Allocate room for expected number of properties based on the...

src/builtins-ia32.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 93 matching lines @@
     // edi: constructor
     // eax: initial map
     __ movzx_b(ebx, FieldOperand(eax, Map::kInstanceTypeOffset));
     __ cmp(ebx, JS_FUNCTION_TYPE);
     __ j(equal, &rt_call);
 
     // Now allocate the JSObject on the heap.
     // edi: constructor
     // eax: initial map
     __ movzx_b(edi, FieldOperand(eax, Map::kInstanceSizeOffset));
+    __ shl(edi, kPointerSizeLog2);
     // Make sure that the maximum heap object size will never cause us
     // problem here, because it is always greater than the maximum
     // instance size that can be represented in a byte.
     ASSERT(Heap::MaxHeapObjectSize() >= (1 << kBitsPerByte));
     ExternalReference new_space_allocation_top =
         ExternalReference::new_space_allocation_top_address();
     __ mov(ebx, Operand::StaticVariable(new_space_allocation_top));
     __ add(edi, Operand(ebx));  // Calculate new top
     ExternalReference new_space_allocation_limit =
         ExternalReference::new_space_allocation_limit_address();
@@ skipping 32 matching lines @@
     // edi: start of next object
     __ or_(Operand(ebx), Immediate(kHeapObjectTag));
     __ mov(Operand::StaticVariable(new_space_allocation_top), edi);
 
     // Check if a properties array should be setup and allocate one if needed.
     // Otherwise initialize the properties to the empty_fixed_array as well.
     // eax: initial map
     // ebx: JSObject
     // edi: start of next object
     __ movzx_b(edx, FieldOperand(eax, Map::kUnusedPropertyFieldsOffset));
+    __ movzx_b(ecx, FieldOperand(eax, Map::kInObjectPropertiesOffset));
+    // Calculate unused properties past the end of the in-object properties.
+    __ sub(edx, Operand(ecx));
     __ test(edx, Operand(edx));
-    // Done if no unused properties are to be allocated.
+    // Done if no extra properties are to be allocated.
     __ j(zero, &allocated);
 
     // Scale the number of elements by pointer size and add the header for
     // FixedArrays to the start of the next object calculation from above.
     // eax: initial map
     // ebx: JSObject
     // edi: start of next object (will be start of FixedArray)
     // edx: number of elements in properties array
     ASSERT(Heap::MaxHeapObjectSize() >
            (FixedArray::kHeaderSize + 255*kPointerSize));
@@ skipping 709 matching lines @@
   // Register state for stub CallFunction (from CallFunctionStub in ic-ia32.cc).
   // ----------- S t a t e -------------
   //  No registers used on entry.
   // -----------------------------------
   Generate_DebugBreakCallHelper(masm, 0, false);
 }
 
 #undef __
 
 } }  // namespace v8::internal