The Tor Browser / annotate

js/src/jit/x86/BaselineIC-x86.cpp@6474c204b198 (annotated)

js/src/jit/x86/BaselineIC-x86.cpp

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
michael@0 2 * vim: set ts=8 sts=4 et sw=4 tw=99:
michael@0 3 * This Source Code Form is subject to the terms of the Mozilla Public
michael@0 4 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 6
michael@0 7 #include "jit/BaselineCompiler.h"
michael@0 8 #include "jit/BaselineHelpers.h"
michael@0 9 #include "jit/BaselineIC.h"
michael@0 10 #include "jit/BaselineJIT.h"
michael@0 11 #include "jit/IonLinker.h"
michael@0 12
michael@0 13 using namespace js;
michael@0 14 using namespace js::jit;
michael@0 15
michael@0 16 namespace js {
michael@0 17 namespace jit {
michael@0 18
michael@0 19 // ICCompare_Int32
michael@0 20
michael@0 21 bool
michael@0 22 ICCompare_Int32::Compiler::generateStubCode(MacroAssembler &masm)
michael@0 23 {
michael@0 24 // Guard that R0 is an integer and R1 is an integer.
michael@0 25 Label failure;
michael@0 26 masm.branchTestInt32(Assembler::NotEqual, R0, &failure);
michael@0 27 masm.branchTestInt32(Assembler::NotEqual, R1, &failure);
michael@0 28
michael@0 29 // Compare payload regs of R0 and R1.
michael@0 30 Assembler::Condition cond = JSOpToCondition(op, /* signed = */true);
michael@0 31 masm.cmpl(R0.payloadReg(), R1.payloadReg());
michael@0 32 masm.setCC(cond, R0.payloadReg());
michael@0 33 masm.movzbl(R0.payloadReg(), R0.payloadReg());
michael@0 34
michael@0 35 // Box the result and return
michael@0 36 masm.tagValue(JSVAL_TYPE_BOOLEAN, R0.payloadReg(), R0);
michael@0 37 EmitReturnFromIC(masm);
michael@0 38
michael@0 39 // Failure case - jump to next stub
michael@0 40 masm.bind(&failure);
michael@0 41 EmitStubGuardFailure(masm);
michael@0 42 return true;
michael@0 43 }
michael@0 44
michael@0 45 // ICBinaryArith_Int32
michael@0 46
michael@0 47 bool
michael@0 48 ICBinaryArith_Int32::Compiler::generateStubCode(MacroAssembler &masm)
michael@0 49 {
michael@0 50 // Guard that R0 is an integer and R1 is an integer.
michael@0 51 Label failure;
michael@0 52 masm.branchTestInt32(Assembler::NotEqual, R0, &failure);
michael@0 53 masm.branchTestInt32(Assembler::NotEqual, R1, &failure);
michael@0 54
michael@0 55 // Add R0 and R1. Don't need to explicitly unbox, just use the TailCallReg which
michael@0 56 // should be available.
michael@0 57 Register scratchReg = BaselineTailCallReg;
michael@0 58
michael@0 59 Label revertRegister, maybeNegZero;
michael@0 60 switch(op_) {
michael@0 61 case JSOP_ADD:
michael@0 62 // Add R0 and R1. Don't need to explicitly unbox.
michael@0 63 masm.movl(R0.payloadReg(), scratchReg);
michael@0 64 masm.addl(R1.payloadReg(), scratchReg);
michael@0 65
michael@0 66 // Just jump to failure on overflow. R0 and R1 are preserved, so we can just jump to
michael@0 67 // the next stub.
michael@0 68 masm.j(Assembler::Overflow, &failure);
michael@0 69
michael@0 70 // Just overwrite the payload, the tag is still fine.
michael@0 71 masm.movl(scratchReg, R0.payloadReg());
michael@0 72 break;
michael@0 73 case JSOP_SUB:
michael@0 74 masm.movl(R0.payloadReg(), scratchReg);
michael@0 75 masm.subl(R1.payloadReg(), scratchReg);
michael@0 76 masm.j(Assembler::Overflow, &failure);
michael@0 77 masm.movl(scratchReg, R0.payloadReg());
michael@0 78 break;
michael@0 79 case JSOP_MUL:
michael@0 80 masm.movl(R0.payloadReg(), scratchReg);
michael@0 81 masm.imull(R1.payloadReg(), scratchReg);
michael@0 82 masm.j(Assembler::Overflow, &failure);
michael@0 83
michael@0 84 masm.testl(scratchReg, scratchReg);
michael@0 85 masm.j(Assembler::Zero, &maybeNegZero);
michael@0 86
michael@0 87 masm.movl(scratchReg, R0.payloadReg());
michael@0 88 break;
michael@0 89 case JSOP_DIV:
michael@0 90 {
michael@0 91 // Prevent division by 0.
michael@0 92 masm.branchTest32(Assembler::Zero, R1.payloadReg(), R1.payloadReg(), &failure);
michael@0 93
michael@0 94 // Prevent negative 0 and -2147483648 / -1.
michael@0 95 masm.branch32(Assembler::Equal, R0.payloadReg(), Imm32(INT32_MIN), &failure);
michael@0 96
michael@0 97 Label notZero;
michael@0 98 masm.branch32(Assembler::NotEqual, R0.payloadReg(), Imm32(0), &notZero);
michael@0 99 masm.branchTest32(Assembler::Signed, R1.payloadReg(), R1.payloadReg(), &failure);
michael@0 100 masm.bind(&notZero);
michael@0 101
michael@0 102 // For idiv we need eax.
michael@0 103 JS_ASSERT(R1.typeReg() == eax);
michael@0 104 masm.movl(R0.payloadReg(), eax);
michael@0 105 // Preserve R0.payloadReg()/edx, eax is JSVAL_TYPE_INT32.
michael@0 106 masm.movl(R0.payloadReg(), scratchReg);
michael@0 107 // Sign extend eax into edx to make (edx:eax), since idiv is 64-bit.
michael@0 108 masm.cdq();
michael@0 109 masm.idiv(R1.payloadReg());
michael@0 110
michael@0 111 // A remainder implies a double result.
michael@0 112 masm.branchTest32(Assembler::NonZero, edx, edx, &revertRegister);
michael@0 113
michael@0 114 masm.movl(eax, R0.payloadReg());
michael@0 115 break;
michael@0 116 }
michael@0 117 case JSOP_MOD:
michael@0 118 {
michael@0 119 // x % 0 always results in NaN.
michael@0 120 masm.branchTest32(Assembler::Zero, R1.payloadReg(), R1.payloadReg(), &failure);
michael@0 121
michael@0 122 // Prevent negative 0 and -2147483648 % -1.
michael@0 123 masm.branchTest32(Assembler::Zero, R0.payloadReg(), Imm32(0x7fffffff), &failure);
michael@0 124
michael@0 125 // For idiv we need eax.
michael@0 126 JS_ASSERT(R1.typeReg() == eax);
michael@0 127 masm.movl(R0.payloadReg(), eax);
michael@0 128 // Preserve R0.payloadReg()/edx, eax is JSVAL_TYPE_INT32.
michael@0 129 masm.movl(R0.payloadReg(), scratchReg);
michael@0 130 // Sign extend eax into edx to make (edx:eax), since idiv is 64-bit.
michael@0 131 masm.cdq();
michael@0 132 masm.idiv(R1.payloadReg());
michael@0 133
michael@0 134 // Fail when we would need a negative remainder.
michael@0 135 Label done;
michael@0 136 masm.branchTest32(Assembler::NonZero, edx, edx, &done);
michael@0 137 masm.branchTest32(Assembler::Signed, scratchReg, scratchReg, &revertRegister);
michael@0 138 masm.branchTest32(Assembler::Signed, R1.payloadReg(), R1.payloadReg(), &revertRegister);
michael@0 139
michael@0 140 masm.bind(&done);
michael@0 141 // Result is in edx, tag in ecx remains untouched.
michael@0 142 JS_ASSERT(R0.payloadReg() == edx);
michael@0 143 JS_ASSERT(R0.typeReg() == ecx);
michael@0 144 break;
michael@0 145 }
michael@0 146 case JSOP_BITOR:
michael@0 147 // We can overide R0, because the instruction is unfailable.
michael@0 148 // The R0.typeReg() is also still intact.
michael@0 149 masm.orl(R1.payloadReg(), R0.payloadReg());
michael@0 150 break;
michael@0 151 case JSOP_BITXOR:
michael@0 152 masm.xorl(R1.payloadReg(), R0.payloadReg());
michael@0 153 break;
michael@0 154 case JSOP_BITAND:
michael@0 155 masm.andl(R1.payloadReg(), R0.payloadReg());
michael@0 156 break;
michael@0 157 case JSOP_LSH:
michael@0 158 // RHS needs to be in ecx for shift operations.
michael@0 159 JS_ASSERT(R0.typeReg() == ecx);
michael@0 160 masm.movl(R1.payloadReg(), ecx);
michael@0 161 masm.shll_cl(R0.payloadReg());
michael@0 162 // We need to tag again, because we overwrote it.
michael@0 163 masm.tagValue(JSVAL_TYPE_INT32, R0.payloadReg(), R0);
michael@0 164 break;
michael@0 165 case JSOP_RSH:
michael@0 166 masm.movl(R1.payloadReg(), ecx);
michael@0 167 masm.sarl_cl(R0.payloadReg());
michael@0 168 masm.tagValue(JSVAL_TYPE_INT32, R0.payloadReg(), R0);
michael@0 169 break;
michael@0 170 case JSOP_URSH:
michael@0 171 if (!allowDouble_)
michael@0 172 masm.movl(R0.payloadReg(), scratchReg);
michael@0 173
michael@0 174 masm.movl(R1.payloadReg(), ecx);
michael@0 175 masm.shrl_cl(R0.payloadReg());
michael@0 176 masm.testl(R0.payloadReg(), R0.payloadReg());
michael@0 177 if (allowDouble_) {
michael@0 178 Label toUint;
michael@0 179 masm.j(Assembler::Signed, &toUint);
michael@0 180
michael@0 181 // Box and return.
michael@0 182 masm.tagValue(JSVAL_TYPE_INT32, R0.payloadReg(), R0);
michael@0 183 EmitReturnFromIC(masm);
michael@0 184
michael@0 185 masm.bind(&toUint);
michael@0 186 masm.convertUInt32ToDouble(R0.payloadReg(), ScratchFloatReg);
michael@0 187 masm.boxDouble(ScratchFloatReg, R0);
michael@0 188 } else {
michael@0 189 masm.j(Assembler::Signed, &revertRegister);
michael@0 190 masm.tagValue(JSVAL_TYPE_INT32, R0.payloadReg(), R0);
michael@0 191 }
michael@0 192 break;
michael@0 193 default:
michael@0 194 MOZ_ASSUME_UNREACHABLE("Unhandled op for BinaryArith_Int32. ");
michael@0 195 }
michael@0 196
michael@0 197 // Return.
michael@0 198 EmitReturnFromIC(masm);
michael@0 199
michael@0 200 switch(op_) {
michael@0 201 case JSOP_MUL:
michael@0 202 masm.bind(&maybeNegZero);
michael@0 203
michael@0 204 // Result is -0 if exactly one of lhs or rhs is negative.
michael@0 205 masm.movl(R0.payloadReg(), scratchReg);
michael@0 206 masm.orl(R1.payloadReg(), scratchReg);
michael@0 207 masm.j(Assembler::Signed, &failure);
michael@0 208
michael@0 209 // Result is +0.
michael@0 210 masm.mov(ImmWord(0), R0.payloadReg());
michael@0 211 EmitReturnFromIC(masm);
michael@0 212 break;
michael@0 213 case JSOP_DIV:
michael@0 214 case JSOP_MOD:
michael@0 215 masm.bind(&revertRegister);
michael@0 216 masm.movl(scratchReg, R0.payloadReg());
michael@0 217 masm.movl(ImmType(JSVAL_TYPE_INT32), R1.typeReg());
michael@0 218 break;
michael@0 219 case JSOP_URSH:
michael@0 220 // Revert the content of R0 in the fallible >>> case.
michael@0 221 if (!allowDouble_) {
michael@0 222 masm.bind(&revertRegister);
michael@0 223 masm.tagValue(JSVAL_TYPE_INT32, scratchReg, R0);
michael@0 224 }
michael@0 225 break;
michael@0 226 default:
michael@0 227 // No special failure handling required.
michael@0 228 // Fall through to failure.
michael@0 229 break;
michael@0 230 }
michael@0 231
michael@0 232 // Failure case - jump to next stub
michael@0 233 masm.bind(&failure);
michael@0 234 EmitStubGuardFailure(masm);
michael@0 235
michael@0 236 return true;
michael@0 237 }
michael@0 238
michael@0 239 bool
michael@0 240 ICUnaryArith_Int32::Compiler::generateStubCode(MacroAssembler &masm)
michael@0 241 {
michael@0 242 Label failure;
michael@0 243 masm.branchTestInt32(Assembler::NotEqual, R0, &failure);
michael@0 244
michael@0 245 switch (op) {
michael@0 246 case JSOP_BITNOT:
michael@0 247 masm.notl(R0.payloadReg());
michael@0 248 break;
michael@0 249 case JSOP_NEG:
michael@0 250 // Guard against 0 and MIN_INT, both result in a double.
michael@0 251 masm.branchTest32(Assembler::Zero, R0.payloadReg(), Imm32(0x7fffffff), &failure);
michael@0 252 masm.negl(R0.payloadReg());
michael@0 253 break;
michael@0 254 default:
michael@0 255 MOZ_ASSUME_UNREACHABLE("Unexpected op");
michael@0 256 }
michael@0 257
michael@0 258 EmitReturnFromIC(masm);
michael@0 259
michael@0 260 masm.bind(&failure);
michael@0 261 EmitStubGuardFailure(masm);
michael@0 262 return true;
michael@0 263 }
michael@0 264
michael@0 265 } // namespace jit
michael@0 266 } // namespace js

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial