Prefill pre-allocated memory of folded allocation with one pointer fillers...

Prefill pre-allocated memory of folded allocation with one pointer fillers when heap verifier is on. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19723004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Prefill pre-allocated memory of folded allocation with one pointer fillers...
Prefill pre-allocated memory of folded allocation with one pointer fillers when heap verifier is on. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19723004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
ecc31a0c · hpayer@chromium.org · f59c3658 · ecc31a0c · ecc31a0c · ecc31a0c
Commit ecc31a0c authored Jul 22, 2013 by hpayer@chromium.org
5 changed files
--- a/src/arm/lithium-codegen-arm.cc
+++ b/src/arm/lithium-codegen-arm.cc
@@ -5364,6 +5364,25 @@ void LCodeGen::DoAllocate(LAllocate* instr) {
  }

  __ bind(deferred->exit());
+
+  if (instr->hydrogen()->MustPrefillWithFiller()) {
+    if (instr->size()->IsConstantOperand()) {
+      int32_t size = ToInteger32(LConstantOperand::cast(instr->size()));
+      __ mov(scratch, Operand(size));
+    } else {
+      scratch = ToRegister(instr->size());
+    }
+    __ sub(scratch, scratch, Operand(kPointerSize));
+    __ sub(result, result, Operand(kHeapObjectTag));
+    Label loop;
+    __ bind(&loop);
+    __ mov(scratch2, Operand(isolate()->factory()->one_pointer_filler_map()));
+    __ str(scratch2, MemOperand(result, scratch));
+    __ sub(scratch, scratch, Operand(kPointerSize));
+    __ cmp(scratch, Operand(0));
+    __ b(ge, &loop);
+    __ add(result, result, Operand(kHeapObjectTag));
+  }
 }



--- a/src/hydrogen-instructions.cc
+++ b/src/hydrogen-instructions.cc
@@ -3237,35 +3237,9 @@ void HAllocate::HandleSideEffectDominator(GVNFlag side_effect,
  dominator_allocate_instr->UpdateSize(new_dominator_size);

 #ifdef VERIFY_HEAP
-  HInstruction* free_space_instr =
-      new(zone) HInnerAllocatedObject(dominator_allocate_instr,
-                                      dominator_size_constant,
-                                      type());
-  free_space_instr->InsertAfter(dominator_allocate_instr);
-  HConstant* filler_map = new(zone) HConstant(
-      isolate()->factory()->free_space_map(),
-      UniqueValueId(isolate()->heap()->free_space_map()),
-      Representation::Tagged(),
-      HType::Tagged(),
-      false,
-      true,
-      false,
-      false);
-  filler_map->InsertAfter(free_space_instr);
-
-  HInstruction* store_map = new(zone) HStoreNamedField(
-      free_space_instr, HObjectAccess::ForMap(), filler_map);
-  store_map->SetFlag(HValue::kHasNoObservableSideEffects);
-  store_map->InsertAfter(filler_map);
-
-  HInstruction* free_space_size = new(zone) HConstant(current_size_constant);
-  free_space_size->InsertAfter(store_map);
-  HObjectAccess access =
-      HObjectAccess::ForJSObjectOffset(FreeSpace::kSizeOffset);
-  HInstruction* store_size = new(zone) HStoreNamedField(
-      free_space_instr, access, free_space_size);
-  store_size->SetFlag(HValue::kHasNoObservableSideEffects);
-  store_size->InsertAfter(free_space_size);
+  if (FLAG_verify_heap) {
+    dominator_allocate_instr->SetFlags(HAllocate::PREFILL_WITH_FILLER);
+  }
 #endif

  // After that replace the dominated allocate instruction.

--- a/src/hydrogen-instructions.h
+++ b/src/hydrogen-instructions.h
@@ -4964,7 +4964,8 @@ class HAllocate: public HTemplateInstruction<2> {
    CAN_ALLOCATE_IN_NEW_SPACE = 1 << 0,
    CAN_ALLOCATE_IN_OLD_DATA_SPACE = 1 << 1,
    CAN_ALLOCATE_IN_OLD_POINTER_SPACE = 1 << 2,
-    ALLOCATE_DOUBLE_ALIGNED = 1 << 3
+    ALLOCATE_DOUBLE_ALIGNED = 1 << 3,
+    PREFILL_WITH_FILLER = 1 << 4
  };

  HAllocate(HValue* context, HValue* size, HType type, Flags flags)
@@ -5041,6 +5042,14 @@ class HAllocate: public HTemplateInstruction<2> {
    return (flags_ & ALLOCATE_DOUBLE_ALIGNED) != 0;
  }

+  bool MustPrefillWithFiller() const {
+    return (flags_ & PREFILL_WITH_FILLER) != 0;
+  }
+
+  void SetFlags(Flags flags) {
+    flags_ = static_cast<HAllocate::Flags>(flags_ | flags);
+  }
+
  void UpdateSize(HValue* size) {
    SetOperandAt(1, size);
  }

--- a/src/ia32/lithium-codegen-ia32.cc
+++ b/src/ia32/lithium-codegen-ia32.cc
@@ -6046,6 +6046,23 @@ void LCodeGen::DoAllocate(LAllocate* instr) {
  }

  __ bind(deferred->exit());
+
+  if (instr->hydrogen()->MustPrefillWithFiller()) {
+    if (instr->size()->IsConstantOperand()) {
+      int32_t size = ToInteger32(LConstantOperand::cast(instr->size()));
+      __ mov(temp, (size / kPointerSize) - 1);
+    } else {
+      temp = ToRegister(instr->size());
+      __ shr(temp, kPointerSizeLog2);
+      __ dec(temp);
+    }
+    Label loop;
+    __ bind(&loop);
+    __ mov(FieldOperand(result, temp, times_pointer_size, 0),
+        isolate()->factory()->one_pointer_filler_map());
+    __ dec(temp);
+    __ j(not_zero, &loop);
+  }
 }



--- a/src/x64/lithium-codegen-x64.cc
+++ b/src/x64/lithium-codegen-x64.cc
@@ -5075,6 +5075,23 @@ void LCodeGen::DoAllocate(LAllocate* instr) {
  }

  __ bind(deferred->exit());
+
+  if (instr->hydrogen()->MustPrefillWithFiller()) {
+    if (instr->size()->IsConstantOperand()) {
+      int32_t size = ToInteger32(LConstantOperand::cast(instr->size()));
+      __ movl(temp, Immediate((size / kPointerSize) - 1));
+    } else {
+      temp = ToRegister(instr->size());
+      __ sar(temp, Immediate(kPointerSizeLog2));
+      __ decl(temp);
+    }
+    Label loop;
+    __ bind(&loop);
+    __ Move(FieldOperand(result, temp, times_pointer_size, 0),
+        isolate()->factory()->one_pointer_filler_map());
+    __ decl(temp);
+    __ j(not_zero, &loop);
+  }
 }