Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(415)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/arm64/builtins-arm64.cc

Issue 1488023002: Fix inobject slack tracking for both subclassing and non-subclassing cases. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Moved and updated comments about slack tracking Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/arm/builtins-arm.cc ('k') | src/code-stubs.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/arm64/builtins-arm64.cc
diff --git a/src/arm64/builtins-arm64.cc b/src/arm64/builtins-arm64.cc
index d14d94b94e6403c038953d9ecc59f268f40038a4..a087771db3f4edba0982d2125566137c76d6b503 100644
--- a/src/arm64/builtins-arm64.cc
+++ b/src/arm64/builtins-arm64.cc
@@ -394,31 +394,6 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
__ CompareInstanceType(init_map, x10, JS_FUNCTION_TYPE);
__ B(eq, &rt_call);
- Register constructon_count = x14;
- if (!is_api_function) {
- Label allocate;
- MemOperand bit_field3 =
- FieldMemOperand(init_map, Map::kBitField3Offset);
- // Check if slack tracking is enabled.
- __ Ldr(x4, bit_field3);
- __ DecodeField<Map::Counter>(constructon_count, x4);
- __ Cmp(constructon_count, Operand(Map::kSlackTrackingCounterEnd));
- __ B(lt, &allocate);
- // Decrease generous allocation count.
- __ Subs(x4, x4, Operand(1 << Map::Counter::kShift));
- __ Str(x4, bit_field3);
- __ Cmp(constructon_count, Operand(Map::kSlackTrackingCounterEnd));
- __ B(ne, &allocate);
-
- // Push the constructor, new_target and map to the stack, and
- // the map again as an argument to the runtime call.
- __ Push(constructor, new_target, init_map, init_map);
- __ CallRuntime(Runtime::kFinalizeInstanceSize, 1);
- __ Pop(init_map, new_target, constructor);
- __ Mov(constructon_count, Operand(Map::kSlackTrackingCounterEnd - 1));
- __ Bind(&allocate);
- }
-
// Now allocate the JSObject on the heap.
Register obj_size = x10;
Register new_obj = x4;
@@ -441,6 +416,10 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
MemOperand(write_address, 2 * kPointerSize, PostIndex));
STATIC_ASSERT(3 * kPointerSize == JSObject::kHeaderSize);
+ // Add the object tag to make the JSObject real, so that we can continue
+ // and jump into the continuation code at any time from now on.
+ __ Add(new_obj, new_obj, kHeapObjectTag);
+
// Fill all of the in-object properties with the appropriate filler.
Register filler = x7;
__ LoadRoot(filler, Heap::kUndefinedValueRootIndex);
@@ -448,10 +427,17 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
if (!is_api_function) {
Label no_inobject_slack_tracking;
+ Register constructon_count = x14;
+ MemOperand bit_field3 =
+ FieldMemOperand(init_map, Map::kBitField3Offset);
// Check if slack tracking is enabled.
+ __ Ldr(x11, bit_field3);
+ __ DecodeField<Map::Counter>(constructon_count, x11);
__ Cmp(constructon_count, Operand(Map::kSlackTrackingCounterEnd));
__ B(lt, &no_inobject_slack_tracking);
- constructon_count = NoReg;
+ // Decrease generous allocation count.
+ __ Subs(x11, x11, Operand(1 << Map::Counter::kShift));
+ __ Str(x11, bit_field3);
// Allocate object with a slack.
Register unused_props = x11;
@@ -476,17 +462,25 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
// Fill the remaining fields with one pointer filler map.
__ LoadRoot(filler, Heap::kOnePointerFillerMapRootIndex);
+ __ InitializeFieldsWithFiller(write_address, next_obj, filler);
+
+ __ Cmp(constructon_count, Operand(Map::kSlackTrackingCounterEnd));
+ __ B(ne, &allocated);
+
+ // Push the constructor, new_target and the object to the stack,
+ // and then the initial map as an argument to the runtime call.
+ __ Push(constructor, new_target, new_obj, init_map);
+ __ CallRuntime(Runtime::kFinalizeInstanceSize, 1);
+ __ Pop(new_obj, new_target, constructor);
+
+ // Continue with JSObject being successfully allocated.
+ __ B(&allocated);
__ bind(&no_inobject_slack_tracking);
}
- // Fill all of the property fields with undef.
__ InitializeFieldsWithFiller(write_address, next_obj, filler);
- // Add the object tag to make the JSObject real, so that we can continue
- // and jump into the continuation code at any time from now on.
- __ Add(new_obj, new_obj, kHeapObjectTag);
-
// Continue with JSObject being successfully allocated.
__ B(&allocated);
}
« no previous file with comments | « src/arm/builtins-arm.cc ('k') | src/code-stubs.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698