| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_ARM | 5 #if V8_TARGET_ARCH_ARM |
| 6 | 6 |
| 7 #include "src/codegen.h" | 7 #include "src/codegen.h" |
| 8 #include "src/debug/debug.h" | 8 #include "src/debug/debug.h" |
| 9 #include "src/deoptimizer.h" | 9 #include "src/deoptimizer.h" |
| 10 #include "src/full-codegen/full-codegen.h" | 10 #include "src/full-codegen/full-codegen.h" |
| (...skipping 408 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 | 419 |
| 420 __ bind(&allocate); | 420 __ bind(&allocate); |
| 421 } | 421 } |
| 422 | 422 |
| 423 // Now allocate the JSObject on the heap. | 423 // Now allocate the JSObject on the heap. |
| 424 // r1: constructor function | 424 // r1: constructor function |
| 425 // r2: initial map | 425 // r2: initial map |
| 426 Label rt_call_reload_new_target; | 426 Label rt_call_reload_new_target; |
| 427 __ ldrb(r3, FieldMemOperand(r2, Map::kInstanceSizeOffset)); | 427 __ ldrb(r3, FieldMemOperand(r2, Map::kInstanceSizeOffset)); |
| 428 | 428 |
| 429 __ Allocate(r3, r4, r5, r6, &rt_call_reload_new_target, SIZE_IN_WORDS); | 429 __ Allocate(r3, r4, r7, r6, &rt_call_reload_new_target, SIZE_IN_WORDS); |
| 430 | 430 |
| 431 // Allocated the JSObject, now initialize the fields. Map is set to | 431 // Allocated the JSObject, now initialize the fields. Map is set to |
| 432 // initial map and properties and elements are set to empty fixed array. | 432 // initial map and properties and elements are set to empty fixed array. |
| 433 // r1: constructor function | 433 // r1: constructor function |
| 434 // r2: initial map | 434 // r2: initial map |
| 435 // r3: object size | 435 // r3: object size |
| 436 // r4: JSObject (not tagged) | 436 // r4: JSObject (not tagged) |
| 437 // r7: start of next object |
| 437 __ LoadRoot(r6, Heap::kEmptyFixedArrayRootIndex); | 438 __ LoadRoot(r6, Heap::kEmptyFixedArrayRootIndex); |
| 438 __ mov(r5, r4); | 439 __ mov(r5, r4); |
| 439 DCHECK_EQ(0 * kPointerSize, JSObject::kMapOffset); | 440 STATIC_ASSERT(0 * kPointerSize == JSObject::kMapOffset); |
| 440 __ str(r2, MemOperand(r5, kPointerSize, PostIndex)); | 441 __ str(r2, MemOperand(r5, kPointerSize, PostIndex)); |
| 441 DCHECK_EQ(1 * kPointerSize, JSObject::kPropertiesOffset); | 442 STATIC_ASSERT(1 * kPointerSize == JSObject::kPropertiesOffset); |
| 442 __ str(r6, MemOperand(r5, kPointerSize, PostIndex)); | 443 __ str(r6, MemOperand(r5, kPointerSize, PostIndex)); |
| 443 DCHECK_EQ(2 * kPointerSize, JSObject::kElementsOffset); | 444 STATIC_ASSERT(2 * kPointerSize == JSObject::kElementsOffset); |
| 444 __ str(r6, MemOperand(r5, kPointerSize, PostIndex)); | 445 __ str(r6, MemOperand(r5, kPointerSize, PostIndex)); |
| 445 | 446 |
| 446 // Fill all the in-object properties with the appropriate filler. | 447 // Fill all the in-object properties with the appropriate filler. |
| 447 // r1: constructor function | 448 // r1: constructor function |
| 448 // r2: initial map | 449 // r2: initial map |
| 449 // r3: object size | 450 // r3: object size |
| 450 // r4: JSObject (not tagged) | 451 // r4: JSObject (not tagged) |
| 451 // r5: First in-object property of JSObject (not tagged) | 452 // r5: First in-object property of JSObject (not tagged) |
| 452 DCHECK_EQ(3 * kPointerSize, JSObject::kHeaderSize); | 453 DCHECK_EQ(3 * kPointerSize, JSObject::kHeaderSize); |
| 453 __ LoadRoot(r6, Heap::kUndefinedValueRootIndex); | 454 __ LoadRoot(r6, Heap::kUndefinedValueRootIndex); |
| 454 | 455 |
| 455 if (!is_api_function) { | 456 if (!is_api_function) { |
| 456 Label no_inobject_slack_tracking; | 457 Label no_inobject_slack_tracking; |
| 457 | 458 |
| 458 // Check if slack tracking is enabled. | 459 // Check if slack tracking is enabled. |
| 459 __ ldr(ip, FieldMemOperand(r2, Map::kBitField3Offset)); | 460 __ ldr(ip, FieldMemOperand(r2, Map::kBitField3Offset)); |
| 460 __ DecodeField<Map::Counter>(ip); | 461 __ DecodeField<Map::Counter>(ip); |
| 461 __ cmp(ip, Operand(Map::kSlackTrackingCounterEnd)); | 462 __ cmp(ip, Operand(Map::kSlackTrackingCounterEnd)); |
| 462 __ b(lt, &no_inobject_slack_tracking); | 463 __ b(lt, &no_inobject_slack_tracking); |
| 463 | 464 |
| 464 // Allocate object with a slack. | 465 // Allocate object with a slack. |
| 465 __ ldr(r0, FieldMemOperand(r2, Map::kInstanceSizesOffset)); | 466 // See comment on JSObject::InitializeBody() for details. |
| 466 __ Ubfx(r0, r0, | |
| 467 Map::kInObjectPropertiesOrConstructorFunctionIndexByte * | |
| 468 kBitsPerByte, | |
| 469 kBitsPerByte); | |
| 470 __ ldr(r2, FieldMemOperand(r2, Map::kInstanceAttributesOffset)); | 467 __ ldr(r2, FieldMemOperand(r2, Map::kInstanceAttributesOffset)); |
| 471 __ Ubfx(r2, r2, Map::kUnusedPropertyFieldsByte * kBitsPerByte, | 468 __ Ubfx(r2, r2, Map::kUnusedPropertyFieldsByte * kBitsPerByte, |
| 472 kBitsPerByte); | 469 kBitsPerByte); |
| 473 __ sub(r0, r0, Operand(r2)); | 470 __ sub(r0, r7, Operand(r2, LSL, kPointerSizeLog2)); |
| 474 __ add(r0, r5, Operand(r0, LSL, kPointerSizeLog2)); | |
| 475 // r0: offset of first field after pre-allocated fields | 471 // r0: offset of first field after pre-allocated fields |
| 476 if (FLAG_debug_code) { | 472 if (FLAG_debug_code) { |
| 477 __ add(ip, r4, | 473 __ cmp(r5, r0); |
| 478 Operand(r3, LSL, kPointerSizeLog2)); // End of object. | |
| 479 __ cmp(r0, ip); | |
| 480 __ Assert(le, kUnexpectedNumberOfPreAllocatedPropertyFields); | 474 __ Assert(le, kUnexpectedNumberOfPreAllocatedPropertyFields); |
| 481 } | 475 } |
| 482 __ InitializeFieldsWithFiller(r5, r0, r6); | 476 __ InitializeFieldsWithFiller(r5, r0, r6); |
| 483 // To allow for truncation. | 477 // To allow for truncation. |
| 484 __ LoadRoot(r6, Heap::kOnePointerFillerMapRootIndex); | 478 __ LoadRoot(r6, Heap::kOnePointerFillerMapRootIndex); |
| 485 // Fill the remaining fields with one pointer filler map. | 479 // Fill the remaining fields with one pointer filler map. |
| 486 | 480 |
| 487 __ bind(&no_inobject_slack_tracking); | 481 __ bind(&no_inobject_slack_tracking); |
| 488 } | 482 } |
| 489 | 483 |
| 490 __ add(r0, r4, Operand(r3, LSL, kPointerSizeLog2)); // End of object. | 484 __ InitializeFieldsWithFiller(r5, r7, r6); |
| 491 __ InitializeFieldsWithFiller(r5, r0, r6); | |
| 492 | 485 |
| 493 // Add the object tag to make the JSObject real, so that we can continue | 486 // Add the object tag to make the JSObject real, so that we can continue |
| 494 // and jump into the continuation code at any time from now on. | 487 // and jump into the continuation code at any time from now on. |
| 495 __ add(r4, r4, Operand(kHeapObjectTag)); | 488 __ add(r4, r4, Operand(kHeapObjectTag)); |
| 496 | 489 |
| 497 // Continue with JSObject being successfully allocated | 490 // Continue with JSObject being successfully allocated |
| 498 // r4: JSObject | 491 // r4: JSObject |
| 499 __ jmp(&allocated); | 492 __ jmp(&allocated); |
| 500 | 493 |
| 501 // Reload the new target and fall-through. | 494 // Reload the new target and fall-through. |
| (...skipping 1341 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1843 } | 1836 } |
| 1844 } | 1837 } |
| 1845 | 1838 |
| 1846 | 1839 |
| 1847 #undef __ | 1840 #undef __ |
| 1848 | 1841 |
| 1849 } // namespace internal | 1842 } // namespace internal |
| 1850 } // namespace v8 | 1843 } // namespace v8 |
| 1851 | 1844 |
| 1852 #endif // V8_TARGET_ARCH_ARM | 1845 #endif // V8_TARGET_ARCH_ARM |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1459083003:
Fix object initialization when slack tracking for it's map is still enabled. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@toon