| Index: src/ia32/code-stubs-ia32.cc
|
| diff --git a/src/ia32/code-stubs-ia32.cc b/src/ia32/code-stubs-ia32.cc
|
| index 9af4399ee0a96caa668b5683e77d70b753a2d48b..5f2b99920948fb89a498d70e97f7986996ecdf72 100644
|
| --- a/src/ia32/code-stubs-ia32.cc
|
| +++ b/src/ia32/code-stubs-ia32.cc
|
| @@ -60,8 +60,8 @@ void KeyedLoadFastElementStub::InitializeInterfaceDescriptor(
|
| CodeStubInterfaceDescriptor* descriptor) {
|
| static Register registers[] = { edx, ecx };
|
| descriptor->register_param_count_ = 2;
|
| - descriptor->stack_parameter_count_ = NULL;
|
| descriptor->register_params_ = registers;
|
| + descriptor->stack_parameter_count_ = NULL;
|
| descriptor->deoptimization_handler_ =
|
| FUNCTION_ADDR(KeyedLoadIC_MissFromStubFailure);
|
| }
|
| @@ -80,6 +80,10 @@ void TransitionElementsKindStub::InitializeInterfaceDescriptor(
|
|
|
| static void InitializeArrayConstructorDescriptor(Isolate* isolate,
|
| CodeStubInterfaceDescriptor* descriptor) {
|
| + // register state
|
| + // edi -- constructor function
|
| + // ebx -- type info cell with elements kind
|
| + // eax -- number of arguments to the constructor function
|
| static Register registers[] = { edi, ebx };
|
| descriptor->register_param_count_ = 2;
|
| // stack param count needs (constructor pointer, and single argument)
|
| @@ -4823,12 +4827,52 @@ void InterruptStub::Generate(MacroAssembler* masm) {
|
| }
|
|
|
|
|
| +static void GenerateRecordCallTargetNoArray(MacroAssembler* masm) {
|
| + // Cache the called function in a global property cell. Cache states
|
| + // are uninitialized, monomorphic (indicated by a JSFunction), and
|
| + // megamorphic.
|
| + // ebx : cache cell for call target
|
| + // edi : the function to call
|
| + ASSERT(!FLAG_optimize_constructed_arrays);
|
| + Isolate* isolate = masm->isolate();
|
| + Label initialize, done;
|
| +
|
| + // Load the cache state into ecx.
|
| + __ mov(ecx, FieldOperand(ebx, JSGlobalPropertyCell::kValueOffset));
|
| +
|
| + // A monomorphic cache hit or an already megamorphic state: invoke the
|
| + // function without changing the state.
|
| + __ cmp(ecx, edi);
|
| + __ j(equal, &done, Label::kNear);
|
| + __ cmp(ecx, Immediate(TypeFeedbackCells::MegamorphicSentinel(isolate)));
|
| + __ j(equal, &done, Label::kNear);
|
| +
|
| + // A monomorphic miss (i.e, here the cache is not uninitialized) goes
|
| + // megamorphic.
|
| + __ cmp(ecx, Immediate(TypeFeedbackCells::UninitializedSentinel(isolate)));
|
| + __ j(equal, &initialize, Label::kNear);
|
| + // MegamorphicSentinel is an immortal immovable object (undefined) so no
|
| + // write-barrier is needed.
|
| + __ mov(FieldOperand(ebx, JSGlobalPropertyCell::kValueOffset),
|
| + Immediate(TypeFeedbackCells::MegamorphicSentinel(isolate)));
|
| + __ jmp(&done, Label::kNear);
|
| +
|
| + // An uninitialized cache is patched with the function.
|
| + __ bind(&initialize);
|
| + __ mov(FieldOperand(ebx, JSGlobalPropertyCell::kValueOffset), edi);
|
| + // No need for a write barrier here - cells are rescanned.
|
| +
|
| + __ bind(&done);
|
| +}
|
| +
|
| +
|
| static void GenerateRecordCallTarget(MacroAssembler* masm) {
|
| // Cache the called function in a global property cell. Cache states
|
| // are uninitialized, monomorphic (indicated by a JSFunction), and
|
| // megamorphic.
|
| // ebx : cache cell for call target
|
| // edi : the function to call
|
| + ASSERT(FLAG_optimize_constructed_arrays);
|
| Isolate* isolate = masm->isolate();
|
| Label initialize, done, miss, megamorphic, not_array_function;
|
|
|
| @@ -4838,36 +4882,32 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
|
| // A monomorphic cache hit or an already megamorphic state: invoke the
|
| // function without changing the state.
|
| __ cmp(ecx, edi);
|
| - __ j(equal, &done, Label::kFar);
|
| + __ j(equal, &done);
|
| __ cmp(ecx, Immediate(TypeFeedbackCells::MegamorphicSentinel(isolate)));
|
| - __ j(equal, &done, Label::kFar);
|
| + __ j(equal, &done);
|
|
|
| // Special handling of the Array() function, which caches not only the
|
| // monomorphic Array function but the initial ElementsKind with special
|
| // sentinels
|
| Handle<Object> terminal_kind_sentinel =
|
| - TypeFeedbackCells::MonomorphicArraySentinel(LAST_FAST_ELEMENTS_KIND);
|
| + TypeFeedbackCells::MonomorphicArraySentinel(isolate,
|
| + LAST_FAST_ELEMENTS_KIND);
|
| __ cmp(ecx, Immediate(terminal_kind_sentinel));
|
| - __ j(above, &miss, Label::kFar);
|
| + __ j(above, &miss);
|
| // Load the global or builtins object from the current context
|
| - __ mov(ecx, Operand(esi, Context::SlotOffset(Context::GLOBAL_OBJECT_INDEX)));
|
| - __ mov(ecx, FieldOperand(ecx, GlobalObject::kGlobalContextOffset));
|
| + __ LoadGlobalContext(ecx);
|
| // Make sure the function is the Array() function
|
| __ cmp(edi, Operand(ecx,
|
| Context::SlotOffset(Context::ARRAY_FUNCTION_INDEX)));
|
| - Label megamorphic_pre;
|
| - __ j(not_equal, &megamorphic_pre, Label::kFar);
|
| + __ j(not_equal, &megamorphic);
|
| __ jmp(&done);
|
|
|
| - __ bind(&megamorphic_pre);
|
| - __ jmp(&megamorphic, Label::kFar);
|
| -
|
| __ bind(&miss);
|
|
|
| // A monomorphic miss (i.e, here the cache is not uninitialized) goes
|
| // megamorphic.
|
| __ cmp(ecx, Immediate(TypeFeedbackCells::UninitializedSentinel(isolate)));
|
| - __ j(equal, &initialize, Label::kFar);
|
| + __ j(equal, &initialize);
|
| // MegamorphicSentinel is an immortal immovable object (undefined) so no
|
| // write-barrier is needed.
|
| __ bind(&megamorphic);
|
| @@ -4878,8 +4918,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
|
| // An uninitialized cache is patched with the function or sentinel to
|
| // indicate the ElementsKind if function is the Array constructor.
|
| __ bind(&initialize);
|
| - __ mov(ecx, Operand(esi, Context::SlotOffset(Context::GLOBAL_OBJECT_INDEX)));
|
| - __ mov(ecx, FieldOperand(ecx, GlobalObject::kGlobalContextOffset));
|
| + __ LoadGlobalContext(ecx);
|
| // Make sure the function is the Array() function
|
| __ cmp(edi, Operand(ecx,
|
| Context::SlotOffset(Context::ARRAY_FUNCTION_INDEX)));
|
| @@ -4889,7 +4928,7 @@ static void GenerateRecordCallTarget(MacroAssembler* masm) {
|
| // the constructor's type info cell that will track the initial ElementsKind
|
| // that should be used for the array when its constructed.
|
| Handle<Object> initial_kind_sentinel =
|
| - TypeFeedbackCells::MonomorphicArraySentinel(
|
| + TypeFeedbackCells::MonomorphicArraySentinel(isolate,
|
| GetInitialFastElementsKind());
|
| __ mov(FieldOperand(ebx, JSGlobalPropertyCell::kValueOffset),
|
| Immediate(initial_kind_sentinel));
|
| @@ -4934,7 +4973,11 @@ void CallFunctionStub::Generate(MacroAssembler* masm) {
|
| __ j(not_equal, &slow);
|
|
|
| if (RecordCallTarget()) {
|
| - GenerateRecordCallTarget(masm);
|
| + if (FLAG_optimize_constructed_arrays) {
|
| + GenerateRecordCallTarget(masm);
|
| + } else {
|
| + GenerateRecordCallTargetNoArray(masm);
|
| + }
|
| }
|
|
|
| // Fast-case: Just invoke the function.
|
| @@ -5007,14 +5050,20 @@ void CallConstructStub::Generate(MacroAssembler* masm) {
|
| __ j(not_equal, &slow);
|
|
|
| if (RecordCallTarget()) {
|
| - GenerateRecordCallTarget(masm);
|
| + if (FLAG_optimize_constructed_arrays) {
|
| + GenerateRecordCallTarget(masm);
|
| + } else {
|
| + GenerateRecordCallTargetNoArray(masm);
|
| + }
|
| }
|
|
|
| // Jump to the function-specific construct stub.
|
| - __ mov(ecx, FieldOperand(edi, JSFunction::kSharedFunctionInfoOffset));
|
| - __ mov(ecx, FieldOperand(ecx, SharedFunctionInfo::kConstructStubOffset));
|
| - __ lea(ecx, FieldOperand(ecx, Code::kHeaderSize));
|
| - __ jmp(ecx);
|
| + Register jmp_reg = FLAG_optimize_constructed_arrays ? ecx : ebx;
|
| + __ mov(jmp_reg, FieldOperand(edi, JSFunction::kSharedFunctionInfoOffset));
|
| + __ mov(jmp_reg, FieldOperand(jmp_reg,
|
| + SharedFunctionInfo::kConstructStubOffset));
|
| + __ lea(jmp_reg, FieldOperand(jmp_reg, Code::kHeaderSize));
|
| + __ jmp(jmp_reg);
|
|
|
| // edi: called object
|
| // eax: number of arguments
|
|
|
Chromium Code Reviews
Issue 11818021:
Allocation Info Tracking, continued. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge