Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/objects.cc

Issue 1675163003: Filter out invalid slots in store buffer eagerly during object transition. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Enable WriteBarrierObjectShiftFieldsRight test and add comments Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/heap/store-buffer.cc ('k') | test/cctest/test-unboxed-doubles.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 the V8 project authors. All rights reserved. 1 // Copyright 2015 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/objects.h" 5 #include "src/objects.h"
6 6
7 #include <cmath> 7 #include <cmath>
8 #include <iomanip> 8 #include <iomanip>
9 #include <sstream> 9 #include <sstream>
10 10
(...skipping 2980 matching lines...) Expand 10 before | Expand all | Expand 10 after
2991 value = isolate->factory()->uninitialized_value(); 2991 value = isolate->factory()->uninitialized_value();
2992 } 2992 }
2993 int target_index = new_descriptors->GetFieldIndex(i) - inobject; 2993 int target_index = new_descriptors->GetFieldIndex(i) - inobject;
2994 if (target_index < 0) target_index += total_size; 2994 if (target_index < 0) target_index += total_size;
2995 array->set(target_index, *value); 2995 array->set(target_index, *value);
2996 } 2996 }
2997 2997
2998 // From here on we cannot fail and we shouldn't GC anymore. 2998 // From here on we cannot fail and we shouldn't GC anymore.
2999 DisallowHeapAllocation no_allocation; 2999 DisallowHeapAllocation no_allocation;
3000 3000
3001 Heap* heap = isolate->heap();
3002
3001 // Copy (real) inobject properties. If necessary, stop at number_of_fields to 3003 // Copy (real) inobject properties. If necessary, stop at number_of_fields to
3002 // avoid overwriting |one_pointer_filler_map|. 3004 // avoid overwriting |one_pointer_filler_map|.
3003 int limit = Min(inobject, number_of_fields); 3005 int limit = Min(inobject, number_of_fields);
3004 for (int i = 0; i < limit; i++) { 3006 for (int i = 0; i < limit; i++) {
3005 FieldIndex index = FieldIndex::ForPropertyIndex(*new_map, i); 3007 FieldIndex index = FieldIndex::ForPropertyIndex(*new_map, i);
3006 Object* value = array->get(external + i); 3008 Object* value = array->get(external + i);
3007 // Can't use JSObject::FastPropertyAtPut() because proper map was not set 3009 // Can't use JSObject::FastPropertyAtPut() because proper map was not set
3008 // yet. 3010 // yet.
3009 if (new_map->IsUnboxedDoubleField(index)) { 3011 if (new_map->IsUnboxedDoubleField(index)) {
3010 DCHECK(value->IsMutableHeapNumber()); 3012 DCHECK(value->IsMutableHeapNumber());
3011 object->RawFastDoublePropertyAtPut(index, 3013 object->RawFastDoublePropertyAtPut(index,
3012 HeapNumber::cast(value)->value()); 3014 HeapNumber::cast(value)->value());
3015 if (i < old_number_of_fields && !old_map->IsUnboxedDoubleField(index)) {
3016 // Transition from tagged to untagged slot.
3017 heap->ClearRecordedSlot(*object,
3018 HeapObject::RawField(*object, index.offset()));
3019 }
3013 } else { 3020 } else {
3014 object->RawFastPropertyAtPut(index, value); 3021 object->RawFastPropertyAtPut(index, value);
3015 } 3022 }
3016 } 3023 }
3017 3024
3018 Heap* heap = isolate->heap();
3019 3025
3020 // If there are properties in the new backing store, trim it to the correct 3026 // If there are properties in the new backing store, trim it to the correct
3021 // size and install the backing store into the object. 3027 // size and install the backing store into the object.
3022 if (external > 0) { 3028 if (external > 0) {
3023 heap->RightTrimFixedArray<Heap::CONCURRENT_TO_SWEEPER>(*array, inobject); 3029 heap->RightTrimFixedArray<Heap::CONCURRENT_TO_SWEEPER>(*array, inobject);
3024 object->set_properties(*array); 3030 object->set_properties(*array);
3025 } 3031 }
3026 3032
3027 // Create filler object past the new instance size. 3033 // Create filler object past the new instance size.
3028 int new_instance_size = new_map->instance_size(); 3034 int new_instance_size = new_map->instance_size();
(...skipping 16894 matching lines...) Expand 10 before | Expand all | Expand 10 after
19923 if (cell->value() != *new_value) { 19929 if (cell->value() != *new_value) {
19924 cell->set_value(*new_value); 19930 cell->set_value(*new_value);
19925 Isolate* isolate = cell->GetIsolate(); 19931 Isolate* isolate = cell->GetIsolate();
19926 cell->dependent_code()->DeoptimizeDependentCodeGroup( 19932 cell->dependent_code()->DeoptimizeDependentCodeGroup(
19927 isolate, DependentCode::kPropertyCellChangedGroup); 19933 isolate, DependentCode::kPropertyCellChangedGroup);
19928 } 19934 }
19929 } 19935 }
19930 19936
19931 } // namespace internal 19937 } // namespace internal
19932 } // namespace v8 19938 } // namespace v8
OLDNEW
« no previous file with comments | « src/heap/store-buffer.cc ('k') | test/cctest/test-unboxed-doubles.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698