[Turbofan] Implement call with spread bytecode in assembly code.

src/builtins/arm/builtins-arm.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #if V8_TARGET_ARCH_ARM
 
 #include "src/codegen.h"
 #include "src/debug/debug.h"
 #include "src/deoptimizer.h"
 #include "src/full-codegen/full-codegen.h"
@@ skipping 1129 matching lines @@
   __ bind(&loop_header);
   __ ldr(scratch, MemOperand(index, -kPointerSize, PostIndex));
   __ push(scratch);
   __ bind(&loop_check);
   __ cmp(index, limit);
   __ b(gt, &loop_header);
 }
 
 // static
 void Builtins::Generate_InterpreterPushArgsAndCallImpl(
-    MacroAssembler* masm, TailCallMode tail_call_mode,
-    CallableType function_type) {
+    MacroAssembler* masm, TailCallMode tail_call_mode, PushArgsMode mode) {

[rmcilroy, 2017/01/23 15:38:44]

nit - I'm not sure on the name, it seems a bit too generic (we push args in
other places). How about InterpreterPushArgsMode ?

   // ----------- S t a t e -------------
   //  -- r0 : the number of arguments (not including the receiver)
   //  -- r2 : the address of the first argument to be pushed. Subsequent
   //          arguments should be consecutive above this, in the same order as
   //          they are to be pushed onto the stack.
   //  -- r1 : the target to call (can be any Object).
   // -----------------------------------
   Label stack_overflow;
 
   __ add(r3, r0, Operand(1));  // Add one for receiver.
 
   // Push the arguments. r2, r4, r5 will be modified.
   Generate_InterpreterPushArgs(masm, r3, r2, r4, r5, &stack_overflow);
 
   // Call the target.
-  if (function_type == CallableType::kJSFunction) {
+  if (mode == PushArgsMode::kJSFunction) {
     __ Jump(masm->isolate()->builtins()->CallFunction(ConvertReceiverMode::kAny,
                                                       tail_call_mode),
             RelocInfo::CODE_TARGET);
+  } else if (mode == PushArgsMode::kWithFinalSpread) {
+    __ Jump(masm->isolate()->builtins()->CallWithSpread(),
+            RelocInfo::CODE_TARGET);
   } else {
-    DCHECK_EQ(function_type, CallableType::kAny);
     __ Jump(masm->isolate()->builtins()->Call(ConvertReceiverMode::kAny,
                                               tail_call_mode),
             RelocInfo::CODE_TARGET);
   }
 
   __ bind(&stack_overflow);
   {
     __ TailCallRuntime(Runtime::kThrowStackOverflow);
     // Unreachable code.
     __ bkpt(0);
   }
 }
 
 // static
 void Builtins::Generate_InterpreterPushArgsAndConstructImpl(
-    MacroAssembler* masm, PushArgsConstructMode mode) {
+    MacroAssembler* masm, PushArgsMode mode) {
   // ----------- S t a t e -------------
   // -- r0 : argument count (not including receiver)
   // -- r3 : new target
   // -- r1 : constructor to call
   // -- r2 : allocation site feedback if available, undefined otherwise.
   // -- r4 : address of the first argument
   // -----------------------------------
   Label stack_overflow;
 
   // Push a slot for the receiver to be constructed.
   __ mov(ip, Operand::Zero());
   __ push(ip);
 
   // Push the arguments. r5, r4, r6 will be modified.
   Generate_InterpreterPushArgs(masm, r0, r4, r5, r6, &stack_overflow);
 
   __ AssertUndefinedOrAllocationSite(r2, r5);
-  if (mode == PushArgsConstructMode::kJSFunction) {
+  if (mode == PushArgsMode::kJSFunction) {
     __ AssertFunction(r1);
 
     // Tail call to the function-specific construct stub (still in the caller
     // context at this point).
     __ ldr(r4, FieldMemOperand(r1, JSFunction::kSharedFunctionInfoOffset));
     __ ldr(r4, FieldMemOperand(r4, SharedFunctionInfo::kConstructStubOffset));
     // Jump to the construct function.
     __ add(pc, r4, Operand(Code::kHeaderSize - kHeapObjectTag));
-  } else if (mode == PushArgsConstructMode::kWithFinalSpread) {
+  } else if (mode == PushArgsMode::kWithFinalSpread) {
     // Call the constructor with r0, r1, and r3 unmodified.
     __ Jump(masm->isolate()->builtins()->ConstructWithSpread(),
             RelocInfo::CODE_TARGET);
   } else {
-    DCHECK_EQ(PushArgsConstructMode::kOther, mode);
+    DCHECK_EQ(PushArgsMode::kOther, mode);
     // Call the constructor with r0, r1, and r3 unmodified.
     __ Jump(masm->isolate()->builtins()->Construct(), RelocInfo::CODE_TARGET);
   }
 
   __ bind(&stack_overflow);
   {
     __ TailCallRuntime(Runtime::kThrowStackOverflow);
     // Unreachable code.
     __ bkpt(0);
   }
@@ skipping 1379 matching lines @@
 
   // 3. Call to something that is not callable.
   __ bind(&non_callable);
   {
     FrameAndConstantPoolScope scope(masm, StackFrame::INTERNAL);
     __ Push(r1);
     __ CallRuntime(Runtime::kThrowCalledNonCallable);
   }
 }
 
-// static
-void Builtins::Generate_ConstructFunction(MacroAssembler* masm) {
-  // ----------- S t a t e -------------
-  //  -- r0 : the number of arguments (not including the receiver)
-  //  -- r1 : the constructor to call (checked to be a JSFunction)
-  //  -- r3 : the new target (checked to be a constructor)
-  // -----------------------------------
-  __ AssertFunction(r1);
-
-  // Calling convention for function specific ConstructStubs require
-  // r2 to contain either an AllocationSite or undefined.
-  __ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
-
-  // Tail call to the function-specific construct stub (still in the caller
-  // context at this point).
-  __ ldr(r4, FieldMemOperand(r1, JSFunction::kSharedFunctionInfoOffset));
-  __ ldr(r4, FieldMemOperand(r4, SharedFunctionInfo::kConstructStubOffset));
-  __ add(pc, r4, Operand(Code::kHeaderSize - kHeapObjectTag));
-}
-
-// static
-void Builtins::Generate_ConstructBoundFunction(MacroAssembler* masm) {
-  // ----------- S t a t e -------------
-  //  -- r0 : the number of arguments (not including the receiver)
-  //  -- r1 : the function to call (checked to be a JSBoundFunction)
-  //  -- r3 : the new target (checked to be a constructor)
-  // -----------------------------------
-  __ AssertBoundFunction(r1);
-
-  // Push the [[BoundArguments]] onto the stack.
-  Generate_PushBoundArguments(masm);
-
-  // Patch new.target to [[BoundTargetFunction]] if new.target equals target.
-  __ cmp(r1, r3);
-  __ ldr(r3, FieldMemOperand(r1, JSBoundFunction::kBoundTargetFunctionOffset),
-         eq);
-
-  // Construct the [[BoundTargetFunction]] via the Construct builtin.
-  __ ldr(r1, FieldMemOperand(r1, JSBoundFunction::kBoundTargetFunctionOffset));
-  __ mov(ip, Operand(ExternalReference(Builtins::kConstruct, masm->isolate())));
-  __ ldr(ip, MemOperand(ip));
-  __ add(pc, ip, Operand(Code::kHeaderSize - kHeapObjectTag));
-}
-
-// static
-void Builtins::Generate_ConstructProxy(MacroAssembler* masm) {
-  // ----------- S t a t e -------------
-  //  -- r0 : the number of arguments (not including the receiver)
-  //  -- r1 : the constructor to call (checked to be a JSProxy)
-  //  -- r3 : the new target (either the same as the constructor or
-  //          the JSFunction on which new was invoked initially)
-  // -----------------------------------
-
-  // Call into the Runtime for Proxy [[Construct]].
-  __ Push(r1);
-  __ Push(r3);
-  // Include the pushed new_target, constructor and the receiver.
-  __ add(r0, r0, Operand(3));
-  // Tail-call to the runtime.
-  __ JumpToExternalReference(
-      ExternalReference(Runtime::kJSProxyConstruct, masm->isolate()));
-}
-
-// static
-void Builtins::Generate_Construct(MacroAssembler* masm) {
-  // ----------- S t a t e -------------
-  //  -- r0 : the number of arguments (not including the receiver)
-  //  -- r1 : the constructor to call (can be any Object)
-  //  -- r3 : the new target (either the same as the constructor or
-  //          the JSFunction on which new was invoked initially)
-  // -----------------------------------
-
-  // Check if target is a Smi.
-  Label non_constructor;
-  __ JumpIfSmi(r1, &non_constructor);
-
-  // Dispatch based on instance type.
-  __ CompareObjectType(r1, r4, r5, JS_FUNCTION_TYPE);
-  __ Jump(masm->isolate()->builtins()->ConstructFunction(),
-          RelocInfo::CODE_TARGET, eq);
-
-  // Check if target has a [[Construct]] internal method.
-  __ ldrb(r2, FieldMemOperand(r4, Map::kBitFieldOffset));
-  __ tst(r2, Operand(1 << Map::kIsConstructor));
-  __ b(eq, &non_constructor);
-
-  // Only dispatch to bound functions after checking whether they are
-  // constructors.
-  __ cmp(r5, Operand(JS_BOUND_FUNCTION_TYPE));
-  __ Jump(masm->isolate()->builtins()->ConstructBoundFunction(),
-          RelocInfo::CODE_TARGET, eq);
-
-  // Only dispatch to proxies after checking whether they are constructors.
-  __ cmp(r5, Operand(JS_PROXY_TYPE));
-  __ Jump(masm->isolate()->builtins()->ConstructProxy(), RelocInfo::CODE_TARGET,
-          eq);
-
-  // Called Construct on an exotic Object with a [[Construct]] internal method.
-  {
-    // Overwrite the original receiver with the (original) target.
-    __ str(r1, MemOperand(sp, r0, LSL, kPointerSizeLog2));
-    // Let the "call_as_constructor_delegate" take care of the rest.
-    __ LoadNativeContextSlot(Context::CALL_AS_CONSTRUCTOR_DELEGATE_INDEX, r1);
-    __ Jump(masm->isolate()->builtins()->CallFunction(),
-            RelocInfo::CODE_TARGET);
-  }
-
-  // Called Construct on an Object that doesn't have a [[Construct]] internal
-  // method.
-  __ bind(&non_constructor);
-  __ Jump(masm->isolate()->builtins()->ConstructedNonConstructable(),
-          RelocInfo::CODE_TARGET);
-}
-
-// static
-void Builtins::Generate_ConstructWithSpread(MacroAssembler* masm) {
-  // ----------- S t a t e -------------
-  //  -- r0 : the number of arguments (not including the receiver)
-  //  -- r1 : the constructor to call (can be any Object)
-  //  -- r3 : the new target (either the same as the constructor or
-  //          the JSFunction on which new was invoked initially)
-  // -----------------------------------
-
+static void CheckSpreadAndPushToStack(MacroAssembler* masm) {
   Register argc = r0;
   Register constructor = r1;
   Register new_target = r3;
 
   Register scratch = r2;
   Register scratch2 = r6;
 
   Register spread = r4;
   Register spread_map = r5;
+
+  Register spread_len = r5;
+
   __ ldr(spread, MemOperand(sp, 0));
   __ ldr(spread_map, FieldMemOperand(spread, HeapObject::kMapOffset));
 
   Label runtime_call, push_args;
   // Check that the spread is an array.
   __ CompareInstanceType(spread_map, scratch, JS_ARRAY_TYPE);
   __ b(ne, &runtime_call);
 
   // Check that we have the original ArrayPrototype.
   __ ldr(scratch, FieldMemOperand(spread_map, Map::kPrototypeOffset));
@@ skipping 34 matching lines @@
   __ b(eq, &no_protector_check);
   __ cmp(scratch, Operand(FAST_ELEMENTS));
   __ b(eq, &no_protector_check);
   // Check the ArrayProtector cell.
   __ LoadRoot(scratch, Heap::kArrayProtectorRootIndex);
   __ ldr(scratch, FieldMemOperand(scratch, PropertyCell::kValueOffset));
   __ cmp(scratch, Operand(Smi::FromInt(Isolate::kProtectorValid)));
   __ b(ne, &runtime_call);
 
   __ bind(&no_protector_check);
-  // Load the FixedArray backing store.
+  // Load the FixedArray backing store, but use the length from the array.
+  __ ldr(spread_len, FieldMemOperand(spread, JSArray::kLengthOffset));
+  __ SmiUntag(spread_len);
   __ ldr(spread, FieldMemOperand(spread, JSArray::kElementsOffset));
   __ b(&push_args);
 
   __ bind(&runtime_call);
   {
     // Call the builtin for the result of the spread.
     FrameAndConstantPoolScope scope(masm, StackFrame::INTERNAL);
     __ SmiTag(argc);
     __ Push(constructor);
     __ Push(new_target);
     __ Push(argc);
     __ Push(spread);
     __ CallRuntime(Runtime::kSpreadIterableFixed);
     __ mov(spread, r0);
     __ Pop(argc);
     __ Pop(new_target);
     __ Pop(constructor);
     __ SmiUntag(argc);
   }
 
-  Register spread_len = r5;
-  __ bind(&push_args);
   {
-    // Pop the spread argument off the stack.
-    __ Pop(scratch);
     // Calculate the new nargs including the result of the spread.
     __ ldr(spread_len, FieldMemOperand(spread, FixedArray::kLengthOffset));
     __ SmiUntag(spread_len);
+
+    __ bind(&push_args);
     // argc += spread_len - 1. Subtract 1 for the spread itself.
     __ add(argc, argc, spread_len);
     __ sub(argc, argc, Operand(1));
+
+    // Pop the spread argument off the stack.
+    __ Pop(scratch);
   }
 
   // Check for stack overflow.
   {
     // Check the stack for overflow. We are not trying to catch interruptions
     // (i.e. debug break and preemption) here, so check the "real stack limit".
     Label done;
     __ LoadRoot(scratch, Heap::kRealStackLimitRootIndex);
     // Make scratch the space we have left. The stack might already be
     // overflowed here which will cause scratch to become negative.
@@ skipping 12 matching lines @@
     __ bind(&loop);
     __ cmp(scratch, spread_len);
     __ b(eq, &done);
     __ add(scratch2, spread, Operand(scratch, LSL, kPointerSizeLog2));
     __ ldr(scratch2, FieldMemOperand(scratch2, FixedArray::kHeaderSize));
     __ Push(scratch2);
     __ add(scratch, scratch, Operand(1));
     __ b(&loop);
     __ bind(&done);
   }
+}
 
-  // Dispatch.
+// static
+void Builtins::Generate_CallWithSpread(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the constructor to call (can be any Object)
+  // -----------------------------------
+
+  // CheckSpreadAndPushToStack will push r3 to save it.
+  __ LoadRoot(r3, Heap::kUndefinedValueRootIndex);
+  CheckSpreadAndPushToStack(masm);
+  __ Jump(masm->isolate()->builtins()->Call(ConvertReceiverMode::kAny,
+                                            TailCallMode::kDisallow),
+          RelocInfo::CODE_TARGET);
+}
+
+// static
+void Builtins::Generate_ConstructFunction(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the constructor to call (checked to be a JSFunction)
+  //  -- r3 : the new target (checked to be a constructor)
+  // -----------------------------------
+  __ AssertFunction(r1);
+
+  // Calling convention for function specific ConstructStubs require
+  // r2 to contain either an AllocationSite or undefined.
+  __ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
+
+  // Tail call to the function-specific construct stub (still in the caller
+  // context at this point).
+  __ ldr(r4, FieldMemOperand(r1, JSFunction::kSharedFunctionInfoOffset));
+  __ ldr(r4, FieldMemOperand(r4, SharedFunctionInfo::kConstructStubOffset));
+  __ add(pc, r4, Operand(Code::kHeaderSize - kHeapObjectTag));
+}
+
+// static
+void Builtins::Generate_ConstructBoundFunction(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the function to call (checked to be a JSBoundFunction)
+  //  -- r3 : the new target (checked to be a constructor)
+  // -----------------------------------
+  __ AssertBoundFunction(r1);
+
+  // Push the [[BoundArguments]] onto the stack.
+  Generate_PushBoundArguments(masm);
+
+  // Patch new.target to [[BoundTargetFunction]] if new.target equals target.
+  __ cmp(r1, r3);
+  __ ldr(r3, FieldMemOperand(r1, JSBoundFunction::kBoundTargetFunctionOffset),
+         eq);
+
+  // Construct the [[BoundTargetFunction]] via the Construct builtin.
+  __ ldr(r1, FieldMemOperand(r1, JSBoundFunction::kBoundTargetFunctionOffset));
+  __ mov(ip, Operand(ExternalReference(Builtins::kConstruct, masm->isolate())));
+  __ ldr(ip, MemOperand(ip));
+  __ add(pc, ip, Operand(Code::kHeaderSize - kHeapObjectTag));
+}
+
+// static
+void Builtins::Generate_ConstructProxy(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the constructor to call (checked to be a JSProxy)
+  //  -- r3 : the new target (either the same as the constructor or
+  //          the JSFunction on which new was invoked initially)
+  // -----------------------------------
+
+  // Call into the Runtime for Proxy [[Construct]].
+  __ Push(r1);
+  __ Push(r3);
+  // Include the pushed new_target, constructor and the receiver.
+  __ add(r0, r0, Operand(3));
+  // Tail-call to the runtime.
+  __ JumpToExternalReference(
+      ExternalReference(Runtime::kJSProxyConstruct, masm->isolate()));
+}
+
+// static
+void Builtins::Generate_Construct(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the constructor to call (can be any Object)
+  //  -- r3 : the new target (either the same as the constructor or
+  //          the JSFunction on which new was invoked initially)
+  // -----------------------------------
+
+  // Check if target is a Smi.
+  Label non_constructor;
+  __ JumpIfSmi(r1, &non_constructor);
+
+  // Dispatch based on instance type.
+  __ CompareObjectType(r1, r4, r5, JS_FUNCTION_TYPE);
+  __ Jump(masm->isolate()->builtins()->ConstructFunction(),
+          RelocInfo::CODE_TARGET, eq);
+
+  // Check if target has a [[Construct]] internal method.
+  __ ldrb(r2, FieldMemOperand(r4, Map::kBitFieldOffset));
+  __ tst(r2, Operand(1 << Map::kIsConstructor));
+  __ b(eq, &non_constructor);
+
+  // Only dispatch to bound functions after checking whether they are
+  // constructors.
+  __ cmp(r5, Operand(JS_BOUND_FUNCTION_TYPE));
+  __ Jump(masm->isolate()->builtins()->ConstructBoundFunction(),
+          RelocInfo::CODE_TARGET, eq);
+
+  // Only dispatch to proxies after checking whether they are constructors.
+  __ cmp(r5, Operand(JS_PROXY_TYPE));
+  __ Jump(masm->isolate()->builtins()->ConstructProxy(), RelocInfo::CODE_TARGET,
+          eq);
+
+  // Called Construct on an exotic Object with a [[Construct]] internal method.
+  {
+    // Overwrite the original receiver with the (original) target.
+    __ str(r1, MemOperand(sp, r0, LSL, kPointerSizeLog2));
+    // Let the "call_as_constructor_delegate" take care of the rest.
+    __ LoadNativeContextSlot(Context::CALL_AS_CONSTRUCTOR_DELEGATE_INDEX, r1);
+    __ Jump(masm->isolate()->builtins()->CallFunction(),
+            RelocInfo::CODE_TARGET);
+  }
+
+  // Called Construct on an Object that doesn't have a [[Construct]] internal
+  // method.
+  __ bind(&non_constructor);
+  __ Jump(masm->isolate()->builtins()->ConstructedNonConstructable(),
+          RelocInfo::CODE_TARGET);
+}
+
+// static
+void Builtins::Generate_ConstructWithSpread(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  //  -- r0 : the number of arguments (not including the receiver)
+  //  -- r1 : the constructor to call (can be any Object)
+  //  -- r3 : the new target (either the same as the constructor or
+  //          the JSFunction on which new was invoked initially)
+  // -----------------------------------
+
+  CheckSpreadAndPushToStack(masm);
   __ Jump(masm->isolate()->builtins()->Construct(), RelocInfo::CODE_TARGET);
 }
 
 // static
 void Builtins::Generate_AllocateInNewSpace(MacroAssembler* masm) {
   // ----------- S t a t e -------------
   //  -- r1 : requested object size (untagged)
   //  -- lr : return address
   // -----------------------------------
   __ SmiTag(r1);
@@ skipping 148 matching lines @@
     __ bkpt(0);
   }
 }
 
 #undef __
 
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_ARM