| Index: src/x64/builtins-x64.cc
|
| diff --git a/src/x64/builtins-x64.cc b/src/x64/builtins-x64.cc
|
| index 9e3b89ac61730cb9a5895636cd8ee49706278e1e..7a211ee97e9ca0ba3bbe75527adc5aaee5ada738 100644
|
| --- a/src/x64/builtins-x64.cc
|
| +++ b/src/x64/builtins-x64.cc
|
| @@ -101,7 +101,6 @@ void Builtins::Generate_InOptimizationQueue(MacroAssembler* masm) {
|
|
|
| static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| bool is_api_function,
|
| - bool count_constructions,
|
| bool create_memento) {
|
| // ----------- S t a t e -------------
|
| // -- rax: number of arguments
|
| @@ -109,15 +108,9 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| // -- rbx: allocation site or undefined
|
| // -----------------------------------
|
|
|
| - // Should never count constructions for api objects.
|
| - ASSERT(!is_api_function || !count_constructions);\
|
| -
|
| // Should never create mementos for api functions.
|
| ASSERT(!is_api_function || !create_memento);
|
|
|
| - // Should never create mementos before slack tracking is finished.
|
| - ASSERT(!count_constructions || !create_memento);
|
| -
|
| // Enter a construct frame.
|
| {
|
| FrameScope scope(masm, StackFrame::CONSTRUCT);
|
| @@ -166,23 +159,32 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| __ CmpInstanceType(rax, JS_FUNCTION_TYPE);
|
| __ j(equal, &rt_call);
|
|
|
| - if (count_constructions) {
|
| + if (!is_api_function) {
|
| Label allocate;
|
| + // The code below relies on these assumptions.
|
| + STATIC_ASSERT(JSFunction::kNoSlackTracking == 0);
|
| + STATIC_ASSERT(Map::ConstructionCount::kShift +
|
| + Map::ConstructionCount::kSize == 32);
|
| + // Check if slack tracking is enabled.
|
| + __ movl(rsi, FieldOperand(rax, Map::kBitField3Offset));
|
| + __ shrl(rsi, Immediate(Map::ConstructionCount::kShift));
|
| + __ j(zero, &allocate); // JSFunction::kNoSlackTracking
|
| // Decrease generous allocation count.
|
| - __ movp(rcx, FieldOperand(rdi, JSFunction::kSharedFunctionInfoOffset));
|
| - __ decb(FieldOperand(rcx,
|
| - SharedFunctionInfo::kConstructionCountOffset));
|
| - __ j(not_zero, &allocate);
|
| + __ subl(FieldOperand(rax, Map::kBitField3Offset),
|
| + Immediate(1 << Map::ConstructionCount::kShift));
|
| +
|
| + __ cmpl(rsi, Immediate(JSFunction::kFinishSlackTracking));
|
| + __ j(not_equal, &allocate);
|
|
|
| __ Push(rax);
|
| __ Push(rdi);
|
|
|
| __ Push(rdi); // constructor
|
| - // The call will replace the stub, so the countdown is only done once.
|
| __ CallRuntime(Runtime::kHiddenFinalizeInstanceSize, 1);
|
|
|
| __ Pop(rdi);
|
| __ Pop(rax);
|
| + __ xorl(rsi, rsi); // JSFunction::kNoSlackTracking
|
|
|
| __ bind(&allocate);
|
| }
|
| @@ -213,9 +215,17 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| // rax: initial map
|
| // rbx: JSObject
|
| // rdi: start of next object (including memento if create_memento)
|
| + // rsi: slack tracking counter (non-API function case)
|
| __ leap(rcx, Operand(rbx, JSObject::kHeaderSize));
|
| __ LoadRoot(rdx, Heap::kUndefinedValueRootIndex);
|
| - if (count_constructions) {
|
| + if (!is_api_function) {
|
| + Label no_inobject_slack_tracking;
|
| +
|
| + // Check if slack tracking is enabled.
|
| + __ cmpl(rsi, Immediate(JSFunction::kNoSlackTracking));
|
| + __ j(equal, &no_inobject_slack_tracking);
|
| +
|
| + // Allocate object with a slack.
|
| __ movzxbp(rsi,
|
| FieldOperand(rax, Map::kPreAllocatedPropertyFieldsOffset));
|
| __ leap(rsi,
|
| @@ -228,20 +238,21 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| }
|
| __ InitializeFieldsWithFiller(rcx, rsi, rdx);
|
| __ LoadRoot(rdx, Heap::kOnePointerFillerMapRootIndex);
|
| - __ InitializeFieldsWithFiller(rcx, rdi, rdx);
|
| - } else if (create_memento) {
|
| + // Fill the remaining fields with one pointer filler map.
|
| +
|
| + __ bind(&no_inobject_slack_tracking);
|
| + }
|
| + if (create_memento) {
|
| __ leap(rsi, Operand(rdi, -AllocationMemento::kSize));
|
| __ InitializeFieldsWithFiller(rcx, rsi, rdx);
|
|
|
| // Fill in memento fields if necessary.
|
| // rsi: points to the allocated but uninitialized memento.
|
| - Handle<Map> allocation_memento_map = factory->allocation_memento_map();
|
| __ Move(Operand(rsi, AllocationMemento::kMapOffset),
|
| - allocation_memento_map);
|
| + factory->allocation_memento_map());
|
| // Get the cell or undefined.
|
| __ movp(rdx, Operand(rsp, kPointerSize*2));
|
| - __ movp(Operand(rsi, AllocationMemento::kAllocationSiteOffset),
|
| - rdx);
|
| + __ movp(Operand(rsi, AllocationMemento::kAllocationSiteOffset), rdx);
|
| } else {
|
| __ InitializeFieldsWithFiller(rcx, rdi, rdx);
|
| }
|
| @@ -416,7 +427,7 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| }
|
|
|
| // Store offset of return address for deoptimizer.
|
| - if (!is_api_function && !count_constructions) {
|
| + if (!is_api_function) {
|
| masm->isolate()->heap()->SetConstructStubDeoptPCOffset(masm->pc_offset());
|
| }
|
|
|
| @@ -459,18 +470,13 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
|
| }
|
|
|
|
|
| -void Builtins::Generate_JSConstructStubCountdown(MacroAssembler* masm) {
|
| - Generate_JSConstructStubHelper(masm, false, true, false);
|
| -}
|
| -
|
| -
|
| void Builtins::Generate_JSConstructStubGeneric(MacroAssembler* masm) {
|
| - Generate_JSConstructStubHelper(masm, false, false, FLAG_pretenuring_call_new);
|
| + Generate_JSConstructStubHelper(masm, false, FLAG_pretenuring_call_new);
|
| }
|
|
|
|
|
| void Builtins::Generate_JSConstructStubApi(MacroAssembler* masm) {
|
| - Generate_JSConstructStubHelper(masm, true, false, false);
|
| + Generate_JSConstructStubHelper(masm, true, false);
|
| }
|
|
|
|
|
|
|
Chromium Code Reviews
Issue 283383006:
Inobject slack tracking is done on a per-closure basis instead of per-shared info basis. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge