From d83a2445a2ec7ac2f68b50775c452ba627a2e8b6 Mon Sep 17 00:00:00 2001 From: ulan Date: Thu, 29 Jan 2015 01:37:24 -0800 Subject: [PATCH] Fix register aliasing after r26306, r26275. BUG= Review URL: https://codereview.chromium.org/877343003 Cr-Commit-Position: refs/heads/master@{#26317} --- src/ic/arm/handler-compiler-arm.cc | 17 +++++++++++++---- src/ic/arm64/handler-compiler-arm64.cc | 18 +++++++++++++----- src/ic/handler-compiler.cc | 4 ++-- src/ic/handler-compiler.h | 9 +++++---- src/ic/ia32/handler-compiler-ia32.cc | 18 +++++++++++++----- src/ic/mips/handler-compiler-mips.cc | 17 +++++++++++++---- src/ic/mips64/handler-compiler-mips64.cc | 17 +++++++++++++---- src/ic/x64/handler-compiler-x64.cc | 17 +++++++++++++---- src/ic/x87/handler-compiler-x87.cc | 17 +++++++++++++---- 9 files changed, 98 insertions(+), 36 deletions(-) diff --git a/src/ic/arm/handler-compiler-arm.cc b/src/ic/arm/handler-compiler-arm.cc index 9a774e8508..aac838b4f9 100644 --- a/src/ic/arm/handler-compiler-arm.cc +++ b/src/ic/arm/handler-compiler-arm.cc @@ -18,7 +18,8 @@ namespace internal { void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- r0 : receiver // -- r2 : name @@ -28,11 +29,14 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( FrameAndConstantPoolScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ ldr(receiver, + __ ldr(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); ParameterCount actual(0); @@ -54,7 +58,8 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- lr : return address // ----------------------------------- @@ -65,11 +70,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ ldr(receiver, + __ ldr(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver, value()); ParameterCount actual(1); diff --git a/src/ic/arm64/handler-compiler-arm64.cc b/src/ic/arm64/handler-compiler-arm64.cc index 2444b6918e..f804521115 100644 --- a/src/ic/arm64/handler-compiler-arm64.cc +++ b/src/ic/arm64/handler-compiler-arm64.cc @@ -221,12 +221,12 @@ void PropertyHandlerCompiler::GenerateApiAccessorCall( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- lr : return address // ----------------------------------- Label miss; - { FrameScope scope(masm, StackFrame::INTERNAL); @@ -234,11 +234,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ Push(value()); if (accessor_index >= 0) { + DCHECK(!AreAliased(holder, scratch)); + DCHECK(!AreAliased(receiver, scratch)); + DCHECK(!AreAliased(value(), scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ Ldr(receiver, + __ Ldr(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver, value()); ParameterCount actual(1); @@ -263,16 +267,20 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { { FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!AreAliased(holder, scratch)); + DCHECK(!AreAliased(receiver, scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ Ldr(receiver, + __ Ldr(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver); ParameterCount actual(0); diff --git a/src/ic/handler-compiler.cc b/src/ic/handler-compiler.cc index 8482422f84..ce66b4efd2 100644 --- a/src/ic/handler-compiler.cc +++ b/src/ic/handler-compiler.cc @@ -356,7 +356,7 @@ Handle NamedLoadHandlerCompiler::CompileLoadViaGetter( Handle name, int accessor_index, int expected_arguments) { Register holder = Frontend(name); GenerateLoadViaGetter(masm(), type(), receiver(), holder, accessor_index, - expected_arguments); + expected_arguments, scratch2()); return GetCode(kind(), Code::FAST, name); } @@ -446,7 +446,7 @@ Handle NamedStoreHandlerCompiler::CompileStoreViaSetter( int expected_arguments) { Register holder = Frontend(name); GenerateStoreViaSetter(masm(), type(), receiver(), holder, accessor_index, - expected_arguments); + expected_arguments, scratch2()); return GetCode(kind(), Code::FAST, name); } diff --git a/src/ic/handler-compiler.h b/src/ic/handler-compiler.h index 53bf2c65e1..c498592d08 100644 --- a/src/ic/handler-compiler.h +++ b/src/ic/handler-compiler.h @@ -145,11 +145,12 @@ class NamedLoadHandlerCompiler : public PropertyHandlerCompiler { static void GenerateLoadViaGetter(MacroAssembler* masm, Handle type, Register receiver, Register holder, - int accessor_index, int expected_arguments); + int accessor_index, int expected_arguments, + Register scratch); static void GenerateLoadViaGetterForDeopt(MacroAssembler* masm) { GenerateLoadViaGetter(masm, Handle::null(), no_reg, no_reg, -1, - -1); + -1, no_reg); } static void GenerateLoadFunctionPrototype(MacroAssembler* masm, @@ -232,11 +233,11 @@ class NamedStoreHandlerCompiler : public PropertyHandlerCompiler { static void GenerateStoreViaSetter(MacroAssembler* masm, Handle type, Register receiver, Register holder, int accessor_index, - int expected_arguments); + int expected_arguments, Register scratch); static void GenerateStoreViaSetterForDeopt(MacroAssembler* masm) { GenerateStoreViaSetter(masm, Handle::null(), no_reg, no_reg, -1, - -1); + -1, no_reg); } static void GenerateSlow(MacroAssembler* masm); diff --git a/src/ic/ia32/handler-compiler-ia32.cc b/src/ic/ia32/handler-compiler-ia32.cc index 2d2251ee42..367d6ceb94 100644 --- a/src/ic/ia32/handler-compiler-ia32.cc +++ b/src/ic/ia32/handler-compiler-ia32.cc @@ -18,16 +18,20 @@ namespace internal { void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { { FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ mov(receiver, + __ mov(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); ParameterCount actual(0); @@ -231,7 +235,8 @@ void PropertyHandlerCompiler::GenerateCheckPropertyCell( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- esp[0] : return address // ----------------------------------- @@ -242,11 +247,14 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { - // Swap in the global receiver. - __ mov(receiver, + __ mov(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); __ push(value()); diff --git a/src/ic/mips/handler-compiler-mips.cc b/src/ic/mips/handler-compiler-mips.cc index d9dc2b0dc3..cb394da9a1 100644 --- a/src/ic/mips/handler-compiler-mips.cc +++ b/src/ic/mips/handler-compiler-mips.cc @@ -18,7 +18,8 @@ namespace internal { void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- a0 : receiver // -- a2 : name @@ -28,11 +29,14 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ lw(receiver, + __ lw(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); ParameterCount actual(0); @@ -54,7 +58,8 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- ra : return address // ----------------------------------- @@ -65,11 +70,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ lw(receiver, + __ lw(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver, value()); ParameterCount actual(1); diff --git a/src/ic/mips64/handler-compiler-mips64.cc b/src/ic/mips64/handler-compiler-mips64.cc index 14a9161075..cd237aa1ae 100644 --- a/src/ic/mips64/handler-compiler-mips64.cc +++ b/src/ic/mips64/handler-compiler-mips64.cc @@ -18,7 +18,8 @@ namespace internal { void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- a0 : receiver // -- a2 : name @@ -28,11 +29,14 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ ld(receiver, + __ ld(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); ParameterCount actual(0); @@ -54,7 +58,8 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- ra : return address // ----------------------------------- @@ -65,11 +70,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ ld(receiver, + __ ld(scratch, FieldMemOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver, value()); ParameterCount actual(1); diff --git a/src/ic/x64/handler-compiler-x64.cc b/src/ic/x64/handler-compiler-x64.cc index 38754a94a0..d2ee3aaf44 100644 --- a/src/ic/x64/handler-compiler-x64.cc +++ b/src/ic/x64/handler-compiler-x64.cc @@ -214,7 +214,8 @@ void PropertyHandlerCompiler::GenerateCheckPropertyCell( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- rsp[0] : return address // ----------------------------------- @@ -225,11 +226,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ Push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ movp(receiver, + __ movp(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver); __ Push(value()); @@ -256,7 +261,8 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- rax : receiver // -- rcx : name @@ -266,11 +272,14 @@ void NamedLoadHandlerCompiler::GenerateLoadViaGetter( FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ movp(receiver, + __ movp(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ Push(receiver); ParameterCount actual(0); diff --git a/src/ic/x87/handler-compiler-x87.cc b/src/ic/x87/handler-compiler-x87.cc index 6b97ccb0fb..091e009a63 100644 --- a/src/ic/x87/handler-compiler-x87.cc +++ b/src/ic/x87/handler-compiler-x87.cc @@ -18,16 +18,20 @@ namespace internal { void NamedLoadHandlerCompiler::GenerateLoadViaGetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { { FrameScope scope(masm, StackFrame::INTERNAL); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); // Call the JavaScript getter with the receiver on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ mov(receiver, + __ mov(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); ParameterCount actual(0); @@ -231,7 +235,8 @@ void PropertyHandlerCompiler::GenerateCheckPropertyCell( void NamedStoreHandlerCompiler::GenerateStoreViaSetter( MacroAssembler* masm, Handle type, Register receiver, - Register holder, int accessor_index, int expected_arguments) { + Register holder, int accessor_index, int expected_arguments, + Register scratch) { // ----------- S t a t e ------------- // -- esp[0] : return address // ----------------------------------- @@ -242,11 +247,15 @@ void NamedStoreHandlerCompiler::GenerateStoreViaSetter( __ push(value()); if (accessor_index >= 0) { + DCHECK(!holder.is(scratch)); + DCHECK(!receiver.is(scratch)); + DCHECK(!value().is(scratch)); // Call the JavaScript setter with receiver and value on the stack. if (IC::TypeToMap(*type, masm->isolate())->IsJSGlobalObjectMap()) { // Swap in the global receiver. - __ mov(receiver, + __ mov(scratch, FieldOperand(receiver, JSGlobalObject::kGlobalProxyOffset)); + receiver = scratch; } __ push(receiver); __ push(value());