| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 221 void ElementsTransitionGenerator::GenerateSmiOnlyToDouble( | 221 void ElementsTransitionGenerator::GenerateSmiOnlyToDouble( |
| 222 MacroAssembler* masm, Label* fail) { | 222 MacroAssembler* masm, Label* fail) { |
| 223 // ----------- S t a t e ------------- | 223 // ----------- S t a t e ------------- |
| 224 // -- rax : value | 224 // -- rax : value |
| 225 // -- rbx : target map | 225 // -- rbx : target map |
| 226 // -- rcx : key | 226 // -- rcx : key |
| 227 // -- rdx : receiver | 227 // -- rdx : receiver |
| 228 // -- rsp[0] : return address | 228 // -- rsp[0] : return address |
| 229 // ----------------------------------- | 229 // ----------------------------------- |
| 230 // The fail label is not actually used since we do not allocate. | 230 // The fail label is not actually used since we do not allocate. |
| 231 Label allocated, cow_array, only_change_map, done; | 231 Label allocated, new_backing_store, only_change_map, done; |
| 232 | 232 |
| 233 // Check for empty arrays, which only require a map transition and no changes | 233 // Check for empty arrays, which only require a map transition and no changes |
| 234 // to the backing store. | 234 // to the backing store. |
| 235 __ movq(r8, FieldOperand(rdx, JSObject::kElementsOffset)); | 235 __ movq(r8, FieldOperand(rdx, JSObject::kElementsOffset)); |
| 236 __ CompareRoot(r8, Heap::kEmptyFixedArrayRootIndex); | 236 __ CompareRoot(r8, Heap::kEmptyFixedArrayRootIndex); |
| 237 __ j(equal, &only_change_map); | 237 __ j(equal, &only_change_map); |
| 238 | 238 |
| 239 // Check backing store for COW-ness. If the negative case, we do not have to | 239 // Check backing store for COW-ness. For COW arrays we have to |
| 240 // allocate a new array, since FixedArray and FixedDoubleArray do not differ | 240 // allocate a new backing store. |
| 241 // in size. | |
| 242 __ SmiToInteger32(r9, FieldOperand(r8, FixedDoubleArray::kLengthOffset)); | 241 __ SmiToInteger32(r9, FieldOperand(r8, FixedDoubleArray::kLengthOffset)); |
| 243 __ CompareRoot(FieldOperand(r8, HeapObject::kMapOffset), | 242 __ CompareRoot(FieldOperand(r8, HeapObject::kMapOffset), |
| 244 Heap::kFixedCOWArrayMapRootIndex); | 243 Heap::kFixedCOWArrayMapRootIndex); |
| 245 __ j(equal, &cow_array); | 244 __ j(equal, &new_backing_store); |
| 245 // Check if the backing store is in new-space. If not, we need to allocate |
| 246 // a new one since the old one is in pointer-space. |
| 247 // If in new space, we can reuse the old backing store because it is |
| 248 // the same size. |
| 249 __ JumpIfNotInNewSpace(r8, rdi, &new_backing_store); |
| 250 |
| 246 __ movq(r14, r8); // Destination array equals source array. | 251 __ movq(r14, r8); // Destination array equals source array. |
| 247 | 252 |
| 248 __ bind(&allocated); | |
| 249 // r8 : source FixedArray | 253 // r8 : source FixedArray |
| 250 // r9 : elements array length | 254 // r9 : elements array length |
| 251 // r14: destination FixedDoubleArray | 255 // r14: destination FixedDoubleArray |
| 252 // Set backing store's map | 256 // Set backing store's map |
| 253 __ LoadRoot(rdi, Heap::kFixedDoubleArrayMapRootIndex); | 257 __ LoadRoot(rdi, Heap::kFixedDoubleArrayMapRootIndex); |
| 254 __ movq(FieldOperand(r14, HeapObject::kMapOffset), rdi); | 258 __ movq(FieldOperand(r14, HeapObject::kMapOffset), rdi); |
| 255 | 259 |
| 260 __ bind(&allocated); |
| 256 // Set transitioned map. | 261 // Set transitioned map. |
| 257 __ movq(FieldOperand(rdx, HeapObject::kMapOffset), rbx); | 262 __ movq(FieldOperand(rdx, HeapObject::kMapOffset), rbx); |
| 258 __ RecordWriteField(rdx, | 263 __ RecordWriteField(rdx, |
| 259 HeapObject::kMapOffset, | 264 HeapObject::kMapOffset, |
| 260 rbx, | 265 rbx, |
| 261 rdi, | 266 rdi, |
| 262 kDontSaveFPRegs, | 267 kDontSaveFPRegs, |
| 263 EMIT_REMEMBERED_SET, | 268 EMIT_REMEMBERED_SET, |
| 264 OMIT_SMI_CHECK); | 269 OMIT_SMI_CHECK); |
| 265 | 270 |
| 266 // Convert smis to doubles and holes to hole NaNs. The Array's length | 271 // Convert smis to doubles and holes to hole NaNs. The Array's length |
| 267 // remains unchanged. | 272 // remains unchanged. |
| 268 STATIC_ASSERT(FixedDoubleArray::kLengthOffset == FixedArray::kLengthOffset); | 273 STATIC_ASSERT(FixedDoubleArray::kLengthOffset == FixedArray::kLengthOffset); |
| 269 STATIC_ASSERT(FixedDoubleArray::kHeaderSize == FixedArray::kHeaderSize); | 274 STATIC_ASSERT(FixedDoubleArray::kHeaderSize == FixedArray::kHeaderSize); |
| 270 | 275 |
| 271 Label loop, entry, convert_hole; | 276 Label loop, entry, convert_hole; |
| 272 __ movq(r15, BitCast<int64_t, uint64_t>(kHoleNanInt64), RelocInfo::NONE); | 277 __ movq(r15, BitCast<int64_t, uint64_t>(kHoleNanInt64), RelocInfo::NONE); |
| 273 // r15: the-hole NaN | 278 // r15: the-hole NaN |
| 274 __ jmp(&entry); | 279 __ jmp(&entry); |
| 275 | 280 |
| 276 // Allocate new array if the source array is a COW array. | 281 // Allocate new backing store. |
| 277 __ bind(&cow_array); | 282 __ bind(&new_backing_store); |
| 278 __ lea(rdi, Operand(r9, times_pointer_size, FixedArray::kHeaderSize)); | 283 __ lea(rdi, Operand(r9, times_pointer_size, FixedArray::kHeaderSize)); |
| 279 __ AllocateInNewSpace(rdi, r14, r11, r15, fail, TAG_OBJECT); | 284 __ AllocateInNewSpace(rdi, r14, r11, r15, fail, TAG_OBJECT); |
| 285 // Set backing store's map |
| 286 __ LoadRoot(rdi, Heap::kFixedDoubleArrayMapRootIndex); |
| 287 __ movq(FieldOperand(r14, HeapObject::kMapOffset), rdi); |
| 280 // Set receiver's backing store. | 288 // Set receiver's backing store. |
| 281 __ movq(FieldOperand(rdx, JSObject::kElementsOffset), r14); | 289 __ movq(FieldOperand(rdx, JSObject::kElementsOffset), r14); |
| 282 __ movq(r11, r14); | 290 __ movq(r11, r14); |
| 283 __ RecordWriteField(rdx, | 291 __ RecordWriteField(rdx, |
| 284 JSObject::kElementsOffset, | 292 JSObject::kElementsOffset, |
| 285 r11, | 293 r11, |
| 286 r15, | 294 r15, |
| 287 kDontSaveFPRegs, | 295 kDontSaveFPRegs, |
| 288 EMIT_REMEMBERED_SET, | 296 EMIT_REMEMBERED_SET, |
| 289 OMIT_SMI_CHECK); | 297 OMIT_SMI_CHECK); |
| (...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 542 times_1, | 550 times_1, |
| 543 SeqAsciiString::kHeaderSize)); | 551 SeqAsciiString::kHeaderSize)); |
| 544 __ bind(&done); | 552 __ bind(&done); |
| 545 } | 553 } |
| 546 | 554 |
| 547 #undef __ | 555 #undef __ |
| 548 | 556 |
| 549 } } // namespace v8::internal | 557 } } // namespace v8::internal |
| 550 | 558 |
| 551 #endif // V8_TARGET_ARCH_X64 | 559 #endif // V8_TARGET_ARCH_X64 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9633017:
Fix a bug in the x64 elements transition code. (Closed)
Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/