Skip to content

V
V8
Commit 610fcfa9 authored by ishell@chromium.org's avatar ishell@chromium.org
Browse files
Options

Function allocators, Heap::ReinitializeJSGlobalProxy() and... 

Function allocators, Heap::ReinitializeJSGlobalProxy() and Heap::ReinitializeJSReceiver() handlified. Factory::New<>() added.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/237093006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent 6376579f
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 204 additions and 275 deletions
src/bootstrapper.cc
View file @ 610fcfa9
......@@ -766,9 +766,10 @@ Handle<JSGlobalProxy> Genesis::CreateNewGlobals(
if (global_object.location() != NULL) {
ASSERT(global_object->IsJSGlobalProxy());
return ReinitializeJSGlobalProxy(
global_proxy_function,
Handle<JSGlobalProxy>::cast(global_object));
Handle<JSGlobalProxy> global_proxy =
Handle<JSGlobalProxy>::cast(global_object);
factory()->ReinitializeJSGlobalProxy(global_proxy, global_proxy_function);
return global_proxy;
} else {
return Handle<JSGlobalProxy>::cast(
factory()->NewJSObject(global_proxy_function, TENURED));
......
src/factory.cc
View file @ 610fcfa9
This diff is collapsed.
src/factory.h
View file @ 610fcfa9
......@@ -393,6 +393,20 @@ class Factory V8_FINAL {
Handle<Object> construct_trap,
Handle<Object> prototype);
// Reinitialize a JSReceiver into an (empty) JS object of respective type and
// size, but keeping the original prototype. The receiver must have at least
// the size of the new object. The object is reinitialized and behaves as an
// object that has been freshly allocated.
void ReinitializeJSReceiver(
Handle<JSReceiver> object, InstanceType type, int size);
// Reinitialize an JSGlobalProxy based on a constructor. The object
// must have the same size as objects allocated using the
// constructor. The object is reinitialized and behaves as an
// object that has been freshly allocated using the constructor.
void ReinitializeJSGlobalProxy(Handle<JSGlobalProxy> global,
Handle<JSFunction> constructor);
// Change the type of the argument into a JS object/function and reinitialize.
void BecomeJSObject(Handle<JSReceiver> object);
void BecomeJSFunction(Handle<JSReceiver> object);
......@@ -400,22 +414,30 @@ class Factory V8_FINAL {
Handle<JSFunction> NewFunction(Handle<String> name,
Handle<Object> prototype);
Handle<JSFunction> NewFunctionWithoutPrototype(
Handle<String> name,
StrictMode strict_mode);
Handle<JSFunction> NewFunction(Handle<Object> super, bool is_global);
Handle<JSFunction> BaseNewFunctionFromSharedFunctionInfo(
Handle<SharedFunctionInfo> function_info,
Handle<Map> function_map,
PretenureFlag pretenure);
Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
Handle<SharedFunctionInfo> function_info,
Handle<Context> context,
PretenureFlag pretenure = TENURED);
Handle<JSFunction> NewFunction(Handle<String> name,
InstanceType type,
int instance_size,
Handle<Code> code,
bool force_initial_map);
Handle<JSFunction> NewFunctionWithPrototype(Handle<String> name,
InstanceType type,
int instance_size,
Handle<JSObject> prototype,
Handle<Code> code,
bool force_initial_map);
Handle<JSFunction> NewFunctionWithoutPrototype(Handle<String> name,
StrictMode strict_mode);
Handle<JSFunction> NewFunctionWithoutPrototype(Handle<String> name,
Handle<Code> code);
// Create a serialized scope info.
Handle<ScopeInfo> NewScopeInfo(int length);
......@@ -470,27 +492,6 @@ class Factory V8_FINAL {
Handle<Object> NewEvalError(const char* message,
Vector< Handle<Object> > args);
Handle<JSFunction> NewFunction(Handle<String> name,
InstanceType type,
int instance_size,
Handle<Code> code,
bool force_initial_map);
Handle<JSFunction> NewFunction(Handle<Map> function_map,
Handle<SharedFunctionInfo> shared, Handle<Object> prototype);
Handle<JSFunction> NewFunctionWithPrototype(Handle<String> name,
InstanceType type,
int instance_size,
Handle<JSObject> prototype,
Handle<Code> code,
bool force_initial_map);
Handle<JSFunction> NewFunctionWithoutPrototype(Handle<String> name,
Handle<Code> code);
Handle<String> NumberToString(Handle<Object> number,
bool check_number_string_cache = true);
Handle<String> Uint32ToString(uint32_t value);
......@@ -603,12 +604,31 @@ class Factory V8_FINAL {
private:
Isolate* isolate() { return reinterpret_cast<Isolate*>(this); }
Handle<JSFunction> NewFunctionHelper(Handle<String> name,
Handle<Object> prototype);
// Creates a heap object based on the map. The fields of the heap object are
// not initialized by New<>() functions. It's the responsibility of the caller
// to do that.
template<typename T>
Handle<T> New(Handle<Map> map, AllocationSpace space);
template<typename T>
Handle<T> New(Handle<Map> map,
AllocationSpace space,
Handle<AllocationSite> allocation_site);
// Initializes a function with a shared part and prototype.
// Note: this code was factored out of NewFunctionHelper such that
// other parts of the VM could use it. Specifically, a function that creates
// instances of type JS_FUNCTION_TYPE benefit from the use of this function.
inline void InitializeFunction(Handle<JSFunction> function,
Handle<SharedFunctionInfo> shared,
Handle<Object> prototype);
Handle<JSFunction> NewFunctionWithoutPrototypeHelper(
Handle<String> name,
StrictMode strict_mode);
// Creates a function initialized with a shared part.
inline Handle<JSFunction> NewFunctionHelper(
Handle<Map> function_map,
Handle<SharedFunctionInfo> shared,
Handle<Object> prototype,
PretenureFlag pretenure = TENURED);
// Create a new map cache.
Handle<MapCache> NewMapCache(int at_least_space_for);
......
src/handles.cc
View file @ 610fcfa9
......@@ -124,16 +124,6 @@ Address HandleScope::current_limit_address(Isolate* isolate) {
}
Handle<JSGlobalProxy> ReinitializeJSGlobalProxy(
Handle<JSFunction> constructor,
Handle<JSGlobalProxy> global) {
CALL_HEAP_FUNCTION(
constructor->GetIsolate(),
constructor->GetHeap()->ReinitializeJSGlobalProxy(*constructor, *global),
JSGlobalProxy);
}
MaybeHandle<Object> GetProperty(Handle<JSReceiver> obj,
const char* name) {
Isolate* isolate = obj->GetIsolate();
......
src/handles.h
View file @ 610fcfa9
......@@ -324,10 +324,6 @@ Handle<FixedArray> ReduceFixedArrayTo(Handle<FixedArray> array, int length);
Handle<FixedArray> GetEnumPropertyKeys(Handle<JSObject> object,
bool cache_result);
Handle<JSGlobalProxy> ReinitializeJSGlobalProxy(
Handle<JSFunction> constructor,
Handle<JSGlobalProxy> global);
void AddWeakObjectToCodeDependency(Heap* heap,
Handle<Object> object,
Handle<Code> code);
......
src/heap.cc
View file @ 610fcfa9
......@@ -4093,36 +4093,6 @@ MaybeObject* Heap::Allocate(Map* map, AllocationSpace space,
}
void Heap::InitializeFunction(JSFunction* function,
SharedFunctionInfo* shared,
Object* prototype) {
ASSERT(!prototype->IsMap());
function->initialize_properties();
function->initialize_elements();
function->set_shared(shared);
function->set_code(shared->code());
function->set_prototype_or_initial_map(prototype);
function->set_context(undefined_value());
function->set_literals_or_bindings(empty_fixed_array());
function->set_next_function_link(undefined_value());
}
MaybeObject* Heap::AllocateFunction(Map* function_map,
SharedFunctionInfo* shared,
Object* prototype,
PretenureFlag pretenure) {
AllocationSpace space =
(pretenure == TENURED) ? OLD_POINTER_SPACE : NEW_SPACE;
Object* result;
{ MaybeObject* maybe_result = Allocate(function_map, space);
if (!maybe_result->ToObject(&result)) return maybe_result;
}
InitializeFunction(JSFunction::cast(result), shared, prototype);
return result;
}
MaybeObject* Heap::AllocateArgumentsObject(Object* callee, int length) {
// To get fast allocation and map sharing for arguments objects we
// allocate them based on an arguments boilerplate.
......@@ -4402,94 +4372,6 @@ MaybeObject* Heap::CopyJSObject(JSObject* source, AllocationSite* site) {
}
MaybeObject* Heap::ReinitializeJSReceiver(
JSReceiver* object, InstanceType type, int size) {
ASSERT(type >= FIRST_JS_OBJECT_TYPE);
// Allocate fresh map.
// TODO(rossberg): Once we optimize proxies, cache these maps.
Map* map;
MaybeObject* maybe = AllocateMap(type, size);
if (!maybe->To<Map>(&map)) return maybe;
// Check that the receiver has at least the size of the fresh object.
int size_difference = object->map()->instance_size() - map->instance_size();
ASSERT(size_difference >= 0);
map->set_prototype(object->map()->prototype());
// Allocate the backing storage for the properties.
int prop_size = map->unused_property_fields() - map->inobject_properties();
Object* properties;
maybe = AllocateFixedArray(prop_size, TENURED);
if (!maybe->ToObject(&properties)) return maybe;
// Functions require some allocation, which might fail here.
SharedFunctionInfo* shared = NULL;
if (type == JS_FUNCTION_TYPE) {
String* name;
OneByteStringKey key(STATIC_ASCII_VECTOR("<freezing call trap>"),
HashSeed());
maybe = InternalizeStringWithKey(&key);
if (!maybe->To<String>(&name)) return maybe;
maybe = AllocateSharedFunctionInfo(name);
if (!maybe->To<SharedFunctionInfo>(&shared)) return maybe;
}
// Because of possible retries of this function after failure,
// we must NOT fail after this point, where we have changed the type!
// Reset the map for the object.
object->set_map(map);
JSObject* jsobj = JSObject::cast(object);
// Reinitialize the object from the constructor map.
InitializeJSObjectFromMap(jsobj, FixedArray::cast(properties), map);
// Functions require some minimal initialization.
if (type == JS_FUNCTION_TYPE) {
map->set_function_with_prototype(true);
InitializeFunction(JSFunction::cast(object), shared, the_hole_value());
JSFunction::cast(object)->set_context(
isolate()->context()->native_context());
}
// Put in filler if the new object is smaller than the old.
if (size_difference > 0) {
CreateFillerObjectAt(
object->address() + map->instance_size(), size_difference);
}
return object;
}
MaybeObject* Heap::ReinitializeJSGlobalProxy(JSFunction* constructor,
JSGlobalProxy* object) {
ASSERT(constructor->has_initial_map());
Map* map = constructor->initial_map();
// Check that the already allocated object has the same size and type as
// objects allocated using the constructor.
ASSERT(map->instance_size() == object->map()->instance_size());
ASSERT(map->instance_type() == object->map()->instance_type());
// Allocate the backing storage for the properties.
int prop_size = map->unused_property_fields() - map->inobject_properties();
Object* properties;
{ MaybeObject* maybe_properties = AllocateFixedArray(prop_size, TENURED);
if (!maybe_properties->ToObject(&properties)) return maybe_properties;
}
// Reset the map for the object.
object->set_map(constructor->initial_map());
// Reinitialize the object from the constructor map.
InitializeJSObjectFromMap(object, FixedArray::cast(properties), map);
return object;
}
MaybeObject* Heap::AllocateStringFromOneByte(Vector<const uint8_t> string,
PretenureFlag pretenure) {
int length = string.length();
......
src/heap.h
View file @ 610fcfa9
......@@ -735,22 +735,6 @@ class Heap {
Object* construct_trap,
Object* prototype);
// Reinitialize a JSReceiver into an (empty) JS object of respective type and
// size, but keeping the original prototype. The receiver must have at least
// the size of the new object. The object is reinitialized and behaves as an
// object that has been freshly allocated.
// Returns failure if an error occured, otherwise object.
MUST_USE_RESULT MaybeObject* ReinitializeJSReceiver(JSReceiver* object,
InstanceType type,
int size);
// Reinitialize an JSGlobalProxy based on a constructor. The object
// must have the same size as objects allocated using the
// constructor. The object is reinitialized and behaves as an
// object that has been freshly allocated using the constructor.
MUST_USE_RESULT MaybeObject* ReinitializeJSGlobalProxy(
JSFunction* constructor, JSGlobalProxy* global);
// Allocates and initializes a new JavaScript object based on a map.
// Returns Failure::RetryAfterGC(requested_bytes, space) if the allocation
// failed.
......@@ -998,16 +982,6 @@ class Heap {
// Allocates a new utility object in the old generation.
MUST_USE_RESULT MaybeObject* AllocateStruct(InstanceType type);
// Allocates a function initialized with a shared part.
// Returns Failure::RetryAfterGC(requested_bytes, space) if the allocation
// failed.
// Please note this does not perform a garbage collection.
MUST_USE_RESULT MaybeObject* AllocateFunction(
Map* function_map,
SharedFunctionInfo* shared,
Object* prototype,
PretenureFlag pretenure = TENURED);
// Sloppy mode arguments object size.
static const int kSloppyArgumentsObjectSize =
JSObject::kHeaderSize + 2 * kPointerSize;
......@@ -2198,16 +2172,6 @@ class Heap {
// Slow part of scavenge object.
static void ScavengeObjectSlow(HeapObject** p, HeapObject* object);
// Initializes a function with a shared part and prototype.
// Note: this code was factored out of AllocateFunction such that
// other parts of the VM could use it. Specifically, a function that creates
// instances of type JS_FUNCTION_TYPE benefit from the use of this function.
// Please note this does not perform a garbage collection.
inline void InitializeFunction(
JSFunction* function,
SharedFunctionInfo* shared,
Object* prototype);
// Total RegExp code ever generated
double total_regexp_code_generated_;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment