Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(68)

Unified Diff: src/interpreter/interpreter-assembler.cc

Issue 2225923003: [Interpreter] Collect type feedback for 'new' in the bytecode handler (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: updated mjsunit.status Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: src/interpreter/interpreter-assembler.cc
diff --git a/src/interpreter/interpreter-assembler.cc b/src/interpreter/interpreter-assembler.cc
index 227fd395ce2d368ba00f1b96c8a12c62016e0dc2..947979e7085a1ebb02a44fe722b60ab2eb6f8272 100644
--- a/src/interpreter/interpreter-assembler.cc
+++ b/src/interpreter/interpreter-assembler.cc
@@ -489,7 +489,7 @@ Node* InterpreterAssembler::CallJSWithFeedback(Node* function, Node* context,
Node* is_feedback_unavailable = Word32Equal(slot_id, Int32Constant(0));
GotoIf(is_feedback_unavailable, &call);
- // The checks. First, does rdi match the recorded monomorphic target?
+ // The checks. First, does function match the recorded monomorphic target?
Node* feedback_element = LoadFixedArrayElement(type_feedback_vector, slot_id);
Node* feedback_value = LoadWeakCellValue(feedback_element);
Node* is_monomorphic = WordEqual(function, feedback_value);
@@ -623,11 +623,202 @@ Node* InterpreterAssembler::CallJS(Node* function, Node* context,
Node* InterpreterAssembler::CallConstruct(Node* constructor, Node* context,
Node* new_target, Node* first_arg,
- Node* arg_count) {
- Callable callable = CodeFactory::InterpreterPushArgsAndConstruct(isolate());
- Node* code_target = HeapConstant(callable.code());
- return CallStub(callable.descriptor(), code_target, context, arg_count,
- new_target, constructor, first_arg);
+ Node* arg_count, Node* slot_id,
+ Node* type_feedback_vector) {
+ Label call_construct(this), js_function(this), end(this);
+ Variable return_value(this, MachineRepresentation::kTagged);
+ Variable allocation_feedback(this, MachineRepresentation::kTagged);
+ allocation_feedback.Bind(UndefinedConstant());
+
+ // Slot id of 0 is used to indicate no type feedback is available.
+ STATIC_ASSERT(TypeFeedbackVector::kReservedIndexCount > 0);
+ Node* is_feedback_unavailable = Word32Equal(slot_id, Int32Constant(0));
+ GotoIf(is_feedback_unavailable, &call_construct);
+
+ // Check that the constructor is not a smi.
+ Node* is_smi = WordIsSmi(constructor);
+ GotoIf(is_smi, &call_construct);
+
+ // Check that constructor is a JSFunction.
+ Node* instance_type = LoadInstanceType(constructor);
+ Node* is_js_function =
+ WordEqual(instance_type, Int32Constant(JS_FUNCTION_TYPE));
+ BranchIf(is_js_function, &js_function, &call_construct);
+
+ Bind(&js_function);
+ {
+ // Cache the called function in a feedback vector slot. Cache states
+ // are uninitialized, monomorphic (indicated by a JSFunction), and
+ // megamorphic.
+ // TODO(mythria/v8:5210): Check if it is better to mark extra_checks as a
+ // deferred block so that call_construct_function will be scheduled just
+ // after increment_count and in the fast path we can reduce one branch in
+ // the
+ // fast path.
+ Label increment_count(this), extra_checks(this),
+ call_construct_function(this);
+
+ Node* feedback_element =
+ LoadFixedArrayElement(type_feedback_vector, slot_id);
+ Node* feedback_value = LoadWeakCellValue(feedback_element);
+ Node* is_monomorphic = WordEqual(constructor, feedback_value);
+ BranchIf(is_monomorphic, &increment_count, &extra_checks);
+
+ Bind(&extra_checks);
+ {
+ Label mark_megamorphic(this), initialize(this),
+ check_allocation_site(this), check_initialized(this),
+ set_alloc_feedback_and_inc_count(this);
+ {
+ // Check if it is a megamorphic target
+ Comment("check if megamorphic");
+ Node* is_megamorphic = WordEqual(
+ feedback_element,
+ HeapConstant(TypeFeedbackVector::MegamorphicSentinel(isolate())));
+ GotoIf(is_megamorphic, &call_construct_function);
+
+ Comment("check if weak cell");
+ Node* is_weak_cell = WordEqual(LoadMap(feedback_element),
+ LoadRoot(Heap::kWeakCellMapRootIndex));
+ GotoUnless(is_weak_cell, &check_allocation_site);
+ // If the weak cell is cleared, we have a new chance to become
+ // monomorphic.
+ Comment("check if weak cell is cleared");
+ Node* is_smi = WordIsSmi(feedback_value);
+ BranchIf(is_smi, &initialize, &mark_megamorphic);
+ }
+
+ Bind(&check_allocation_site);
+ {
+ Comment("check if it is an allocation site");
+ Node* is_allocation_site =
+ WordEqual(LoadObjectField(feedback_element, 0),
+ LoadRoot(Heap::kAllocationSiteMapRootIndex));
+ GotoUnless(is_allocation_site, &check_initialized);
+
+ // Make sure the function is the Array() function
+ Node* context_slot =
+ LoadFixedArrayElement(LoadNativeContext(context),
+ Int32Constant(Context::ARRAY_FUNCTION_INDEX));
+ Node* is_array_function = WordEqual(context_slot, constructor);
+ BranchIf(is_array_function, &set_alloc_feedback_and_inc_count,
+ &mark_megamorphic);
+ }
+
+ Bind(&set_alloc_feedback_and_inc_count);
+ {
+ allocation_feedback.Bind(feedback_element);
+ Goto(&increment_count);
+ }
+
+ Bind(&check_initialized);
+ {
+ // Check if it is uninitialized.
+ Comment("check if uninitialized");
+ Node* is_uninitialized = WordEqual(
+ feedback_element, LoadRoot(Heap::kuninitialized_symbolRootIndex));
+ BranchIf(is_uninitialized, &initialize, &mark_megamorphic);
+ }
+
+ Bind(&initialize);
+ {
+ Label initialize_count(this), create_weak_cell(this),
+ create_allocation_site(this);
+ Comment("initialize the feedback element");
+ // Check that it is the Array() function.
+ Node* context_slot =
+ LoadFixedArrayElement(LoadNativeContext(context),
+ Int32Constant(Context::ARRAY_FUNCTION_INDEX));
+ Node* is_array_function = WordEqual(context_slot, constructor);
+ BranchIf(is_array_function, &create_allocation_site, &create_weak_cell);
+
+ Bind(&create_allocation_site);
+ {
+ // TODO(mythria): Inline the creation of allocation site.
+ CreateAllocationSiteStub create_stub(isolate());
+ CallStub(create_stub.GetCallInterfaceDescriptor(),
+ HeapConstant(create_stub.GetCode()), context,
+ type_feedback_vector, SmiTag(slot_id));
+ Node* feedback_element =
+ LoadFixedArrayElement(type_feedback_vector, slot_id);
+ allocation_feedback.Bind(feedback_element);
+ Goto(&initialize_count);
+ }
+
+ Bind(&create_weak_cell);
+ {
+ CreateWeakCellInFeedbackVector(type_feedback_vector, SmiTag(slot_id),
+ constructor);
+ Goto(&initialize_count);
+ }
+
+ Bind(&initialize_count);
+ {
+ Node* call_count_slot = IntPtrAdd(slot_id, IntPtrConstant(1));
+ // Count is Smi, so we don't need a write barrier.
+ StoreFixedArrayElement(type_feedback_vector, call_count_slot,
+ SmiTag(Int32Constant(1)), SKIP_WRITE_BARRIER);
+ Goto(&call_construct_function);
+ }
+ }
+
+ Bind(&mark_megamorphic);
+ {
+ // MegamorphicSentinel is an immortal immovable object so no
+ // write-barrier
+ // is needed.
+ Comment("transition to megamorphic");
+ DCHECK(
+ Heap::RootIsImmortalImmovable(Heap::kmegamorphic_symbolRootIndex));
+ StoreFixedArrayElement(
+ type_feedback_vector, slot_id,
+ HeapConstant(TypeFeedbackVector::MegamorphicSentinel(isolate())),
+ SKIP_WRITE_BARRIER);
+ Goto(&call_construct_function);
+ }
+ }
+
+ Bind(&increment_count);
+ {
+ // Increment the call count.
+ Comment("increment call count");
+ Node* call_count_slot = IntPtrAdd(slot_id, IntPtrConstant(1));
+ Node* call_count =
+ LoadFixedArrayElement(type_feedback_vector, call_count_slot);
+ Node* new_count = SmiAdd(call_count, SmiTag(Int32Constant(1)));
+ // Count is Smi, so we don't need a write barrier.
+ StoreFixedArrayElement(type_feedback_vector, call_count_slot, new_count,
+ SKIP_WRITE_BARRIER);
+ Goto(&call_construct_function);
+ }
+
+ Bind(&call_construct_function);
+ {
+ Comment("call using callConstructFunction");
+ Callable callable_function = CodeFactory::InterpreterPushArgsAndConstruct(
+ isolate(), CallableType::kJSFunction);
+ return_value.Bind(CallStub(callable_function.descriptor(),
+ HeapConstant(callable_function.code()),
+ context, arg_count, new_target, constructor,
+ allocation_feedback.value(), first_arg));
+ Goto(&end);
+ }
+ }
+
+ Bind(&call_construct);
+ {
+ Comment("call using callConstruct builtin");
+ Callable callable = CodeFactory::InterpreterPushArgsAndConstruct(
+ isolate(), CallableType::kAny);
+ Node* code_target = HeapConstant(callable.code());
+ return_value.Bind(CallStub(callable.descriptor(), code_target, context,
+ arg_count, new_target, constructor,
+ UndefinedConstant(), first_arg));
+ Goto(&end);
+ }
+
+ Bind(&end);
+ return return_value.value();
}
Node* InterpreterAssembler::CallRuntimeN(Node* function_id, Node* context,

Powered by Google App Engine
This is Rietveld 408576698