Version 4.4.63.31 (cherry-pick)
Merged 1e65e201894791c3bf8473728021f0e548a0543b
Merged 6ea0d55dfb9306200b86e057ac74528321ca709b
Fasterify JSObject::UnregisterPrototypeUser
Fasterify ICSlotCache
BUG=chromium:517406,chromium:517406,chromium:517778
LOG=N
R=hablich@chromium.org
Review URL: https://codereview.chromium.org/1281613004 .
Cr-Commit-Position: refs/branch-heads/4.4@{#36}
Cr-Branched-From: 2e4c5505e85d94b520e853dda3f0cc3f2769e5f0-refs/heads/4.4.63@{#1}
Cr-Branched-From: 0208b8e3a1d7ce393308866386ac8d94f85faa05-refs/heads/master@{#28333}
diff --git a/include/v8-version.h b/include/v8-version.h
index 180969f..65e2960 100644
--- a/include/v8-version.h
+++ b/include/v8-version.h
@@ -11,7 +11,7 @@
#define V8_MAJOR_VERSION 4
#define V8_MINOR_VERSION 4
#define V8_BUILD_NUMBER 63
-#define V8_PATCH_LEVEL 30
+#define V8_PATCH_LEVEL 31
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
diff --git a/src/ast-numbering.cc b/src/ast-numbering.cc
index 35b8cef..f2006eb 100644
--- a/src/ast-numbering.cc
+++ b/src/ast-numbering.cc
@@ -18,7 +18,7 @@
: AstVisitor(),
next_id_(BailoutId::FirstUsable().ToInt()),
properties_(zone),
- ic_slot_cache_(FLAG_vector_ics ? 4 : 0),
+ ic_slot_cache_(zone),
dont_optimize_reason_(kNoReason) {
InitializeAstVisitor(isolate, zone);
}
diff --git a/src/ast.cc b/src/ast.cc
index 5038716..3d59638 100644
--- a/src/ast.cc
+++ b/src/ast.cc
@@ -96,7 +96,7 @@
ICSlotCache* cache) {
variable_feedback_slot_ = slot;
if (var()->IsUnallocated()) {
- cache->Add(VariableICSlotPair(var(), slot));
+ cache->Put(var(), slot);
}
}
@@ -107,12 +107,11 @@
// VariableProxies that point to the same Variable within a function can
// make their loads from the same IC slot.
if (var()->IsUnallocated()) {
- for (int i = 0; i < cache->length(); i++) {
- VariableICSlotPair& pair = cache->at(i);
- if (pair.variable() == var()) {
- variable_feedback_slot_ = pair.slot();
- return FeedbackVectorRequirements(0, 0);
- }
+ ZoneHashMap::Entry* entry = cache->Get(var());
+ if (entry != NULL) {
+ variable_feedback_slot_ = FeedbackVectorICSlot(
+ static_cast<int>(reinterpret_cast<intptr_t>(entry->value)));
+ return FeedbackVectorRequirements(0, 0);
}
}
return FeedbackVectorRequirements(0, 1);
diff --git a/src/ast.h b/src/ast.h
index c669756..0322a29 100644
--- a/src/ast.h
+++ b/src/ast.h
@@ -158,25 +158,30 @@
};
-class VariableICSlotPair final {
+class ICSlotCache {
public:
- VariableICSlotPair(Variable* variable, FeedbackVectorICSlot slot)
- : variable_(variable), slot_(slot) {}
- VariableICSlotPair()
- : variable_(NULL), slot_(FeedbackVectorICSlot::Invalid()) {}
+ explicit ICSlotCache(Zone* zone)
+ : zone_(zone),
+ hash_map_(HashMap::PointersMatch,
+ FLAG_vector_ics ? ZoneHashMap::kDefaultHashMapCapacity : 0,
+ ZoneAllocationPolicy(zone)) {}
- Variable* variable() const { return variable_; }
- FeedbackVectorICSlot slot() const { return slot_; }
+ void Put(Variable* variable, FeedbackVectorICSlot slot) {
+ ZoneHashMap::Entry* entry = hash_map_.LookupOrInsert(
+ variable, ComputePointerHash(variable), ZoneAllocationPolicy(zone_));
+ entry->value = reinterpret_cast<void*>(slot.ToInt());
+ }
+
+ ZoneHashMap::Entry* Get(Variable* variable) const {
+ return hash_map_.Lookup(variable, ComputePointerHash(variable));
+ }
private:
- Variable* variable_;
- FeedbackVectorICSlot slot_;
+ Zone* zone_;
+ ZoneHashMap hash_map_;
};
-typedef List<VariableICSlotPair> ICSlotCache;
-
-
class AstProperties final BASE_EMBEDDED {
public:
class Flags : public EnumSet<AstPropertiesFlag, int> {};
diff --git a/src/factory.cc b/src/factory.cc
index 0e66ec6..41d07a9 100644
--- a/src/factory.cc
+++ b/src/factory.cc
@@ -55,6 +55,7 @@
Handle<PrototypeInfo> result =
Handle<PrototypeInfo>::cast(NewStruct(PROTOTYPE_INFO_TYPE));
result->set_prototype_users(WeakFixedArray::Empty());
+ result->set_registry_slot(PrototypeInfo::UNREGISTERED);
result->set_validity_cell(Smi::FromInt(0));
result->set_constructor_name(Smi::FromInt(0));
return result;
diff --git a/src/hashmap.h b/src/hashmap.h
index 688fc2c..ee3797f 100644
--- a/src/hashmap.h
+++ b/src/hashmap.h
@@ -43,7 +43,7 @@
// If an entry with matching key is found, returns that entry.
// Otherwise, NULL is returned.
- Entry* Lookup(void* key, uint32_t hash);
+ Entry* Lookup(void* key, uint32_t hash) const;
// If an entry with matching key is found, returns that entry.
// If no matching entry is found, a new entry is inserted with
@@ -90,7 +90,7 @@
uint32_t occupancy_;
Entry* map_end() const { return map_ + capacity_; }
- Entry* Probe(void* key, uint32_t hash);
+ Entry* Probe(void* key, uint32_t hash) const;
void Initialize(uint32_t capacity, AllocationPolicy allocator);
void Resize(AllocationPolicy allocator);
};
@@ -113,7 +113,7 @@
template <class AllocationPolicy>
typename TemplateHashMapImpl<AllocationPolicy>::Entry*
-TemplateHashMapImpl<AllocationPolicy>::Lookup(void* key, uint32_t hash) {
+TemplateHashMapImpl<AllocationPolicy>::Lookup(void* key, uint32_t hash) const {
Entry* p = Probe(key, hash);
return p->key != NULL ? p : NULL;
}
@@ -242,7 +242,7 @@
template <class AllocationPolicy>
typename TemplateHashMapImpl<AllocationPolicy>::Entry*
-TemplateHashMapImpl<AllocationPolicy>::Probe(void* key, uint32_t hash) {
+TemplateHashMapImpl<AllocationPolicy>::Probe(void* key, uint32_t hash) const {
DCHECK(key != NULL);
DCHECK(base::bits::IsPowerOfTwo32(capacity_));
diff --git a/src/objects-inl.h b/src/objects-inl.h
index cc264f6..adb541e 100644
--- a/src/objects-inl.h
+++ b/src/objects-inl.h
@@ -5455,6 +5455,7 @@
ACCESSORS(Box, value, Object, kValueOffset)
ACCESSORS(PrototypeInfo, prototype_users, Object, kPrototypeUsersOffset)
+SMI_ACCESSORS(PrototypeInfo, registry_slot, kRegistrySlotOffset)
ACCESSORS(PrototypeInfo, validity_cell, Object, kValidityCellOffset)
ACCESSORS(PrototypeInfo, constructor_name, Object, kConstructorNameOffset)
diff --git a/src/objects-printer.cc b/src/objects-printer.cc
index aa4f4de..6430c65 100644
--- a/src/objects-printer.cc
+++ b/src/objects-printer.cc
@@ -884,6 +884,7 @@
void PrototypeInfo::PrototypeInfoPrint(std::ostream& os) { // NOLINT
HeapObject::PrintHeader(os, "PrototypeInfo");
os << "\n - prototype users: " << Brief(prototype_users());
+ os << "\n - registry slot: " << registry_slot();
os << "\n - validity cell: " << Brief(validity_cell());
os << "\n - constructor name: " << Brief(constructor_name());
os << "\n";
diff --git a/src/objects.cc b/src/objects.cc
index f0dcaab..552e0f7 100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -1911,6 +1911,33 @@
}
+static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
+ Handle<Map> new_map,
+ Isolate* isolate) {
+ if (!FLAG_track_prototype_users) return;
+ if (!old_map->is_prototype_map()) return;
+ DCHECK(new_map->is_prototype_map());
+ bool was_registered = JSObject::UnregisterPrototypeUser(old_map, isolate);
+ new_map->set_prototype_info(old_map->prototype_info());
+ old_map->set_prototype_info(Smi::FromInt(0));
+ if (FLAG_trace_prototype_users) {
+ PrintF("Moving prototype_info %p from map %p to map %p.\n",
+ reinterpret_cast<void*>(new_map->prototype_info()),
+ reinterpret_cast<void*>(*old_map),
+ reinterpret_cast<void*>(*new_map));
+ }
+ if (was_registered) {
+ if (new_map->prototype_info()->IsPrototypeInfo()) {
+ // The new map isn't registered with its prototype yet; reflect this fact
+ // in the PrototypeInfo it just inherited from the old map.
+ PrototypeInfo::cast(new_map->prototype_info())
+ ->set_registry_slot(PrototypeInfo::UNREGISTERED);
+ }
+ JSObject::LazyRegisterPrototypeUser(new_map, isolate);
+ }
+}
+
+
void JSObject::MigrateToMap(Handle<JSObject> object, Handle<Map> new_map,
int expected_additional_properties) {
if (object->map() == *new_map) return;
@@ -1924,16 +1951,7 @@
// when a map on a prototype chain is registered with its prototype, then
// all prototypes further up the chain are also registered with their
// respective prototypes.
- Object* maybe_old_prototype = old_map->prototype();
- if (FLAG_track_prototype_users && old_map->is_prototype_map() &&
- maybe_old_prototype->IsJSObject()) {
- Handle<JSObject> old_prototype(JSObject::cast(maybe_old_prototype));
- bool was_registered =
- JSObject::UnregisterPrototypeUser(old_prototype, old_map);
- if (was_registered) {
- JSObject::LazyRegisterPrototypeUser(new_map, new_map->GetIsolate());
- }
- }
+ UpdatePrototypeUserRegistration(old_map, new_map, new_map->GetIsolate());
if (object->HasFastProperties()) {
if (!new_map->is_dictionary_map()) {
@@ -1966,20 +1984,7 @@
// state now: the new map might have a new elements_kind, but the object's
// elements pointer hasn't been updated yet. Callers will fix this, but in
// the meantime, (indirectly) calling JSObjectVerify() must be avoided.
- DisallowHeapAllocation no_object_verification;
-
- if (old_map->is_prototype_map() && FLAG_track_prototype_users) {
- DCHECK(new_map->is_prototype_map());
- DCHECK(object->map() == *new_map);
- new_map->set_prototype_info(old_map->prototype_info());
- old_map->set_prototype_info(Smi::FromInt(0));
- if (FLAG_trace_prototype_users) {
- PrintF("Moving prototype_info %p from map %p to map %p.\n",
- reinterpret_cast<void*>(new_map->prototype_info()),
- reinterpret_cast<void*>(*old_map),
- reinterpret_cast<void*>(*new_map));
- }
- }
+ // When adding code here, add a DisallowHeapAllocation too.
}
@@ -4773,27 +4778,7 @@
Handle<Map> new_map = Map::CopyDropDescriptors(old_map);
new_map->set_dictionary_map(false);
- if (old_map->is_prototype_map() && FLAG_track_prototype_users) {
- DCHECK(new_map->is_prototype_map());
-
- Object* maybe_old_prototype = old_map->prototype();
- if (maybe_old_prototype->IsJSObject()) {
- Handle<JSObject> old_prototype(JSObject::cast(maybe_old_prototype));
- bool was_registered =
- JSObject::UnregisterPrototypeUser(old_prototype, old_map);
- if (was_registered) {
- JSObject::LazyRegisterPrototypeUser(new_map, isolate);
- }
- }
- new_map->set_prototype_info(old_map->prototype_info());
- old_map->set_prototype_info(Smi::FromInt(0));
- if (FLAG_trace_prototype_users) {
- PrintF("Moving prototype_info %p from map %p to map %p.\n",
- reinterpret_cast<void*>(new_map->prototype_info()),
- reinterpret_cast<void*>(*old_map),
- reinterpret_cast<void*>(*new_map));
- }
- }
+ UpdatePrototypeUserRegistration(old_map, new_map, isolate);
#if TRACE_MAPS
if (FLAG_trace_maps) {
@@ -8310,59 +8295,46 @@
// static
-Handle<WeakFixedArray> WeakFixedArray::Add(
- Handle<Object> maybe_array, Handle<HeapObject> value,
- SearchForDuplicates search_for_duplicates, bool* was_present) {
+Handle<WeakFixedArray> WeakFixedArray::Add(Handle<Object> maybe_array,
+ Handle<HeapObject> value,
+ int* assigned_index) {
Handle<WeakFixedArray> array =
(maybe_array.is_null() || !maybe_array->IsWeakFixedArray())
? Allocate(value->GetIsolate(), 1, Handle<WeakFixedArray>::null())
: Handle<WeakFixedArray>::cast(maybe_array);
- if (was_present != NULL) *was_present = false;
- if (search_for_duplicates == kAddIfNotFound) {
- for (int i = 0; i < array->Length(); ++i) {
- if (array->Get(i) == *value) {
- if (was_present != NULL) *was_present = true;
- return array;
- }
- }
-#if 0 // Enable this if you want to check your search_for_duplicates flags.
- } else {
- for (int i = 0; i < array->Length(); ++i) {
- DCHECK_NE(*value, array->Get(i));
- }
-#endif
- }
-
// Try to store the new entry if there's room. Optimize for consecutive
// accesses.
int first_index = array->last_used_index();
- if (array->Length() > 0) {
+ int length = array->Length();
+ if (length > 0) {
for (int i = first_index;;) {
if (array->IsEmptySlot((i))) {
WeakFixedArray::Set(array, i, value);
+ if (assigned_index != NULL) *assigned_index = i;
return array;
}
if (FLAG_trace_weak_arrays) {
PrintF("[WeakFixedArray: searching for free slot]\n");
}
- i = (i + 1) % array->Length();
+ i = (i + 1) % length;
if (i == first_index) break;
}
}
// No usable slot found, grow the array.
- int new_length =
- array->Length() == 0 ? 1 : array->Length() + (array->Length() >> 1) + 4;
+ int new_length = length == 0 ? 1 : length + (length >> 1) + 4;
Handle<WeakFixedArray> new_array =
Allocate(array->GetIsolate(), new_length, array);
if (FLAG_trace_weak_arrays) {
PrintF("[WeakFixedArray: growing to size %d ]\n", new_length);
}
- WeakFixedArray::Set(new_array, array->Length(), value);
+ WeakFixedArray::Set(new_array, length, value);
+ if (assigned_index != NULL) *assigned_index = length;
return new_array;
}
+template <class CompactionCallback>
void WeakFixedArray::Compact() {
FixedArray* array = FixedArray::cast(this);
int new_length = kFirstIndex;
@@ -8370,6 +8342,9 @@
Object* element = array->get(i);
if (element->IsSmi()) continue;
if (WeakCell::cast(element)->cleared()) continue;
+ Object* value = WeakCell::cast(element)->value();
+ CompactionCallback::Callback(value, i - kFirstIndex,
+ new_length - kFirstIndex);
array->set(new_length++, element);
}
array->Shrink(new_length);
@@ -8377,6 +8352,23 @@
}
+void JSObject::PrototypeRegistryCompactionCallback::Callback(Object* value,
+ int old_index,
+ int new_index) {
+ DCHECK(value->IsMap() && Map::cast(value)->is_prototype_map());
+ Map* map = Map::cast(value);
+ DCHECK(map->prototype_info()->IsPrototypeInfo());
+ PrototypeInfo* proto_info = PrototypeInfo::cast(map->prototype_info());
+ DCHECK_EQ(old_index, proto_info->registry_slot());
+ proto_info->set_registry_slot(new_index);
+}
+
+
+template void WeakFixedArray::Compact<WeakFixedArray::NullCallback>();
+template void
+WeakFixedArray::Compact<JSObject::PrototypeRegistryCompactionCallback>();
+
+
bool WeakFixedArray::Remove(Handle<HeapObject> value) {
if (Length() == 0) return false;
// Optimize for the most recently added element to be removed again.
@@ -8384,8 +8376,7 @@
for (int i = first_index;;) {
if (Get(i) == *value) {
Clear(i);
- // Users of WeakFixedArray should make sure that there are no duplicates,
- // they can use Add(..., kAddIfNotFound) if necessary.
+ // Users of WeakFixedArray should make sure that there are no duplicates.
return true;
}
i = (i + 1) % Length();
@@ -10136,67 +10127,74 @@
DCHECK(user->is_prototype_map());
Handle<Map> current_user = user;
+ Handle<PrototypeInfo> current_user_info =
+ Map::GetOrCreatePrototypeInfo(user, isolate);
for (PrototypeIterator iter(user); !iter.IsAtEnd(); iter.Advance()) {
+ // Walk up the prototype chain as far as links haven't been registered yet.
+ if (current_user_info->registry_slot() != PrototypeInfo::UNREGISTERED) {
+ break;
+ }
Handle<Object> maybe_proto = PrototypeIterator::GetCurrent(iter);
if (maybe_proto->IsJSGlobalProxy()) continue;
// Proxies on the prototype chain are not supported.
if (maybe_proto->IsJSProxy()) return;
Handle<JSObject> proto = Handle<JSObject>::cast(maybe_proto);
- bool just_registered =
- RegisterPrototypeUserIfNotRegistered(proto, current_user, isolate);
- // Walk up the prototype chain as far as links haven't been registered yet.
- if (!just_registered) break;
+ Handle<PrototypeInfo> proto_info =
+ Map::GetOrCreatePrototypeInfo(proto, isolate);
+ Handle<Object> maybe_registry(proto_info->prototype_users(), isolate);
+ int slot = 0;
+ Handle<WeakFixedArray> new_array =
+ WeakFixedArray::Add(maybe_registry, current_user, &slot);
+ current_user_info->set_registry_slot(slot);
+ if (!maybe_registry.is_identical_to(new_array)) {
+ proto_info->set_prototype_users(*new_array);
+ }
+ if (FLAG_trace_prototype_users) {
+ PrintF("Registering %p as a user of prototype %p (map=%p).\n",
+ reinterpret_cast<void*>(*current_user),
+ reinterpret_cast<void*>(*proto),
+ reinterpret_cast<void*>(proto->map()));
+ }
+
current_user = handle(proto->map(), isolate);
+ current_user_info = proto_info;
}
}
-// Returns true if the user was not yet registered.
-// static
-bool JSObject::RegisterPrototypeUserIfNotRegistered(Handle<JSObject> prototype,
- Handle<HeapObject> user,
- Isolate* isolate) {
- Handle<PrototypeInfo> proto_info =
- Map::GetOrCreatePrototypeInfo(prototype, isolate);
- Handle<Object> maybe_registry(proto_info->prototype_users(), isolate);
- bool was_present = false;
- Handle<WeakFixedArray> new_array = WeakFixedArray::Add(
- maybe_registry, user, WeakFixedArray::kAddIfNotFound, &was_present);
- if (!maybe_registry.is_identical_to(new_array)) {
- proto_info->set_prototype_users(*new_array);
- }
- if (FLAG_trace_prototype_users && !was_present) {
- PrintF("Registering %p as a user of prototype %p (map=%p).\n",
- reinterpret_cast<void*>(*user), reinterpret_cast<void*>(*prototype),
- reinterpret_cast<void*>(prototype->map()));
- }
- return !was_present;
-}
-
-
// Can be called regardless of whether |user| was actually registered with
// |prototype|. Returns true when there was a registration.
// static
-bool JSObject::UnregisterPrototypeUser(Handle<JSObject> prototype,
- Handle<HeapObject> user) {
- Isolate* isolate = prototype->GetIsolate();
+bool JSObject::UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate) {
+ DCHECK(user->is_prototype_map());
+ // If it doesn't have a PrototypeInfo, it was never registered.
+ if (!user->prototype_info()->IsPrototypeInfo()) return false;
+ // If it doesn't have a prototype, it can't be registered.
+ if (!user->prototype()->IsJSObject()) return false;
+ Handle<JSObject> prototype(JSObject::cast(user->prototype()), isolate);
+ Handle<PrototypeInfo> user_info =
+ Map::GetOrCreatePrototypeInfo(user, isolate);
+ int slot = user_info->registry_slot();
+ if (slot == PrototypeInfo::UNREGISTERED) return false;
if (prototype->IsJSGlobalProxy()) {
PrototypeIterator iter(isolate, prototype);
prototype = Handle<JSObject>::cast(PrototypeIterator::GetCurrent(iter));
}
DCHECK(prototype->map()->is_prototype_map());
Object* maybe_proto_info = prototype->map()->prototype_info();
- if (!maybe_proto_info->IsPrototypeInfo()) return false;
+ // User knows its registry slot, prototype info and user registry must exist.
+ DCHECK(maybe_proto_info->IsPrototypeInfo());
Handle<PrototypeInfo> proto_info(PrototypeInfo::cast(maybe_proto_info),
isolate);
Object* maybe_registry = proto_info->prototype_users();
- if (!maybe_registry->IsWeakFixedArray()) return false;
- bool result = WeakFixedArray::cast(maybe_registry)->Remove(user);
- if (FLAG_trace_prototype_users && result) {
+ DCHECK(maybe_registry->IsWeakFixedArray());
+ DCHECK(WeakFixedArray::cast(maybe_registry)->Get(slot) == *user);
+ WeakFixedArray::cast(maybe_registry)->Clear(slot);
+ if (FLAG_trace_prototype_users) {
PrintF("Unregistering %p as a user of prototype %p.\n",
reinterpret_cast<void*>(*user), reinterpret_cast<void*>(*prototype));
}
- return result;
+ return true;
}
@@ -10258,6 +10256,19 @@
// static
+Handle<PrototypeInfo> Map::GetOrCreatePrototypeInfo(Handle<Map> prototype_map,
+ Isolate* isolate) {
+ Object* maybe_proto_info = prototype_map->prototype_info();
+ if (maybe_proto_info->IsPrototypeInfo()) {
+ return handle(PrototypeInfo::cast(maybe_proto_info), isolate);
+ }
+ Handle<PrototypeInfo> proto_info = isolate->factory()->NewPrototypeInfo();
+ prototype_map->set_prototype_info(*proto_info);
+ return proto_info;
+}
+
+
+// static
Handle<Cell> Map::GetOrCreatePrototypeChainValidityCell(Handle<Map> map,
Isolate* isolate) {
Handle<Object> maybe_prototype(map->prototype(), isolate);
diff --git a/src/objects.h b/src/objects.h
index 5ec1d7d..cbb107f 100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -1842,13 +1842,15 @@
PrototypeOptimizationMode mode);
static void ReoptimizeIfPrototype(Handle<JSObject> object);
static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
- static bool RegisterPrototypeUserIfNotRegistered(Handle<JSObject> prototype,
- Handle<HeapObject> user,
- Isolate* isolate);
- static bool UnregisterPrototypeUser(Handle<JSObject> prototype,
- Handle<HeapObject> user);
+ static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
static void InvalidatePrototypeChains(Map* map);
+ // Alternative implementation of WeakFixedArray::NullCallback.
+ class PrototypeRegistryCompactionCallback {
+ public:
+ static void Callback(Object* value, int old_index, int new_index);
+ };
+
// Retrieve interceptors.
InterceptorInfo* GetNamedInterceptor();
InterceptorInfo* GetIndexedInterceptor();
@@ -2626,17 +2628,22 @@
class WeakFixedArray : public FixedArray {
public:
- enum SearchForDuplicates { kAlwaysAdd, kAddIfNotFound };
-
// If |maybe_array| is not a WeakFixedArray, a fresh one will be allocated.
- static Handle<WeakFixedArray> Add(
- Handle<Object> maybe_array, Handle<HeapObject> value,
- SearchForDuplicates search_for_duplicates = kAlwaysAdd,
- bool* was_present = NULL);
+ // This function does not check if the value exists already, callers must
+ // ensure this themselves if necessary.
+ static Handle<WeakFixedArray> Add(Handle<Object> maybe_array,
+ Handle<HeapObject> value,
+ int* assigned_index = NULL);
// Returns true if an entry was found and removed.
bool Remove(Handle<HeapObject> value);
+ class NullCallback {
+ public:
+ static void Callback(Object* value, int old_index, int new_index) {}
+ };
+
+ template <class CompactionCallback>
void Compact();
inline Object* Get(int index) const;
@@ -6062,6 +6069,8 @@
// the given prototype's map).
static Handle<PrototypeInfo> GetOrCreatePrototypeInfo(
Handle<JSObject> prototype, Isolate* isolate);
+ static Handle<PrototypeInfo> GetOrCreatePrototypeInfo(
+ Handle<Map> prototype_map, Isolate* isolate);
// [prototype chain validity cell]: Associated with a prototype object,
// stored in that object's map's PrototypeInfo, indicates that prototype
@@ -6635,9 +6644,15 @@
// Container for metadata stored on each prototype map.
class PrototypeInfo : public Struct {
public:
+ static const int UNREGISTERED = -1;
+
// [prototype_users]: WeakFixedArray containing maps using this prototype,
// or Smi(0) if uninitialized.
DECL_ACCESSORS(prototype_users, Object)
+ // [registry_slot]: Slot in prototype's user registry where this user
+ // is stored. Returns UNREGISTERED if this prototype has not been registered.
+ inline int registry_slot() const;
+ inline void set_registry_slot(int slot);
// [validity_cell]: Cell containing the validity bit for prototype chains
// going through this object, or Smi(0) if uninitialized.
DECL_ACCESSORS(validity_cell, Object)
@@ -6651,7 +6666,8 @@
DECLARE_VERIFIER(PrototypeInfo)
static const int kPrototypeUsersOffset = HeapObject::kHeaderSize;
- static const int kValidityCellOffset = kPrototypeUsersOffset + kPointerSize;
+ static const int kRegistrySlotOffset = kPrototypeUsersOffset + kPointerSize;
+ static const int kValidityCellOffset = kRegistrySlotOffset + kPointerSize;
static const int kConstructorNameOffset = kValidityCellOffset + kPointerSize;
static const int kSize = kConstructorNameOffset + kPointerSize;
diff --git a/src/snapshot/serialize.cc b/src/snapshot/serialize.cc
index 7f123a3..b31c046 100644
--- a/src/snapshot/serialize.cc
+++ b/src/snapshot/serialize.cc
@@ -1854,7 +1854,23 @@
if (object_->IsPrototypeInfo()) {
Object* prototype_users = PrototypeInfo::cast(object_)->prototype_users();
if (prototype_users->IsWeakFixedArray()) {
- WeakFixedArray::cast(prototype_users)->Compact();
+ WeakFixedArray* array = WeakFixedArray::cast(prototype_users);
+ array->Compact<JSObject::PrototypeRegistryCompactionCallback>();
+ }
+ }
+ // Compaction of a prototype users list can require the registered users
+ // to update their remembered slots. That doesn't work if those users
+ // have already been serialized themselves. So if this object is a
+ // registered user, compact its prototype's user list now.
+ if (object_->IsMap()) {
+ Map* map = Map::cast(object_);
+ if (map->is_prototype_map() && map->prototype_info()->IsPrototypeInfo() &&
+ PrototypeInfo::cast(map->prototype_info())->registry_slot() !=
+ PrototypeInfo::UNREGISTERED) {
+ JSObject* proto = JSObject::cast(map->prototype());
+ PrototypeInfo* info = PrototypeInfo::cast(proto->map()->prototype_info());
+ WeakFixedArray* array = WeakFixedArray::cast(info->prototype_users());
+ array->Compact<JSObject::PrototypeRegistryCompactionCallback>();
}
}
diff --git a/test/cctest/test-heap.cc b/test/cctest/test-heap.cc
index cb08fb4..1a8487b 100644
--- a/test/cctest/test-heap.cc
+++ b/test/cctest/test-heap.cc
@@ -5369,7 +5369,7 @@
Handle<HeapNumber> number = CcTest::i_isolate()->factory()->NewHeapNumber(1);
Handle<WeakFixedArray> array = WeakFixedArray::Add(Handle<Object>(), number);
array->Remove(number);
- array->Compact();
+ array->Compact<WeakFixedArray::NullCallback>();
WeakFixedArray::Add(array, number);
}
