[Interpreter] Collect type feedback for 'new' in the bytecode handler

src/interpreter/interpreter-assembler.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/interpreter/interpreter-assembler.h"
 
 #include <limits>
 #include <ostream>
 
 #include "src/code-factory.h"
@@ skipping 451 matching lines @@
 
   Variable return_value(this, MachineRepresentation::kTagged);
   Label handle_monomorphic(this), extra_checks(this), end(this), call(this);
 
   // Slot id of 0 is used to indicate no typefeedback is available. Call using
   // call builtin.
   STATIC_ASSERT(TypeFeedbackVector::kReservedIndexCount > 0);
   Node* is_feedback_unavailable = Word32Equal(slot_id, Int32Constant(0));
   GotoIf(is_feedback_unavailable, &call);
 
-  // The checks. First, does rdi match the recorded monomorphic target?
+  // The checks. First, does function match the recorded monomorphic target?
   Node* feedback_element = LoadFixedArrayElement(type_feedback_vector, slot_id);
   Node* feedback_value = LoadWeakCellValue(feedback_element);
   Node* is_monomorphic = WordEqual(function, feedback_value);
   BranchIf(is_monomorphic, &handle_monomorphic, &extra_checks);
 
   Bind(&handle_monomorphic);
   {
     // The compare above could have been a SMI/SMI comparison. Guard against
     // this convincing us that we have a monomorphic JSFunction.
     Node* is_smi = WordIsSmi(function);
@@ skipping 113 matching lines @@
                                    TailCallMode tail_call_mode) {
   Callable callable = CodeFactory::InterpreterPushArgsAndCall(
       isolate(), tail_call_mode, CallableType::kAny);
   Node* code_target = HeapConstant(callable.code());
   return CallStub(callable.descriptor(), code_target, context, arg_count,
                   first_arg, function);
 }
 
 Node* InterpreterAssembler::CallConstruct(Node* constructor, Node* context,
                                           Node* new_target, Node* first_arg,
-                                          Node* arg_count) {
-  Callable callable = CodeFactory::InterpreterPushArgsAndConstruct(isolate());
-  Node* code_target = HeapConstant(callable.code());
-  return CallStub(callable.descriptor(), code_target, context, arg_count,
-                  new_target, constructor, first_arg);
+                                          Node* arg_count, Node* slot_id,
+                                          Node* type_feedback_vector) {
+  Label call_construct(this), js_function(this), end(this);
+  Variable return_value(this, MachineRepresentation::kTagged);
+  Variable allocation_feedback(this, MachineRepresentation::kTagged);
+  allocation_feedback.Bind(UndefinedConstant());
+
+  // Slot id of 0 is used to indicate no typefeedback is available.

[rmcilroy, 2016/08/03 13:14:19]

/s/typefeedback/type feedback/

[mythria, 2016/08/04 07:06:10]

Done.

+  STATIC_ASSERT(TypeFeedbackVector::kReservedIndexCount > 0);
+  Node* is_feedback_unavailable = Word32Equal(slot_id, Int32Constant(0));
+  GotoIf(is_feedback_unavailable, &call_construct);
+
+  // Check that the constructor is not a smi.
+  Node* is_smi = WordIsSmi(constructor);
+  GotoIf(is_smi, &call_construct);
+
+  // Check that constructor is a JSFunction.
+  Node* instance_type = LoadInstanceType(constructor);
+  Node* is_js_function =
+      WordEqual(instance_type, Int32Constant(JS_FUNCTION_TYPE));
+  BranchIf(is_js_function, &js_function, &call_construct);
+
+  Bind(&js_function);
+  // Cache the called function in a feedback vector slot.  Cache states

[rmcilroy, 2016/08/03 13:14:19]

Remove extra space after fullstop

[rmcilroy, 2016/08/03 13:14:19]

Add scope for binded label.

[mythria, 2016/08/04 07:06:11]

Done.

[mythria, 2016/08/04 07:06:11]

Done.

+  // are uninitialized, monomorphic (indicated by a JSFunction), and
+  // megamorphic.
+  // TODO(mythria/v8:5210): Check if it is better to mark extra_checks as a
+  // deferred block so that call_construct_function will be scheduled just
+  // after increment_count and in the fast path we can reduce one branch in the
+  // fast path.

[rmcilroy, 2016/08/03 13:14:19]

Could you check this again now that you've moved the increment_count down it
might be preferable that extra_checks is deferred if it doesn't have the
register spilling issue.

[mythria, 2016/08/04 07:06:10]

It still has. so did not mark it deferred.

+  Label increment_count(this), extra_checks(this),
+      call_construct_function(this);
+
+  Node* feedback_element = LoadFixedArrayElement(type_feedback_vector, slot_id);
+  Node* feedback_value = LoadWeakCellValue(feedback_element);
+  Node* is_monomorphic = WordEqual(constructor, feedback_value);
+  BranchIf(is_monomorphic, &increment_count, &extra_checks);
+
+  Bind(&extra_checks);
+  {
+    Label mark_megamorphic(this), initialize(this), check_allocation_site(this),
+        check_initialized(this), set_alloc_feedback_and_inc_count(this);
+    {
+      // Check if it is a megamorphic target
+      Comment("check if megamorphic");
+      Node* is_megamorphic = WordEqual(
+          feedback_element,
+          HeapConstant(TypeFeedbackVector::MegamorphicSentinel(isolate())));
+      GotoIf(is_megamorphic, &call_construct_function);
+
+      Comment("check if weak cell");
+      Node* is_weak_cell = WordEqual(LoadMap(feedback_element),
+                                     LoadRoot(Heap::kWeakCellMapRootIndex));
+      GotoUnless(is_weak_cell, &check_allocation_site);
+      // If the weak cell is cleared, we have a new chance to become
+      // monomorphic.
+      Comment("check if weak cell is cleared");
+      Node* is_smi = WordIsSmi(feedback_value);
+      BranchIf(is_smi, &initialize, &mark_megamorphic);
+    }
+
+    Bind(&check_allocation_site);
+    {
+      Comment("check if it is an allocation site");
+      Node* is_allocation_site =
+          WordEqual(LoadObjectField(feedback_element, 0),
+                    LoadRoot(Heap::kAllocationSiteMapRootIndex));
+      GotoUnless(is_allocation_site, &check_initialized);
+
+      // Make sure the function is the Array() function
+      Node* context_slot =
+          LoadFixedArrayElement(LoadNativeContext(context),
+                                Int32Constant(Context::ARRAY_FUNCTION_INDEX));
+      Node* is_array_function = WordEqual(context_slot, constructor);
+      BranchIf(is_array_function, &set_alloc_feedback_and_inc_count,
+               &mark_megamorphic);
+    }
+
+    Bind(&set_alloc_feedback_and_inc_count);
+    {
+      allocation_feedback.Bind(feedback_element);
+      Goto(&increment_count);
+    }
+
+    Bind(&check_initialized);
+    {
+      // Check if it is uninitialized.
+      Comment("check if uninitialized");
+      Node* is_uninitialized = WordEqual(
+          feedback_element, LoadRoot(Heap::kuninitialized_symbolRootIndex));
+      BranchIf(is_uninitialized, &initialize, &mark_megamorphic);
+    }
+
+    Bind(&initialize);
+    {
+      Label initialize_count(this), create_weak_cell(this),
+          create_allocation_site(this);
+      Comment("initialize the feedback element");
+      // Check that it is not the Array() function.

[rmcilroy, 2016/08/03 13:14:19]

nit - Check if it is the Array() function.

[mythria, 2016/08/04 07:06:10]

Done.

+      Node* context_slot =
+          LoadFixedArrayElement(LoadNativeContext(context),
+                                Int32Constant(Context::ARRAY_FUNCTION_INDEX));
+      Node* is_array_function = WordEqual(context_slot, constructor);
+      BranchIf(is_array_function, &create_allocation_site, &create_weak_cell);
+
+      Bind(&create_allocation_site);
+      {
+        // TODO(mythria): Inline the creation of allocation site.
+        CreateAllocationSiteStub create_stub(isolate());
+        CallStub(create_stub.GetCallInterfaceDescriptor(),
+                 HeapConstant(create_stub.GetCode()), context,
+                 type_feedback_vector, SmiTag(slot_id));
+        Node* feedback_element =
+            LoadFixedArrayElement(type_feedback_vector, slot_id);
+        allocation_feedback.Bind(feedback_element);
+        Goto(&initialize_count);
+      }
+
+      Bind(&create_weak_cell);
+      {
+        CreateWeakCellInFeedbackVector(type_feedback_vector, SmiTag(slot_id),
+                                       constructor);
+        Goto(&initialize_count);
+      }
+
+      Bind(&initialize_count);
+      {
+        Node* call_count_slot = IntPtrAdd(slot_id, IntPtrConstant(1));
+        // Count is Smi, so we don't need a write barrier.
+        StoreFixedArrayElement(type_feedback_vector, call_count_slot,
+                               SmiTag(Int32Constant(1)), SKIP_WRITE_BARRIER);
+        Goto(&call_construct_function);
+      }
+    }
+
+    Bind(&mark_megamorphic);
+    {
+      // MegamorphicSentinel is an immortal immovable object so no write-barrier
+      // is needed.
+      Comment("transition to megamorphic");
+      DCHECK(Heap::RootIsImmortalImmovable(Heap::kmegamorphic_symbolRootIndex));
+      StoreFixedArrayElement(
+          type_feedback_vector, slot_id,
+          HeapConstant(TypeFeedbackVector::MegamorphicSentinel(isolate())),
+          SKIP_WRITE_BARRIER);
+      Goto(&call_construct_function);
+    }
+  }
+
+  Bind(&increment_count);
+  {
+    // Increment the call count.
+    Comment("increment call count");
+    Node* call_count_slot = IntPtrAdd(slot_id, IntPtrConstant(1));
+    Node* call_count =
+        LoadFixedArrayElement(type_feedback_vector, call_count_slot);
+    Node* new_count = SmiAdd(call_count, SmiTag(Int32Constant(1)));
+    // Count is Smi, so we don't need a write barrier.
+    StoreFixedArrayElement(type_feedback_vector, call_count_slot, new_count,
+                           SKIP_WRITE_BARRIER);
+    Goto(&call_construct_function);
+  }
+
+  Bind(&call_construct_function);
+  {
+    Comment("call using callConstructFunction");
+    Callable callable_function = CodeFactory::InterpreterPushArgsAndConstruct(
+        isolate(), CallableType::kJSFunction);
+    return_value.Bind(CallStub(callable_function.descriptor(),
+                               HeapConstant(callable_function.code()), context,
+                               arg_count, new_target, constructor,
+                               allocation_feedback.value(), first_arg));
+    Goto(&end);
+  }
+
+  Bind(&call_construct);
+  {
+    Comment("call using callConstruct builtin");
+    Callable callable = CodeFactory::InterpreterPushArgsAndConstruct(
+        isolate(), CallableType::kAny);
+    Node* code_target = HeapConstant(callable.code());
+    return_value.Bind(CallStub(callable.descriptor(), code_target, context,
+                               arg_count, new_target, constructor,
+                               UndefinedConstant(), first_arg));
+    Goto(&end);
+  }
+
+  Bind(&end);
+  return return_value.value();
 }
 
 Node* InterpreterAssembler::CallRuntimeN(Node* function_id, Node* context,
                                          Node* first_arg, Node* arg_count,
                                          int result_size) {
   Callable callable = CodeFactory::InterpreterCEntry(isolate(), result_size);
   Node* code_target = HeapConstant(callable.code());
 
   // Get the function entry from the function id.
   Node* function_table = ExternalConstant(
@@ skipping 371 matching lines @@
     Goto(&loop);
   }
   Bind(&done_loop);
 
   return array;
 }
 
 }  // namespace interpreter
 }  // namespace internal
 }  // namespace v8