LGTM. Maybe we should factor this property load out and share it between CALL_IC and LOAD_IC?
On Wed, Oct 15, 2008 at 9:23 AM, <[EMAIL PROTECTED]> wrote: > > Reviewers: Mads Ager, > > Message: > rev 501 missed these "property" lookups, can you please review? > > Description: > Fix CALL_IC to read properties out of the object in the presence > of in-object properties instead of always going to read out of > the properties array. > > Please review this at http://codereview.chromium.org/6607 > > Affected files: > M src/stub-cache-arm.cc > M src/stub-cache-ia32.cc > > > Index: src/stub-cache-ia32.cc > =================================================================== > --- src/stub-cache-ia32.cc (revision 501) > +++ src/stub-cache-ia32.cc (working copy) > @@ -499,10 +499,19 @@ > Register reg = > __ CheckMaps(JSObject::cast(object), edx, holder, ebx, ecx, &miss); > > - // Get the properties array of the holder and get the function from the > field. > - int offset = index * kPointerSize + Array::kHeaderSize; > - __ mov(edi, FieldOperand(reg, JSObject::kPropertiesOffset)); > - __ mov(edi, FieldOperand(edi, offset)); > + // Adjust for the number of properties stored in the holder. > + index -= holder->map()->inobject_properties(); > + if (index < 0) { > + // Get the property straight out of the holder. > + int offset = holder->map()->instance_size() + (index * kPointerSize); > + __ mov(edi, FieldOperand(reg, offset)); > + } else { > + // Get the properties array of the holder and get the function from > + // the field. > + int offset = index * kPointerSize + Array::kHeaderSize; > + __ mov(edi, FieldOperand(reg, JSObject::kPropertiesOffset)); > + __ mov(edi, FieldOperand(edi, offset)); > + } > > // Check that the function really is a function. > __ test(edi, Immediate(kSmiTagMask)); > Index: src/stub-cache-arm.cc > =================================================================== > --- src/stub-cache-arm.cc (revision 502) > +++ src/stub-cache-arm.cc (working copy) > @@ -209,10 +209,19 @@ > Register reg = > __ CheckMaps(JSObject::cast(object), r1, holder, r3, r2, &miss); > > - // Get the properties array of the holder and get the function from the > field. > - int offset = index * kPointerSize + Array::kHeaderSize; > - __ ldr(r1, FieldMemOperand(reg, JSObject::kPropertiesOffset)); > - __ ldr(r1, FieldMemOperand(r1, offset)); > + // Adjust for the number of properties stored in the holder. > + index -= holder->map()->inobject_properties(); > + if (index < 0) { > + // Get the property straight out of the holder. > + int offset = holder->map()->instance_size() + (index * kPointerSize); > + __ ldr(r1, FieldMemOperand(reg, offset)); > + } else { > + // Get the properties array of the holder and get the function from > + // the field. > + int offset = index * kPointerSize + Array::kHeaderSize; > + __ ldr(r1, FieldMemOperand(reg, JSObject::kPropertiesOffset)); > + __ ldr(r1, FieldMemOperand(r1, offset)); > + } > > // Check that the function really is a function. > __ tst(r1, Operand(kSmiTagMask)); > > > > > > --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---
