Adapt Danno's Track Allocation Info idea to fast literals. When allocating a literal array,

src/ia32/codegen-ia32.cc

Index: src/ia32/codegen-ia32.cc
diff --git a/src/ia32/codegen-ia32.cc b/src/ia32/codegen-ia32.cc
index 9477bf149af68bc90a24c5a5de6a40dee46894fe..3bb0ee4c68015a2af9722cbef9a1b12b05b1928f 100644
--- a/src/ia32/codegen-ia32.cc
+++ b/src/ia32/codegen-ia32.cc
@@ -388,6 +388,44 @@ OS::MemCopyFunction CreateMemCopyFunction() {
 
 #define __ ACCESS_MASM(masm)
 
+
+static void PerformAllocationSiteInfoCheck(MacroAssembler* masm,
+                                           Label* defer_to_runtime,
+                                           Label* no_info_available) {

[danno, 2012/12/26 10:32:01]

This might be better as a method directly on MacroAssembler like
JumpIfNotInNewSpace.

[mvstanton, 2013/01/03 14:40:43]

Done.

+  // ----------- S t a t e -------------
+  //  -- eax    : value
+  //  -- ebx    : target map
+  //  -- ecx    : key
+  //  -- edx    : receiver

[danno, 2012/12/26 10:32:01]

This comment isn't correct any more, I think.

[mvstanton, 2013/01/03 14:40:43]

I changed it to just talk about edx and edi, the only registers involved.

+  //  -- esp[0] : return address
+  //
+  //  edi is clobbered.
+  // -----------------------------------
+  masm->JumpIfNotInNewSpace(edx, edi, no_info_available, Label::kNear);
+
+  // Make sure we aren't just at the top of new space.
+  ExternalReference new_space_allocation_top =
+      ExternalReference::new_space_allocation_top_address(masm->isolate());
+  __ lea(edi, Operand(edx, JSArray::kSize + AllocationSiteInfo::kSize));
+
+  __ cmp(edi, Operand::StaticVariable(new_space_allocation_top));
+  __ j(greater_equal, no_info_available);
+
+  __ mov(edi, FieldOperand(edi, AllocationSiteInfo::kMapOffset -
+                           AllocationSiteInfo::kSize));
+  __ cmp(edi, Immediate(Handle<Map>(masm->isolate()->heap()->

[danno, 2012/12/26 10:32:01]

This entire check might be useful as a method directly on MacroAssembler, and I
think you can make it pretty short:

__ lea(edi, Operand(edx, JSArray::kSize + AllocationSiteInfo::kSize));
__ cmp(edi, Operand::StaticVariable(new_space_start)));
__ j(less_than, no_info_available);
__ cmp(edi, Operand::StaticVariable(new_space_allocation_top));
__ j(greater_equal, no_info_available);
__ cmp(MemOperand(edi, 0),
Immediate(Handle<Map>(masm->isolate()->heap()->allocation_site_info_map())));
__ j(not_equal, no_info_available);

To be _really_ clever, we would make sure that every space had 2 * kPointerSize
unused bytes at the end of pages that are allocated in spaces. That way:

__ cmp(MemOperand(edx, JSArray::kSize + AllocationSiteInfo::kSize),
Immediate(Handle<Map>(masm->isolate()->heap()->allocation_site_info_map()));
__ j(not_equal, no_info_available);

would always be safe, and quickly discard non-qualifying candidates. But that's
probably another CL. :-)

[mvstanton, 2013/01/03 14:40:43]

Added issue http://code.google.com/p/v8/issues/detail?id=2467 to make sure I
remember.

+                                    allocation_site_info_map())));
+
+  // Use the j/jmp sequence below for debugging, but the j(equal) sequence
+  // for production.
+  // __ j(not_equal, no_info_available);
+  // __ int3();
+  // __ jmp(defer_to_runtime);
+  // or
+  __ j(equal, defer_to_runtime);
+}
+
+
 void ElementsTransitionGenerator::GenerateMapChangeElementsTransition(
     MacroAssembler* masm) {
   // ----------- S t a t e -------------
@@ -420,6 +458,12 @@ void ElementsTransitionGenerator::GenerateSmiToDouble(
   // -----------------------------------
   Label loop, entry, convert_hole, gc_required, only_change_map;
 
+  if (FLAG_use_allocation_site_info) {
+    Label no_allocation_site_info;
+    PerformAllocationSiteInfoCheck(masm, fail, &no_allocation_site_info);
+    __ bind(&no_allocation_site_info);
+  }
+
   // Check for empty arrays, which only require a map transition and no changes
   // to the backing store.
   __ mov(edi, FieldOperand(edx, JSObject::kElementsOffset));
@@ -568,6 +612,12 @@ void ElementsTransitionGenerator::GenerateDoubleToObject(
   // -----------------------------------
   Label loop, entry, convert_hole, gc_required, only_change_map, success;
 
+  if (FLAG_use_allocation_site_info) {
+    Label no_allocation_site_info;
+    PerformAllocationSiteInfoCheck(masm, fail, &no_allocation_site_info);
+    __ bind(&no_allocation_site_info);

[danno, 2012/12/26 10:32:01]

I like the idea to not pre-transition any arrays that go double -> object. In
fact, I think we should change all of the logic that transitions or
pre-transitions double->object to instead just used generic stores. But that's
probably another CL.

[mvstanton, 2013/01/03 14:40:43]

I'm trying this out on all platforms with that section commented out...

+  }
+
   // Check for empty arrays, which only require a map transition and no changes
   // to the backing store.
   __ mov(edi, FieldOperand(edx, JSObject::kElementsOffset));