AllocationSites for all literals

src/objects.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 10 matching lines @@
 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 #include "v8.h"
 
 #include "accessors.h"
+#include "allocation-site-scopes.h"
 #include "api.h"
 #include "arguments.h"
 #include "bootstrapper.h"
 #include "codegen.h"
 #include "cpu-profiler.h"
 #include "debug.h"
 #include "deoptimizer.h"
 #include "date.h"
 #include "elements.h"
 #include "execution.h"
@@ skipping 5524 matching lines @@
     MaybeObject* maybe_copy = map()->Copy();
     if (!maybe_copy->To(&new_map)) return maybe_copy;
     new_map->set_is_observed(true);
   }
   set_map(new_map);
 
   return heap->undefined_value();
 }
 
 
+Handle<JSObject> JSObject::Copy(Handle<JSObject> object,
+                                AllocationSiteContext* site_context) {
+  Isolate* isolate = object->GetIsolate();
+  CALL_HEAP_FUNCTION(isolate,
+                     isolate->heap()->CopyJSObject(*object,
+                         *(site_context->current())),
+                         JSObject);
+}
+
+
 Handle<JSObject> JSObject::Copy(Handle<JSObject> object) {
   Isolate* isolate = object->GetIsolate();
   CALL_HEAP_FUNCTION(isolate,
                      isolate->heap()->CopyJSObject(*object), JSObject);
 }
 
 
 class JSObjectWalkVisitor {
  public:
-  explicit JSObjectWalkVisitor() {}
+  explicit JSObjectWalkVisitor(AllocationSiteContext* site_context) :
+      site_context_(site_context) {}
   virtual ~JSObjectWalkVisitor() {}
 
   Handle<JSObject> Visit(Handle<JSObject> object) {
     return StructureWalk(object);
   }
 
-  // Returns true if the visitor is a copying visitor.
   virtual bool is_copying() = 0;
 
  protected:
   Handle<JSObject> StructureWalk(Handle<JSObject> object);
 
-  // The returned handle should point to a new object if the visitor is a
-  // copying visitor, otherwise it should be the same as the input object.
+  // The returned handle will be used for the object in all
+  // subsequent usages. This allows VisitObject to make a copy
+  // of the object if desired.
   virtual Handle<JSObject> VisitObject(Handle<JSObject> object) = 0;
-
-  // The returned handle should point to a new value if the visitor is a
-  // copying visitor, otherwise it should be the same as the input value.
   virtual Handle<JSObject> VisitElementOrProperty(Handle<JSObject> object,
                                                   Handle<JSObject> value) = 0;
+
+  AllocationSiteContext* site_context() { return site_context_; }
+
+ private:
+  AllocationSiteContext* site_context_;
 };
 
 
 class JSObjectCopyVisitor: public JSObjectWalkVisitor {
  public:
-  explicit JSObjectCopyVisitor() {}
+  explicit JSObjectCopyVisitor(AllocationSiteContext* site_context)
+      : JSObjectWalkVisitor(site_context) {}
 
   virtual bool is_copying() V8_OVERRIDE { return true; }
 
- protected:
+  // The returned handle will be used for the object in all
+  // subsequent usages. This allows VisitObject to make a copy
+  // of the object if desired.
   virtual Handle<JSObject> VisitObject(Handle<JSObject> object) V8_OVERRIDE {
-    return JSObject::Copy(object);
+    // Only create a memento if
+    // 1) we have a JSArray, and

[Hannes Payer (out of office), 2013/10/11 12:55:44]

What about JSObject?

[mvstanton, 2013/10/11 13:41:47]

At this moment in the code, we only emit mementos for Arrays with certain
characteristics. It's the next step to open the door to emit them for JSObjects
(this will need a change in AllocationSite::CanTrack() as we discussed:
currently that method only accepts arrays).

+    // 2) the elements kind is palatable
+    // 3) allow_mementos is true
+    Handle<JSObject> copy;
+    if (site_context()->activated() &&
+        AllocationSite::CanTrack(object->map()->instance_type()) &&
+        AllocationSite::GetMode(object->GetElementsKind()) ==
+        TRACK_ALLOCATION_SITE) {
+      copy = JSObject::Copy(object, site_context());
+    } else {
+      copy = JSObject::Copy(object);
+    }
+
+    return copy;
   }
 
   virtual Handle<JSObject> VisitElementOrProperty(
       Handle<JSObject> object,
       Handle<JSObject> value) V8_OVERRIDE {
-    return StructureWalk(value);
+    AllocationSiteUsageScope scope(site_context(), value);
+    value = StructureWalk(value);
+    return value;
   }
 };
 
+
+class JSObjectCreateAllocationSitesVisitor: public JSObjectWalkVisitor {
+ public:
+  explicit JSObjectCreateAllocationSitesVisitor(
+      AllocationSiteContext* site_context)
+      : JSObjectWalkVisitor(site_context) {}
+
+  virtual bool is_copying() V8_OVERRIDE { return false; }
+
+  // The returned handle will be used for the object in all
+  // subsequent usages. This allows VisitObject to make a copy
+  // of the object if desired.
+  virtual Handle<JSObject> VisitObject(Handle<JSObject> object) V8_OVERRIDE {
+    return object;
+  }
+
+  virtual Handle<JSObject> VisitElementOrProperty(
+      Handle<JSObject> object,
+      Handle<JSObject> value) V8_OVERRIDE {
+    AllocationSiteCreationScope scope(site_context());
+    value = StructureWalk(value);
+    if (!value.is_null()) {
+      scope.RecordTransitionInfo(value);
+    }
+    return value;
+  }
+};
+
 
 Handle<JSObject> JSObjectWalkVisitor::StructureWalk(Handle<JSObject> object) {
   bool copying = is_copying();
   Isolate* isolate = object->GetIsolate();
   StackLimitCheck check(isolate);
   if (check.HasOverflowed()) {
     isolate->StackOverflow();
     return Handle<JSObject>::null();
   }
 
@@ skipping 123 matching lines @@
     case EXTERNAL_DOUBLE_ELEMENTS:
     case FAST_DOUBLE_ELEMENTS:
     case FAST_HOLEY_DOUBLE_ELEMENTS:
       // No contained objects, nothing to do.
       break;
   }
   return copy;
 }
 
 
-Handle<JSObject> JSObject::DeepCopy(Handle<JSObject> object) {
-  JSObjectCopyVisitor v;
+Handle<JSObject> JSObject::DeepWalk(Handle<JSObject> object,
+                                    AllocationSiteContext* site_context) {
+  JSObjectCreateAllocationSitesVisitor v(site_context);
+  Handle<JSObject> copy = v.Visit(object);
+  ASSERT(!v.is_copying() && copy.is_identical_to(object));
+  return copy;
+}
+
+
+Handle<JSObject> JSObject::DeepCopy(Handle<JSObject> object,
+                                    AllocationSiteContext* site_context) {
+  JSObjectCopyVisitor v(site_context);
   Handle<JSObject> copy = v.Visit(object);
   ASSERT(v.is_copying() && !copy.is_identical_to(object));
   return copy;
 }
 
 
 // Tests for the fast common case for property enumeration:
 // - This object and all prototypes has an enum cache (which means that
 //   it is no proxy, has no interceptors and needs no access checks).
 // - This object has no elements.
@@ skipping 6744 matching lines @@
     return this;
   }
 
   AllocationMemento* memento = AllocationMemento::FindForJSObject(this);
   if (memento == NULL || !memento->IsValid()) {
     return this;
   }
 
   // Walk through to the Allocation Site
   AllocationSite* site = memento->GetAllocationSite();
-  if (site->IsLiteralSite()) {
+  if (site->IsLiteralSite() &&
+      site->transition_info()->IsJSArray()) {
     JSArray* transition_info = JSArray::cast(site->transition_info());
+    bool is_nested = !(site->nested_site()->IsSmi());
     ElementsKind kind = transition_info->GetElementsKind();
     // if kind is holey ensure that to_kind is as well.
     if (IsHoleyElementsKind(kind)) {
       to_kind = GetHoleyElementsKind(to_kind);
     }
     if (IsMoreGeneralElementsKindTransition(kind, to_kind)) {
       // If the array is huge, it's not likely to be defined in a local
       // function, so we shouldn't make new instances of it very often.
       uint32_t length = 0;
       CHECK(transition_info->length()->ToArrayIndex(&length));
       if (length <= AllocationSite::kMaximumArrayBytesToPretransition) {
         if (FLAG_trace_track_allocation_sites) {
           PrintF(
-              "AllocationSite: JSArray %p boilerplate updated %s->%s\n",
+              "AllocationSite: JSArray %p boilerplate %s updated %s->%s\n",
               reinterpret_cast<void*>(this),
+              is_nested ? "(nested)" : "",
               ElementsKindToString(kind),
               ElementsKindToString(to_kind));
         }
         return transition_info->TransitionElementsKind(to_kind);
       }
     }
   } else {
     ElementsKind kind = site->GetElementsKind();
     // if kind is holey ensure that to_kind is as well.
     if (IsHoleyElementsKind(kind)) {
@@ skipping 3659 matching lines @@
 #define ERROR_MESSAGES_TEXTS(C, T) T,
   static const char* error_messages_[] = {
       ERROR_MESSAGES_LIST(ERROR_MESSAGES_TEXTS)
   };
 #undef ERROR_MESSAGES_TEXTS
   return error_messages_[reason];
 }
 
 
 } }  // namespace v8::internal