Inobject slack tracking is done on a per-closure basis instead of per-shared info basis.

src/arm64/builtins-arm64.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "v8.h"
 
 #if V8_TARGET_ARCH_ARM64
 
 #include "codegen.h"
 #include "debug.h"
@@ skipping 286 matching lines @@
   CallRuntimePassFunction(masm, Runtime::kHiddenTryInstallOptimizedCode);
   GenerateTailCallToReturnedCode(masm);
 
   __ Bind(&ok);
   GenerateTailCallToSharedCode(masm);
 }
 
 
 static void Generate_JSConstructStubHelper(MacroAssembler* masm,
                                            bool is_api_function,
-                                           bool count_constructions,
                                            bool create_memento) {
   // ----------- S t a t e -------------
   //  -- x0     : number of arguments
   //  -- x1     : constructor function
   //  -- x2     : allocation site or undefined
   //  -- lr     : return address
   //  -- sp[...]: constructor arguments
   // -----------------------------------
 
   ASM_LOCATION("Builtins::Generate_JSConstructStubHelper");
-  // Should never count constructions for api objects.
-  ASSERT(!is_api_function || !count_constructions);
   // Should never create mementos for api functions.
   ASSERT(!is_api_function || !create_memento);
-  // Should never create mementos before slack tracking is finished.
-  ASSERT(!count_constructions || !create_memento);
 
   Isolate* isolate = masm->isolate();
 
   // Enter a construct frame.
   {
     FrameScope scope(masm, StackFrame::CONSTRUCT);
 
     // Preserve the three incoming parameters on the stack.
     if (create_memento) {
       __ AssertUndefinedOrAllocationSite(x2, x10);
@@ skipping 25 matching lines @@
                              JSFunction::kPrototypeOrInitialMapOffset));
       __ JumpIfSmi(init_map, &rt_call);
       __ JumpIfNotObjectType(init_map, x10, x11, MAP_TYPE, &rt_call);
 
       // Check that the constructor is not constructing a JSFunction (see
       // comments in Runtime_NewObject in runtime.cc). In which case the initial
       // map's instance type would be JS_FUNCTION_TYPE.
       __ CompareInstanceType(init_map, x10, JS_FUNCTION_TYPE);
       __ B(eq, &rt_call);
 
-      if (count_constructions) {
+      Register constructon_count = x14;
+      if (!is_api_function) {
         Label allocate;
+        MemOperand bit_field3 =
+            FieldMemOperand(init_map, Map::kBitField3Offset);
+        // Check if slack tracking is enabled.
+        __ Ldr(x4, bit_field3);
+        __ DecodeField<Map::ConstructionCount>(constructon_count, x4);
+        __ Cmp(constructon_count, Operand(JSFunction::kNoSlackTracking));
+        __ B(eq, &allocate);
         // Decrease generous allocation count.
-        __ Ldr(x3, FieldMemOperand(constructor,
-                                   JSFunction::kSharedFunctionInfoOffset));
-        MemOperand constructor_count =
-            FieldMemOperand(x3, SharedFunctionInfo::kConstructionCountOffset);
-        __ Ldrb(x4, constructor_count);
-        __ Subs(x4, x4, 1);
-        __ Strb(x4, constructor_count);
+        __ Subs(x4, x4, Operand(1 << Map::ConstructionCount::kShift));
+        __ Str(x4, bit_field3);
+        __ Cmp(constructon_count, Operand(JSFunction::kFinishSlackTracking));
         __ B(ne, &allocate);
 
         // Push the constructor and map to the stack, and the constructor again
         // as argument to the runtime call.
         __ Push(constructor, init_map, constructor);
-        // The call will replace the stub, so the countdown is only done once.
         __ CallRuntime(Runtime::kHiddenFinalizeInstanceSize, 1);
         __ Pop(init_map, constructor);
+        __ Mov(constructon_count, Operand(JSFunction::kNoSlackTracking));
         __ Bind(&allocate);
       }
 
       // Now allocate the JSObject on the heap.
       Register obj_size = x3;
       Register new_obj = x4;
       __ Ldrb(obj_size, FieldMemOperand(init_map, Map::kInstanceSizeOffset));
       if (create_memento) {
         __ Add(x7, obj_size,
                Operand(AllocationMemento::kSize / kPointerSize));
@@ skipping 28 matching lines @@
       __ Ubfx(prealloc_fields, inst_sizes,
               Map::kPreAllocatedPropertyFieldsByte * kBitsPerByte,
               kBitsPerByte);
       __ Ubfx(inobject_props, inst_sizes,
               Map::kInObjectPropertiesByte * kBitsPerByte, kBitsPerByte);
 
       // Calculate number of property fields in the object.
       Register prop_fields = x6;
       __ Sub(prop_fields, obj_size, JSObject::kHeaderSize / kPointerSize);
 
-      if (count_constructions) {
+      if (is_api_function) {
+        // Fill all of the property fields with undef.
+        __ FillFields(first_prop, prop_fields, undef);
+        first_prop = NoReg;
+        prop_fields = NoReg;
+      } else {
+        Label no_inobject_slack_tracking, done_field_initialization;
+
+        // Check if slack tracking is enabled.
+        __ Cmp(constructon_count, Operand(JSFunction::kNoSlackTracking));
+        __ B(eq, &no_inobject_slack_tracking);
+        constructon_count = NoReg;
+
         // Fill the pre-allocated fields with undef.
         __ FillFields(first_prop, prealloc_fields, undef);
 
         // Register first_non_prealloc is the offset of the first field after
         // pre-allocated fields.
         Register first_non_prealloc = x12;
         __ Add(first_non_prealloc, first_prop,
                Operand(prealloc_fields, LSL, kPointerSizeLog2));
 
-        first_prop = NoReg;
-
         if (FLAG_debug_code) {
-          Register obj_end = x5;
+          Register obj_end = x14;
           __ Add(obj_end, new_obj, Operand(obj_size, LSL, kPointerSizeLog2));
           __ Cmp(first_non_prealloc, obj_end);
           __ Assert(le, kUnexpectedNumberOfPreAllocatedPropertyFields);
         }
 
         // Fill the remaining fields with one pointer filler map.
-        Register one_pointer_filler = x5;
+        Register one_pointer_filler = x14;
         Register non_prealloc_fields = x6;
         __ LoadRoot(one_pointer_filler, Heap::kOnePointerFillerMapRootIndex);
         __ Sub(non_prealloc_fields, prop_fields, prealloc_fields);
         __ FillFields(first_non_prealloc, non_prealloc_fields,
                       one_pointer_filler);
-        prop_fields = NoReg;
-      } else if (create_memento) {
-        // Fill the pre-allocated fields with undef.
-        __ FillFields(first_prop, prop_fields, undef);
-        __ Add(first_prop, new_obj, Operand(obj_size, LSL, kPointerSizeLog2));
-        __ LoadRoot(x14, Heap::kAllocationMementoMapRootIndex);
-        ASSERT_EQ(0 * kPointerSize, AllocationMemento::kMapOffset);
-        __ Str(x14, MemOperand(first_prop, kPointerSize, PostIndex));
-        // Load the AllocationSite
-        __ Peek(x14, 2 * kXRegSize);
-        ASSERT_EQ(1 * kPointerSize, AllocationMemento::kAllocationSiteOffset);
-        __ Str(x14, MemOperand(first_prop, kPointerSize, PostIndex));
-        first_prop = NoReg;
-      } else {
-        // Fill all of the property fields with undef.
-        __ FillFields(first_prop, prop_fields, undef);
-        first_prop = NoReg;
-        prop_fields = NoReg;
+        one_pointer_filler = NoReg;
+        __ B(&done_field_initialization);
+
+        __ bind(&no_inobject_slack_tracking);
+        if (create_memento) {
+          // Fill the pre-allocated fields with undef.
+          __ FillFields(first_prop, prop_fields, undef);
+          __ Add(first_prop, new_obj, Operand(obj_size, LSL, kPointerSizeLog2));
+          __ LoadRoot(x14, Heap::kAllocationMementoMapRootIndex);
+          ASSERT_EQ(0 * kPointerSize, AllocationMemento::kMapOffset);
+          __ Str(x14, MemOperand(first_prop, kPointerSize, PostIndex));
+          // Load the AllocationSite
+          __ Peek(x14, 2 * kXRegSize);
+          ASSERT_EQ(1 * kPointerSize, AllocationMemento::kAllocationSiteOffset);
+          __ Str(x14, MemOperand(first_prop, kPointerSize, PostIndex));
+          first_prop = NoReg;
+        } else {
+          // Fill all of the property fields with undef.
+          __ FillFields(first_prop, prop_fields, undef);
+          first_prop = NoReg;
+          prop_fields = NoReg;
+        }
+        __ bind(&done_field_initialization);
       }
 
       // Add the object tag to make the JSObject real, so that we can continue
       // and jump into the continuation code at any time from now on. Any
       // failures need to undo the allocation, so that the heap is in a
       // consistent state and verifiable.
       __ Add(new_obj, new_obj, kHeapObjectTag);
 
       // Check if a non-empty properties array is needed. Continue with
       // allocated object if not, or fall through to runtime call if it is.
@@ skipping 128 matching lines @@
       __ Ldr(cp, FieldMemOperand(constructor, JSFunction::kContextOffset));
       Handle<Code> code =
           masm->isolate()->builtins()->HandleApiCallConstruct();
       __ Call(code, RelocInfo::CODE_TARGET);
     } else {
       ParameterCount actual(argc);
       __ InvokeFunction(constructor, actual, CALL_FUNCTION, NullCallWrapper());
     }
 
     // Store offset of return address for deoptimizer.
-    if (!is_api_function && !count_constructions) {
+    if (!is_api_function) {
       masm->isolate()->heap()->SetConstructStubDeoptPCOffset(masm->pc_offset());
     }
 
     // Restore the context from the frame.
     // x0: result
     // jssp[0]: receiver
     // jssp[1]: constructor function
     // jssp[2]: number of arguments (smi-tagged)
     __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
 
@@ skipping 30 matching lines @@
     // Leave construct frame.
   }
 
   __ DropBySMI(x1);
   __ Drop(1);
   __ IncrementCounter(isolate->counters()->constructed_objects(), 1, x1, x2);
   __ Ret();
 }
 
 
-void Builtins::Generate_JSConstructStubCountdown(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, false, true, false);
-}
-
-
 void Builtins::Generate_JSConstructStubGeneric(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, false, false, FLAG_pretenuring_call_new);
+  Generate_JSConstructStubHelper(masm, false, FLAG_pretenuring_call_new);
 }
 
 
 void Builtins::Generate_JSConstructStubApi(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, true, false, false);
+  Generate_JSConstructStubHelper(masm, true, false);
 }
 
 
 // Input:
 //   x0: code entry.
 //   x1: function.
 //   x2: receiver.
 //   x3: argc.
 //   x4: argv.
 // Output:
@@ skipping 860 matching lines @@
     __ Unreachable();
   }
 }
 
 
 #undef __
 
 } }  // namespace v8::internal
 
 #endif  // V8_TARGET_ARCH_ARM