| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_IA32 | 5 #if V8_TARGET_ARCH_IA32 |
| 6 | 6 |
| 7 #include "src/code-factory.h" | 7 #include "src/code-factory.h" |
| 8 #include "src/codegen.h" | 8 #include "src/codegen.h" |
| 9 #include "src/deoptimizer.h" | 9 #include "src/deoptimizer.h" |
| 10 #include "src/full-codegen/full-codegen.h" | 10 #include "src/full-codegen/full-codegen.h" |
| (...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 __ j(not_equal, &rt_call); | 177 __ j(not_equal, &rt_call); |
| 178 | 178 |
| 179 // Check that the constructor is not constructing a JSFunction (see | 179 // Check that the constructor is not constructing a JSFunction (see |
| 180 // comments in Runtime_NewObject in runtime.cc). In which case the | 180 // comments in Runtime_NewObject in runtime.cc). In which case the |
| 181 // initial map's instance type would be JS_FUNCTION_TYPE. | 181 // initial map's instance type would be JS_FUNCTION_TYPE. |
| 182 // edi: constructor | 182 // edi: constructor |
| 183 // eax: initial map | 183 // eax: initial map |
| 184 __ CmpInstanceType(eax, JS_FUNCTION_TYPE); | 184 __ CmpInstanceType(eax, JS_FUNCTION_TYPE); |
| 185 __ j(equal, &rt_call); | 185 __ j(equal, &rt_call); |
| 186 | 186 |
| 187 if (!is_api_function) { | |
| 188 Label allocate; | |
| 189 // The code below relies on these assumptions. | |
| 190 STATIC_ASSERT(Map::Counter::kShift + Map::Counter::kSize == 32); | |
| 191 // Check if slack tracking is enabled. | |
| 192 __ mov(esi, FieldOperand(eax, Map::kBitField3Offset)); | |
| 193 __ shr(esi, Map::Counter::kShift); | |
| 194 __ cmp(esi, Map::kSlackTrackingCounterEnd); | |
| 195 __ j(less, &allocate); | |
| 196 // Decrease generous allocation count. | |
| 197 __ sub(FieldOperand(eax, Map::kBitField3Offset), | |
| 198 Immediate(1 << Map::Counter::kShift)); | |
| 199 | |
| 200 __ cmp(esi, Map::kSlackTrackingCounterEnd); | |
| 201 __ j(not_equal, &allocate); | |
| 202 | |
| 203 __ push(eax); | |
| 204 __ push(edx); | |
| 205 __ push(edi); | |
| 206 | |
| 207 __ push(eax); // initial map | |
| 208 __ CallRuntime(Runtime::kFinalizeInstanceSize, 1); | |
| 209 | |
| 210 __ pop(edi); | |
| 211 __ pop(edx); | |
| 212 __ pop(eax); | |
| 213 __ mov(esi, Map::kSlackTrackingCounterEnd - 1); | |
| 214 | |
| 215 __ bind(&allocate); | |
| 216 } | |
| 217 | |
| 218 // Now allocate the JSObject on the heap. | 187 // Now allocate the JSObject on the heap. |
| 219 // edi: constructor | 188 // edi: constructor |
| 220 // eax: initial map | 189 // eax: initial map |
| 221 __ movzx_b(edi, FieldOperand(eax, Map::kInstanceSizeOffset)); | 190 __ movzx_b(edi, FieldOperand(eax, Map::kInstanceSizeOffset)); |
| 222 __ shl(edi, kPointerSizeLog2); | 191 __ shl(edi, kPointerSizeLog2); |
| 223 | 192 |
| 224 __ Allocate(edi, ebx, edi, no_reg, &rt_call, NO_ALLOCATION_FLAGS); | 193 __ Allocate(edi, ebx, edi, no_reg, &rt_call, NO_ALLOCATION_FLAGS); |
| 225 | 194 |
| 226 Factory* factory = masm->isolate()->factory(); | 195 Factory* factory = masm->isolate()->factory(); |
| 227 | 196 |
| 228 // Allocated the JSObject, now initialize the fields. | 197 // Allocated the JSObject, now initialize the fields. |
| 229 // eax: initial map | 198 // eax: initial map |
| 230 // ebx: JSObject | 199 // ebx: JSObject (not HeapObject tagged - the actual address). |
| 231 // edi: start of next object | 200 // edi: start of next object |
| 232 __ mov(Operand(ebx, JSObject::kMapOffset), eax); | 201 __ mov(Operand(ebx, JSObject::kMapOffset), eax); |
| 233 __ mov(ecx, factory->empty_fixed_array()); | 202 __ mov(ecx, factory->empty_fixed_array()); |
| 234 __ mov(Operand(ebx, JSObject::kPropertiesOffset), ecx); | 203 __ mov(Operand(ebx, JSObject::kPropertiesOffset), ecx); |
| 235 __ mov(Operand(ebx, JSObject::kElementsOffset), ecx); | 204 __ mov(Operand(ebx, JSObject::kElementsOffset), ecx); |
| 236 // Set extra fields in the newly allocated object. | 205 __ lea(ecx, Operand(ebx, JSObject::kHeaderSize)); |
| 237 // eax: initial map | 206 |
| 238 // ebx: JSObject | 207 // Add the object tag to make the JSObject real, so that we can continue |
| 239 // edi: start of next object | 208 // and jump into the continuation code at any time from now on. |
| 240 // esi: slack tracking counter (non-API function case) | 209 __ or_(ebx, Immediate(kHeapObjectTag)); |
| 210 |
| 211 // Fill all the in-object properties with the appropriate filler. |
| 212 // ebx: JSObject (tagged) |
| 213 // ecx: First in-object property of JSObject (not tagged) |
| 241 __ mov(edx, factory->undefined_value()); | 214 __ mov(edx, factory->undefined_value()); |
| 242 __ lea(ecx, Operand(ebx, JSObject::kHeaderSize)); | 215 |
| 243 if (!is_api_function) { | 216 if (!is_api_function) { |
| 244 Label no_inobject_slack_tracking; | 217 Label no_inobject_slack_tracking; |
| 245 | 218 |
| 219 // The code below relies on these assumptions. |
| 220 STATIC_ASSERT(Map::Counter::kShift + Map::Counter::kSize == 32); |
| 246 // Check if slack tracking is enabled. | 221 // Check if slack tracking is enabled. |
| 222 __ mov(esi, FieldOperand(eax, Map::kBitField3Offset)); |
| 223 __ shr(esi, Map::Counter::kShift); |
| 247 __ cmp(esi, Map::kSlackTrackingCounterEnd); | 224 __ cmp(esi, Map::kSlackTrackingCounterEnd); |
| 248 __ j(less, &no_inobject_slack_tracking); | 225 __ j(less, &no_inobject_slack_tracking); |
| 226 __ push(esi); // Save allocation count value. |
| 227 // Decrease generous allocation count. |
| 228 __ sub(FieldOperand(eax, Map::kBitField3Offset), |
| 229 Immediate(1 << Map::Counter::kShift)); |
| 249 | 230 |
| 250 // Allocate object with a slack. | 231 // Allocate object with a slack. |
| 251 __ movzx_b(esi, FieldOperand(eax, Map::kUnusedPropertyFieldsOffset)); | 232 __ movzx_b(esi, FieldOperand(eax, Map::kUnusedPropertyFieldsOffset)); |
| 252 __ neg(esi); | 233 __ neg(esi); |
| 253 __ lea(esi, Operand(edi, esi, times_pointer_size, 0)); | 234 __ lea(esi, Operand(edi, esi, times_pointer_size, 0)); |
| 254 // esi: offset of first field after pre-allocated fields | 235 // esi: offset of first field after pre-allocated fields |
| 255 if (FLAG_debug_code) { | 236 if (FLAG_debug_code) { |
| 256 __ cmp(ecx, esi); | 237 __ cmp(ecx, esi); |
| 257 __ Assert(less_equal, | 238 __ Assert(less_equal, |
| 258 kUnexpectedNumberOfPreAllocatedPropertyFields); | 239 kUnexpectedNumberOfPreAllocatedPropertyFields); |
| 259 } | 240 } |
| 260 __ InitializeFieldsWithFiller(ecx, esi, edx); | 241 __ InitializeFieldsWithFiller(ecx, esi, edx); |
| 261 | 242 |
| 262 // To allow truncation fill the remaining fields with one pointer | 243 // To allow truncation fill the remaining fields with one pointer |
| 263 // filler map. | 244 // filler map. |
| 264 __ mov(edx, factory->one_pointer_filler_map()); | 245 __ mov(edx, factory->one_pointer_filler_map()); |
| 246 __ InitializeFieldsWithFiller(ecx, edi, edx); |
| 247 |
| 248 __ pop(esi); // Restore allocation count value before decreasing. |
| 249 __ cmp(esi, Map::kSlackTrackingCounterEnd); |
| 250 __ j(not_equal, &allocated); |
| 251 |
| 252 // Push the object to the stack, and then the initial map as |
| 253 // an argument to the runtime call. |
| 254 __ push(ebx); |
| 255 __ push(eax); // initial map |
| 256 __ CallRuntime(Runtime::kFinalizeInstanceSize, 1); |
| 257 __ pop(ebx); |
| 258 |
| 259 // Continue with JSObject being successfully allocated |
| 260 // ebx: JSObject (tagged) |
| 261 __ jmp(&allocated); |
| 265 | 262 |
| 266 __ bind(&no_inobject_slack_tracking); | 263 __ bind(&no_inobject_slack_tracking); |
| 267 } | 264 } |
| 268 | 265 |
| 269 __ InitializeFieldsWithFiller(ecx, edi, edx); | 266 __ InitializeFieldsWithFiller(ecx, edi, edx); |
| 270 | 267 |
| 271 // Add the object tag to make the JSObject real, so that we can continue | |
| 272 // and jump into the continuation code at any time from now on. | |
| 273 // ebx: JSObject (untagged) | |
| 274 __ or_(ebx, Immediate(kHeapObjectTag)); | |
| 275 | |
| 276 // Continue with JSObject being successfully allocated | 268 // Continue with JSObject being successfully allocated |
| 277 // ebx: JSObject (tagged) | 269 // ebx: JSObject (tagged) |
| 278 __ jmp(&allocated); | 270 __ jmp(&allocated); |
| 279 } | 271 } |
| 280 | 272 |
| 281 // Allocate the new receiver object using the runtime call. | 273 // Allocate the new receiver object using the runtime call. |
| 282 // edx: new target | 274 // edx: new target |
| 283 __ bind(&rt_call); | 275 __ bind(&rt_call); |
| 284 int offset = kPointerSize; | 276 int offset = kPointerSize; |
| 285 | 277 |
| (...skipping 1707 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1993 | 1985 |
| 1994 __ bind(&ok); | 1986 __ bind(&ok); |
| 1995 __ ret(0); | 1987 __ ret(0); |
| 1996 } | 1988 } |
| 1997 | 1989 |
| 1998 #undef __ | 1990 #undef __ |
| 1999 } // namespace internal | 1991 } // namespace internal |
| 2000 } // namespace v8 | 1992 } // namespace v8 |
| 2001 | 1993 |
| 2002 #endif // V8_TARGET_ARCH_IA32 | 1994 #endif // V8_TARGET_ARCH_IA32 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1488023002:
Fix inobject slack tracking for both subclassing and non-subclassing cases. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master