8704
8705 // Check if the element is a double hole, but don't load it.
8706 LoadFixedDoubleArrayElement(CAST(elements), intptr_index,
8707 MachineType::None(), 0, INTPTR_PARAMETERS,
8708 if_not_found);
8709 Goto(if_found);
8710 }
8711 BIND(&if_isdictionary);
8712 {
8713 // Negative keys must be converted to property names.
8714 GotoIf(IntPtrLessThan(intptr_index, IntPtrConstant(0)), if_bailout);
8715
8716 TVARIABLE(IntPtrT, var_entry);
8717 TNode<NumberDictionary> elements = CAST(LoadElements(object));
8718 NumberDictionaryLookup(elements, intptr_index, if_found, &var_entry,
8719 if_not_found);
8720 }
8721 BIND(&if_isfaststringwrapper);
8722 {
8723 CSA_ASSERT(this, HasInstanceType(object, JS_VALUE_TYPE));
8724 Node* string = LoadJSValueValue(object);
8725 CSA_ASSERT(this, IsString(string));
8726 Node* length = LoadStringLengthAsWord(string);
8727 GotoIf(UintPtrLessThan(intptr_index, length), if_found);
8728 Goto(&if_isobjectorsmi);
8729 }
8730 BIND(&if_isslowstringwrapper);
8731 {
8732 CSA_ASSERT(this, HasInstanceType(object, JS_VALUE_TYPE));
8733 Node* string = LoadJSValueValue(object);
8734 CSA_ASSERT(this, IsString(string));
8735 Node* length = LoadStringLengthAsWord(string);
8736 GotoIf(UintPtrLessThan(intptr_index, length), if_found);
8737 Goto(&if_isdictionary);
8738 }
8739 BIND(&if_typedarray);
8740 {
8741 Node* buffer = LoadObjectField(object, JSArrayBufferView::kBufferOffset);
8742 GotoIf(IsDetachedBuffer(buffer), if_absent);
8743
8744 Node* length = SmiUntag(LoadTypedArrayLength(CAST(object)));
8745 Branch(UintPtrLessThan(intptr_index, length), if_found, if_absent);
8746 }
8747 BIND(&if_oob);
8748 {
8749 // Positive OOB indices mean "not found", negative indices must be
8750 // converted to property names.
8751 GotoIf(IntPtrLessThan(intptr_index, IntPtrConstant(0)), if_bailout);
8752 Goto(if_not_found);
8753 }
8754 }
8755
BranchIfMaybeSpecialIndex(TNode<String> name_string,Label * if_maybe_special_index,Label * if_not_special_index)8756 void CodeStubAssembler::BranchIfMaybeSpecialIndex(TNode<String> name_string,
8757 Label* if_maybe_special_index,
8758 Label* if_not_special_index) {
8759 // TODO(cwhan.tunz): Implement fast cases more.
8760
8761 // If a name is empty or too long, it's not a special index
8762 // Max length of canonical double: -X.XXXXXXXXXXXXXXXXX-eXXX
8763 const int kBufferSize = 24;
8764 TNode<Smi> string_length = LoadStringLengthAsSmi(name_string);
8765 GotoIf(SmiEqual(string_length, SmiConstant(0)), if_not_special_index);
8766 GotoIf(SmiGreaterThan(string_length, SmiConstant(kBufferSize)),
8767 if_not_special_index);
8768
8769 // If the first character of name is not a digit or '-', or we can't match it
8770 // to Infinity or NaN, then this is not a special index.
8771 TNode<Int32T> first_char = StringCharCodeAt(name_string, IntPtrConstant(0));
8772 // If the name starts with '-', it can be a negative index.
8773 GotoIf(Word32Equal(first_char, Int32Constant('-')), if_maybe_special_index);
8774 // If the name starts with 'I', it can be "Infinity".
8775 GotoIf(Word32Equal(first_char, Int32Constant('I')), if_maybe_special_index);
8776 // If the name starts with 'N', it can be "NaN".
8777 GotoIf(Word32Equal(first_char, Int32Constant('N')), if_maybe_special_index);
8778 // Finally, if the first character is not a digit either, then we are sure
8779 // that the name is not a special index.
8780 GotoIf(Uint32LessThan(first_char, Int32Constant('0')), if_not_special_index);
8781 GotoIf(Uint32LessThan(Int32Constant('9'), first_char), if_not_special_index);
8782 Goto(if_maybe_special_index);
8783 }
8784
TryPrototypeChainLookup(Node * receiver,Node * key,const LookupInHolder & lookup_property_in_holder,const LookupInHolder & lookup_element_in_holder,Label * if_end,Label * if_bailout,Label * if_proxy)8785 void CodeStubAssembler::TryPrototypeChainLookup(
8786 Node* receiver, Node* key, const LookupInHolder& lookup_property_in_holder,
8787 const LookupInHolder& lookup_element_in_holder, Label* if_end,
8788 Label* if_bailout, Label* if_proxy) {
8789 // Ensure receiver is JSReceiver, otherwise bailout.
8790 Label if_objectisnotsmi(this);
8791 Branch(TaggedIsSmi(receiver), if_bailout, &if_objectisnotsmi);
8792 BIND(&if_objectisnotsmi);
8793
8794 Node* map = LoadMap(receiver);
8795 Node* instance_type = LoadMapInstanceType(map);
8796 {
8797 Label if_objectisreceiver(this);
8798 STATIC_ASSERT(LAST_JS_RECEIVER_TYPE == LAST_TYPE);
8799 STATIC_ASSERT(FIRST_JS_RECEIVER_TYPE == JS_PROXY_TYPE);
8800 Branch(IsJSReceiverInstanceType(instance_type), &if_objectisreceiver,
8801 if_bailout);
8802 BIND(&if_objectisreceiver);
8803
8804 if (if_proxy) {
8805 GotoIf(InstanceTypeEqual(instance_type, JS_PROXY_TYPE), if_proxy);
8806 }
8807 }
8808
8809 VARIABLE(var_index, MachineType::PointerRepresentation());
8810 VARIABLE(var_unique, MachineRepresentation::kTagged);
8811
8812 Label if_keyisindex(this), if_iskeyunique(this);
8813 TryToName(key, &if_keyisindex, &var_index, &if_iskeyunique, &var_unique,
8814 if_bailout);
8815
8816 BIND(&if_iskeyunique);
8817 {
8818 VARIABLE(var_holder, MachineRepresentation::kTagged, receiver);
8819 VARIABLE(var_holder_map, MachineRepresentation::kTagged, map);
8820 VARIABLE(var_holder_instance_type, MachineRepresentation::kWord32,
8821 instance_type);
8822
8823 Variable* merged_variables[] = {&var_holder, &var_holder_map,
8824 &var_holder_instance_type};
8825 Label loop(this, arraysize(merged_variables), merged_variables);
8826 Goto(&loop);
8827 BIND(&loop);
8828 {
8829 Node* holder_map = var_holder_map.value();
8830 Node* holder_instance_type = var_holder_instance_type.value();
8831
8832 Label next_proto(this), check_integer_indexed_exotic(this);
8833 lookup_property_in_holder(receiver, var_holder.value(), holder_map,
8834 holder_instance_type, var_unique.value(),
8835 &check_integer_indexed_exotic, if_bailout);
8836
8837 BIND(&check_integer_indexed_exotic);
8838 {
8839 // Bailout if it can be an integer indexed exotic case.
8840 GotoIfNot(InstanceTypeEqual(holder_instance_type, JS_TYPED_ARRAY_TYPE),
8841 &next_proto);
8842 GotoIfNot(IsString(var_unique.value()), &next_proto);
8843 BranchIfMaybeSpecialIndex(CAST(var_unique.value()), if_bailout,
8844 &next_proto);
8845 }
8846
8847 BIND(&next_proto);
8848
8849 Node* proto = LoadMapPrototype(holder_map);
8850
8851 GotoIf(IsNull(proto), if_end);
8852
8853 Node* map = LoadMap(proto);
8854 Node* instance_type = LoadMapInstanceType(map);
8855
8856 var_holder.Bind(proto);
8857 var_holder_map.Bind(map);
8858 var_holder_instance_type.Bind(instance_type);
8859 Goto(&loop);
8860 }
8861 }
8862 BIND(&if_keyisindex);
8863 {
8864 VARIABLE(var_holder, MachineRepresentation::kTagged, receiver);
8865 VARIABLE(var_holder_map, MachineRepresentation::kTagged, map);
8866 VARIABLE(var_holder_instance_type, MachineRepresentation::kWord32,
8867 instance_type);
8868
8869 Variable* merged_variables[] = {&var_holder, &var_holder_map,
8870 &var_holder_instance_type};
8871 Label loop(this, arraysize(merged_variables), merged_variables);
8872 Goto(&loop);
8873 BIND(&loop);
8874 {
8875 Label next_proto(this);
8876 lookup_element_in_holder(receiver, var_holder.value(),
8877 var_holder_map.value(),
8878 var_holder_instance_type.value(),
8879 var_index.value(), &next_proto, if_bailout);
8880 BIND(&next_proto);
8881
8882 Node* proto = LoadMapPrototype(var_holder_map.value());
8883
8884 GotoIf(IsNull(proto), if_end);
8885
8886 Node* map = LoadMap(proto);
8887 Node* instance_type = LoadMapInstanceType(map);
8888
8889 var_holder.Bind(proto);
8890 var_holder_map.Bind(map);
8891 var_holder_instance_type.Bind(instance_type);
8892 Goto(&loop);
8893 }
8894 }
8895 }
8896
HasInPrototypeChain(Node * context,Node * object,Node * prototype)8897 Node* CodeStubAssembler::HasInPrototypeChain(Node* context, Node* object,
8898 Node* prototype) {
8899 CSA_ASSERT(this, TaggedIsNotSmi(object));
8900 VARIABLE(var_result, MachineRepresentation::kTagged);
8901 Label return_false(this), return_true(this),
8902 return_runtime(this, Label::kDeferred), return_result(this);
8903
8904 // Loop through the prototype chain looking for the {prototype}.
8905 VARIABLE(var_object_map, MachineRepresentation::kTagged, LoadMap(object));
8906 Label loop(this, &var_object_map);
8907 Goto(&loop);
8908 BIND(&loop);
8909 {
8910 // Check if we can determine the prototype directly from the {object_map}.
8911 Label if_objectisdirect(this), if_objectisspecial(this, Label::kDeferred);
8912 Node* object_map = var_object_map.value();
8913 TNode<Int32T> object_instance_type = LoadMapInstanceType(object_map);
8914 Branch(IsSpecialReceiverInstanceType(object_instance_type),
8915 &if_objectisspecial, &if_objectisdirect);
8916 BIND(&if_objectisspecial);
8917 {
8918 // The {object_map} is a special receiver map or a primitive map, check
8919 // if we need to use the if_objectisspecial path in the runtime.
8920 GotoIf(InstanceTypeEqual(object_instance_type, JS_PROXY_TYPE),
8921 &return_runtime);
8922 Node* object_bitfield = LoadMapBitField(object_map);
8923 int mask = Map::HasNamedInterceptorBit::kMask |
8924 Map::IsAccessCheckNeededBit::kMask;
8925 Branch(IsSetWord32(object_bitfield, mask), &return_runtime,
8926 &if_objectisdirect);
8927 }
8928 BIND(&if_objectisdirect);
8929
8930 // Check the current {object} prototype.
8931 Node* object_prototype = LoadMapPrototype(object_map);
8932 GotoIf(IsNull(object_prototype), &return_false);
8933 GotoIf(WordEqual(object_prototype, prototype), &return_true);
8934
8935 // Continue with the prototype.
8936 CSA_ASSERT(this, TaggedIsNotSmi(object_prototype));
8937 var_object_map.Bind(LoadMap(object_prototype));
8938 Goto(&loop);
8939 }
8940
8941 BIND(&return_true);
8942 var_result.Bind(TrueConstant());
8943 Goto(&return_result);
8944
8945 BIND(&return_false);
8946 var_result.Bind(FalseConstant());
8947 Goto(&return_result);
8948
8949 BIND(&return_runtime);
8950 {
8951 // Fallback to the runtime implementation.
8952 var_result.Bind(
8953 CallRuntime(Runtime::kHasInPrototypeChain, context, object, prototype));
8954 }
8955 Goto(&return_result);
8956
8957 BIND(&return_result);
8958 return var_result.value();
8959 }
8960
OrdinaryHasInstance(Node * context,Node * callable,Node * object)8961 Node* CodeStubAssembler::OrdinaryHasInstance(Node* context, Node* callable,
8962 Node* object) {
8963 VARIABLE(var_result, MachineRepresentation::kTagged);
8964 Label return_runtime(this, Label::kDeferred), return_result(this);
8965
8966 // Goto runtime if {object} is a Smi.
8967 GotoIf(TaggedIsSmi(object), &return_runtime);
8968
8969 // Goto runtime if {callable} is a Smi.
8970 GotoIf(TaggedIsSmi(callable), &return_runtime);
8971
8972 // Load map of {callable}.
8973 Node* callable_map = LoadMap(callable);
8974
8975 // Goto runtime if {callable} is not a JSFunction.
8976 Node* callable_instance_type = LoadMapInstanceType(callable_map);
8977 GotoIfNot(InstanceTypeEqual(callable_instance_type, JS_FUNCTION_TYPE),
8978 &return_runtime);
8979
8980 GotoIfPrototypeRequiresRuntimeLookup(CAST(callable), CAST(callable_map),
8981 &return_runtime);
8982
8983 // Get the "prototype" (or initial map) of the {callable}.
8984 Node* callable_prototype =
8985 LoadObjectField(callable, JSFunction::kPrototypeOrInitialMapOffset);
8986 {
8987 Label callable_prototype_valid(this);
8988 VARIABLE(var_callable_prototype, MachineRepresentation::kTagged,
8989 callable_prototype);
8990
8991 // Resolve the "prototype" if the {callable} has an initial map. Afterwards
8992 // the {callable_prototype} will be either the JSReceiver prototype object
8993 // or the hole value, which means that no instances of the {callable} were
8994 // created so far and hence we should return false.
8995 Node* callable_prototype_instance_type =
8996 LoadInstanceType(callable_prototype);
8997 GotoIfNot(InstanceTypeEqual(callable_prototype_instance_type, MAP_TYPE),
8998 &callable_prototype_valid);
8999 var_callable_prototype.Bind(
9000 LoadObjectField(callable_prototype, Map::kPrototypeOffset));
9001 Goto(&callable_prototype_valid);
9002 BIND(&callable_prototype_valid);
9003 callable_prototype = var_callable_prototype.value();
9004 }
9005
9006 // Loop through the prototype chain looking for the {callable} prototype.
9007 var_result.Bind(HasInPrototypeChain(context, object, callable_prototype));
9008 Goto(&return_result);
9009
9010 BIND(&return_runtime);
9011 {
9012 // Fallback to the runtime implementation.
9013 var_result.Bind(
9014 CallRuntime(Runtime::kOrdinaryHasInstance, context, callable, object));
9015 }
9016 Goto(&return_result);
9017
9018 BIND(&return_result);
9019 return var_result.value();
9020 }
9021
ElementOffsetFromIndex(Node * index_node,ElementsKind kind,ParameterMode mode,int base_size)9022 TNode<IntPtrT> CodeStubAssembler::ElementOffsetFromIndex(Node* index_node,
9023 ElementsKind kind,
9024 ParameterMode mode,
9025 int base_size) {
9026 CSA_SLOW_ASSERT(this, MatchesParameterMode(index_node, mode));
9027 int element_size_shift = ElementsKindToShiftSize(kind);
9028 int element_size = 1 << element_size_shift;
9029 int const kSmiShiftBits = kSmiShiftSize + kSmiTagSize;
9030 intptr_t index = 0;
9031 bool constant_index = false;
9032 if (mode == SMI_PARAMETERS) {
9033 element_size_shift -= kSmiShiftBits;
9034 Smi* smi_index;
9035 constant_index = ToSmiConstant(index_node, smi_index);
9036 if (constant_index) index = smi_index->value();
9037 index_node = BitcastTaggedToWord(index_node);
9038 } else {
9039 DCHECK(mode == INTPTR_PARAMETERS);
9040 constant_index = ToIntPtrConstant(index_node, index);
9041 }
9042 if (constant_index) {
9043 return IntPtrConstant(base_size + element_size * index);
9044 }
9045
9046 TNode<WordT> shifted_index =
9047 (element_size_shift == 0)
9048 ? UncheckedCast<WordT>(index_node)
9049 : ((element_size_shift > 0)
9050 ? WordShl(index_node, IntPtrConstant(element_size_shift))
9051 : WordSar(index_node, IntPtrConstant(-element_size_shift)));
9052 return IntPtrAdd(IntPtrConstant(base_size), Signed(shifted_index));
9053 }
9054
IsOffsetInBounds(SloppyTNode<IntPtrT> offset,SloppyTNode<IntPtrT> length,int header_size,ElementsKind kind)9055 TNode<BoolT> CodeStubAssembler::IsOffsetInBounds(SloppyTNode<IntPtrT> offset,
9056 SloppyTNode<IntPtrT> length,
9057 int header_size,
9058 ElementsKind kind) {
9059 // Make sure we point to the last field.
9060 int element_size = 1 << ElementsKindToShiftSize(kind);
9061 int correction = header_size - kHeapObjectTag - element_size;
9062 TNode<IntPtrT> last_offset =
9063 ElementOffsetFromIndex(length, kind, INTPTR_PARAMETERS, correction);
9064 return IntPtrLessThanOrEqual(offset, last_offset);
9065 }
9066
LoadFeedbackVector(SloppyTNode<JSFunction> closure,Label * if_undefined)9067 TNode<FeedbackVector> CodeStubAssembler::LoadFeedbackVector(
9068 SloppyTNode<JSFunction> closure, Label* if_undefined) {
9069 TNode<FeedbackCell> feedback_cell =
9070 CAST(LoadObjectField(closure, JSFunction::kFeedbackCellOffset));
9071 TNode<Object> maybe_vector =
9072 LoadObjectField(feedback_cell, FeedbackCell::kValueOffset);
9073 if (if_undefined) {
9074 GotoIf(IsUndefined(maybe_vector), if_undefined);
9075 }
9076 return CAST(maybe_vector);
9077 }
9078
LoadFeedbackVectorForStub()9079 TNode<FeedbackVector> CodeStubAssembler::LoadFeedbackVectorForStub() {
9080 TNode<JSFunction> function =
9081 CAST(LoadFromParentFrame(JavaScriptFrameConstants::kFunctionOffset));
9082 return LoadFeedbackVector(function);
9083 }
9084
UpdateFeedback(Node * feedback,Node * feedback_vector,Node * slot_id)9085 void CodeStubAssembler::UpdateFeedback(Node* feedback, Node* feedback_vector,
9086 Node* slot_id) {
9087 // This method is used for binary op and compare feedback. These
9088 // vector nodes are initialized with a smi 0, so we can simply OR
9089 // our new feedback in place.
9090 TNode<MaybeObject> feedback_element =
9091 LoadFeedbackVectorSlot(feedback_vector, slot_id);
9092 TNode<Smi> previous_feedback = CAST(feedback_element);
9093 TNode<Smi> combined_feedback = SmiOr(previous_feedback, CAST(feedback));
9094 Label end(this);
9095
9096 GotoIf(SmiEqual(previous_feedback, combined_feedback), &end);
9097 {
9098 StoreFeedbackVectorSlot(feedback_vector, slot_id, combined_feedback,
9099 SKIP_WRITE_BARRIER);
9100 ReportFeedbackUpdate(feedback_vector, slot_id, "UpdateFeedback");
9101 Goto(&end);
9102 }
9103
9104 BIND(&end);
9105 }
9106
ReportFeedbackUpdate(SloppyTNode<FeedbackVector> feedback_vector,SloppyTNode<IntPtrT> slot_id,const char * reason)9107 void CodeStubAssembler::ReportFeedbackUpdate(
9108 SloppyTNode<FeedbackVector> feedback_vector, SloppyTNode<IntPtrT> slot_id,
9109 const char* reason) {
9110 // Reset profiler ticks.
9111 StoreObjectFieldNoWriteBarrier(
9112 feedback_vector, FeedbackVector::kProfilerTicksOffset, Int32Constant(0),
9113 MachineRepresentation::kWord32);
9114
9115 #ifdef V8_TRACE_FEEDBACK_UPDATES
9116 // Trace the update.
9117 CallRuntime(Runtime::kInterpreterTraceUpdateFeedback, NoContextConstant(),
9118 LoadFromParentFrame(JavaScriptFrameConstants::kFunctionOffset),
9119 SmiTag(slot_id), StringConstant(reason));
9120 #endif // V8_TRACE_FEEDBACK_UPDATES
9121 }
9122
OverwriteFeedback(Variable * existing_feedback,int new_feedback)9123 void CodeStubAssembler::OverwriteFeedback(Variable* existing_feedback,
9124 int new_feedback) {
9125 if (existing_feedback == nullptr) return;
9126 existing_feedback->Bind(SmiConstant(new_feedback));
9127 }
9128
CombineFeedback(Variable * existing_feedback,int feedback)9129 void CodeStubAssembler::CombineFeedback(Variable* existing_feedback,
9130 int feedback) {
9131 if (existing_feedback == nullptr) return;
9132 existing_feedback->Bind(
9133 SmiOr(CAST(existing_feedback->value()), SmiConstant(feedback)));
9134 }
9135
CombineFeedback(Variable * existing_feedback,Node * feedback)9136 void CodeStubAssembler::CombineFeedback(Variable* existing_feedback,
9137 Node* feedback) {
9138 if (existing_feedback == nullptr) return;
9139 existing_feedback->Bind(
9140 SmiOr(CAST(existing_feedback->value()), CAST(feedback)));
9141 }
9142
CheckForAssociatedProtector(Node * name,Label * if_protector)9143 void CodeStubAssembler::CheckForAssociatedProtector(Node* name,
9144 Label* if_protector) {
9145 // This list must be kept in sync with LookupIterator::UpdateProtector!
9146 // TODO(jkummerow): Would it be faster to have a bit in Symbol::flags()?
9147 GotoIf(WordEqual(name, LoadRoot(Heap::kconstructor_stringRootIndex)),
9148 if_protector);
9149 GotoIf(WordEqual(name, LoadRoot(Heap::kiterator_symbolRootIndex)),
9150 if_protector);
9151 GotoIf(WordEqual(name, LoadRoot(Heap::knext_stringRootIndex)), if_protector);
9152 GotoIf(WordEqual(name, LoadRoot(Heap::kspecies_symbolRootIndex)),
9153 if_protector);
9154 GotoIf(WordEqual(name, LoadRoot(Heap::kis_concat_spreadable_symbolRootIndex)),
9155 if_protector);
9156 GotoIf(WordEqual(name, LoadRoot(Heap::kresolve_stringRootIndex)),
9157 if_protector);
9158 GotoIf(WordEqual(name, LoadRoot(Heap::kthen_stringRootIndex)), if_protector);
9159 // Fall through if no case matched.
9160 }
9161
LoadReceiverMap(SloppyTNode<Object> receiver)9162 TNode<Map> CodeStubAssembler::LoadReceiverMap(SloppyTNode<Object> receiver) {
9163 return Select<Map>(
9164 TaggedIsSmi(receiver),
9165 [=] { return CAST(LoadRoot(Heap::kHeapNumberMapRootIndex)); },
9166 [=] { return LoadMap(UncheckedCast<HeapObject>(receiver)); });
9167 }
9168
TryToIntptr(Node * key,Label * miss)9169 TNode<IntPtrT> CodeStubAssembler::TryToIntptr(Node* key, Label* miss) {
9170 TVARIABLE(IntPtrT, var_intptr_key);
9171 Label done(this, &var_intptr_key), key_is_smi(this);
9172 GotoIf(TaggedIsSmi(key), &key_is_smi);
9173 // Try to convert a heap number to a Smi.
9174 GotoIfNot(IsHeapNumber(key), miss);
9175 {
9176 TNode<Float64T> value = LoadHeapNumberValue(key);
9177 TNode<Int32T> int_value = RoundFloat64ToInt32(value);
9178 GotoIfNot(Float64Equal(value, ChangeInt32ToFloat64(int_value)), miss);
9179 var_intptr_key = ChangeInt32ToIntPtr(int_value);
9180 Goto(&done);
9181 }
9182
9183 BIND(&key_is_smi);
9184 {
9185 var_intptr_key = SmiUntag(key);
9186 Goto(&done);
9187 }
9188
9189 BIND(&done);
9190 return var_intptr_key.value();
9191 }
9192
EmitKeyedSloppyArguments(Node * receiver,Node * key,Node * value,Label * bailout)9193 Node* CodeStubAssembler::EmitKeyedSloppyArguments(Node* receiver, Node* key,
9194 Node* value, Label* bailout) {
9195 // Mapped arguments are actual arguments. Unmapped arguments are values added
9196 // to the arguments object after it was created for the call. Mapped arguments
9197 // are stored in the context at indexes given by elements[key + 2]. Unmapped
9198 // arguments are stored as regular indexed properties in the arguments array,
9199 // held at elements[1]. See NewSloppyArguments() in runtime.cc for a detailed
9200 // look at argument object construction.
9201 //
9202 // The sloppy arguments elements array has a special format:
9203 //
9204 // 0: context
9205 // 1: unmapped arguments array
9206 // 2: mapped_index0,
9207 // 3: mapped_index1,
9208 // ...
9209 //
9210 // length is 2 + min(number_of_actual_arguments, number_of_formal_arguments).
9211 // If key + 2 >= elements.length then attempt to look in the unmapped
9212 // arguments array (given by elements[1]) and return the value at key, missing
9213 // to the runtime if the unmapped arguments array is not a fixed array or if
9214 // key >= unmapped_arguments_array.length.
9215 //
9216 // Otherwise, t = elements[key + 2]. If t is the hole, then look up the value
9217 // in the unmapped arguments array, as described above. Otherwise, t is a Smi
9218 // index into the context array given at elements[0]. Return the value at
9219 // context[t].
9220
9221 bool is_load = value == nullptr;
9222
9223 GotoIfNot(TaggedIsSmi(key), bailout);
9224 key = SmiUntag(key);
9225 GotoIf(IntPtrLessThan(key, IntPtrConstant(0)), bailout);
9226
9227 TNode<FixedArray> elements = CAST(LoadElements(receiver));
9228 TNode<IntPtrT> elements_length = LoadAndUntagFixedArrayBaseLength(elements);
9229
9230 VARIABLE(var_result, MachineRepresentation::kTagged);
9231 if (!is_load) {
9232 var_result.Bind(value);
9233 }
9234 Label if_mapped(this), if_unmapped(this), end(this, &var_result);
9235 Node* intptr_two = IntPtrConstant(2);
9236 Node* adjusted_length = IntPtrSub(elements_length, intptr_two);
9237
9238 GotoIf(UintPtrGreaterThanOrEqual(key, adjusted_length), &if_unmapped);
9239
9240 TNode<Object> mapped_index =
9241 LoadFixedArrayElement(elements, IntPtrAdd(key, intptr_two));
9242 Branch(WordEqual(mapped_index, TheHoleConstant()), &if_unmapped, &if_mapped);
9243
9244 BIND(&if_mapped);
9245 {
9246 TNode<IntPtrT> mapped_index_intptr = SmiUntag(CAST(mapped_index));
9247 TNode<Context> the_context = CAST(LoadFixedArrayElement(elements, 0));
9248 // Assert that we can use LoadFixedArrayElement/StoreFixedArrayElement
9249 // methods for accessing Context.
9250 STATIC_ASSERT(Context::kHeaderSize == FixedArray::kHeaderSize);
9251 DCHECK_EQ(Context::SlotOffset(0) + kHeapObjectTag,
9252 FixedArray::OffsetOfElementAt(0));
9253 if (is_load) {
9254 Node* result = LoadFixedArrayElement(the_context, mapped_index_intptr);
9255 CSA_ASSERT(this, WordNotEqual(result, TheHoleConstant()));
9256 var_result.Bind(result);
9257 } else {
9258 StoreFixedArrayElement(the_context, mapped_index_intptr, value);
9259 }
9260 Goto(&end);
9261 }
9262
9263 BIND(&if_unmapped);
9264 {
9265 TNode<HeapObject> backing_store_ho =
9266 CAST(LoadFixedArrayElement(elements, 1));
9267 GotoIf(WordNotEqual(LoadMap(backing_store_ho), FixedArrayMapConstant()),
9268 bailout);
9269 TNode<FixedArray> backing_store = CAST(backing_store_ho);
9270
9271 TNode<IntPtrT> backing_store_length =
9272 LoadAndUntagFixedArrayBaseLength(backing_store);
9273 GotoIf(UintPtrGreaterThanOrEqual(key, backing_store_length), bailout);
9274
9275 // The key falls into unmapped range.
9276 if (is_load) {
9277 Node* result = LoadFixedArrayElement(backing_store, key);
9278 GotoIf(WordEqual(result, TheHoleConstant()), bailout);
9279 var_result.Bind(result);
9280 } else {
9281 StoreFixedArrayElement(backing_store, key, value);
9282 }
9283 Goto(&end);
9284 }
9285
9286 BIND(&end);
9287 return var_result.value();
9288 }
9289
LoadScriptContext(TNode<Context> context,TNode<IntPtrT> context_index)9290 TNode<Context> CodeStubAssembler::LoadScriptContext(
9291 TNode<Context> context, TNode<IntPtrT> context_index) {
9292 TNode<Context> native_context = LoadNativeContext(context);
9293 TNode<ScriptContextTable> script_context_table = CAST(
9294 LoadContextElement(native_context, Context::SCRIPT_CONTEXT_TABLE_INDEX));
9295
9296 TNode<Context> script_context = CAST(LoadFixedArrayElement(
9297 script_context_table, context_index,
9298 ScriptContextTable::kFirstContextSlotIndex * kPointerSize));
9299 return script_context;
9300 }
9301
9302 namespace {
9303
9304 // Converts typed array elements kind to a machine representations.
ElementsKindToMachineRepresentation(ElementsKind kind)9305 MachineRepresentation ElementsKindToMachineRepresentation(ElementsKind kind) {
9306 switch (kind) {
9307 case UINT8_CLAMPED_ELEMENTS:
9308 case UINT8_ELEMENTS:
9309 case INT8_ELEMENTS:
9310 return MachineRepresentation::kWord8;
9311 case UINT16_ELEMENTS:
9312 case INT16_ELEMENTS:
9313 return MachineRepresentation::kWord16;
9314 case UINT32_ELEMENTS:
9315 case INT32_ELEMENTS:
9316 return MachineRepresentation::kWord32;
9317 case FLOAT32_ELEMENTS:
9318 return MachineRepresentation::kFloat32;
9319 case FLOAT64_ELEMENTS:
9320 return MachineRepresentation::kFloat64;
9321 default:
9322 UNREACHABLE();
9323 }
9324 }
9325
9326 } // namespace
9327
StoreElement(Node * elements,ElementsKind kind,Node * index,Node * value,ParameterMode mode)9328 void CodeStubAssembler::StoreElement(Node* elements, ElementsKind kind,
9329 Node* index, Node* value,
9330 ParameterMode mode) {
9331 if (IsFixedTypedArrayElementsKind(kind)) {
9332 if (kind == UINT8_CLAMPED_ELEMENTS) {
9333 CSA_ASSERT(this,
9334 Word32Equal(value, Word32And(Int32Constant(0xFF), value)));
9335 }
9336 Node* offset = ElementOffsetFromIndex(index, kind, mode, 0);
9337 // TODO(cbruni): Add OOB check once typed.
9338 MachineRepresentation rep = ElementsKindToMachineRepresentation(kind);
9339 StoreNoWriteBarrier(rep, elements, offset, value);
9340 return;
9341 } else if (IsDoubleElementsKind(kind)) {
9342 // Make sure we do not store signalling NaNs into double arrays.
9343 TNode<Float64T> value_silenced = Float64SilenceNaN(value);
9344 StoreFixedDoubleArrayElement(CAST(elements), index, value_silenced, mode);
9345 } else {
9346 WriteBarrierMode barrier_mode =
9347 IsSmiElementsKind(kind) ? SKIP_WRITE_BARRIER : UPDATE_WRITE_BARRIER;
9348 StoreFixedArrayElement(CAST(elements), index, value, barrier_mode, 0, mode);
9349 }
9350 }
9351
Int32ToUint8Clamped(Node * int32_value)9352 Node* CodeStubAssembler::Int32ToUint8Clamped(Node* int32_value) {
9353 Label done(this);
9354 Node* int32_zero = Int32Constant(0);
9355 Node* int32_255 = Int32Constant(255);
9356 VARIABLE(var_value, MachineRepresentation::kWord32, int32_value);
9357 GotoIf(Uint32LessThanOrEqual(int32_value, int32_255), &done);
9358 var_value.Bind(int32_zero);
9359 GotoIf(Int32LessThan(int32_value, int32_zero), &done);
9360 var_value.Bind(int32_255);
9361 Goto(&done);
9362 BIND(&done);
9363 return var_value.value();
9364 }
9365
Float64ToUint8Clamped(Node * float64_value)9366 Node* CodeStubAssembler::Float64ToUint8Clamped(Node* float64_value) {
9367 Label done(this);
9368 VARIABLE(var_value, MachineRepresentation::kWord32, Int32Constant(0));
9369 GotoIf(Float64LessThanOrEqual(float64_value, Float64Constant(0.0)), &done);
9370 var_value.Bind(Int32Constant(255));
9371 GotoIf(Float64LessThanOrEqual(Float64Constant(255.0), float64_value), &done);
9372 {
9373 Node* rounded_value = Float64RoundToEven(float64_value);
9374 var_value.Bind(TruncateFloat64ToWord32(rounded_value));
9375 Goto(&done);
9376 }
9377 BIND(&done);
9378 return var_value.value();
9379 }
9380
PrepareValueForWriteToTypedArray(TNode<Object> input,ElementsKind elements_kind,TNode<Context> context)9381 Node* CodeStubAssembler::PrepareValueForWriteToTypedArray(
9382 TNode<Object> input, ElementsKind elements_kind, TNode<Context> context) {
9383 DCHECK(IsFixedTypedArrayElementsKind(elements_kind));
9384
9385 MachineRepresentation rep;
9386 switch (elements_kind) {
9387 case UINT8_ELEMENTS:
9388 case INT8_ELEMENTS:
9389 case UINT16_ELEMENTS:
9390 case INT16_ELEMENTS:
9391 case UINT32_ELEMENTS:
9392 case INT32_ELEMENTS:
9393 case UINT8_CLAMPED_ELEMENTS:
9394 rep = MachineRepresentation::kWord32;
9395 break;
9396 case FLOAT32_ELEMENTS:
9397 rep = MachineRepresentation::kFloat32;
9398 break;
9399 case FLOAT64_ELEMENTS:
9400 rep = MachineRepresentation::kFloat64;
9401 break;
9402 case BIGINT64_ELEMENTS:
9403 case BIGUINT64_ELEMENTS:
9404 return ToBigInt(context, input);
9405 default:
9406 UNREACHABLE();
9407 }
9408
9409 VARIABLE(var_result, rep);
9410 VARIABLE(var_input, MachineRepresentation::kTagged, input);
9411 Label done(this, &var_result), if_smi(this), if_heapnumber_or_oddball(this),
9412 convert(this), loop(this, &var_input);
9413 Goto(&loop);
9414 BIND(&loop);
9415 GotoIf(TaggedIsSmi(var_input.value()), &if_smi);
9416 // We can handle both HeapNumber and Oddball here, since Oddball has the
9417 // same layout as the HeapNumber for the HeapNumber::value field. This
9418 // way we can also properly optimize stores of oddballs to typed arrays.
9419 GotoIf(IsHeapNumber(var_input.value()), &if_heapnumber_or_oddball);
9420 STATIC_ASSERT(HeapNumber::kValueOffset == Oddball::kToNumberRawOffset);
9421 Branch(HasInstanceType(var_input.value(), ODDBALL_TYPE),
9422 &if_heapnumber_or_oddball, &convert);
9423
9424 BIND(&if_heapnumber_or_oddball);
9425 {
9426 Node* value = UncheckedCast<Float64T>(LoadObjectField(
9427 var_input.value(), HeapNumber::kValueOffset, MachineType::Float64()));
9428 if (rep == MachineRepresentation::kWord32) {
9429 if (elements_kind == UINT8_CLAMPED_ELEMENTS) {
9430 value = Float64ToUint8Clamped(value);
9431 } else {
9432 value = TruncateFloat64ToWord32(value);
9433 }
9434 } else if (rep == MachineRepresentation::kFloat32) {
9435 value = TruncateFloat64ToFloat32(value);
9436 } else {
9437 DCHECK_EQ(MachineRepresentation::kFloat64, rep);
9438 }
9439 var_result.Bind(value);
9440 Goto(&done);
9441 }
9442
9443 BIND(&if_smi);
9444 {
9445 Node* value = SmiToInt32(var_input.value());
9446 if (rep == MachineRepresentation::kFloat32) {
9447 value = RoundInt32ToFloat32(value);
9448 } else if (rep == MachineRepresentation::kFloat64) {
9449 value = ChangeInt32ToFloat64(value);
9450 } else {
9451 DCHECK_EQ(MachineRepresentation::kWord32, rep);
9452 if (elements_kind == UINT8_CLAMPED_ELEMENTS) {
9453 value = Int32ToUint8Clamped(value);
9454 }
9455 }
9456 var_result.Bind(value);
9457 Goto(&done);
9458 }
9459
9460 BIND(&convert);
9461 {
9462 var_input.Bind(CallBuiltin(Builtins::kNonNumberToNumber, context, input));
9463 Goto(&loop);
9464 }
9465
9466 BIND(&done);
9467 return var_result.value();
9468 }
9469
EmitBigTypedArrayElementStore(TNode<JSTypedArray> object,TNode<FixedTypedArrayBase> elements,TNode<IntPtrT> intptr_key,TNode<Object> value,TNode<Context> context,Label * opt_if_neutered)9470 void CodeStubAssembler::EmitBigTypedArrayElementStore(
9471 TNode<JSTypedArray> object, TNode<FixedTypedArrayBase> elements,
9472 TNode<IntPtrT> intptr_key, TNode<Object> value, TNode<Context> context,
9473 Label* opt_if_neutered) {
9474 TNode<BigInt> bigint_value = ToBigInt(context, value);
9475
9476 if (opt_if_neutered != nullptr) {
9477 // Check if buffer has been neutered. Must happen after {ToBigInt}!
9478 Node* buffer = LoadObjectField(object, JSArrayBufferView::kBufferOffset);
9479 GotoIf(IsDetachedBuffer(buffer), opt_if_neutered);
9480 }
9481
9482 TNode<RawPtrT> backing_store = LoadFixedTypedArrayBackingStore(elements);
9483 TNode<IntPtrT> offset = ElementOffsetFromIndex(intptr_key, BIGINT64_ELEMENTS,
9484 INTPTR_PARAMETERS, 0);
9485 EmitBigTypedArrayElementStore(elements, backing_store, offset, bigint_value);
9486 }
9487
EmitBigTypedArrayElementStore(TNode<FixedTypedArrayBase> elements,TNode<RawPtrT> backing_store,TNode<IntPtrT> offset,TNode<BigInt> bigint_value)9488 void CodeStubAssembler::EmitBigTypedArrayElementStore(
9489 TNode<FixedTypedArrayBase> elements, TNode<RawPtrT> backing_store,
9490 TNode<IntPtrT> offset, TNode<BigInt> bigint_value) {
9491 TNode<WordT> bitfield = LoadBigIntBitfield(bigint_value);
9492 TNode<UintPtrT> length = DecodeWord<BigIntBase::LengthBits>(bitfield);
9493 TNode<UintPtrT> sign = DecodeWord<BigIntBase::SignBits>(bitfield);
9494 TVARIABLE(UintPtrT, var_low, Unsigned(IntPtrConstant(0)));
9495 // Only used on 32-bit platforms.
9496 TVARIABLE(UintPtrT, var_high, Unsigned(IntPtrConstant(0)));
9497 Label do_store(this);
9498 GotoIf(WordEqual(length, IntPtrConstant(0)), &do_store);
9499 var_low = LoadBigIntDigit(bigint_value, 0);
9500 if (!Is64()) {
9501 Label load_done(this);
9502 GotoIf(WordEqual(length, IntPtrConstant(1)), &load_done);
9503 var_high = LoadBigIntDigit(bigint_value, 1);
9504 Goto(&load_done);
9505 BIND(&load_done);
9506 }
9507 GotoIf(WordEqual(sign, IntPtrConstant(0)), &do_store);
9508 // Negative value. Simulate two's complement.
9509 if (!Is64()) {
9510 var_high = Unsigned(IntPtrSub(IntPtrConstant(0), var_high.value()));
9511 Label no_carry(this);
9512 GotoIf(WordEqual(var_low.value(), IntPtrConstant(0)), &no_carry);
9513 var_high = Unsigned(IntPtrSub(var_high.value(), IntPtrConstant(1)));
9514 Goto(&no_carry);
9515 BIND(&no_carry);
9516 }
9517 var_low = Unsigned(IntPtrSub(IntPtrConstant(0), var_low.value()));
9518 Goto(&do_store);
9519 BIND(&do_store);
9520
9521 // Assert that offset < elements.length. Given that it's an offset for a raw
9522 // pointer we correct it by the usual kHeapObjectTag offset.
9523 CSA_ASSERT(
9524 this, IsOffsetInBounds(offset, LoadAndUntagFixedArrayBaseLength(elements),
9525 kHeapObjectTag, BIGINT64_ELEMENTS));
9526
9527 MachineRepresentation rep = WordT::kMachineRepresentation;
9528 #if defined(V8_TARGET_BIG_ENDIAN)
9529 if (!Is64()) {
9530 StoreNoWriteBarrier(rep, backing_store, offset, var_high.value());
9531 StoreNoWriteBarrier(rep, backing_store,
9532 IntPtrAdd(offset, IntPtrConstant(kPointerSize)),
9533 var_low.value());
9534 } else {
9535 StoreNoWriteBarrier(rep, backing_store, offset, var_low.value());
9536 }
9537 #else
9538 StoreNoWriteBarrier(rep, backing_store, offset, var_low.value());
9539 if (!Is64()) {
9540 StoreNoWriteBarrier(rep, backing_store,
9541 IntPtrAdd(offset, IntPtrConstant(kPointerSize)),
9542 var_high.value());
9543 }
9544 #endif
9545 }
9546
EmitElementStore(Node * object,Node * key,Node * value,bool is_jsarray,ElementsKind elements_kind,KeyedAccessStoreMode store_mode,Label * bailout,Node * context)9547 void CodeStubAssembler::EmitElementStore(Node* object, Node* key, Node* value,
9548 bool is_jsarray,
9549 ElementsKind elements_kind,
9550 KeyedAccessStoreMode store_mode,
9551 Label* bailout, Node* context) {
9552 CSA_ASSERT(this, Word32BinaryNot(IsJSProxy(object)));
9553
9554 Node* elements = LoadElements(object);
9555 if (!IsSmiOrObjectElementsKind(elements_kind)) {
9556 CSA_ASSERT(this, Word32BinaryNot(IsFixedCOWArrayMap(LoadMap(elements))));
9557 } else if (!IsCOWHandlingStoreMode(store_mode)) {
9558 GotoIf(IsFixedCOWArrayMap(LoadMap(elements)), bailout);
9559 }
9560
9561 // TODO(ishell): introduce TryToIntPtrOrSmi() and use OptimalParameterMode().
9562 ParameterMode parameter_mode = INTPTR_PARAMETERS;
9563 TNode<IntPtrT> intptr_key = TryToIntptr(key, bailout);
9564
9565 if (IsFixedTypedArrayElementsKind(elements_kind)) {
9566 Label done(this);
9567
9568 // IntegerIndexedElementSet converts value to a Number/BigInt prior to the
9569 // bounds check.
9570 value = PrepareValueForWriteToTypedArray(CAST(value), elements_kind,
9571 CAST(context));
9572
9573 // There must be no allocations between the buffer load and
9574 // and the actual store to backing store, because GC may decide that
9575 // the buffer is not alive or move the elements.
9576 // TODO(ishell): introduce DisallowHeapAllocationCode scope here.
9577
9578 // Check if buffer has been neutered.
9579 Node* buffer = LoadObjectField(object, JSArrayBufferView::kBufferOffset);
9580 GotoIf(IsDetachedBuffer(buffer), bailout);
9581
9582 // Bounds check.
9583 Node* length =
9584 TaggedToParameter(LoadTypedArrayLength(CAST(object)), parameter_mode);
9585
9586 if (store_mode == STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS) {
9587 // Skip the store if we write beyond the length or
9588 // to a property with a negative integer index.
9589 GotoIfNot(UintPtrLessThan(intptr_key, length), &done);
9590 } else {
9591 DCHECK_EQ(STANDARD_STORE, store_mode);
9592 GotoIfNot(UintPtrLessThan(intptr_key, length), bailout);
9593 }
9594
9595 if (elements_kind == BIGINT64_ELEMENTS ||
9596 elements_kind == BIGUINT64_ELEMENTS) {
9597 TNode<BigInt> bigint_value = UncheckedCast<BigInt>(value);
9598
9599 TNode<RawPtrT> backing_store =
9600 LoadFixedTypedArrayBackingStore(CAST(elements));
9601 TNode<IntPtrT> offset = ElementOffsetFromIndex(
9602 intptr_key, BIGINT64_ELEMENTS, INTPTR_PARAMETERS, 0);
9603 EmitBigTypedArrayElementStore(CAST(elements), backing_store, offset,
9604 bigint_value);
9605 } else {
9606 Node* backing_store = LoadFixedTypedArrayBackingStore(CAST(elements));
9607 StoreElement(backing_store, elements_kind, intptr_key, value,
9608 parameter_mode);
9609 }
9610 Goto(&done);
9611
9612 BIND(&done);
9613 return;
9614 }
9615 DCHECK(IsSmiOrObjectElementsKind(elements_kind) ||
9616 IsDoubleElementsKind(elements_kind));
9617
9618 Node* length = is_jsarray ? LoadJSArrayLength(object)
9619 : LoadFixedArrayBaseLength(elements);
9620 length = TaggedToParameter(length, parameter_mode);
9621
9622 // In case value is stored into a fast smi array, assure that the value is
9623 // a smi before manipulating the backing store. Otherwise the backing store
9624 // may be left in an invalid state.
9625 if (IsSmiElementsKind(elements_kind)) {
9626 GotoIfNot(TaggedIsSmi(value), bailout);
9627 } else if (IsDoubleElementsKind(elements_kind)) {
9628 value = TryTaggedToFloat64(value, bailout);
9629 }
9630
9631 if (IsGrowStoreMode(store_mode)) {
9632 elements = CheckForCapacityGrow(object, elements, elements_kind, store_mode,
9633 length, intptr_key, parameter_mode,
9634 is_jsarray, bailout);
9635 } else {
9636 GotoIfNot(UintPtrLessThan(intptr_key, length), bailout);
9637 }
9638
9639 // If we didn't grow {elements}, it might still be COW, in which case we
9640 // copy it now.
9641 if (!IsSmiOrObjectElementsKind(elements_kind)) {
9642 CSA_ASSERT(this, Word32BinaryNot(IsFixedCOWArrayMap(LoadMap(elements))));
9643 } else if (IsCOWHandlingStoreMode(store_mode)) {
9644 elements = CopyElementsOnWrite(object, elements, elements_kind, length,
9645 parameter_mode, bailout);
9646 }
9647
9648 CSA_ASSERT(this, Word32BinaryNot(IsFixedCOWArrayMap(LoadMap(elements))));
9649 StoreElement(elements, elements_kind, intptr_key, value, parameter_mode);
9650 }
9651
CheckForCapacityGrow(Node * object,Node * elements,ElementsKind kind,KeyedAccessStoreMode store_mode,Node * length,Node * key,ParameterMode mode,bool is_js_array,Label * bailout)9652 Node* CodeStubAssembler::CheckForCapacityGrow(
9653 Node* object, Node* elements, ElementsKind kind,
9654 KeyedAccessStoreMode store_mode, Node* length, Node* key,
9655 ParameterMode mode, bool is_js_array, Label* bailout) {
9656 DCHECK(IsFastElementsKind(kind));
9657 VARIABLE(checked_elements, MachineRepresentation::kTagged);
9658 Label grow_case(this), no_grow_case(this), done(this),
9659 grow_bailout(this, Label::kDeferred);
9660
9661 Node* condition;
9662 if (IsHoleyElementsKind(kind)) {
9663 condition = UintPtrGreaterThanOrEqual(key, length);
9664 } else {
9665 // We don't support growing here unless the value is being appended.
9666 condition = WordEqual(key, length);
9667 }
9668 Branch(condition, &grow_case, &no_grow_case);
9669
9670 BIND(&grow_case);
9671 {
9672 Node* current_capacity =
9673 TaggedToParameter(LoadFixedArrayBaseLength(elements), mode);
9674 checked_elements.Bind(elements);
9675 Label fits_capacity(this);
9676 // If key is negative, we will notice in Runtime::kGrowArrayElements.
9677 GotoIf(UintPtrLessThan(key, current_capacity), &fits_capacity);
9678
9679 {
9680 Node* new_elements = TryGrowElementsCapacity(
9681 object, elements, kind, key, current_capacity, mode, &grow_bailout);
9682 checked_elements.Bind(new_elements);
9683 Goto(&fits_capacity);
9684 }
9685
9686 BIND(&grow_bailout);
9687 {
9688 Node* tagged_key = mode == SMI_PARAMETERS
9689 ? key
9690 : ChangeInt32ToTagged(TruncateIntPtrToInt32(key));
9691 Node* maybe_elements = CallRuntime(
9692 Runtime::kGrowArrayElements, NoContextConstant(), object, tagged_key);
9693 GotoIf(TaggedIsSmi(maybe_elements), bailout);
9694 CSA_ASSERT(this, IsFixedArrayWithKind(maybe_elements, kind));
9695 checked_elements.Bind(maybe_elements);
9696 Goto(&fits_capacity);
9697 }
9698
9699 BIND(&fits_capacity);
9700 if (is_js_array) {
9701 Node* new_length = IntPtrAdd(key, IntPtrOrSmiConstant(1, mode));
9702 StoreObjectFieldNoWriteBarrier(object, JSArray::kLengthOffset,
9703 ParameterToTagged(new_length, mode));
9704 }
9705 Goto(&done);
9706 }
9707
9708 BIND(&no_grow_case);
9709 {
9710 GotoIfNot(UintPtrLessThan(key, length), bailout);
9711 checked_elements.Bind(elements);
9712 Goto(&done);
9713 }
9714
9715 BIND(&done);
9716 return checked_elements.value();
9717 }
9718
CopyElementsOnWrite(Node * object,Node * elements,ElementsKind kind,Node * length,ParameterMode mode,Label * bailout)9719 Node* CodeStubAssembler::CopyElementsOnWrite(Node* object, Node* elements,
9720 ElementsKind kind, Node* length,
9721 ParameterMode mode,
9722 Label* bailout) {
9723 VARIABLE(new_elements_var, MachineRepresentation::kTagged, elements);
9724 Label done(this);
9725
9726 GotoIfNot(IsFixedCOWArrayMap(LoadMap(elements)), &done);
9727 {
9728 Node* capacity =
9729 TaggedToParameter(LoadFixedArrayBaseLength(elements), mode);
9730 Node* new_elements = GrowElementsCapacity(object, elements, kind, kind,
9731 length, capacity, mode, bailout);
9732 new_elements_var.Bind(new_elements);
9733 Goto(&done);
9734 }
9735
9736 BIND(&done);
9737 return new_elements_var.value();
9738 }
9739
TransitionElementsKind(Node * object,Node * map,ElementsKind from_kind,ElementsKind to_kind,bool is_jsarray,Label * bailout)9740 void CodeStubAssembler::TransitionElementsKind(Node* object, Node* map,
9741 ElementsKind from_kind,
9742 ElementsKind to_kind,
9743 bool is_jsarray,
9744 Label* bailout) {
9745 DCHECK(!IsHoleyElementsKind(from_kind) || IsHoleyElementsKind(to_kind));
9746 if (AllocationSite::ShouldTrack(from_kind, to_kind)) {
9747 TrapAllocationMemento(object, bailout);
9748 }
9749
9750 if (!IsSimpleMapChangeTransition(from_kind, to_kind)) {
9751 Comment("Non-simple map transition");
9752 Node* elements = LoadElements(object);
9753
9754 Label done(this);
9755 GotoIf(WordEqual(elements, EmptyFixedArrayConstant()), &done);
9756
9757 // TODO(ishell): Use OptimalParameterMode().
9758 ParameterMode mode = INTPTR_PARAMETERS;
9759 Node* elements_length = SmiUntag(LoadFixedArrayBaseLength(elements));
9760 Node* array_length =
9761 is_jsarray ? SmiUntag(LoadFastJSArrayLength(object)) : elements_length;
9762
9763 CSA_ASSERT(this, WordNotEqual(elements_length, IntPtrConstant(0)));
9764
9765 GrowElementsCapacity(object, elements, from_kind, to_kind, array_length,
9766 elements_length, mode, bailout);
9767 Goto(&done);
9768 BIND(&done);
9769 }
9770
9771 StoreMap(object, map);
9772 }
9773
TrapAllocationMemento(Node * object,Label * memento_found)9774 void CodeStubAssembler::TrapAllocationMemento(Node* object,
9775 Label* memento_found) {
9776 Comment("[ TrapAllocationMemento");
9777 Label no_memento_found(this);
9778 Label top_check(this), map_check(this);
9779
9780 TNode<ExternalReference> new_space_top_address = ExternalConstant(
9781 ExternalReference::new_space_allocation_top_address(isolate()));
9782 const int kMementoMapOffset = JSArray::kSize;
9783 const int kMementoLastWordOffset =
9784 kMementoMapOffset + AllocationMemento::kSize - kPointerSize;
9785
9786 // Bail out if the object is not in new space.
9787 TNode<IntPtrT> object_word = BitcastTaggedToWord(object);
9788 TNode<IntPtrT> object_page = PageFromAddress(object_word);
9789 {
9790 TNode<IntPtrT> page_flags =
9791 UncheckedCast<IntPtrT>(Load(MachineType::IntPtr(), object_page,
9792 IntPtrConstant(Page::kFlagsOffset)));
9793 GotoIf(WordEqual(WordAnd(page_flags,
9794 IntPtrConstant(MemoryChunk::kIsInNewSpaceMask)),
9795 IntPtrConstant(0)),
9796 &no_memento_found);
9797 }
9798
9799 TNode<IntPtrT> memento_last_word = IntPtrAdd(
9800 object_word, IntPtrConstant(kMementoLastWordOffset - kHeapObjectTag));
9801 TNode<IntPtrT> memento_last_word_page = PageFromAddress(memento_last_word);
9802
9803 TNode<IntPtrT> new_space_top = UncheckedCast<IntPtrT>(
9804 Load(MachineType::Pointer(), new_space_top_address));
9805 TNode<IntPtrT> new_space_top_page = PageFromAddress(new_space_top);
9806
9807 // If the object is in new space, we need to check whether respective
9808 // potential memento object is on the same page as the current top.
9809 GotoIf(WordEqual(memento_last_word_page, new_space_top_page), &top_check);
9810
9811 // The object is on a different page than allocation top. Bail out if the
9812 // object sits on the page boundary as no memento can follow and we cannot
9813 // touch the memory following it.
9814 Branch(WordEqual(object_page, memento_last_word_page), &map_check,
9815 &no_memento_found);
9816
9817 // If top is on the same page as the current object, we need to check whether
9818 // we are below top.
9819 BIND(&top_check);
9820 {
9821 Branch(UintPtrGreaterThanOrEqual(memento_last_word, new_space_top),
9822 &no_memento_found, &map_check);
9823 }
9824
9825 // Memento map check.
9826 BIND(&map_check);
9827 {
9828 TNode<Object> memento_map = LoadObjectField(object, kMementoMapOffset);
9829 Branch(
9830 WordEqual(memento_map, LoadRoot(Heap::kAllocationMementoMapRootIndex)),
9831 memento_found, &no_memento_found);
9832 }
9833 BIND(&no_memento_found);
9834 Comment("] TrapAllocationMemento");
9835 }
9836
PageFromAddress(TNode<IntPtrT> address)9837 TNode<IntPtrT> CodeStubAssembler::PageFromAddress(TNode<IntPtrT> address) {
9838 return WordAnd(address, IntPtrConstant(~kPageAlignmentMask));
9839 }
9840
CreateAllocationSiteInFeedbackVector(SloppyTNode<FeedbackVector> feedback_vector,TNode<Smi> slot)9841 TNode<AllocationSite> CodeStubAssembler::CreateAllocationSiteInFeedbackVector(
9842 SloppyTNode<FeedbackVector> feedback_vector, TNode<Smi> slot) {
9843 TNode<IntPtrT> size = IntPtrConstant(AllocationSite::kSizeWithWeakNext);
9844 Node* site = Allocate(size, CodeStubAssembler::kPretenured);
9845 StoreMapNoWriteBarrier(site, Heap::kAllocationSiteWithWeakNextMapRootIndex);
9846 // Should match AllocationSite::Initialize.
9847 TNode<WordT> field = UpdateWord<AllocationSite::ElementsKindBits>(
9848 IntPtrConstant(0), IntPtrConstant(GetInitialFastElementsKind()));
9849 StoreObjectFieldNoWriteBarrier(
9850 site, AllocationSite::kTransitionInfoOrBoilerplateOffset,
9851 SmiTag(Signed(field)));
9852
9853 // Unlike literals, constructed arrays don't have nested sites
9854 TNode<Smi> zero = SmiConstant(0);
9855 StoreObjectFieldNoWriteBarrier(site, AllocationSite::kNestedSiteOffset, zero);
9856
9857 // Pretenuring calculation field.
9858 StoreObjectFieldNoWriteBarrier(site, AllocationSite::kPretenureDataOffset,
9859 Int32Constant(0),
9860 MachineRepresentation::kWord32);
9861
9862 // Pretenuring memento creation count field.
9863 StoreObjectFieldNoWriteBarrier(
9864 site, AllocationSite::kPretenureCreateCountOffset, Int32Constant(0),
9865 MachineRepresentation::kWord32);
9866
9867 // Store an empty fixed array for the code dependency.
9868 StoreObjectFieldRoot(site, AllocationSite::kDependentCodeOffset,
9869 Heap::kEmptyWeakFixedArrayRootIndex);
9870
9871 // Link the object to the allocation site list
9872 TNode<ExternalReference> site_list = ExternalConstant(
9873 ExternalReference::allocation_sites_list_address(isolate()));
9874 TNode<Object> next_site = CAST(LoadBufferObject(site_list, 0));
9875
9876 // TODO(mvstanton): This is a store to a weak pointer, which we may want to
9877 // mark as such in order to skip the write barrier, once we have a unified
9878 // system for weakness. For now we decided to keep it like this because having
9879 // an initial write barrier backed store makes this pointer strong until the
9880 // next GC, and allocation sites are designed to survive several GCs anyway.
9881 StoreObjectField(site, AllocationSite::kWeakNextOffset, next_site);
9882 StoreNoWriteBarrier(MachineRepresentation::kTagged, site_list, site);
9883
9884 StoreFeedbackVectorSlot(feedback_vector, slot, site, UPDATE_WRITE_BARRIER, 0,
9885 SMI_PARAMETERS);
9886 return CAST(site);
9887 }
9888
StoreWeakReferenceInFeedbackVector(SloppyTNode<FeedbackVector> feedback_vector,Node * slot,SloppyTNode<HeapObject> value,int additional_offset,ParameterMode parameter_mode)9889 TNode<MaybeObject> CodeStubAssembler::StoreWeakReferenceInFeedbackVector(
9890 SloppyTNode<FeedbackVector> feedback_vector, Node* slot,
9891 SloppyTNode<HeapObject> value, int additional_offset,
9892 ParameterMode parameter_mode) {
9893 TNode<MaybeObject> weak_value = MakeWeak(value);
9894 StoreFeedbackVectorSlot(feedback_vector, slot, weak_value,
9895 UPDATE_WRITE_BARRIER, additional_offset,
9896 parameter_mode);
9897 return weak_value;
9898 }
9899
NotHasBoilerplate(TNode<Object> maybe_literal_site)9900 TNode<BoolT> CodeStubAssembler::NotHasBoilerplate(
9901 TNode<Object> maybe_literal_site) {
9902 return TaggedIsSmi(maybe_literal_site);
9903 }
9904
LoadTransitionInfo(TNode<AllocationSite> allocation_site)9905 TNode<Smi> CodeStubAssembler::LoadTransitionInfo(
9906 TNode<AllocationSite> allocation_site) {
9907 TNode<Smi> transition_info = CAST(LoadObjectField(
9908 allocation_site, AllocationSite::kTransitionInfoOrBoilerplateOffset));
9909 return transition_info;
9910 }
9911
LoadBoilerplate(TNode<AllocationSite> allocation_site)9912 TNode<JSObject> CodeStubAssembler::LoadBoilerplate(
9913 TNode<AllocationSite> allocation_site) {
9914 TNode<JSObject> boilerplate = CAST(LoadObjectField(
9915 allocation_site, AllocationSite::kTransitionInfoOrBoilerplateOffset));
9916 return boilerplate;
9917 }
9918
LoadElementsKind(TNode<AllocationSite> allocation_site)9919 TNode<Int32T> CodeStubAssembler::LoadElementsKind(
9920 TNode<AllocationSite> allocation_site) {
9921 TNode<Smi> transition_info = LoadTransitionInfo(allocation_site);
9922 TNode<Int32T> elements_kind =
9923 Signed(DecodeWord32<AllocationSite::ElementsKindBits>(
9924 SmiToInt32(transition_info)));
9925 CSA_ASSERT(this, IsFastElementsKind(elements_kind));
9926 return elements_kind;
9927 }
9928
BuildFastLoop(const CodeStubAssembler::VariableList & vars,Node * start_index,Node * end_index,const FastLoopBody & body,int increment,ParameterMode parameter_mode,IndexAdvanceMode advance_mode)9929 Node* CodeStubAssembler::BuildFastLoop(
9930 const CodeStubAssembler::VariableList& vars, Node* start_index,
9931 Node* end_index, const FastLoopBody& body, int increment,
9932 ParameterMode parameter_mode, IndexAdvanceMode advance_mode) {
9933 CSA_SLOW_ASSERT(this, MatchesParameterMode(start_index, parameter_mode));
9934 CSA_SLOW_ASSERT(this, MatchesParameterMode(end_index, parameter_mode));
9935 MachineRepresentation index_rep = (parameter_mode == INTPTR_PARAMETERS)
9936 ? MachineType::PointerRepresentation()
9937 : MachineRepresentation::kTaggedSigned;
9938 VARIABLE(var, index_rep, start_index);
9939 VariableList vars_copy(vars.begin(), vars.end(), zone());
9940 vars_copy.push_back(&var);
9941 Label loop(this, vars_copy);
9942 Label after_loop(this);
9943 // Introduce an explicit second check of the termination condition before the
9944 // loop that helps turbofan generate better code. If there's only a single
9945 // check, then the CodeStubAssembler forces it to be at the beginning of the
9946 // loop requiring a backwards branch at the end of the loop (it's not possible
9947 // to force the loop header check at the end of the loop and branch forward to
9948 // it from the pre-header). The extra branch is slower in the case that the
9949 // loop actually iterates.
9950 Node* first_check = WordEqual(var.value(), end_index);
9951 int32_t first_check_val;
9952 if (ToInt32Constant(first_check, first_check_val)) {
9953 if (first_check_val) return var.value();
9954 Goto(&loop);
9955 } else {
9956 Branch(first_check, &after_loop, &loop);
9957 }
9958
9959 BIND(&loop);
9960 {
9961 if (advance_mode == IndexAdvanceMode::kPre) {
9962 Increment(&var, increment, parameter_mode);
9963 }
9964 body(var.value());
9965 if (advance_mode == IndexAdvanceMode::kPost) {
9966 Increment(&var, increment, parameter_mode);
9967 }
9968 Branch(WordNotEqual(var.value(), end_index), &loop, &after_loop);
9969 }
9970 BIND(&after_loop);
9971 return var.value();
9972 }
9973
BuildFastFixedArrayForEach(const CodeStubAssembler::VariableList & vars,Node * fixed_array,ElementsKind kind,Node * first_element_inclusive,Node * last_element_exclusive,const FastFixedArrayForEachBody & body,ParameterMode mode,ForEachDirection direction)9974 void CodeStubAssembler::BuildFastFixedArrayForEach(
9975 const CodeStubAssembler::VariableList& vars, Node* fixed_array,
9976 ElementsKind kind, Node* first_element_inclusive,
9977 Node* last_element_exclusive, const FastFixedArrayForEachBody& body,
9978 ParameterMode mode, ForEachDirection direction) {
9979 STATIC_ASSERT(FixedArray::kHeaderSize == FixedDoubleArray::kHeaderSize);
9980 CSA_SLOW_ASSERT(this, MatchesParameterMode(first_element_inclusive, mode));
9981 CSA_SLOW_ASSERT(this, MatchesParameterMode(last_element_exclusive, mode));
9982 CSA_SLOW_ASSERT(this, Word32Or(IsFixedArrayWithKind(fixed_array, kind),
9983 IsPropertyArray(fixed_array)));
9984 int32_t first_val;
9985 bool constant_first = ToInt32Constant(first_element_inclusive, first_val);
9986 int32_t last_val;
9987 bool constent_last = ToInt32Constant(last_element_exclusive, last_val);
9988 if (constant_first && constent_last) {
9989 int delta = last_val - first_val;
9990 DCHECK_GE(delta, 0);
9991 if (delta <= kElementLoopUnrollThreshold) {
9992 if (direction == ForEachDirection::kForward) {
9993 for (int i = first_val; i < last_val; ++i) {
9994 Node* index = IntPtrConstant(i);
9995 Node* offset =
9996 ElementOffsetFromIndex(index, kind, INTPTR_PARAMETERS,
9997 FixedArray::kHeaderSize - kHeapObjectTag);
9998 body(fixed_array, offset);
9999 }
10000 } else {
10001 for (int i = last_val - 1; i >= first_val; --i) {
10002 Node* index = IntPtrConstant(i);
10003 Node* offset =
10004 ElementOffsetFromIndex(index, kind, INTPTR_PARAMETERS,
10005 FixedArray::kHeaderSize - kHeapObjectTag);
10006 body(fixed_array, offset);
10007 }
10008 }
10009 return;
10010 }
10011 }
10012
10013 Node* start =
10014 ElementOffsetFromIndex(first_element_inclusive, kind, mode,
10015 FixedArray::kHeaderSize - kHeapObjectTag);
10016 Node* limit =
10017 ElementOffsetFromIndex(last_element_exclusive, kind, mode,
10018 FixedArray::kHeaderSize - kHeapObjectTag);
10019 if (direction == ForEachDirection::kReverse) std::swap(start, limit);
10020
10021 int increment = IsDoubleElementsKind(kind) ? kDoubleSize : kPointerSize;
10022 BuildFastLoop(
10023 vars, start, limit,
10024 [fixed_array, &body](Node* offset) { body(fixed_array, offset); },
10025 direction == ForEachDirection::kReverse ? -increment : increment,
10026 INTPTR_PARAMETERS,
10027 direction == ForEachDirection::kReverse ? IndexAdvanceMode::kPre
10028 : IndexAdvanceMode::kPost);
10029 }
10030
GotoIfFixedArraySizeDoesntFitInNewSpace(Node * element_count,Label * doesnt_fit,int base_size,ParameterMode mode)10031 void CodeStubAssembler::GotoIfFixedArraySizeDoesntFitInNewSpace(
10032 Node* element_count, Label* doesnt_fit, int base_size, ParameterMode mode) {
10033 GotoIf(FixedArraySizeDoesntFitInNewSpace(element_count, base_size, mode),
10034 doesnt_fit);
10035 }
10036
InitializeFieldsWithRoot(Node * object,Node * start_offset,Node * end_offset,Heap::RootListIndex root_index)10037 void CodeStubAssembler::InitializeFieldsWithRoot(
10038 Node* object, Node* start_offset, Node* end_offset,
10039 Heap::RootListIndex root_index) {
10040 CSA_SLOW_ASSERT(this, TaggedIsNotSmi(object));
10041 start_offset = IntPtrAdd(start_offset, IntPtrConstant(-kHeapObjectTag));
10042 end_offset = IntPtrAdd(end_offset, IntPtrConstant(-kHeapObjectTag));
10043 Node* root_value = LoadRoot(root_index);
10044 BuildFastLoop(end_offset, start_offset,
10045 [this, object, root_value](Node* current) {
10046 StoreNoWriteBarrier(MachineRepresentation::kTagged, object,
10047 current, root_value);
10048 },
10049 -kPointerSize, INTPTR_PARAMETERS,
10050 CodeStubAssembler::IndexAdvanceMode::kPre);
10051 }
10052
BranchIfNumberRelationalComparison(Operation op,Node * left,Node * right,Label * if_true,Label * if_false)10053 void CodeStubAssembler::BranchIfNumberRelationalComparison(
10054 Operation op, Node* left, Node* right, Label* if_true, Label* if_false) {
10055 CSA_SLOW_ASSERT(this, IsNumber(left));
10056 CSA_SLOW_ASSERT(this, IsNumber(right));
10057
10058 Label do_float_comparison(this);
10059 TVARIABLE(Float64T, var_left_float);
10060 TVARIABLE(Float64T, var_right_float);
10061
10062 Branch(TaggedIsSmi(left),
10063 [&] {
10064 TNode<Smi> smi_left = CAST(left);
10065
10066 Branch(TaggedIsSmi(right),
10067 [&] {
10068 TNode<Smi> smi_right = CAST(right);
10069
10070 // Both {left} and {right} are Smi, so just perform a fast
10071 // Smi comparison.
10072 switch (op) {
10073 case Operation::kLessThan:
10074 BranchIfSmiLessThan(smi_left, smi_right, if_true,
10075 if_false);
10076 break;
10077 case Operation::kLessThanOrEqual:
10078 BranchIfSmiLessThanOrEqual(smi_left, smi_right, if_true,
10079 if_false);
10080 break;
10081 case Operation::kGreaterThan:
10082 BranchIfSmiLessThan(smi_right, smi_left, if_true,
10083 if_false);
10084 break;
10085 case Operation::kGreaterThanOrEqual:
10086 BranchIfSmiLessThanOrEqual(smi_right, smi_left, if_true,
10087 if_false);
10088 break;
10089 default:
10090 UNREACHABLE();
10091 }
10092 },
10093 [&] {
10094 CSA_ASSERT(this, IsHeapNumber(right));
10095 var_left_float = SmiToFloat64(smi_left);
10096 var_right_float = LoadHeapNumberValue(right);
10097 Goto(&do_float_comparison);
10098 });
10099 },
10100 [&] {
10101 CSA_ASSERT(this, IsHeapNumber(left));
10102 var_left_float = LoadHeapNumberValue(left);
10103
10104 Branch(TaggedIsSmi(right),
10105 [&] {
10106 var_right_float = SmiToFloat64(right);
10107 Goto(&do_float_comparison);
10108 },
10109 [&] {
10110 CSA_ASSERT(this, IsHeapNumber(right));
10111 var_right_float = LoadHeapNumberValue(right);
10112 Goto(&do_float_comparison);
10113 });
10114 });
10115
10116 BIND(&do_float_comparison);
10117 {
10118 switch (op) {
10119 case Operation::kLessThan:
10120 Branch(Float64LessThan(var_left_float.value(), var_right_float.value()),
10121 if_true, if_false);
10122 break;
10123 case Operation::kLessThanOrEqual:
10124 Branch(Float64LessThanOrEqual(var_left_float.value(),
10125 var_right_float.value()),
10126 if_true, if_false);
10127 break;
10128 case Operation::kGreaterThan:
10129 Branch(
10130 Float64GreaterThan(var_left_float.value(), var_right_float.value()),
10131 if_true, if_false);
10132 break;
10133 case Operation::kGreaterThanOrEqual:
10134 Branch(Float64GreaterThanOrEqual(var_left_float.value(),
10135 var_right_float.value()),
10136 if_true, if_false);
10137 break;
10138 default:
10139 UNREACHABLE();
10140 }
10141 }
10142 }
10143
GotoIfNumberGreaterThanOrEqual(Node * left,Node * right,Label * if_true)10144 void CodeStubAssembler::GotoIfNumberGreaterThanOrEqual(Node* left, Node* right,
10145 Label* if_true) {
10146 Label if_false(this);
10147 BranchIfNumberRelationalComparison(Operation::kGreaterThanOrEqual, left,
10148 right, if_true, &if_false);
10149 BIND(&if_false);
10150 }
10151
10152 namespace {
Reverse(Operation op)10153 Operation Reverse(Operation op) {
10154 switch (op) {
10155 case Operation::kLessThan:
10156 return Operation::kGreaterThan;
10157 case Operation::kLessThanOrEqual:
10158 return Operation::kGreaterThanOrEqual;
10159 case Operation::kGreaterThan:
10160 return Operation::kLessThan;
10161 case Operation::kGreaterThanOrEqual:
10162 return Operation::kLessThanOrEqual;
10163 default:
10164 break;
10165 }
10166 UNREACHABLE();
10167 }
10168 } // anonymous namespace
10169
RelationalComparison(Operation op,Node * left,Node * right,Node * context,Variable * var_type_feedback)10170 Node* CodeStubAssembler::RelationalComparison(Operation op, Node* left,
10171 Node* right, Node* context,
10172 Variable* var_type_feedback) {
10173 Label return_true(this), return_false(this), do_float_comparison(this),
10174 end(this);
10175 TVARIABLE(Oddball, var_result); // Actually only "true" or "false".
10176 TVARIABLE(Float64T, var_left_float);
10177 TVARIABLE(Float64T, var_right_float);
10178
10179 // We might need to loop several times due to ToPrimitive and/or ToNumeric
10180 // conversions.
10181 VARIABLE(var_left, MachineRepresentation::kTagged, left);
10182 VARIABLE(var_right, MachineRepresentation::kTagged, right);
10183 VariableList loop_variable_list({&var_left, &var_right}, zone());
10184 if (var_type_feedback != nullptr) {
10185 // Initialize the type feedback to None. The current feedback is combined
10186 // with the previous feedback.
10187 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kNone));
10188 loop_variable_list.push_back(var_type_feedback);
10189 }
10190 Label loop(this, loop_variable_list);
10191 Goto(&loop);
10192 BIND(&loop);
10193 {
10194 left = var_left.value();
10195 right = var_right.value();
10196
10197 Label if_left_smi(this), if_left_not_smi(this);
10198 Branch(TaggedIsSmi(left), &if_left_smi, &if_left_not_smi);
10199
10200 BIND(&if_left_smi);
10201 {
10202 TNode<Smi> smi_left = CAST(left);
10203 Label if_right_smi(this), if_right_heapnumber(this),
10204 if_right_bigint(this, Label::kDeferred),
10205 if_right_not_numeric(this, Label::kDeferred);
10206 GotoIf(TaggedIsSmi(right), &if_right_smi);
10207 Node* right_map = LoadMap(right);
10208 GotoIf(IsHeapNumberMap(right_map), &if_right_heapnumber);
10209 Node* right_instance_type = LoadMapInstanceType(right_map);
10210 Branch(IsBigIntInstanceType(right_instance_type), &if_right_bigint,
10211 &if_right_not_numeric);
10212
10213 BIND(&if_right_smi);
10214 {
10215 TNode<Smi> smi_right = CAST(right);
10216 CombineFeedback(var_type_feedback,
10217 CompareOperationFeedback::kSignedSmall);
10218 switch (op) {
10219 case Operation::kLessThan:
10220 BranchIfSmiLessThan(smi_left, smi_right, &return_true,
10221 &return_false);
10222 break;
10223 case Operation::kLessThanOrEqual:
10224 BranchIfSmiLessThanOrEqual(smi_left, smi_right, &return_true,
10225 &return_false);
10226 break;
10227 case Operation::kGreaterThan:
10228 BranchIfSmiLessThan(smi_right, smi_left, &return_true,
10229 &return_false);
10230 break;
10231 case Operation::kGreaterThanOrEqual:
10232 BranchIfSmiLessThanOrEqual(smi_right, smi_left, &return_true,
10233 &return_false);
10234 break;
10235 default:
10236 UNREACHABLE();
10237 }
10238 }
10239
10240 BIND(&if_right_heapnumber);
10241 {
10242 CombineFeedback(var_type_feedback, CompareOperationFeedback::kNumber);
10243 var_left_float = SmiToFloat64(smi_left);
10244 var_right_float = LoadHeapNumberValue(right);
10245 Goto(&do_float_comparison);
10246 }
10247
10248 BIND(&if_right_bigint);
10249 {
10250 OverwriteFeedback(var_type_feedback, CompareOperationFeedback::kAny);
10251 var_result = CAST(CallRuntime(Runtime::kBigIntCompareToNumber,
10252 NoContextConstant(),
10253 SmiConstant(Reverse(op)), right, left));
10254 Goto(&end);
10255 }
10256
10257 BIND(&if_right_not_numeric);
10258 {
10259 OverwriteFeedback(var_type_feedback, CompareOperationFeedback::kAny);
10260 // Convert {right} to a Numeric; we don't need to perform the
10261 // dedicated ToPrimitive(right, hint Number) operation, as the
10262 // ToNumeric(right) will by itself already invoke ToPrimitive with
10263 // a Number hint.
10264 var_right.Bind(
10265 CallBuiltin(Builtins::kNonNumberToNumeric, context, right));
10266 Goto(&loop);
10267 }
10268 }
10269
10270 BIND(&if_left_not_smi);
10271 {
10272 Node* left_map = LoadMap(left);
10273
10274 Label if_right_smi(this), if_right_not_smi(this);
10275 Branch(TaggedIsSmi(right), &if_right_smi, &if_right_not_smi);
10276
10277 BIND(&if_right_smi);
10278 {
10279 Label if_left_heapnumber(this), if_left_bigint(this, Label::kDeferred),
10280 if_left_not_numeric(this, Label::kDeferred);
10281 GotoIf(IsHeapNumberMap(left_map), &if_left_heapnumber);
10282 Node* left_instance_type = LoadMapInstanceType(left_map);
10283 Branch(IsBigIntInstanceType(left_instance_type), &if_left_bigint,
10284 &if_left_not_numeric);
10285
10286 BIND(&if_left_heapnumber);
10287 {
10288 CombineFeedback(var_type_feedback, CompareOperationFeedback::kNumber);
10289 var_left_float = LoadHeapNumberValue(left);
10290 var_right_float = SmiToFloat64(right);
10291 Goto(&do_float_comparison);
10292 }
10293
10294 BIND(&if_left_bigint);
10295 {
10296 OverwriteFeedback(var_type_feedback, CompareOperationFeedback::kAny);
10297 var_result = CAST(CallRuntime(Runtime::kBigIntCompareToNumber,
10298 NoContextConstant(), SmiConstant(op),
10299 left, right));
10300 Goto(&end);
10301 }
10302
10303 BIND(&if_left_not_numeric);
10304 {
10305 OverwriteFeedback(var_type_feedback, CompareOperationFeedback::kAny);
10306 // Convert {left} to a Numeric; we don't need to perform the
10307 // dedicated ToPrimitive(left, hint Number) operation, as the
10308 // ToNumeric(left) will by itself already invoke ToPrimitive with
10309 // a Number hint.
10310 var_left.Bind(
10311 CallBuiltin(Builtins::kNonNumberToNumeric, context, left));
10312 Goto(&loop);
10313 }
10314 }
10315
10316 BIND(&if_right_not_smi);
10317 {
10318 Node* right_map = LoadMap(right);
10319
10320 Label if_left_heapnumber(this), if_left_bigint(this, Label::kDeferred),
10321 if_left_string(this), if_left_other(this, Label::kDeferred);
10322 GotoIf(IsHeapNumberMap(left_map), &if_left_heapnumber);
10323 Node* left_instance_type = LoadMapInstanceType(left_map);
10324 GotoIf(IsBigIntInstanceType(left_instance_type), &if_left_bigint);
10325 Branch(IsStringInstanceType(left_instance_type), &if_left_string,
10326 &if_left_other);
10327
10328 BIND(&if_left_heapnumber);
10329 {
10330 Label if_right_heapnumber(this),
10331 if_right_bigint(this, Label::kDeferred),
10332 if_right_not_numeric(this, Label::kDeferred);
10333 GotoIf(WordEqual(right_map, left_map), &if_right_heapnumber);
10334 Node* right_instance_type = LoadMapInstanceType(right_map);
10335 Branch(IsBigIntInstanceType(right_instance_type), &if_right_bigint,
10336 &if_right_not_numeric);
10337
10338 BIND(&if_right_heapnumber);
10339 {
10340 CombineFeedback(var_type_feedback,
10341 CompareOperationFeedback::kNumber);
10342 var_left_float = LoadHeapNumberValue(left);
10343 var_right_float = LoadHeapNumberValue(right);
10344 Goto(&do_float_comparison);
10345 }
10346
10347 BIND(&if_right_bigint);
10348 {
10349 OverwriteFeedback(var_type_feedback,
10350 CompareOperationFeedback::kAny);
10351 var_result = CAST(CallRuntime(
10352 Runtime::kBigIntCompareToNumber, NoContextConstant(),
10353 SmiConstant(Reverse(op)), right, left));
10354 Goto(&end);
10355 }
10356
10357 BIND(&if_right_not_numeric);
10358 {
10359 OverwriteFeedback(var_type_feedback,
10360 CompareOperationFeedback::kAny);
10361 // Convert {right} to a Numeric; we don't need to perform
10362 // dedicated ToPrimitive(right, hint Number) operation, as the
10363 // ToNumeric(right) will by itself already invoke ToPrimitive with
10364 // a Number hint.
10365 var_right.Bind(
10366 CallBuiltin(Builtins::kNonNumberToNumeric, context, right));
10367 Goto(&loop);
10368 }
10369 }
10370
10371 BIND(&if_left_bigint);
10372 {
10373 Label if_right_heapnumber(this), if_right_bigint(this),
10374 if_right_string(this), if_right_other(this);
10375 GotoIf(IsHeapNumberMap(right_map), &if_right_heapnumber);
10376 Node* right_instance_type = LoadMapInstanceType(right_map);
10377 GotoIf(IsBigIntInstanceType(right_instance_type), &if_right_bigint);
10378 Branch(IsStringInstanceType(right_instance_type), &if_right_string,
10379 &if_right_other);
10380
10381 BIND(&if_right_heapnumber);
10382 {
10383 OverwriteFeedback(var_type_feedback,
10384 CompareOperationFeedback::kAny);
10385 var_result = CAST(CallRuntime(Runtime::kBigIntCompareToNumber,
10386 NoContextConstant(), SmiConstant(op),
10387 left, right));
10388 Goto(&end);
10389 }
10390
10391 BIND(&if_right_bigint);
10392 {
10393 CombineFeedback(var_type_feedback,
10394 CompareOperationFeedback::kBigInt);
10395 var_result = CAST(CallRuntime(Runtime::kBigIntCompareToBigInt,
10396 NoContextConstant(), SmiConstant(op),
10397 left, right));
10398 Goto(&end);
10399 }
10400
10401 BIND(&if_right_string);
10402 {
10403 OverwriteFeedback(var_type_feedback,
10404 CompareOperationFeedback::kAny);
10405 var_result = CAST(CallRuntime(Runtime::kBigIntCompareToString,
10406 NoContextConstant(), SmiConstant(op),
10407 left, right));
10408 Goto(&end);
10409 }
10410
10411 // {right} is not a Number, BigInt, or String.
10412 BIND(&if_right_other);
10413 {
10414 OverwriteFeedback(var_type_feedback,
10415 CompareOperationFeedback::kAny);
10416 // Convert {right} to a Numeric; we don't need to perform
10417 // dedicated ToPrimitive(right, hint Number) operation, as the
10418 // ToNumeric(right) will by itself already invoke ToPrimitive with
10419 // a Number hint.
10420 var_right.Bind(
10421 CallBuiltin(Builtins::kNonNumberToNumeric, context, right));
10422 Goto(&loop);
10423 }
10424 }
10425
10426 BIND(&if_left_string);
10427 {
10428 Node* right_instance_type = LoadMapInstanceType(right_map);
10429
10430 Label if_right_not_string(this, Label::kDeferred);
10431 GotoIfNot(IsStringInstanceType(right_instance_type),
10432 &if_right_not_string);
10433
10434 // Both {left} and {right} are strings.
10435 CombineFeedback(var_type_feedback, CompareOperationFeedback::kString);
10436 Builtins::Name builtin;
10437 switch (op) {
10438 case Operation::kLessThan:
10439 builtin = Builtins::kStringLessThan;
10440 break;
10441 case Operation::kLessThanOrEqual:
10442 builtin = Builtins::kStringLessThanOrEqual;
10443 break;
10444 case Operation::kGreaterThan:
10445 builtin = Builtins::kStringGreaterThan;
10446 break;
10447 case Operation::kGreaterThanOrEqual:
10448 builtin = Builtins::kStringGreaterThanOrEqual;
10449 break;
10450 default:
10451 UNREACHABLE();
10452 }
10453 var_result = CAST(CallBuiltin(builtin, context, left, right));
10454 Goto(&end);
10455
10456 BIND(&if_right_not_string);
10457 {
10458 OverwriteFeedback(var_type_feedback,
10459 CompareOperationFeedback::kAny);
10460 // {left} is a String, while {right} isn't. Check if {right} is
10461 // a BigInt, otherwise call ToPrimitive(right, hint Number) if
10462 // {right} is a receiver, or ToNumeric(left) and then
10463 // ToNumeric(right) in the other cases.
10464 STATIC_ASSERT(LAST_JS_RECEIVER_TYPE == LAST_TYPE);
10465 Label if_right_bigint(this),
10466 if_right_receiver(this, Label::kDeferred);
10467 GotoIf(IsBigIntInstanceType(right_instance_type), &if_right_bigint);
10468 GotoIf(IsJSReceiverInstanceType(right_instance_type),
10469 &if_right_receiver);
10470
10471 var_left.Bind(
10472 CallBuiltin(Builtins::kNonNumberToNumeric, context, left));
10473 var_right.Bind(CallBuiltin(Builtins::kToNumeric, context, right));
10474 Goto(&loop);
10475
10476 BIND(&if_right_bigint);
10477 {
10478 var_result = CAST(CallRuntime(
10479 Runtime::kBigIntCompareToString, NoContextConstant(),
10480 SmiConstant(Reverse(op)), right, left));
10481 Goto(&end);
10482 }
10483
10484 BIND(&if_right_receiver);
10485 {
10486 Callable callable = CodeFactory::NonPrimitiveToPrimitive(
10487 isolate(), ToPrimitiveHint::kNumber);
10488 var_right.Bind(CallStub(callable, context, right));
10489 Goto(&loop);
10490 }
10491 }
10492 }
10493
10494 BIND(&if_left_other);
10495 {
10496 // {left} is neither a Numeric nor a String, and {right} is not a Smi.
10497 if (var_type_feedback != nullptr) {
10498 // Collect NumberOrOddball feedback if {left} is an Oddball
10499 // and {right} is either a HeapNumber or Oddball. Otherwise collect
10500 // Any feedback.
10501 Label collect_any_feedback(this), collect_oddball_feedback(this),
10502 collect_feedback_done(this);
10503 GotoIfNot(InstanceTypeEqual(left_instance_type, ODDBALL_TYPE),
10504 &collect_any_feedback);
10505
10506 GotoIf(IsHeapNumberMap(right_map), &collect_oddball_feedback);
10507 Node* right_instance_type = LoadMapInstanceType(right_map);
10508 Branch(InstanceTypeEqual(right_instance_type, ODDBALL_TYPE),
10509 &collect_oddball_feedback, &collect_any_feedback);
10510
10511 BIND(&collect_oddball_feedback);
10512 {
10513 CombineFeedback(var_type_feedback,
10514 CompareOperationFeedback::kNumberOrOddball);
10515 Goto(&collect_feedback_done);
10516 }
10517
10518 BIND(&collect_any_feedback);
10519 {
10520 OverwriteFeedback(var_type_feedback,
10521 CompareOperationFeedback::kAny);
10522 Goto(&collect_feedback_done);
10523 }
10524
10525 BIND(&collect_feedback_done);
10526 }
10527
10528 // If {left} is a receiver, call ToPrimitive(left, hint Number).
10529 // Otherwise call ToNumeric(left) and then ToNumeric(right).
10530 STATIC_ASSERT(LAST_JS_RECEIVER_TYPE == LAST_TYPE);
10531 Label if_left_receiver(this, Label::kDeferred);
10532 GotoIf(IsJSReceiverInstanceType(left_instance_type),
10533 &if_left_receiver);
10534
10535 var_left.Bind(
10536 CallBuiltin(Builtins::kNonNumberToNumeric, context, left));
10537 var_right.Bind(CallBuiltin(Builtins::kToNumeric, context, right));
10538 Goto(&loop);
10539
10540 BIND(&if_left_receiver);
10541 {
10542 Callable callable = CodeFactory::NonPrimitiveToPrimitive(
10543 isolate(), ToPrimitiveHint::kNumber);
10544 var_left.Bind(CallStub(callable, context, left));
10545 Goto(&loop);
10546 }
10547 }
10548 }
10549 }
10550 }
10551
10552 BIND(&do_float_comparison);
10553 {
10554 switch (op) {
10555 case Operation::kLessThan:
10556 Branch(Float64LessThan(var_left_float.value(), var_right_float.value()),
10557 &return_true, &return_false);
10558 break;
10559 case Operation::kLessThanOrEqual:
10560 Branch(Float64LessThanOrEqual(var_left_float.value(),
10561 var_right_float.value()),
10562 &return_true, &return_false);
10563 break;
10564 case Operation::kGreaterThan:
10565 Branch(
10566 Float64GreaterThan(var_left_float.value(), var_right_float.value()),
10567 &return_true, &return_false);
10568 break;
10569 case Operation::kGreaterThanOrEqual:
10570 Branch(Float64GreaterThanOrEqual(var_left_float.value(),
10571 var_right_float.value()),
10572 &return_true, &return_false);
10573 break;
10574 default:
10575 UNREACHABLE();
10576 }
10577 }
10578
10579 BIND(&return_true);
10580 {
10581 var_result = TrueConstant();
10582 Goto(&end);
10583 }
10584
10585 BIND(&return_false);
10586 {
10587 var_result = FalseConstant();
10588 Goto(&end);
10589 }
10590
10591 BIND(&end);
10592 return var_result.value();
10593 }
10594
CollectFeedbackForString(SloppyTNode<Int32T> instance_type)10595 TNode<Smi> CodeStubAssembler::CollectFeedbackForString(
10596 SloppyTNode<Int32T> instance_type) {
10597 TNode<Smi> feedback = SelectSmiConstant(
10598 Word32Equal(
10599 Word32And(instance_type, Int32Constant(kIsNotInternalizedMask)),
10600 Int32Constant(kInternalizedTag)),
10601 CompareOperationFeedback::kInternalizedString,
10602 CompareOperationFeedback::kString);
10603 return feedback;
10604 }
10605
GenerateEqual_Same(Node * value,Label * if_equal,Label * if_notequal,Variable * var_type_feedback)10606 void CodeStubAssembler::GenerateEqual_Same(Node* value, Label* if_equal,
10607 Label* if_notequal,
10608 Variable* var_type_feedback) {
10609 // In case of abstract or strict equality checks, we need additional checks
10610 // for NaN values because they are not considered equal, even if both the
10611 // left and the right hand side reference exactly the same value.
10612
10613 Label if_smi(this), if_heapnumber(this);
10614 GotoIf(TaggedIsSmi(value), &if_smi);
10615
10616 Node* value_map = LoadMap(value);
10617 GotoIf(IsHeapNumberMap(value_map), &if_heapnumber);
10618
10619 // For non-HeapNumbers, all we do is collect type feedback.
10620 if (var_type_feedback != nullptr) {
10621 Node* instance_type = LoadMapInstanceType(value_map);
10622
10623 Label if_string(this), if_receiver(this), if_symbol(this), if_bigint(this),
10624 if_other(this, Label::kDeferred);
10625 GotoIf(IsStringInstanceType(instance_type), &if_string);
10626 GotoIf(IsJSReceiverInstanceType(instance_type), &if_receiver);
10627 GotoIf(IsBigIntInstanceType(instance_type), &if_bigint);
10628 Branch(IsSymbolInstanceType(instance_type), &if_symbol, &if_other);
10629
10630 BIND(&if_string);
10631 {
10632 CombineFeedback(var_type_feedback,
10633 CollectFeedbackForString(instance_type));
10634 Goto(if_equal);
10635 }
10636
10637 BIND(&if_symbol);
10638 {
10639 CombineFeedback(var_type_feedback, CompareOperationFeedback::kSymbol);
10640 Goto(if_equal);
10641 }
10642
10643 BIND(&if_receiver);
10644 {
10645 CombineFeedback(var_type_feedback, CompareOperationFeedback::kReceiver);
10646 Goto(if_equal);
10647 }
10648
10649 BIND(&if_bigint);
10650 {
10651 CombineFeedback(var_type_feedback, CompareOperationFeedback::kBigInt);
10652 Goto(if_equal);
10653 }
10654
10655 BIND(&if_other);
10656 {
10657 CombineFeedback(var_type_feedback, CompareOperationFeedback::kAny);
10658 Goto(if_equal);
10659 }
10660 } else {
10661 Goto(if_equal);
10662 }
10663
10664 BIND(&if_heapnumber);
10665 {
10666 CombineFeedback(var_type_feedback, CompareOperationFeedback::kNumber);
10667 Node* number_value = LoadHeapNumberValue(value);
10668 BranchIfFloat64IsNaN(number_value, if_notequal, if_equal);
10669 }
10670
10671 BIND(&if_smi);
10672 {
10673 CombineFeedback(var_type_feedback, CompareOperationFeedback::kSignedSmall);
10674 Goto(if_equal);
10675 }
10676 }
10677
10678 // ES6 section 7.2.12 Abstract Equality Comparison
Equal(Node * left,Node * right,Node * context,Variable * var_type_feedback)10679 Node* CodeStubAssembler::Equal(Node* left, Node* right, Node* context,
10680 Variable* var_type_feedback) {
10681 // This is a slightly optimized version of Object::Equals. Whenever you
10682 // change something functionality wise in here, remember to update the
10683 // Object::Equals method as well.
10684
10685 Label if_equal(this), if_notequal(this), do_float_comparison(this),
10686 do_right_stringtonumber(this, Label::kDeferred), end(this);
10687 VARIABLE(result, MachineRepresentation::kTagged);
10688 TVARIABLE(Float64T, var_left_float);
10689 TVARIABLE(Float64T, var_right_float);
10690
10691 // We can avoid code duplication by exploiting the fact that abstract equality
10692 // is symmetric.
10693 Label use_symmetry(this);
10694
10695 // We might need to loop several times due to ToPrimitive and/or ToNumber
10696 // conversions.
10697 VARIABLE(var_left, MachineRepresentation::kTagged, left);
10698 VARIABLE(var_right, MachineRepresentation::kTagged, right);
10699 VariableList loop_variable_list({&var_left, &var_right}, zone());
10700 if (var_type_feedback != nullptr) {
10701 // Initialize the type feedback to None. The current feedback will be
10702 // combined with the previous feedback.
10703 OverwriteFeedback(var_type_feedback, CompareOperationFeedback::kNone);
10704 loop_variable_list.push_back(var_type_feedback);
10705 }
10706 Label loop(this, loop_variable_list);
10707 Goto(&loop);
10708 BIND(&loop);
10709 {
10710 left = var_left.value();
10711 right = var_right.value();
10712
10713 Label if_notsame(this);
10714 GotoIf(WordNotEqual(left, right), &if_notsame);
10715 {
10716 // {left} and {right} reference the exact same value, yet we need special
10717 // treatment for HeapNumber, as NaN is not equal to NaN.
10718 GenerateEqual_Same(left, &if_equal, &if_notequal, var_type_feedback);
10719 }
10720
10721 BIND(&if_notsame);
10722 Label if_left_smi(this), if_left_not_smi(this);
10723 Branch(TaggedIsSmi(left), &if_left_smi, &if_left_not_smi);
10724
10725 BIND(&if_left_smi);
10726 {
10727 Label if_right_smi(this), if_right_not_smi(this);
10728 Branch(TaggedIsSmi(right), &if_right_smi, &if_right_not_smi);
10729
10730 BIND(&if_right_smi);
10731 {
10732 // We have already checked for {left} and {right} being the same value,
10733 // so when we get here they must be different Smis.
10734 CombineFeedback(var_type_feedback,
10735 CompareOperationFeedback::kSignedSmall);
10736 Goto(&if_notequal);
10737 }
10738
10739 BIND(&if_right_not_smi);
10740 Node* right_map = LoadMap(right);
10741 Label if_right_heapnumber(this), if_right_boolean(this),
10742 if_right_bigint(this, Label::kDeferred),
10743 if_right_receiver(this, Label::kDeferred);
10744 GotoIf(IsHeapNumberMap(right_map), &if_right_heapnumber);
10745 // {left} is Smi and {right} is not HeapNumber or Smi.
10746 if (var_type_feedback != nullptr) {
10747 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kAny));
10748 }
10749 GotoIf(IsBooleanMap(right_map), &if_right_boolean);
10750 Node* right_type = LoadMapInstanceType(right_map);
10751 GotoIf(IsStringInstanceType(right_type), &do_right_stringtonumber);
10752 GotoIf(IsBigIntInstanceType(right_type), &if_right_bigint);
10753 Branch(IsJSReceiverInstanceType(right_type), &if_right_receiver,
10754 &if_notequal);
10755
10756 BIND(&if_right_heapnumber);
10757 {
10758 var_left_float = SmiToFloat64(left);
10759 var_right_float = LoadHeapNumberValue(right);
10760 CombineFeedback(var_type_feedback, CompareOperationFeedback::kNumber);
10761 Goto(&do_float_comparison);
10762 }
10763
10764 BIND(&if_right_boolean);
10765 {
10766 var_right.Bind(LoadObjectField(right, Oddball::kToNumberOffset));
10767 Goto(&loop);
10768 }
10769
10770 BIND(&if_right_bigint);
10771 {
10772 result.Bind(CallRuntime(Runtime::kBigIntEqualToNumber,
10773 NoContextConstant(), right, left));
10774 Goto(&end);
10775 }
10776
10777 BIND(&if_right_receiver);
10778 {
10779 Callable callable = CodeFactory::NonPrimitiveToPrimitive(isolate());
10780 var_right.Bind(CallStub(callable, context, right));
10781 Goto(&loop);
10782 }
10783 }
10784
10785 BIND(&if_left_not_smi);
10786 {
10787 GotoIf(TaggedIsSmi(right), &use_symmetry);
10788
10789 Label if_left_symbol(this), if_left_number(this), if_left_string(this),
10790 if_left_bigint(this, Label::kDeferred), if_left_oddball(this),
10791 if_left_receiver(this);
10792
10793 Node* left_map = LoadMap(left);
10794 Node* right_map = LoadMap(right);
10795 Node* left_type = LoadMapInstanceType(left_map);
10796 Node* right_type = LoadMapInstanceType(right_map);
10797
10798 GotoIf(Int32LessThan(left_type, Int32Constant(FIRST_NONSTRING_TYPE)),
10799 &if_left_string);
10800 GotoIf(InstanceTypeEqual(left_type, SYMBOL_TYPE), &if_left_symbol);
10801 GotoIf(InstanceTypeEqual(left_type, HEAP_NUMBER_TYPE), &if_left_number);
10802 GotoIf(InstanceTypeEqual(left_type, ODDBALL_TYPE), &if_left_oddball);
10803 GotoIf(InstanceTypeEqual(left_type, BIGINT_TYPE), &if_left_bigint);
10804 Goto(&if_left_receiver);
10805
10806 BIND(&if_left_string);
10807 {
10808 GotoIfNot(IsStringInstanceType(right_type), &use_symmetry);
10809 result.Bind(CallBuiltin(Builtins::kStringEqual, context, left, right));
10810 CombineFeedback(var_type_feedback,
10811 SmiOr(CollectFeedbackForString(left_type),
10812 CollectFeedbackForString(right_type)));
10813 Goto(&end);
10814 }
10815
10816 BIND(&if_left_number);
10817 {
10818 Label if_right_not_number(this);
10819 GotoIf(Word32NotEqual(left_type, right_type), &if_right_not_number);
10820
10821 var_left_float = LoadHeapNumberValue(left);
10822 var_right_float = LoadHeapNumberValue(right);
10823 CombineFeedback(var_type_feedback, CompareOperationFeedback::kNumber);
10824 Goto(&do_float_comparison);
10825
10826 BIND(&if_right_not_number);
10827 {
10828 Label if_right_boolean(this);
10829 if (var_type_feedback != nullptr) {
10830 var_type_feedback->Bind(
10831 SmiConstant(CompareOperationFeedback::kAny));
10832 }
10833 GotoIf(IsStringInstanceType(right_type), &do_right_stringtonumber);
10834 GotoIf(IsBooleanMap(right_map), &if_right_boolean);
10835 GotoIf(IsBigIntInstanceType(right_type), &use_symmetry);
10836 Branch(IsJSReceiverInstanceType(right_type), &use_symmetry,
10837 &if_notequal);
10838
10839 BIND(&if_right_boolean);
10840 {
10841 var_right.Bind(LoadObjectField(right, Oddball::kToNumberOffset));
10842 Goto(&loop);
10843 }
10844 }
10845 }
10846
10847 BIND(&if_left_bigint);
10848 {
10849 Label if_right_heapnumber(this), if_right_bigint(this),
10850 if_right_string(this), if_right_boolean(this);
10851 GotoIf(IsHeapNumberMap(right_map), &if_right_heapnumber);
10852 GotoIf(IsBigIntInstanceType(right_type), &if_right_bigint);
10853 GotoIf(IsStringInstanceType(right_type), &if_right_string);
10854 GotoIf(IsBooleanMap(right_map), &if_right_boolean);
10855 Branch(IsJSReceiverInstanceType(right_type), &use_symmetry,
10856 &if_notequal);
10857
10858 BIND(&if_right_heapnumber);
10859 {
10860 if (var_type_feedback != nullptr) {
10861 var_type_feedback->Bind(
10862 SmiConstant(CompareOperationFeedback::kAny));
10863 }
10864 result.Bind(CallRuntime(Runtime::kBigIntEqualToNumber,
10865 NoContextConstant(), left, right));
10866 Goto(&end);
10867 }
10868
10869 BIND(&if_right_bigint);
10870 {
10871 CombineFeedback(var_type_feedback, CompareOperationFeedback::kBigInt);
10872 result.Bind(CallRuntime(Runtime::kBigIntEqualToBigInt,
10873 NoContextConstant(), left, right));
10874 Goto(&end);
10875 }
10876
10877 BIND(&if_right_string);
10878 {
10879 if (var_type_feedback != nullptr) {
10880 var_type_feedback->Bind(
10881 SmiConstant(CompareOperationFeedback::kAny));
10882 }
10883 result.Bind(CallRuntime(Runtime::kBigIntEqualToString,
10884 NoContextConstant(), left, right));
10885 Goto(&end);
10886 }
10887
10888 BIND(&if_right_boolean);
10889 {
10890 if (var_type_feedback != nullptr) {
10891 var_type_feedback->Bind(
10892 SmiConstant(CompareOperationFeedback::kAny));
10893 }
10894 var_right.Bind(LoadObjectField(right, Oddball::kToNumberOffset));
10895 Goto(&loop);
10896 }
10897 }
10898
10899 BIND(&if_left_oddball);
10900 {
10901 if (var_type_feedback != nullptr) {
10902 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kAny));
10903 }
10904
10905 Label if_left_boolean(this);
10906 GotoIf(IsBooleanMap(left_map), &if_left_boolean);
10907 // {left} is either Null or Undefined. Check if {right} is
10908 // undetectable (which includes Null and Undefined).
10909 Branch(IsUndetectableMap(right_map), &if_equal, &if_notequal);
10910
10911 BIND(&if_left_boolean);
10912 {
10913 // If {right} is a Boolean too, it must be a different Boolean.
10914 GotoIf(WordEqual(right_map, left_map), &if_notequal);
10915 // Otherwise, convert {left} to number and try again.
10916 var_left.Bind(LoadObjectField(left, Oddball::kToNumberOffset));
10917 Goto(&loop);
10918 }
10919 }
10920
10921 BIND(&if_left_symbol);
10922 {
10923 Label if_right_receiver(this);
10924 GotoIf(IsJSReceiverInstanceType(right_type), &if_right_receiver);
10925 // {right} is not a JSReceiver and also not the same Symbol as {left},
10926 // so the result is "not equal".
10927 if (var_type_feedback != nullptr) {
10928 Label if_right_symbol(this);
10929 GotoIf(IsSymbolInstanceType(right_type), &if_right_symbol);
10930 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kAny));
10931 Goto(&if_notequal);
10932
10933 BIND(&if_right_symbol);
10934 {
10935 CombineFeedback(var_type_feedback,
10936 CompareOperationFeedback::kSymbol);
10937 Goto(&if_notequal);
10938 }
10939 } else {
10940 Goto(&if_notequal);
10941 }
10942
10943 BIND(&if_right_receiver);
10944 {
10945 // {left} is a Primitive and {right} is a JSReceiver, so swapping
10946 // the order is not observable.
10947 if (var_type_feedback != nullptr) {
10948 var_type_feedback->Bind(
10949 SmiConstant(CompareOperationFeedback::kAny));
10950 }
10951 Goto(&use_symmetry);
10952 }
10953 }
10954
10955 BIND(&if_left_receiver);
10956 {
10957 CSA_ASSERT(this, IsJSReceiverInstanceType(left_type));
10958 Label if_right_not_receiver(this);
10959 GotoIfNot(IsJSReceiverInstanceType(right_type), &if_right_not_receiver);
10960
10961 // {left} and {right} are different JSReceiver references.
10962 CombineFeedback(var_type_feedback, CompareOperationFeedback::kReceiver);
10963 Goto(&if_notequal);
10964
10965 BIND(&if_right_not_receiver);
10966 {
10967 if (var_type_feedback != nullptr) {
10968 var_type_feedback->Bind(
10969 SmiConstant(CompareOperationFeedback::kAny));
10970 }
10971 Label if_right_null_or_undefined(this);
10972 GotoIf(IsUndetectableMap(right_map), &if_right_null_or_undefined);
10973
10974 // {right} is a Primitive; convert {left} to Primitive too.
10975 Callable callable = CodeFactory::NonPrimitiveToPrimitive(isolate());
10976 var_left.Bind(CallStub(callable, context, left));
10977 Goto(&loop);
10978
10979 BIND(&if_right_null_or_undefined);
10980 Branch(IsUndetectableMap(left_map), &if_equal, &if_notequal);
10981 }
10982 }
10983 }
10984
10985 BIND(&do_right_stringtonumber);
10986 {
10987 var_right.Bind(CallBuiltin(Builtins::kStringToNumber, context, right));
10988 Goto(&loop);
10989 }
10990
10991 BIND(&use_symmetry);
10992 {
10993 var_left.Bind(right);
10994 var_right.Bind(left);
10995 Goto(&loop);
10996 }
10997 }
10998
10999 BIND(&do_float_comparison);
11000 {
11001 Branch(Float64Equal(var_left_float.value(), var_right_float.value()),
11002 &if_equal, &if_notequal);
11003 }
11004
11005 BIND(&if_equal);
11006 {
11007 result.Bind(TrueConstant());
11008 Goto(&end);
11009 }
11010
11011 BIND(&if_notequal);
11012 {
11013 result.Bind(FalseConstant());
11014 Goto(&end);
11015 }
11016
11017 BIND(&end);
11018 return result.value();
11019 }
11020
StrictEqual(Node * lhs,Node * rhs,Variable * var_type_feedback)11021 Node* CodeStubAssembler::StrictEqual(Node* lhs, Node* rhs,
11022 Variable* var_type_feedback) {
11023 // Pseudo-code for the algorithm below:
11024 //
11025 // if (lhs == rhs) {
11026 // if (lhs->IsHeapNumber()) return HeapNumber::cast(lhs)->value() != NaN;
11027 // return true;
11028 // }
11029 // if (!lhs->IsSmi()) {
11030 // if (lhs->IsHeapNumber()) {
11031 // if (rhs->IsSmi()) {
11032 // return Smi::ToInt(rhs) == HeapNumber::cast(lhs)->value();
11033 // } else if (rhs->IsHeapNumber()) {
11034 // return HeapNumber::cast(rhs)->value() ==
11035 // HeapNumber::cast(lhs)->value();
11036 // } else {
11037 // return false;
11038 // }
11039 // } else {
11040 // if (rhs->IsSmi()) {
11041 // return false;
11042 // } else {
11043 // if (lhs->IsString()) {
11044 // if (rhs->IsString()) {
11045 // return %StringEqual(lhs, rhs);
11046 // } else {
11047 // return false;
11048 // }
11049 // } else if (lhs->IsBigInt()) {
11050 // if (rhs->IsBigInt()) {
11051 // return %BigIntEqualToBigInt(lhs, rhs);
11052 // } else {
11053 // return false;
11054 // }
11055 // } else {
11056 // return false;
11057 // }
11058 // }
11059 // }
11060 // } else {
11061 // if (rhs->IsSmi()) {
11062 // return false;
11063 // } else {
11064 // if (rhs->IsHeapNumber()) {
11065 // return Smi::ToInt(lhs) == HeapNumber::cast(rhs)->value();
11066 // } else {
11067 // return false;
11068 // }
11069 // }
11070 // }
11071
11072 Label if_equal(this), if_notequal(this), end(this);
11073 VARIABLE(result, MachineRepresentation::kTagged);
11074
11075 // Check if {lhs} and {rhs} refer to the same object.
11076 Label if_same(this), if_notsame(this);
11077 Branch(WordEqual(lhs, rhs), &if_same, &if_notsame);
11078
11079 BIND(&if_same);
11080 {
11081 // The {lhs} and {rhs} reference the exact same value, yet we need special
11082 // treatment for HeapNumber, as NaN is not equal to NaN.
11083 if (var_type_feedback != nullptr) {
11084 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kNone));
11085 }
11086 GenerateEqual_Same(lhs, &if_equal, &if_notequal, var_type_feedback);
11087 }
11088
11089 BIND(&if_notsame);
11090 {
11091 // The {lhs} and {rhs} reference different objects, yet for Smi, HeapNumber,
11092 // BigInt and String they can still be considered equal.
11093
11094 if (var_type_feedback != nullptr) {
11095 var_type_feedback->Bind(SmiConstant(CompareOperationFeedback::kAny));
11096 }
11097
11098 // Check if {lhs} is a Smi or a HeapObject.
11099 Label if_lhsissmi(this), if_lhsisnotsmi(this);
11100 Branch(TaggedIsSmi(lhs), &if_lhsissmi, &if_lhsisnotsmi);
11101
11102 BIND(&if_lhsisnotsmi);
11103 {
11104 // Load the map of {lhs}.
11105 Node* lhs_map = LoadMap(lhs);
11106
11107 // Check if {lhs} is a HeapNumber.
11108 Label if_lhsisnumber(this), if_lhsisnotnumber(this);
11109 Branch(IsHeapNumberMap(lhs_map), &if_lhsisnumber, &if_lhsisnotnumber);
11110
11111 BIND(&if_lhsisnumber);
11112 {
11113 // Check if {rhs} is a Smi or a HeapObject.
11114 Label if_rhsissmi(this), if_rhsisnotsmi(this);
11115 Branch(TaggedIsSmi(rhs), &if_rhsissmi, &if_rhsisnotsmi);
11116
11117 BIND(&if_rhsissmi);
11118 {
11119 // Convert {lhs} and {rhs} to floating point values.
11120 Node* lhs_value = LoadHeapNumberValue(lhs);
11121 Node* rhs_value = SmiToFloat64(rhs);
11122
11123 if (var_type_feedback != nullptr) {
11124 var_type_feedback->Bind(
11125 SmiConstant(CompareOperationFeedback::kNumber));
11126 }
11127
11128 // Perform a floating point comparison of {lhs} and {rhs}.
11129 Branch(Float64Equal(lhs_value, rhs_value), &if_equal, &if_notequal);
11130 }
11131
11132 BIND(&if_rhsisnotsmi);
11133 {
11134 // Load the map of {rhs}.
11135 Node* rhs_map = LoadMap(rhs);
11136
11137 // Check if {rhs} is also a HeapNumber.
11138 Label if_rhsisnumber(this), if_rhsisnotnumber(this);
11139 Branch(IsHeapNumberMap(rhs_map), &if_rhsisnumber, &if_rhsisnotnumber);
11140
11141 BIND(&if_rhsisnumber);
11142 {
11143 // Convert {lhs} and {rhs} to floating point values.
11144 Node* lhs_value = LoadHeapNumberValue(lhs);
11145 Node* rhs_value = LoadHeapNumberValue(rhs);
11146
11147 if (var_type_feedback != nullptr) {
11148 var_type_feedback->Bind(
11149 SmiConstant(CompareOperationFeedback::kNumber));
11150 }
11151
11152 // Perform a floating point comparison of {lhs} and {rhs}.
11153 Branch(Float64Equal(lhs_value, rhs_value), &if_equal, &if_notequal);
11154 }
11155
11156 BIND(&if_rhsisnotnumber);
11157 Goto(&if_notequal);
11158 }
11159 }
11160
11161 BIND(&if_lhsisnotnumber);
11162 {
11163 // Check if {rhs} is a Smi or a HeapObject.
11164 Label if_rhsissmi(this), if_rhsisnotsmi(this);
11165 Branch(TaggedIsSmi(rhs), &if_rhsissmi, &if_rhsisnotsmi);
11166
11167 BIND(&if_rhsissmi);
11168 Goto(&if_notequal);
11169
11170 BIND(&if_rhsisnotsmi);
11171 {
11172 // Load the instance type of {lhs}.
11173 Node* lhs_instance_type = LoadMapInstanceType(lhs_map);
11174
11175 // Check if {lhs} is a String.
11176 Label if_lhsisstring(this), if_lhsisnotstring(this);
11177 Branch(IsStringInstanceType(lhs_instance_type), &if_lhsisstring,
11178 &if_lhsisnotstring);
11179
11180 BIND(&if_lhsisstring);
11181 {
11182 // Load the instance type of {rhs}.
11183 Node* rhs_instance_type = LoadInstanceType(rhs);
11184
11185 // Check if {rhs} is also a String.
11186 Label if_rhsisstring(this, Label::kDeferred),
11187 if_rhsisnotstring(this);
11188 Branch(IsStringInstanceType(rhs_instance_type), &if_rhsisstring,
11189 &if_rhsisnotstring);
11190
11191 BIND(&if_rhsisstring);
11192 {
11193 if (var_type_feedback != nullptr) {
11194 TNode<Smi> lhs_feedback =
11195 CollectFeedbackForString(lhs_instance_type);
11196 TNode<Smi> rhs_feedback =
11197 CollectFeedbackForString(rhs_instance_type);
11198 var_type_feedback->Bind(SmiOr(lhs_feedback, rhs_feedback));
11199 }
11200 result.Bind(CallBuiltin(Builtins::kStringEqual,
11201 NoContextConstant(), lhs, rhs));
11202 Goto(&end);
11203 }
11204
11205 BIND(&if_rhsisnotstring);
11206 Goto(&if_notequal);
11207 }
11208
11209 BIND(&if_lhsisnotstring);
11210
11211 // Check if {lhs} is a BigInt.
11212 Label if_lhsisbigint(this), if_lhsisnotbigint(this);
11213 Branch(IsBigIntInstanceType(lhs_instance_type), &if_lhsisbigint,
11214 &if_lhsisnotbigint);
11215
11216 BIND(&if_lhsisbigint);
11217 {
11218 // Load the instance type of {rhs}.
11219 Node* rhs_instance_type = LoadInstanceType(rhs);
11220
11221 // Check if {rhs} is also a BigInt.
11222 Label if_rhsisbigint(this, Label::kDeferred),
11223 if_rhsisnotbigint(this);
11224 Branch(IsBigIntInstanceType(rhs_instance_type), &if_rhsisbigint,
11225 &if_rhsisnotbigint);
11226
11227 BIND(&if_rhsisbigint);
11228 {
11229 if (var_type_feedback != nullptr) {
11230 var_type_feedback->Bind(
11231 SmiConstant(CompareOperationFeedback::kBigInt));
11232 }
11233 result.Bind(CallRuntime(Runtime::kBigIntEqualToBigInt,
11234 NoContextConstant(), lhs, rhs));
11235 Goto(&end);
11236 }
11237
11238 BIND(&if_rhsisnotbigint);
11239 Goto(&if_notequal);
11240 }
11241
11242 BIND(&if_lhsisnotbigint);
11243 if (var_type_feedback != nullptr) {
11244 // Load the instance type of {rhs}.
11245 Node* rhs_instance_type = LoadInstanceType(rhs);
11246
11247 Label if_lhsissymbol(this), if_lhsisreceiver(this);
11248 GotoIf(IsJSReceiverInstanceType(lhs_instance_type),
11249 &if_lhsisreceiver);
11250 Branch(IsSymbolInstanceType(lhs_instance_type), &if_lhsissymbol,
11251 &if_notequal);
11252
11253 BIND(&if_lhsisreceiver);
11254 {
11255 GotoIfNot(IsJSReceiverInstanceType(rhs_instance_type),
11256 &if_notequal);
11257 var_type_feedback->Bind(
11258 SmiConstant(CompareOperationFeedback::kReceiver));
11259 Goto(&if_notequal);
11260 }
11261
11262 BIND(&if_lhsissymbol);
11263 {
11264 GotoIfNot(IsSymbolInstanceType(rhs_instance_type), &if_notequal);
11265 var_type_feedback->Bind(
11266 SmiConstant(CompareOperationFeedback::kSymbol));
11267 Goto(&if_notequal);
11268 }
11269 } else {
11270 Goto(&if_notequal);
11271 }
11272 }
11273 }
11274 }
11275
11276 BIND(&if_lhsissmi);
11277 {
11278 // We already know that {lhs} and {rhs} are not reference equal, and {lhs}
11279 // is a Smi; so {lhs} and {rhs} can only be strictly equal if {rhs} is a
11280 // HeapNumber with an equal floating point value.
11281
11282 // Check if {rhs} is a Smi or a HeapObject.
11283 Label if_rhsissmi(this), if_rhsisnotsmi(this);
11284 Branch(TaggedIsSmi(rhs), &if_rhsissmi, &if_rhsisnotsmi);
11285
11286 BIND(&if_rhsissmi);
11287 if (var_type_feedback != nullptr) {
11288 var_type_feedback->Bind(
11289 SmiConstant(CompareOperationFeedback::kSignedSmall));
11290 }
11291 Goto(&if_notequal);
11292
11293 BIND(&if_rhsisnotsmi);
11294 {
11295 // Load the map of the {rhs}.
11296 Node* rhs_map = LoadMap(rhs);
11297
11298 // The {rhs} could be a HeapNumber with the same value as {lhs}.
11299 Label if_rhsisnumber(this), if_rhsisnotnumber(this);
11300 Branch(IsHeapNumberMap(rhs_map), &if_rhsisnumber, &if_rhsisnotnumber);
11301
11302 BIND(&if_rhsisnumber);
11303 {
11304 // Convert {lhs} and {rhs} to floating point values.
11305 Node* lhs_value = SmiToFloat64(lhs);
11306 Node* rhs_value = LoadHeapNumberValue(rhs);
11307
11308 if (var_type_feedback != nullptr) {
11309 var_type_feedback->Bind(
11310 SmiConstant(CompareOperationFeedback::kNumber));
11311 }
11312
11313 // Perform a floating point comparison of {lhs} and {rhs}.
11314 Branch(Float64Equal(lhs_value, rhs_value), &if_equal, &if_notequal);
11315 }
11316
11317 BIND(&if_rhsisnotnumber);
11318 Goto(&if_notequal);
11319 }
11320 }
11321 }
11322
11323 BIND(&if_equal);
11324 {
11325 result.Bind(TrueConstant());
11326 Goto(&end);
11327 }
11328
11329 BIND(&if_notequal);
11330 {
11331 result.Bind(FalseConstant());
11332 Goto(&end);
11333 }
11334
11335 BIND(&end);
11336 return result.value();
11337 }
11338
11339 // ECMA#sec-samevalue
11340 // This algorithm differs from the Strict Equality Comparison Algorithm in its
11341 // treatment of signed zeroes and NaNs.
BranchIfSameValue(Node * lhs,Node * rhs,Label * if_true,Label * if_false)11342 void CodeStubAssembler::BranchIfSameValue(Node* lhs, Node* rhs, Label* if_true,
11343 Label* if_false) {
11344 VARIABLE(var_lhs_value, MachineRepresentation::kFloat64);
11345 VARIABLE(var_rhs_value, MachineRepresentation::kFloat64);
11346 Label do_fcmp(this);
11347
11348 // Immediately jump to {if_true} if {lhs} == {rhs}, because - unlike
11349 // StrictEqual - SameValue considers two NaNs to be equal.
11350 GotoIf(WordEqual(lhs, rhs), if_true);
11351
11352 // Check if the {lhs} is a Smi.
11353 Label if_lhsissmi(this), if_lhsisheapobject(this);
11354 Branch(TaggedIsSmi(lhs), &if_lhsissmi, &if_lhsisheapobject);
11355
11356 BIND(&if_lhsissmi);
11357 {
11358 // Since {lhs} is a Smi, the comparison can only yield true
11359 // iff the {rhs} is a HeapNumber with the same float64 value.
11360 Branch(TaggedIsSmi(rhs), if_false, [&] {
11361 GotoIfNot(IsHeapNumber(rhs), if_false);
11362 var_lhs_value.Bind(SmiToFloat64(lhs));
11363 var_rhs_value.Bind(LoadHeapNumberValue(rhs));
11364 Goto(&do_fcmp);
11365 });
11366 }
11367
11368 BIND(&if_lhsisheapobject);
11369 {
11370 // Check if the {rhs} is a Smi.
11371 Branch(TaggedIsSmi(rhs),
11372 [&] {
11373 // Since {rhs} is a Smi, the comparison can only yield true
11374 // iff the {lhs} is a HeapNumber with the same float64 value.
11375 GotoIfNot(IsHeapNumber(lhs), if_false);
11376 var_lhs_value.Bind(LoadHeapNumberValue(lhs));
11377 var_rhs_value.Bind(SmiToFloat64(rhs));
11378 Goto(&do_fcmp);
11379 },
11380 [&] {
11381 // Now this can only yield true if either both {lhs} and {rhs} are
11382 // HeapNumbers with the same value, or both are Strings with the
11383 // same character sequence, or both are BigInts with the same
11384 // value.
11385 Label if_lhsisheapnumber(this), if_lhsisstring(this),
11386 if_lhsisbigint(this);
11387 Node* const lhs_map = LoadMap(lhs);
11388 GotoIf(IsHeapNumberMap(lhs_map), &if_lhsisheapnumber);
11389 Node* const lhs_instance_type = LoadMapInstanceType(lhs_map);
11390 GotoIf(IsStringInstanceType(lhs_instance_type), &if_lhsisstring);
11391 Branch(IsBigIntInstanceType(lhs_instance_type), &if_lhsisbigint,
11392 if_false);
11393
11394 BIND(&if_lhsisheapnumber);
11395 {
11396 GotoIfNot(IsHeapNumber(rhs), if_false);
11397 var_lhs_value.Bind(LoadHeapNumberValue(lhs));
11398 var_rhs_value.Bind(LoadHeapNumberValue(rhs));
11399 Goto(&do_fcmp);
11400 }
11401
11402 BIND(&if_lhsisstring);
11403 {
11404 // Now we can only yield true if {rhs} is also a String
11405 // with the same sequence of characters.
11406 GotoIfNot(IsString(rhs), if_false);
11407 Node* const result = CallBuiltin(Builtins::kStringEqual,
11408 NoContextConstant(), lhs, rhs);
11409 Branch(IsTrue(result), if_true, if_false);
11410 }
11411
11412 BIND(&if_lhsisbigint);
11413 {
11414 GotoIfNot(IsBigInt(rhs), if_false);
11415 Node* const result = CallRuntime(Runtime::kBigIntEqualToBigInt,
11416 NoContextConstant(), lhs, rhs);
11417 Branch(IsTrue(result), if_true, if_false);
11418 }
11419 });
11420 }
11421
11422 BIND(&do_fcmp);
11423 {
11424 Node* const lhs_value = var_lhs_value.value();
11425 Node* const rhs_value = var_rhs_value.value();
11426
11427 Label if_equal(this), if_notequal(this);
11428 Branch(Float64Equal(lhs_value, rhs_value), &if_equal, &if_notequal);
11429
11430 BIND(&if_equal);
11431 {
11432 // We still need to handle the case when {lhs} and {rhs} are -0.0 and
11433 // 0.0 (or vice versa). Compare the high word to
11434 // distinguish between the two.
11435 Node* const lhs_hi_word = Float64ExtractHighWord32(lhs_value);
11436 Node* const rhs_hi_word = Float64ExtractHighWord32(rhs_value);
11437
11438 // If x is +0 and y is -0, return false.
11439 // If x is -0 and y is +0, return false.
11440 Branch(Word32Equal(lhs_hi_word, rhs_hi_word), if_true, if_false);
11441 }
11442
11443 BIND(&if_notequal);
11444 {
11445 // Return true iff both {rhs} and {lhs} are NaN.
11446 GotoIf(Float64Equal(lhs_value, lhs_value), if_false);
11447 Branch(Float64Equal(rhs_value, rhs_value), if_false, if_true);
11448 }
11449 }
11450 }
11451
HasProperty(SloppyTNode<Context> context,SloppyTNode<Object> object,SloppyTNode<Object> key,HasPropertyLookupMode mode)11452 TNode<Oddball> CodeStubAssembler::HasProperty(SloppyTNode<Context> context,
11453 SloppyTNode<Object> object,
11454 SloppyTNode<Object> key,
11455 HasPropertyLookupMode mode) {
11456 Label call_runtime(this, Label::kDeferred), return_true(this),
11457 return_false(this), end(this), if_proxy(this, Label::kDeferred);
11458
11459 CodeStubAssembler::LookupInHolder lookup_property_in_holder =
11460 [this, &return_true](Node* receiver, Node* holder, Node* holder_map,
11461 Node* holder_instance_type, Node* unique_name,
11462 Label* next_holder, Label* if_bailout) {
11463 TryHasOwnProperty(holder, holder_map, holder_instance_type, unique_name,
11464 &return_true, next_holder, if_bailout);
11465 };
11466
11467 CodeStubAssembler::LookupInHolder lookup_element_in_holder =
11468 [this, &return_true, &return_false](
11469 Node* receiver, Node* holder, Node* holder_map,
11470 Node* holder_instance_type, Node* index, Label* next_holder,
11471 Label* if_bailout) {
11472 TryLookupElement(holder, holder_map, holder_instance_type, index,
11473 &return_true, &return_false, next_holder, if_bailout);
11474 };
11475
11476 TryPrototypeChainLookup(object, key, lookup_property_in_holder,
11477 lookup_element_in_holder, &return_false,
11478 &call_runtime, &if_proxy);
11479
11480 TVARIABLE(Oddball, result);
11481
11482 BIND(&if_proxy);
11483 {
11484 TNode<Name> name = ToName(context, key);
11485 switch (mode) {
11486 case kHasProperty:
11487 GotoIf(IsPrivateSymbol(name), &return_false);
11488
11489 result = CAST(
11490 CallBuiltin(Builtins::kProxyHasProperty, context, object, name));
11491 Goto(&end);
11492 break;
11493 case kForInHasProperty:
11494 Goto(&call_runtime);
11495 break;
11496 }
11497 }
11498
11499 BIND(&return_true);
11500 {
11501 result = TrueConstant();
11502 Goto(&end);
11503 }
11504
11505 BIND(&return_false);
11506 {
11507 result = FalseConstant();
11508 Goto(&end);
11509 }
11510
11511 BIND(&call_runtime);
11512 {
11513 Runtime::FunctionId fallback_runtime_function_id;
11514 switch (mode) {
11515 case kHasProperty:
11516 fallback_runtime_function_id = Runtime::kHasProperty;
11517 break;
11518 case kForInHasProperty:
11519 fallback_runtime_function_id = Runtime::kForInHasProperty;
11520 break;
11521 }
11522
11523 result =
11524 CAST(CallRuntime(fallback_runtime_function_id, context, object, key));
11525 Goto(&end);
11526 }
11527
11528 BIND(&end);
11529 CSA_ASSERT(this, IsBoolean(result.value()));
11530 return result.value();
11531 }
11532
Typeof(Node * value)11533 Node* CodeStubAssembler::Typeof(Node* value) {
11534 VARIABLE(result_var, MachineRepresentation::kTagged);
11535
11536 Label return_number(this, Label::kDeferred), if_oddball(this),
11537 return_function(this), return_undefined(this), return_object(this),
11538 return_string(this), return_bigint(this), return_result(this);
11539
11540 GotoIf(TaggedIsSmi(value), &return_number);
11541
11542 Node* map = LoadMap(value);
11543
11544 GotoIf(IsHeapNumberMap(map), &return_number);
11545
11546 Node* instance_type = LoadMapInstanceType(map);
11547
11548 GotoIf(InstanceTypeEqual(instance_type, ODDBALL_TYPE), &if_oddball);
11549
11550 Node* callable_or_undetectable_mask = Word32And(
11551 LoadMapBitField(map),
11552 Int32Constant(Map::IsCallableBit::kMask | Map::IsUndetectableBit::kMask));
11553
11554 GotoIf(Word32Equal(callable_or_undetectable_mask,
11555 Int32Constant(Map::IsCallableBit::kMask)),
11556 &return_function);
11557
11558 GotoIfNot(Word32Equal(callable_or_undetectable_mask, Int32Constant(0)),
11559 &return_undefined);
11560
11561 GotoIf(IsJSReceiverInstanceType(instance_type), &return_object);
11562
11563 GotoIf(IsStringInstanceType(instance_type), &return_string);
11564
11565 GotoIf(IsBigIntInstanceType(instance_type), &return_bigint);
11566
11567 CSA_ASSERT(this, InstanceTypeEqual(instance_type, SYMBOL_TYPE));
11568 result_var.Bind(HeapConstant(isolate()->factory()->symbol_string()));
11569 Goto(&return_result);
11570
11571 BIND(&return_number);
11572 {
11573 result_var.Bind(HeapConstant(isolate()->factory()->number_string()));
11574 Goto(&return_result);
11575 }
11576
11577 BIND(&if_oddball);
11578 {
11579 Node* type = LoadObjectField(value, Oddball::kTypeOfOffset);
11580 result_var.Bind(type);
11581 Goto(&return_result);
11582 }
11583
11584 BIND(&return_function);
11585 {
11586 result_var.Bind(HeapConstant(isolate()->factory()->function_string()));
11587 Goto(&return_result);
11588 }
11589
11590 BIND(&return_undefined);
11591 {
11592 result_var.Bind(HeapConstant(isolate()->factory()->undefined_string()));
11593 Goto(&return_result);
11594 }
11595
11596 BIND(&return_object);
11597 {
11598 result_var.Bind(HeapConstant(isolate()->factory()->object_string()));
11599 Goto(&return_result);
11600 }
11601
11602 BIND(&return_string);
11603 {
11604 result_var.Bind(HeapConstant(isolate()->factory()->string_string()));
11605 Goto(&return_result);
11606 }
11607
11608 BIND(&return_bigint);
11609 {
11610 result_var.Bind(HeapConstant(isolate()->factory()->bigint_string()));
11611 Goto(&return_result);
11612 }
11613
11614 BIND(&return_result);
11615 return result_var.value();
11616 }
11617
GetSuperConstructor(SloppyTNode<Context> context,SloppyTNode<JSFunction> active_function)11618 TNode<Object> CodeStubAssembler::GetSuperConstructor(
11619 SloppyTNode<Context> context, SloppyTNode<JSFunction> active_function) {
11620 Label is_not_constructor(this, Label::kDeferred), out(this);
11621 TVARIABLE(Object, result);
11622
11623 TNode<Map> map = LoadMap(active_function);
11624 TNode<Object> prototype = LoadMapPrototype(map);
11625 TNode<Map> prototype_map = LoadMap(CAST(prototype));
11626 GotoIfNot(IsConstructorMap(prototype_map), &is_not_constructor);
11627
11628 result = prototype;
11629 Goto(&out);
11630
11631 BIND(&is_not_constructor);
11632 {
11633 CallRuntime(Runtime::kThrowNotSuperConstructor, context, prototype,
11634 active_function);
11635 Unreachable();
11636 }
11637
11638 BIND(&out);
11639 return result.value();
11640 }
11641
SpeciesConstructor(SloppyTNode<Context> context,SloppyTNode<Object> object,SloppyTNode<Object> default_constructor)11642 TNode<Object> CodeStubAssembler::SpeciesConstructor(
11643 SloppyTNode<Context> context, SloppyTNode<Object> object,
11644 SloppyTNode<Object> default_constructor) {
11645 Isolate* isolate = this->isolate();
11646 TVARIABLE(Object, var_result, default_constructor);
11647
11648 // 2. Let C be ? Get(O, "constructor").
11649 TNode<Object> constructor =
11650 GetProperty(context, object, isolate->factory()->constructor_string());
11651
11652 // 3. If C is undefined, return defaultConstructor.
11653 Label out(this);
11654 GotoIf(IsUndefined(constructor), &out);
11655
11656 // 4. If Type(C) is not Object, throw a TypeError exception.
11657 ThrowIfNotJSReceiver(context, constructor,
11658 MessageTemplate::kConstructorNotReceiver);
11659
11660 // 5. Let S be ? Get(C, @@species).
11661 TNode<Object> species =
11662 GetProperty(context, constructor, isolate->factory()->species_symbol());
11663
11664 // 6. If S is either undefined or null, return defaultConstructor.
11665 GotoIf(IsNullOrUndefined(species), &out);
11666
11667 // 7. If IsConstructor(S) is true, return S.
11668 Label throw_error(this);
11669 GotoIf(TaggedIsSmi(species), &throw_error);
11670 GotoIfNot(IsConstructorMap(LoadMap(CAST(species))), &throw_error);
11671 var_result = species;
11672 Goto(&out);
11673
11674 // 8. Throw a TypeError exception.
11675 BIND(&throw_error);
11676 ThrowTypeError(context, MessageTemplate::kSpeciesNotConstructor);
11677
11678 BIND(&out);
11679 return var_result.value();
11680 }
11681
InstanceOf(Node * object,Node * callable,Node * context)11682 Node* CodeStubAssembler::InstanceOf(Node* object, Node* callable,
11683 Node* context) {
11684 VARIABLE(var_result, MachineRepresentation::kTagged);
11685 Label if_notcallable(this, Label::kDeferred),
11686 if_notreceiver(this, Label::kDeferred), if_otherhandler(this),
11687 if_nohandler(this, Label::kDeferred), return_true(this),
11688 return_false(this), return_result(this, &var_result);
11689
11690 // Ensure that the {callable} is actually a JSReceiver.
11691 GotoIf(TaggedIsSmi(callable), &if_notreceiver);
11692 GotoIfNot(IsJSReceiver(callable), &if_notreceiver);
11693
11694 // Load the @@hasInstance property from {callable}.
11695 Node* inst_of_handler =
11696 GetProperty(context, callable, HasInstanceSymbolConstant());
11697
11698 // Optimize for the likely case where {inst_of_handler} is the builtin
11699 // Function.prototype[@@hasInstance] method, and emit a direct call in
11700 // that case without any additional checking.
11701 Node* native_context = LoadNativeContext(context);
11702 Node* function_has_instance =
11703 LoadContextElement(native_context, Context::FUNCTION_HAS_INSTANCE_INDEX);
11704 GotoIfNot(WordEqual(inst_of_handler, function_has_instance),
11705 &if_otherhandler);
11706 {
11707 // TODO(6786): A direct call to a TFJ builtin breaks the lazy
11708 // deserialization mechanism in two ways: first, we always pass in a
11709 // callable containing the DeserializeLazy code object (assuming that
11710 // FunctionPrototypeHasInstance is lazy). Second, a direct call (without
11711 // going through CodeFactory::Call) to DeserializeLazy will not initialize
11712 // new_target properly. For now we can avoid this by marking
11713 // FunctionPrototypeHasInstance as eager, but this should be fixed at some
11714 // point.
11715 //
11716 // Call to Function.prototype[@@hasInstance] directly.
11717 Callable builtin(BUILTIN_CODE(isolate(), FunctionPrototypeHasInstance),
11718 CallTrampolineDescriptor{});
11719 Node* result = CallJS(builtin, context, inst_of_handler, callable, object);
11720 var_result.Bind(result);
11721 Goto(&return_result);
11722 }
11723
11724 BIND(&if_otherhandler);
11725 {
11726 // Check if there's actually an {inst_of_handler}.
11727 GotoIf(IsNull(inst_of_handler), &if_nohandler);
11728 GotoIf(IsUndefined(inst_of_handler), &if_nohandler);
11729
11730 // Call the {inst_of_handler} for {callable} and {object}.
11731 Node* result = CallJS(
11732 CodeFactory::Call(isolate(), ConvertReceiverMode::kNotNullOrUndefined),
11733 context, inst_of_handler, callable, object);
11734
11735 // Convert the {result} to a Boolean.
11736 BranchIfToBooleanIsTrue(result, &return_true, &return_false);
11737 }
11738
11739 BIND(&if_nohandler);
11740 {
11741 // Ensure that the {callable} is actually Callable.
11742 GotoIfNot(IsCallable(callable), &if_notcallable);
11743
11744 // Use the OrdinaryHasInstance algorithm.
11745 Node* result =
11746 CallBuiltin(Builtins::kOrdinaryHasInstance, context, callable, object);
11747 var_result.Bind(result);
11748 Goto(&return_result);
11749 }
11750
11751 BIND(&if_notcallable);
11752 { ThrowTypeError(context, MessageTemplate::kNonCallableInInstanceOfCheck); }
11753
11754 BIND(&if_notreceiver);
11755 { ThrowTypeError(context, MessageTemplate::kNonObjectInInstanceOfCheck); }
11756
11757 BIND(&return_true);
11758 var_result.Bind(TrueConstant());
11759 Goto(&return_result);
11760
11761 BIND(&return_false);
11762 var_result.Bind(FalseConstant());
11763 Goto(&return_result);
11764
11765 BIND(&return_result);
11766 return var_result.value();
11767 }
11768
NumberInc(SloppyTNode<Number> value)11769 TNode<Number> CodeStubAssembler::NumberInc(SloppyTNode<Number> value) {
11770 TVARIABLE(Number, var_result);
11771 TVARIABLE(Float64T, var_finc_value);
11772 Label if_issmi(this), if_isnotsmi(this), do_finc(this), end(this);
11773 Branch(TaggedIsSmi(value), &if_issmi, &if_isnotsmi);
11774
11775 BIND(&if_issmi);
11776 {
11777 Label if_overflow(this);
11778 TNode<Smi> smi_value = CAST(value);
11779 TNode<Smi> one = SmiConstant(1);
11780 var_result = TrySmiAdd(smi_value, one, &if_overflow);
11781 Goto(&end);
11782
11783 BIND(&if_overflow);
11784 {
11785 var_finc_value = SmiToFloat64(smi_value);
11786 Goto(&do_finc);
11787 }
11788 }
11789
11790 BIND(&if_isnotsmi);
11791 {
11792 TNode<HeapNumber> heap_number_value = CAST(value);
11793
11794 // Load the HeapNumber value.
11795 var_finc_value = LoadHeapNumberValue(heap_number_value);
11796 Goto(&do_finc);
11797 }
11798
11799 BIND(&do_finc);
11800 {
11801 TNode<Float64T> finc_value = var_finc_value.value();
11802 TNode<Float64T> one = Float64Constant(1.0);
11803 TNode<Float64T> finc_result = Float64Add(finc_value, one);
11804 var_result = AllocateHeapNumberWithValue(finc_result);
11805 Goto(&end);
11806 }
11807
11808 BIND(&end);
11809 return var_result.value();
11810 }
11811
NumberDec(SloppyTNode<Number> value)11812 TNode<Number> CodeStubAssembler::NumberDec(SloppyTNode<Number> value) {
11813 TVARIABLE(Number, var_result);
11814 TVARIABLE(Float64T, var_fdec_value);
11815 Label if_issmi(this), if_isnotsmi(this), do_fdec(this), end(this);
11816 Branch(TaggedIsSmi(value), &if_issmi, &if_isnotsmi);
11817
11818 BIND(&if_issmi);
11819 {
11820 TNode<Smi> smi_value = CAST(value);
11821 TNode<Smi> one = SmiConstant(1);
11822 Label if_overflow(this);
11823 var_result = TrySmiSub(smi_value, one, &if_overflow);
11824 Goto(&end);
11825
11826 BIND(&if_overflow);
11827 {
11828 var_fdec_value = SmiToFloat64(smi_value);
11829 Goto(&do_fdec);
11830 }
11831 }
11832
11833 BIND(&if_isnotsmi);
11834 {
11835 TNode<HeapNumber> heap_number_value = CAST(value);
11836
11837 // Load the HeapNumber value.
11838 var_fdec_value = LoadHeapNumberValue(heap_number_value);
11839 Goto(&do_fdec);
11840 }
11841
11842 BIND(&do_fdec);
11843 {
11844 TNode<Float64T> fdec_value = var_fdec_value.value();
11845 TNode<Float64T> minus_one = Float64Constant(-1.0);
11846 TNode<Float64T> fdec_result = Float64Add(fdec_value, minus_one);
11847 var_result = AllocateHeapNumberWithValue(fdec_result);
11848 Goto(&end);
11849 }
11850
11851 BIND(&end);
11852 return var_result.value();
11853 }
11854
NumberAdd(SloppyTNode<Number> a,SloppyTNode<Number> b)11855 TNode<Number> CodeStubAssembler::NumberAdd(SloppyTNode<Number> a,
11856 SloppyTNode<Number> b) {
11857 TVARIABLE(Number, var_result);
11858 Label float_add(this, Label::kDeferred), end(this);
11859 GotoIf(TaggedIsNotSmi(a), &float_add);
11860 GotoIf(TaggedIsNotSmi(b), &float_add);
11861
11862 // Try fast Smi addition first.
11863 var_result = TrySmiAdd(CAST(a), CAST(b), &float_add);
11864 Goto(&end);
11865
11866 BIND(&float_add);
11867 {
11868 var_result = ChangeFloat64ToTagged(
11869 Float64Add(ChangeNumberToFloat64(a), ChangeNumberToFloat64(b)));
11870 Goto(&end);
11871 }
11872
11873 BIND(&end);
11874 return var_result.value();
11875 }
11876
NumberSub(SloppyTNode<Number> a,SloppyTNode<Number> b)11877 TNode<Number> CodeStubAssembler::NumberSub(SloppyTNode<Number> a,
11878 SloppyTNode<Number> b) {
11879 TVARIABLE(Number, var_result);
11880 Label float_sub(this, Label::kDeferred), end(this);
11881 GotoIf(TaggedIsNotSmi(a), &float_sub);
11882 GotoIf(TaggedIsNotSmi(b), &float_sub);
11883
11884 // Try fast Smi subtraction first.
11885 var_result = TrySmiSub(CAST(a), CAST(b), &float_sub);
11886 Goto(&end);
11887
11888 BIND(&float_sub);
11889 {
11890 var_result = ChangeFloat64ToTagged(
11891 Float64Sub(ChangeNumberToFloat64(a), ChangeNumberToFloat64(b)));
11892 Goto(&end);
11893 }
11894
11895 BIND(&end);
11896 return var_result.value();
11897 }
11898
GotoIfNotNumber(Node * input,Label * is_not_number)11899 void CodeStubAssembler::GotoIfNotNumber(Node* input, Label* is_not_number) {
11900 Label is_number(this);
11901 GotoIf(TaggedIsSmi(input), &is_number);
11902 Branch(IsHeapNumber(input), &is_number, is_not_number);
11903 BIND(&is_number);
11904 }
11905
GotoIfNumber(Node * input,Label * is_number)11906 void CodeStubAssembler::GotoIfNumber(Node* input, Label* is_number) {
11907 GotoIf(TaggedIsSmi(input), is_number);
11908 GotoIf(IsHeapNumber(input), is_number);
11909 }
11910
BitwiseOp(Node * left32,Node * right32,Operation bitwise_op)11911 TNode<Number> CodeStubAssembler::BitwiseOp(Node* left32, Node* right32,
11912 Operation bitwise_op) {
11913 switch (bitwise_op) {
11914 case Operation::kBitwiseAnd:
11915 return ChangeInt32ToTagged(Signed(Word32And(left32, right32)));
11916 case Operation::kBitwiseOr:
11917 return ChangeInt32ToTagged(Signed(Word32Or(left32, right32)));
11918 case Operation::kBitwiseXor:
11919 return ChangeInt32ToTagged(Signed(Word32Xor(left32, right32)));
11920 case Operation::kShiftLeft:
11921 if (!Word32ShiftIsSafe()) {
11922 right32 = Word32And(right32, Int32Constant(0x1F));
11923 }
11924 return ChangeInt32ToTagged(Signed(Word32Shl(left32, right32)));
11925 case Operation::kShiftRight:
11926 if (!Word32ShiftIsSafe()) {
11927 right32 = Word32And(right32, Int32Constant(0x1F));
11928 }
11929 return ChangeInt32ToTagged(Signed(Word32Sar(left32, right32)));
11930 case Operation::kShiftRightLogical:
11931 if (!Word32ShiftIsSafe()) {
11932 right32 = Word32And(right32, Int32Constant(0x1F));
11933 }
11934 return ChangeUint32ToTagged(Unsigned(Word32Shr(left32, right32)));
11935 default:
11936 break;
11937 }
11938 UNREACHABLE();
11939 }
11940
11941 // ES #sec-createarrayiterator
CreateArrayIterator(TNode<Context> context,TNode<Object> object,IterationKind kind)11942 TNode<JSArrayIterator> CodeStubAssembler::CreateArrayIterator(
11943 TNode<Context> context, TNode<Object> object, IterationKind kind) {
11944 TNode<Context> native_context = LoadNativeContext(context);
11945 TNode<Map> iterator_map = CAST(LoadContextElement(
11946 native_context, Context::INITIAL_ARRAY_ITERATOR_MAP_INDEX));
11947 Node* iterator = Allocate(JSArrayIterator::kSize);
11948 StoreMapNoWriteBarrier(iterator, iterator_map);
11949 StoreObjectFieldRoot(iterator, JSArrayIterator::kPropertiesOrHashOffset,
11950 Heap::kEmptyFixedArrayRootIndex);
11951 StoreObjectFieldRoot(iterator, JSArrayIterator::kElementsOffset,
11952 Heap::kEmptyFixedArrayRootIndex);
11953 StoreObjectFieldNoWriteBarrier(
11954 iterator, JSArrayIterator::kIteratedObjectOffset, object);
11955 StoreObjectFieldNoWriteBarrier(iterator, JSArrayIterator::kNextIndexOffset,
11956 SmiConstant(0));
11957 StoreObjectFieldNoWriteBarrier(
11958 iterator, JSArrayIterator::kKindOffset,
11959 SmiConstant(Smi::FromInt(static_cast<int>(kind))));
11960 return CAST(iterator);
11961 }
11962
AllocateJSIteratorResult(Node * context,Node * value,Node * done)11963 Node* CodeStubAssembler::AllocateJSIteratorResult(Node* context, Node* value,
11964 Node* done) {
11965 CSA_ASSERT(this, IsBoolean(done));
11966 Node* native_context = LoadNativeContext(context);
11967 Node* map =
11968 LoadContextElement(native_context, Context::ITERATOR_RESULT_MAP_INDEX);
11969 Node* result = Allocate(JSIteratorResult::kSize);
11970 StoreMapNoWriteBarrier(result, map);
11971 StoreObjectFieldRoot(result, JSIteratorResult::kPropertiesOrHashOffset,
11972 Heap::kEmptyFixedArrayRootIndex);
11973 StoreObjectFieldRoot(result, JSIteratorResult::kElementsOffset,
11974 Heap::kEmptyFixedArrayRootIndex);
11975 StoreObjectFieldNoWriteBarrier(result, JSIteratorResult::kValueOffset, value);
11976 StoreObjectFieldNoWriteBarrier(result, JSIteratorResult::kDoneOffset, done);
11977 return result;
11978 }
11979
AllocateJSIteratorResultForEntry(Node * context,Node * key,Node * value)11980 Node* CodeStubAssembler::AllocateJSIteratorResultForEntry(Node* context,
11981 Node* key,
11982 Node* value) {
11983 Node* native_context = LoadNativeContext(context);
11984 Node* length = SmiConstant(2);
11985 int const elements_size = FixedArray::SizeFor(2);
11986 TNode<FixedArray> elements = UncheckedCast<FixedArray>(
11987 Allocate(elements_size + JSArray::kSize + JSIteratorResult::kSize));
11988 StoreObjectFieldRoot(elements, FixedArray::kMapOffset,
11989 Heap::kFixedArrayMapRootIndex);
11990 StoreObjectFieldNoWriteBarrier(elements, FixedArray::kLengthOffset, length);
11991 StoreFixedArrayElement(elements, 0, key);
11992 StoreFixedArrayElement(elements, 1, value);
11993 Node* array_map = LoadContextElement(
11994 native_context, Context::JS_ARRAY_PACKED_ELEMENTS_MAP_INDEX);
11995 Node* array = InnerAllocate(elements, elements_size);
11996 StoreMapNoWriteBarrier(array, array_map);
11997 StoreObjectFieldRoot(array, JSArray::kPropertiesOrHashOffset,
11998 Heap::kEmptyFixedArrayRootIndex);
11999 StoreObjectFieldNoWriteBarrier(array, JSArray::kElementsOffset, elements);
12000 StoreObjectFieldNoWriteBarrier(array, JSArray::kLengthOffset, length);
12001 Node* iterator_map =
12002 LoadContextElement(native_context, Context::ITERATOR_RESULT_MAP_INDEX);
12003 Node* result = InnerAllocate(array, JSArray::kSize);
12004 StoreMapNoWriteBarrier(result, iterator_map);
12005 StoreObjectFieldRoot(result, JSIteratorResult::kPropertiesOrHashOffset,
12006 Heap::kEmptyFixedArrayRootIndex);
12007 StoreObjectFieldRoot(result, JSIteratorResult::kElementsOffset,
12008 Heap::kEmptyFixedArrayRootIndex);
12009 StoreObjectFieldNoWriteBarrier(result, JSIteratorResult::kValueOffset, array);
12010 StoreObjectFieldRoot(result, JSIteratorResult::kDoneOffset,
12011 Heap::kFalseValueRootIndex);
12012 return result;
12013 }
12014
ArraySpeciesCreate(TNode<Context> context,TNode<Object> o,TNode<Number> len)12015 Node* CodeStubAssembler::ArraySpeciesCreate(TNode<Context> context,
12016 TNode<Object> o,
12017 TNode<Number> len) {
12018 Node* constructor =
12019 CallRuntime(Runtime::kArraySpeciesConstructor, context, o);
12020 return ConstructJS(CodeFactory::Construct(isolate()), context, constructor,
12021 len);
12022 }
12023
IsDetachedBuffer(Node * buffer)12024 Node* CodeStubAssembler::IsDetachedBuffer(Node* buffer) {
12025 CSA_ASSERT(this, HasInstanceType(buffer, JS_ARRAY_BUFFER_TYPE));
12026
12027 Node* buffer_bit_field = LoadObjectField(
12028 buffer, JSArrayBuffer::kBitFieldOffset, MachineType::Uint32());
12029 return IsSetWord32<JSArrayBuffer::WasNeutered>(buffer_bit_field);
12030 }
12031
ThrowIfArrayBufferIsDetached(SloppyTNode<Context> context,TNode<JSArrayBuffer> array_buffer,const char * method_name)12032 void CodeStubAssembler::ThrowIfArrayBufferIsDetached(
12033 SloppyTNode<Context> context, TNode<JSArrayBuffer> array_buffer,
12034 const char* method_name) {
12035 Label if_detached(this, Label::kDeferred), if_not_detached(this);
12036 Branch(IsDetachedBuffer(array_buffer), &if_detached, &if_not_detached);
12037 BIND(&if_detached);
12038 ThrowTypeError(context, MessageTemplate::kDetachedOperation, method_name);
12039 BIND(&if_not_detached);
12040 }
12041
ThrowIfArrayBufferViewBufferIsDetached(SloppyTNode<Context> context,TNode<JSArrayBufferView> array_buffer_view,const char * method_name)12042 void CodeStubAssembler::ThrowIfArrayBufferViewBufferIsDetached(
12043 SloppyTNode<Context> context, TNode<JSArrayBufferView> array_buffer_view,
12044 const char* method_name) {
12045 TNode<JSArrayBuffer> buffer = LoadArrayBufferViewBuffer(array_buffer_view);
12046 ThrowIfArrayBufferIsDetached(context, buffer, method_name);
12047 }
12048
LoadArrayBufferViewBuffer(TNode<JSArrayBufferView> array_buffer_view)12049 TNode<JSArrayBuffer> CodeStubAssembler::LoadArrayBufferViewBuffer(
12050 TNode<JSArrayBufferView> array_buffer_view) {
12051 return LoadObjectField<JSArrayBuffer>(array_buffer_view,
12052 JSArrayBufferView::kBufferOffset);
12053 }
12054
LoadArrayBufferBackingStore(TNode<JSArrayBuffer> array_buffer)12055 TNode<RawPtrT> CodeStubAssembler::LoadArrayBufferBackingStore(
12056 TNode<JSArrayBuffer> array_buffer) {
12057 return LoadObjectField<RawPtrT>(array_buffer,
12058 JSArrayBuffer::kBackingStoreOffset);
12059 }
12060
CodeStubArguments(CodeStubAssembler * assembler,Node * argc,Node * fp,CodeStubAssembler::ParameterMode param_mode,ReceiverMode receiver_mode)12061 CodeStubArguments::CodeStubArguments(
12062 CodeStubAssembler* assembler, Node* argc, Node* fp,
12063 CodeStubAssembler::ParameterMode param_mode, ReceiverMode receiver_mode)
12064 : assembler_(assembler),
12065 argc_mode_(param_mode),
12066 receiver_mode_(receiver_mode),
12067 argc_(argc),
12068 arguments_(),
12069 fp_(fp != nullptr ? fp : assembler_->LoadFramePointer()) {
12070 Node* offset = assembler_->ElementOffsetFromIndex(
12071 argc_, PACKED_ELEMENTS, param_mode,
12072 (StandardFrameConstants::kFixedSlotCountAboveFp - 1) * kPointerSize);
12073 arguments_ = assembler_->UncheckedCast<RawPtr<Object>>(
12074 assembler_->IntPtrAdd(fp_, offset));
12075 }
12076
GetReceiver() const12077 TNode<Object> CodeStubArguments::GetReceiver() const {
12078 DCHECK_EQ(receiver_mode_, ReceiverMode::kHasReceiver);
12079 return assembler_->UncheckedCast<Object>(
12080 assembler_->Load(MachineType::AnyTagged(), arguments_,
12081 assembler_->IntPtrConstant(kPointerSize)));
12082 }
12083
SetReceiver(TNode<Object> object) const12084 void CodeStubArguments::SetReceiver(TNode<Object> object) const {
12085 DCHECK_EQ(receiver_mode_, ReceiverMode::kHasReceiver);
12086 assembler_->StoreNoWriteBarrier(MachineRepresentation::kTagged, arguments_,
12087 assembler_->IntPtrConstant(kPointerSize),
12088 object);
12089 }
12090
AtIndexPtr(Node * index,CodeStubAssembler::ParameterMode mode) const12091 TNode<RawPtr<Object>> CodeStubArguments::AtIndexPtr(
12092 Node* index, CodeStubAssembler::ParameterMode mode) const {
12093 typedef compiler::Node Node;
12094 Node* negated_index = assembler_->IntPtrOrSmiSub(
12095 assembler_->IntPtrOrSmiConstant(0, mode), index, mode);
12096 Node* offset = assembler_->ElementOffsetFromIndex(negated_index,
12097 PACKED_ELEMENTS, mode, 0);
12098 return assembler_->UncheckedCast<RawPtr<Object>>(assembler_->IntPtrAdd(
12099 assembler_->UncheckedCast<IntPtrT>(arguments_), offset));
12100 }
12101
AtIndex(Node * index,CodeStubAssembler::ParameterMode mode) const12102 TNode<Object> CodeStubArguments::AtIndex(
12103 Node* index, CodeStubAssembler::ParameterMode mode) const {
12104 DCHECK_EQ(argc_mode_, mode);
12105 CSA_ASSERT(assembler_,
12106 assembler_->UintPtrOrSmiLessThan(index, GetLength(mode), mode));
12107 return assembler_->UncheckedCast<Object>(
12108 assembler_->Load(MachineType::AnyTagged(), AtIndexPtr(index, mode)));
12109 }
12110
AtIndex(int index) const12111 TNode<Object> CodeStubArguments::AtIndex(int index) const {
12112 return AtIndex(assembler_->IntPtrConstant(index));
12113 }
12114
GetOptionalArgumentValue(int index,TNode<Object> default_value)12115 TNode<Object> CodeStubArguments::GetOptionalArgumentValue(
12116 int index, TNode<Object> default_value) {
12117 CodeStubAssembler::TVariable<Object> result(assembler_);
12118 CodeStubAssembler::Label argument_missing(assembler_),
12119 argument_done(assembler_, &result);
12120
12121 assembler_->GotoIf(assembler_->UintPtrOrSmiGreaterThanOrEqual(
12122 assembler_->IntPtrOrSmiConstant(index, argc_mode_),
12123 argc_, argc_mode_),
12124 &argument_missing);
12125 result = AtIndex(index);
12126 assembler_->Goto(&argument_done);
12127
12128 assembler_->BIND(&argument_missing);
12129 result = default_value;
12130 assembler_->Goto(&argument_done);
12131
12132 assembler_->BIND(&argument_done);
12133 return result.value();
12134 }
12135
GetOptionalArgumentValue(TNode<IntPtrT> index,TNode<Object> default_value)12136 TNode<Object> CodeStubArguments::GetOptionalArgumentValue(
12137 TNode<IntPtrT> index, TNode<Object> default_value) {
12138 CodeStubAssembler::TVariable<Object> result(assembler_);
12139 CodeStubAssembler::Label argument_missing(assembler_),
12140 argument_done(assembler_, &result);
12141
12142 assembler_->GotoIf(
12143 assembler_->UintPtrOrSmiGreaterThanOrEqual(
12144 assembler_->IntPtrToParameter(index, argc_mode_), argc_, argc_mode_),
12145 &argument_missing);
12146 result = AtIndex(index);
12147 assembler_->Goto(&argument_done);
12148
12149 assembler_->BIND(&argument_missing);
12150 result = default_value;
12151 assembler_->Goto(&argument_done);
12152
12153 assembler_->BIND(&argument_done);
12154 return result.value();
12155 }
12156
ForEach(const CodeStubAssembler::VariableList & vars,const CodeStubArguments::ForEachBodyFunction & body,Node * first,Node * last,CodeStubAssembler::ParameterMode mode)12157 void CodeStubArguments::ForEach(
12158 const CodeStubAssembler::VariableList& vars,
12159 const CodeStubArguments::ForEachBodyFunction& body, Node* first, Node* last,
12160 CodeStubAssembler::ParameterMode mode) {
12161 assembler_->Comment("CodeStubArguments::ForEach");
12162 if (first == nullptr) {
12163 first = assembler_->IntPtrOrSmiConstant(0, mode);
12164 }
12165 if (last == nullptr) {
12166 DCHECK_EQ(mode, argc_mode_);
12167 last = argc_;
12168 }
12169 Node* start = assembler_->IntPtrSub(
12170 assembler_->UncheckedCast<IntPtrT>(arguments_),
12171 assembler_->ElementOffsetFromIndex(first, PACKED_ELEMENTS, mode));
12172 Node* end = assembler_->IntPtrSub(
12173 assembler_->UncheckedCast<IntPtrT>(arguments_),
12174 assembler_->ElementOffsetFromIndex(last, PACKED_ELEMENTS, mode));
12175 assembler_->BuildFastLoop(vars, start, end,
12176 [this, &body](Node* current) {
12177 Node* arg = assembler_->Load(
12178 MachineType::AnyTagged(), current);
12179 body(arg);
12180 },
12181 -kPointerSize, CodeStubAssembler::INTPTR_PARAMETERS,
12182 CodeStubAssembler::IndexAdvanceMode::kPost);
12183 }
12184
PopAndReturn(Node * value)12185 void CodeStubArguments::PopAndReturn(Node* value) {
12186 Node* pop_count;
12187 if (receiver_mode_ == ReceiverMode::kHasReceiver) {
12188 pop_count = assembler_->IntPtrOrSmiAdd(
12189 argc_, assembler_->IntPtrOrSmiConstant(1, argc_mode_), argc_mode_);
12190 } else {
12191 pop_count = argc_;
12192 }
12193
12194 assembler_->PopAndReturn(assembler_->ParameterToIntPtr(pop_count, argc_mode_),
12195 value);
12196 }
12197
IsFastElementsKind(Node * elements_kind)12198 Node* CodeStubAssembler::IsFastElementsKind(Node* elements_kind) {
12199 STATIC_ASSERT(FIRST_ELEMENTS_KIND == FIRST_FAST_ELEMENTS_KIND);
12200 return Uint32LessThanOrEqual(elements_kind,
12201 Int32Constant(LAST_FAST_ELEMENTS_KIND));
12202 }
12203
IsDoubleElementsKind(TNode<Int32T> elements_kind)12204 TNode<BoolT> CodeStubAssembler::IsDoubleElementsKind(
12205 TNode<Int32T> elements_kind) {
12206 STATIC_ASSERT(FIRST_ELEMENTS_KIND == FIRST_FAST_ELEMENTS_KIND);
12207 STATIC_ASSERT((PACKED_DOUBLE_ELEMENTS & 1) == 0);
12208 STATIC_ASSERT(PACKED_DOUBLE_ELEMENTS + 1 == HOLEY_DOUBLE_ELEMENTS);
12209 return Word32Equal(Word32Shr(elements_kind, Int32Constant(1)),
12210 Int32Constant(PACKED_DOUBLE_ELEMENTS / 2));
12211 }
12212
IsFastSmiOrTaggedElementsKind(Node * elements_kind)12213 Node* CodeStubAssembler::IsFastSmiOrTaggedElementsKind(Node* elements_kind) {
12214 STATIC_ASSERT(FIRST_ELEMENTS_KIND == FIRST_FAST_ELEMENTS_KIND);
12215 STATIC_ASSERT(PACKED_DOUBLE_ELEMENTS > TERMINAL_FAST_ELEMENTS_KIND);
12216 STATIC_ASSERT(HOLEY_DOUBLE_ELEMENTS > TERMINAL_FAST_ELEMENTS_KIND);
12217 return Uint32LessThanOrEqual(elements_kind,
12218 Int32Constant(TERMINAL_FAST_ELEMENTS_KIND));
12219 }
12220
IsFastSmiElementsKind(Node * elements_kind)12221 Node* CodeStubAssembler::IsFastSmiElementsKind(Node* elements_kind) {
12222 return Uint32LessThanOrEqual(elements_kind,
12223 Int32Constant(HOLEY_SMI_ELEMENTS));
12224 }
12225
IsHoleyFastElementsKind(Node * elements_kind)12226 Node* CodeStubAssembler::IsHoleyFastElementsKind(Node* elements_kind) {
12227 CSA_ASSERT(this, IsFastElementsKind(elements_kind));
12228
12229 STATIC_ASSERT(HOLEY_SMI_ELEMENTS == (PACKED_SMI_ELEMENTS | 1));
12230 STATIC_ASSERT(HOLEY_ELEMENTS == (PACKED_ELEMENTS | 1));
12231 STATIC_ASSERT(HOLEY_DOUBLE_ELEMENTS == (PACKED_DOUBLE_ELEMENTS | 1));
12232 return IsSetWord32(elements_kind, 1);
12233 }
12234
IsElementsKindGreaterThan(Node * target_kind,ElementsKind reference_kind)12235 Node* CodeStubAssembler::IsElementsKindGreaterThan(
12236 Node* target_kind, ElementsKind reference_kind) {
12237 return Int32GreaterThan(target_kind, Int32Constant(reference_kind));
12238 }
12239
IsDebugActive()12240 Node* CodeStubAssembler::IsDebugActive() {
12241 Node* is_debug_active = Load(
12242 MachineType::Uint8(),
12243 ExternalConstant(ExternalReference::debug_is_active_address(isolate())));
12244 return Word32NotEqual(is_debug_active, Int32Constant(0));
12245 }
12246
IsRuntimeCallStatsEnabled()12247 TNode<BoolT> CodeStubAssembler::IsRuntimeCallStatsEnabled() {
12248 TNode<Word32T> flag_value = UncheckedCast<Word32T>(Load(
12249 MachineType::Int32(),
12250 ExternalConstant(ExternalReference::address_of_runtime_stats_flag())));
12251 return Word32NotEqual(flag_value, Int32Constant(0));
12252 }
12253
IsPromiseHookEnabled()12254 Node* CodeStubAssembler::IsPromiseHookEnabled() {
12255 Node* const promise_hook = Load(
12256 MachineType::Pointer(),
12257 ExternalConstant(ExternalReference::promise_hook_address(isolate())));
12258 return WordNotEqual(promise_hook, IntPtrConstant(0));
12259 }
12260
HasAsyncEventDelegate()12261 Node* CodeStubAssembler::HasAsyncEventDelegate() {
12262 Node* const async_event_delegate =
12263 Load(MachineType::Pointer(),
12264 ExternalConstant(
12265 ExternalReference::async_event_delegate_address(isolate())));
12266 return WordNotEqual(async_event_delegate, IntPtrConstant(0));
12267 }
12268
IsPromiseHookEnabledOrHasAsyncEventDelegate()12269 Node* CodeStubAssembler::IsPromiseHookEnabledOrHasAsyncEventDelegate() {
12270 Node* const promise_hook_or_async_event_delegate =
12271 Load(MachineType::Uint8(),
12272 ExternalConstant(
12273 ExternalReference::promise_hook_or_async_event_delegate_address(
12274 isolate())));
12275 return Word32NotEqual(promise_hook_or_async_event_delegate, Int32Constant(0));
12276 }
12277
LoadBuiltin(TNode<Smi> builtin_id)12278 TNode<Code> CodeStubAssembler::LoadBuiltin(TNode<Smi> builtin_id) {
12279 CSA_ASSERT(this, SmiGreaterThanOrEqual(builtin_id, SmiConstant(0)));
12280 CSA_ASSERT(this,
12281 SmiLessThan(builtin_id, SmiConstant(Builtins::builtin_count)));
12282
12283 int const kSmiShiftBits = kSmiShiftSize + kSmiTagSize;
12284 int index_shift = kPointerSizeLog2 - kSmiShiftBits;
12285 TNode<WordT> table_index =
12286 index_shift >= 0 ? WordShl(BitcastTaggedToWord(builtin_id), index_shift)
12287 : WordSar(BitcastTaggedToWord(builtin_id), -index_shift);
12288
12289 return CAST(
12290 Load(MachineType::TaggedPointer(),
12291 ExternalConstant(ExternalReference::builtins_address(isolate())),
12292 table_index));
12293 }
12294
GetSharedFunctionInfoCode(SloppyTNode<SharedFunctionInfo> shared_info,Label * if_compile_lazy)12295 TNode<Code> CodeStubAssembler::GetSharedFunctionInfoCode(
12296 SloppyTNode<SharedFunctionInfo> shared_info, Label* if_compile_lazy) {
12297 TNode<Object> sfi_data =
12298 LoadObjectField(shared_info, SharedFunctionInfo::kFunctionDataOffset);
12299
12300 TVARIABLE(Code, sfi_code);
12301
12302 Label done(this);
12303 Label check_instance_type(this);
12304
12305 // IsSmi: Is builtin
12306 GotoIf(TaggedIsNotSmi(sfi_data), &check_instance_type);
12307 if (if_compile_lazy) {
12308 GotoIf(SmiEqual(CAST(sfi_data), SmiConstant(Builtins::kCompileLazy)),
12309 if_compile_lazy);
12310 }
12311 sfi_code = LoadBuiltin(CAST(sfi_data));
12312 Goto(&done);
12313
12314 // Switch on data's instance type.
12315 BIND(&check_instance_type);
12316 TNode<Int32T> data_type = LoadInstanceType(CAST(sfi_data));
12317
12318 int32_t case_values[] = {BYTECODE_ARRAY_TYPE,
12319 WASM_EXPORTED_FUNCTION_DATA_TYPE,
12320 FIXED_ARRAY_TYPE,
12321 UNCOMPILED_DATA_WITHOUT_PRE_PARSED_SCOPE_TYPE,
12322 UNCOMPILED_DATA_WITH_PRE_PARSED_SCOPE_TYPE,
12323 FUNCTION_TEMPLATE_INFO_TYPE};
12324 Label check_is_bytecode_array(this);
12325 Label check_is_exported_function_data(this);
12326 Label check_is_fixed_array(this);
12327 Label check_is_uncompiled_data_without_pre_parsed_scope(this);
12328 Label check_is_uncompiled_data_with_pre_parsed_scope(this);
12329 Label check_is_function_template_info(this);
12330 Label check_is_interpreter_data(this);
12331 Label* case_labels[] = {&check_is_bytecode_array,
12332 &check_is_exported_function_data,
12333 &check_is_fixed_array,
12334 &check_is_uncompiled_data_without_pre_parsed_scope,
12335 &check_is_uncompiled_data_with_pre_parsed_scope,
12336 &check_is_function_template_info};
12337 STATIC_ASSERT(arraysize(case_values) == arraysize(case_labels));
12338 Switch(data_type, &check_is_interpreter_data, case_values, case_labels,
12339 arraysize(case_labels));
12340
12341 // IsBytecodeArray: Interpret bytecode
12342 BIND(&check_is_bytecode_array);
12343 DCHECK(!Builtins::IsLazy(Builtins::kInterpreterEntryTrampoline));
12344 sfi_code = HeapConstant(BUILTIN_CODE(isolate(), InterpreterEntryTrampoline));
12345 Goto(&done);
12346
12347 // IsWasmExportedFunctionData: Use the wrapper code
12348 BIND(&check_is_exported_function_data);
12349 sfi_code = CAST(LoadObjectField(
12350 CAST(sfi_data), WasmExportedFunctionData::kWrapperCodeOffset));
12351 Goto(&done);
12352
12353 // IsFixedArray: Instantiate using AsmWasmData
12354 BIND(&check_is_fixed_array);
12355 DCHECK(!Builtins::IsLazy(Builtins::kInstantiateAsmJs));
12356 sfi_code = HeapConstant(BUILTIN_CODE(isolate(), InstantiateAsmJs));
12357 Goto(&done);
12358
12359 // IsUncompiledDataWithPreParsedScope | IsUncompiledDataWithoutPreParsedScope:
12360 // Compile lazy
12361 BIND(&check_is_uncompiled_data_with_pre_parsed_scope);
12362 Goto(&check_is_uncompiled_data_without_pre_parsed_scope);
12363 BIND(&check_is_uncompiled_data_without_pre_parsed_scope);
12364 DCHECK(!Builtins::IsLazy(Builtins::kCompileLazy));
12365 sfi_code = HeapConstant(BUILTIN_CODE(isolate(), CompileLazy));
12366 Goto(if_compile_lazy ? if_compile_lazy : &done);
12367
12368 // IsFunctionTemplateInfo: API call
12369 BIND(&check_is_function_template_info);
12370 DCHECK(!Builtins::IsLazy(Builtins::kHandleApiCall));
12371 sfi_code = HeapConstant(BUILTIN_CODE(isolate(), HandleApiCall));
12372 Goto(&done);
12373
12374 // IsInterpreterData: Interpret bytecode
12375 BIND(&check_is_interpreter_data);
12376 // This is the default branch, so assert that we have the expected data type.
12377 CSA_ASSERT(this,
12378 Word32Equal(data_type, Int32Constant(INTERPRETER_DATA_TYPE)));
12379 sfi_code = CAST(LoadObjectField(
12380 CAST(sfi_data), InterpreterData::kInterpreterTrampolineOffset));
12381 Goto(&done);
12382
12383 BIND(&done);
12384 return sfi_code.value();
12385 }
12386
AllocateFunctionWithMapAndContext(Node * map,Node * shared_info,Node * context)12387 Node* CodeStubAssembler::AllocateFunctionWithMapAndContext(Node* map,
12388 Node* shared_info,
12389 Node* context) {
12390 CSA_SLOW_ASSERT(this, IsMap(map));
12391
12392 Node* const code = GetSharedFunctionInfoCode(shared_info);
12393
12394 // TODO(ishell): All the callers of this function pass map loaded from
12395 // Context::STRICT_FUNCTION_WITHOUT_PROTOTYPE_MAP_INDEX. So we can remove
12396 // map parameter.
12397 CSA_ASSERT(this, Word32BinaryNot(IsConstructorMap(map)));
12398 CSA_ASSERT(this, Word32BinaryNot(IsFunctionWithPrototypeSlotMap(map)));
12399 Node* const fun = Allocate(JSFunction::kSizeWithoutPrototype);
12400 STATIC_ASSERT(JSFunction::kSizeWithoutPrototype == 7 * kPointerSize);
12401 StoreMapNoWriteBarrier(fun, map);
12402 StoreObjectFieldRoot(fun, JSObject::kPropertiesOrHashOffset,
12403 Heap::kEmptyFixedArrayRootIndex);
12404 StoreObjectFieldRoot(fun, JSObject::kElementsOffset,
12405 Heap::kEmptyFixedArrayRootIndex);
12406 StoreObjectFieldRoot(fun, JSFunction::kFeedbackCellOffset,
12407 Heap::kManyClosuresCellRootIndex);
12408 StoreObjectFieldNoWriteBarrier(fun, JSFunction::kSharedFunctionInfoOffset,
12409 shared_info);
12410 StoreObjectFieldNoWriteBarrier(fun, JSFunction::kContextOffset, context);
12411 StoreObjectFieldNoWriteBarrier(fun, JSFunction::kCodeOffset, code);
12412 return fun;
12413 }
12414
MarkerIsFrameType(Node * marker_or_function,StackFrame::Type frame_type)12415 Node* CodeStubAssembler::MarkerIsFrameType(Node* marker_or_function,
12416 StackFrame::Type frame_type) {
12417 return WordEqual(marker_or_function,
12418 IntPtrConstant(StackFrame::TypeToMarker(frame_type)));
12419 }
12420
MarkerIsNotFrameType(Node * marker_or_function,StackFrame::Type frame_type)12421 Node* CodeStubAssembler::MarkerIsNotFrameType(Node* marker_or_function,
12422 StackFrame::Type frame_type) {
12423 return WordNotEqual(marker_or_function,
12424 IntPtrConstant(StackFrame::TypeToMarker(frame_type)));
12425 }
12426
CheckPrototypeEnumCache(Node * receiver,Node * receiver_map,Label * if_fast,Label * if_slow)12427 void CodeStubAssembler::CheckPrototypeEnumCache(Node* receiver,
12428 Node* receiver_map,
12429 Label* if_fast,
12430 Label* if_slow) {
12431 VARIABLE(var_object, MachineRepresentation::kTagged, receiver);
12432 VARIABLE(var_object_map, MachineRepresentation::kTagged, receiver_map);
12433
12434 Label loop(this, {&var_object, &var_object_map}), done_loop(this);
12435 Goto(&loop);
12436 BIND(&loop);
12437 {
12438 // Check that there are no elements on the current {object}.
12439 Label if_no_elements(this);
12440 Node* object = var_object.value();
12441 Node* object_map = var_object_map.value();
12442
12443 // The following relies on the elements only aliasing with JSProxy::target,
12444 // which is a Javascript value and hence cannot be confused with an elements
12445 // backing store.
12446 STATIC_ASSERT(JSObject::kElementsOffset == JSProxy::kTargetOffset);
12447 Node* object_elements = LoadObjectField(object, JSObject::kElementsOffset);
12448 GotoIf(IsEmptyFixedArray(object_elements), &if_no_elements);
12449 GotoIf(IsEmptySlowElementDictionary(object_elements), &if_no_elements);
12450
12451 // It might still be an empty JSArray.
12452 GotoIfNot(IsJSArrayMap(object_map), if_slow);
12453 Node* object_length = LoadJSArrayLength(object);
12454 Branch(WordEqual(object_length, SmiConstant(0)), &if_no_elements, if_slow);
12455
12456 // Continue with the {object}s prototype.
12457 BIND(&if_no_elements);
12458 object = LoadMapPrototype(object_map);
12459 GotoIf(IsNull(object), if_fast);
12460
12461 // For all {object}s but the {receiver}, check that the cache is empty.
12462 var_object.Bind(object);
12463 object_map = LoadMap(object);
12464 var_object_map.Bind(object_map);
12465 Node* object_enum_length = LoadMapEnumLength(object_map);
12466 Branch(WordEqual(object_enum_length, IntPtrConstant(0)), &loop, if_slow);
12467 }
12468 }
12469
CheckEnumCache(Node * receiver,Label * if_empty,Label * if_runtime)12470 Node* CodeStubAssembler::CheckEnumCache(Node* receiver, Label* if_empty,
12471 Label* if_runtime) {
12472 Label if_fast(this), if_cache(this), if_no_cache(this, Label::kDeferred);
12473 Node* receiver_map = LoadMap(receiver);
12474
12475 // Check if the enum length field of the {receiver} is properly initialized,
12476 // indicating that there is an enum cache.
12477 Node* receiver_enum_length = LoadMapEnumLength(receiver_map);
12478 Branch(WordEqual(receiver_enum_length,
12479 IntPtrConstant(kInvalidEnumCacheSentinel)),
12480 &if_no_cache, &if_cache);
12481
12482 BIND(&if_no_cache);
12483 {
12484 // Avoid runtime-call for empty dictionary receivers.
12485 GotoIfNot(IsDictionaryMap(receiver_map), if_runtime);
12486 TNode<NameDictionary> properties = CAST(LoadSlowProperties(receiver));
12487 TNode<Smi> length = GetNumberOfElements(properties);
12488 GotoIfNot(WordEqual(length, SmiConstant(0)), if_runtime);
12489 // Check that there are no elements on the {receiver} and its prototype
12490 // chain. Given that we do not create an EnumCache for dict-mode objects,
12491 // directly jump to {if_empty} if there are no elements and no properties
12492 // on the {receiver}.
12493 CheckPrototypeEnumCache(receiver, receiver_map, if_empty, if_runtime);
12494 }
12495
12496 // Check that there are no elements on the fast {receiver} and its
12497 // prototype chain.
12498 BIND(&if_cache);
12499 CheckPrototypeEnumCache(receiver, receiver_map, &if_fast, if_runtime);
12500
12501 BIND(&if_fast);
12502 return receiver_map;
12503 }
12504
GetArgumentsLength(CodeStubArguments * args)12505 TNode<IntPtrT> CodeStubAssembler::GetArgumentsLength(CodeStubArguments* args) {
12506 return args->GetLength();
12507 }
12508
GetArgumentValue(CodeStubArguments * args,TNode<IntPtrT> index)12509 TNode<Object> CodeStubAssembler::GetArgumentValue(CodeStubArguments* args,
12510 TNode<IntPtrT> index) {
12511 return args->GetOptionalArgumentValue(index);
12512 }
12513
Print(const char * s)12514 void CodeStubAssembler::Print(const char* s) {
12515 std::string formatted(s);
12516 formatted += "\n";
12517 CallRuntime(Runtime::kGlobalPrint, NoContextConstant(),
12518 StringConstant(formatted.c_str()));
12519 }
12520
Print(const char * prefix,Node * tagged_value)12521 void CodeStubAssembler::Print(const char* prefix, Node* tagged_value) {
12522 if (prefix != nullptr) {
12523 std::string formatted(prefix);
12524 formatted += ": ";
12525 Handle<String> string = isolate()->factory()->NewStringFromAsciiChecked(
12526 formatted.c_str(), TENURED);
12527 CallRuntime(Runtime::kGlobalPrint, NoContextConstant(),
12528 HeapConstant(string));
12529 }
12530 CallRuntime(Runtime::kDebugPrint, NoContextConstant(), tagged_value);
12531 }
12532
PerformStackCheck(TNode<Context> context)12533 void CodeStubAssembler::PerformStackCheck(TNode<Context> context) {
12534 Label ok(this), stack_check_interrupt(this, Label::kDeferred);
12535
12536 // The instruction sequence below is carefully crafted to hit our pattern
12537 // matcher for stack checks within instruction selection.
12538 // See StackCheckMatcher::Matched and JSGenericLowering::LowerJSStackCheck.
12539
12540 TNode<UintPtrT> sp = UncheckedCast<UintPtrT>(LoadStackPointer());
12541 TNode<UintPtrT> stack_limit = UncheckedCast<UintPtrT>(Load(
12542 MachineType::Pointer(),
12543 ExternalConstant(ExternalReference::address_of_stack_limit(isolate()))));
12544 TNode<BoolT> sp_within_limit = UintPtrLessThan(stack_limit, sp);
12545
12546 Branch(sp_within_limit, &ok, &stack_check_interrupt);
12547
12548 BIND(&stack_check_interrupt);
12549 CallRuntime(Runtime::kStackGuard, context);
12550 Goto(&ok);
12551
12552 BIND(&ok);
12553 }
12554
InitializeFunctionContext(Node * native_context,Node * context,int slots)12555 void CodeStubAssembler::InitializeFunctionContext(Node* native_context,
12556 Node* context, int slots) {
12557 DCHECK_GE(slots, Context::MIN_CONTEXT_SLOTS);
12558 StoreMapNoWriteBarrier(context, Heap::kFunctionContextMapRootIndex);
12559 StoreObjectFieldNoWriteBarrier(context, FixedArray::kLengthOffset,
12560 SmiConstant(slots));
12561
12562 Node* const empty_scope_info =
12563 LoadContextElement(native_context, Context::SCOPE_INFO_INDEX);
12564 StoreContextElementNoWriteBarrier(context, Context::SCOPE_INFO_INDEX,
12565 empty_scope_info);
12566 StoreContextElementNoWriteBarrier(context, Context::PREVIOUS_INDEX,
12567 UndefinedConstant());
12568 StoreContextElementNoWriteBarrier(context, Context::EXTENSION_INDEX,
12569 TheHoleConstant());
12570 StoreContextElementNoWriteBarrier(context, Context::NATIVE_CONTEXT_INDEX,
12571 native_context);
12572 }
12573
12574 } // namespace internal
12575 } // namespace v8
12576