Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / chromium_org / v8 / 7d10be581a91ab5eefa1139ff0b86c64ac8f6e59^! / . / src / ia32 / lithium-codegen-ia32.cc
commit7d10be581a91ab5eefa1139ff0b86c64ac8f6e59[log] [tgz]
authorfschneider@chromium.org <fschneider@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>Tue Apr 10 12:30:14 2012 +0000
committerfschneider@chromium.org <fschneider@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>Tue Apr 10 12:30:14 2012 +0000
tree448785b260a02c3d4786a64e21abf81c6447972e
parent4f821d9603e0974533142afbfd1cfda80b89c58f [diff] [blame]
Version 3.10.1

Fixed bug with arguments object in inlined functions (issue 2045).

Fixed performance bug with lazy initialization (Chromium issue 118686).

Added suppport for Mac OS X 64bit builds with GYP.  (Patch contributed by Filipe David Manana <fdmanana@gmail.com>)

Fixed bug with hidden properties (issue 2034).

Fixed a performance bug when reloading pages (Chromium issue 117767, V8 issue 1902).

Fixed bug when optimizing throw in top-level code (issue 2054).

Fixed two bugs with array literals (issue 2055, Chromium issue 121407).

Fixed bug with Math.min/Math.max with NaN inputs (issue 2056).

Fixed a bug with the new runtime profiler (Chromium issue 121147).

Fixed compilation of V8 using uClibc.

Optimized boot-up memory use.

Optimized regular expressions.



git-svn-id: http://v8.googlecode.com/svn/trunk@11253 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/ia32/lithium-codegen-ia32.cc b/src/ia32/lithium-codegen-ia32.cc
index 67e2dca..72f59d0 100644
--- a/src/ia32/lithium-codegen-ia32.cc
+++ b/src/ia32/lithium-codegen-ia32.cc

@@ -4306,6 +4306,14 @@
                         deferred->entry(),
                         TAG_OBJECT);
 
+  __ bind(deferred->exit());
+  if (FLAG_debug_code) {
+    Label is_in_new_space;
+    __ JumpIfInNewSpace(result, scratch, &is_in_new_space);
+    __ Abort("Allocated object is not in new-space");
+    __ bind(&is_in_new_space);
+  }
+
   // Load the initial map.
   Register map = scratch;
   __ LoadHeapObject(scratch, constructor);
@@ -4340,14 +4348,14 @@
       __ mov(FieldOperand(result, property_offset), scratch);
     }
   }
-
-  __ bind(deferred->exit());
 }
 
 
 void LCodeGen::DoDeferredAllocateObject(LAllocateObject* instr) {
   Register result = ToRegister(instr->result());
   Handle<JSFunction> constructor = instr->hydrogen()->constructor();
+  Handle<Map> initial_map(constructor->initial_map());
+  int instance_size = initial_map->instance_size();
 
   // TODO(3095996): Get rid of this. For now, we need to make the
   // result register contain a valid pointer because it is already
@@ -4355,8 +4363,9 @@
   __ Set(result, Immediate(0));
 
   PushSafepointRegistersScope scope(this);
-  __ PushHeapObject(constructor);
-  CallRuntimeFromDeferred(Runtime::kNewObject, 1, instr, instr->context());
+  __ push(Immediate(Smi::FromInt(instance_size)));
+  CallRuntimeFromDeferred(
+      Runtime::kAllocateInNewSpace, 1, instr, instr->context());
   __ StoreToSafepointRegisterSlot(result, eax);
 }