Put the type feedback vector in the unoptimized JavaScript frame.

src/deoptimizer.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/v8.h"
 
 #include "src/accessors.h"
 #include "src/codegen.h"
 #include "src/deoptimizer.h"
 #include "src/disasm.h"
@@ skipping 105 matching lines @@
   return result;
 }
 
 
 int Deoptimizer::ConvertJSFrameIndexToFrameIndex(int jsframe_index) {
   if (jsframe_index == 0) return 0;
 
   int frame_index = 0;
   while (jsframe_index >= 0) {
     FrameDescription* frame = output_[frame_index];
-    if (frame->GetFrameType() == StackFrame::JAVA_SCRIPT) {
+    if (frame->GetFrameType() == StackFrame::JAVA_SCRIPT ||
+        frame->GetFrameType() == StackFrame::OPTIMIZED) {
       jsframe_index--;
     }
     frame_index++;
   }
 
   return frame_index - 1;
 }
 
 
 DeoptimizedFrameInfo* Deoptimizer::DebuggerInspectableFrame(
@@ skipping 455 matching lines @@
     }
   }
   compiled_code_ = FindOptimizedCode(function, optimized_code);
 #if DEBUG
   DCHECK(compiled_code_ != NULL);
   if (type == EAGER || type == SOFT || type == LAZY) {
     DCHECK(compiled_code_->kind() != Code::FUNCTION);
   }
 #endif
 
-  StackFrame::Type frame_type = function == NULL
-      ? StackFrame::STUB
-      : StackFrame::JAVA_SCRIPT;
+  StackFrame::Type frame_type =
+      function == NULL ? StackFrame::STUB : StackFrame::OPTIMIZED;
   trace_scope_ = TraceEnabledFor(type, frame_type) ?
       new CodeTracer::Scope(isolate->GetCodeTracer()) : NULL;
 #ifdef DEBUG
   CHECK(AllowHeapAllocation::IsAllowed());
   disallow_heap_allocation_ = new DisallowHeapAllocation();
 #endif  // DEBUG
   if (compiled_code_->kind() == Code::OPTIMIZED_FUNCTION) {
     PROFILE(isolate_, CodeDeoptEvent(compiled_code_, bailout_id_, from_,
                                      fp_to_sp_delta_));
   }
@@ skipping 265 matching lines @@
   unsigned height_in_bytes = height * kPointerSize;
   if (trace_scope_ != NULL) {
     PrintF(trace_scope_->file(), "  translating ");
     function->PrintName(trace_scope_->file());
     PrintF(trace_scope_->file(),
            " => node=%d, height=%d\n", node_id.ToInt(), height_in_bytes);
   }
 
   // The 'fixed' part of the frame consists of the incoming parameters and
   // the part described by JavaScriptFrameConstants.
-  unsigned fixed_frame_size = ComputeFixedSize(function);
+  unsigned fixed_frame_size = ComputeFixedSize(function, true);
   unsigned input_frame_size = input_->GetFrameSize();
   unsigned output_frame_size = height_in_bytes + fixed_frame_size;
 
   // Allocate and store the output frame description.
   FrameDescription* output_frame =
       new(output_frame_size) FrameDescription(output_frame_size, function);
   output_frame->SetFrameType(StackFrame::JAVA_SCRIPT);
 
   bool is_bottommost = (0 == frame_index);
   bool is_topmost = (output_count_ - 1 == frame_index);
   CHECK(frame_index >= 0 && frame_index < output_count_);
   CHECK_NULL(output_[frame_index]);
   output_[frame_index] = output_frame;
 
   // The top address for the bottommost output frame can be computed from
   // the input frame pointer and the output frame's height.  For all
   // subsequent output frames, it can be computed from the previous one's
   // top address and the current frame's size.
   Register fp_reg = JavaScriptFrame::fp_register();
   intptr_t top_address;
   if (is_bottommost) {
     // Determine whether the input frame contains alignment padding.
     has_alignment_padding_ =
         (!compiled_code_->is_turbofanned() && HasAlignmentPadding(function))
             ? 1
             : 0;
     // 2 = context and function in the frame.
     // If the optimized frame had alignment padding, adjust the frame pointer
     // to point to the new position of the old frame pointer after padding
-    // is removed. Subtract 2 * kPointerSize for the context and function slots.
+    // is removed. Subtract the fixed frame size.
     top_address = input_->GetRegister(fp_reg.code()) -
-        StandardFrameConstants::kFixedFrameSizeFromFp -
-        height_in_bytes + has_alignment_padding_ * kPointerSize;
+                  JavaScriptFrameConstants::kUnoptimizedFixedFrameSizeFromFp -
+                  height_in_bytes + has_alignment_padding_ * kPointerSize;
   } else {
     top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
   }
   output_frame->SetTop(top_address);
 
   // Compute the incoming parameter translation.
   int parameter_count =
       function->shared()->internal_formal_parameter_count() + 1;
   unsigned output_offset = output_frame_size;
   unsigned input_offset = input_frame_size;
@@ skipping 113 matching lines @@
   // input frame.
   DCHECK(!is_bottommost || input_->GetFrameSlot(input_offset) == value);
   output_frame->SetFrameSlot(output_offset, value);
   if (trace_scope_ != NULL) {
     PrintF(trace_scope_->file(),
            "    0x%08" V8PRIxPTR ": [top + %d] <- 0x%08"
            V8PRIxPTR "; function\n",
            top_address + output_offset, output_offset, value);
   }
 
+  // The type feedback vector must be retrieved from the function, as it's
+  // not available in the input frame.
+  output_offset -= kPointerSize;
+  TypeFeedbackVector* vector = function->shared()->feedback_vector();
+  value = reinterpret_cast<intptr_t>(vector);
+  output_frame->SetFrameSlot(output_offset, value);
+  if (trace_scope_ != NULL) {
+    PrintF(trace_scope_->file(),
+           "    0x%08" V8PRIxPTR ": [top + %d] <- 0x%08" V8PRIxPTR "; vector\n",
+           top_address + output_offset, output_offset, value);
+  }
+
   // Translate the rest of the frame.
   for (unsigned i = 0; i < height; ++i) {
     output_offset -= kPointerSize;
     DoTranslateCommand(iterator, frame_index, output_offset);
   }
   CHECK_EQ(0u, output_offset);
 
   // Compute this frame's PC, state, and continuation.
   Code* non_optimized_code = function->shared()->code();
   FixedArray* raw_data = non_optimized_code->deoptimization_data();
@@ skipping 1636 matching lines @@
       StandardFrameConstants::kFixedFrameSizeFromFp;
   if (compiled_code_->kind() == Code::OPTIMIZED_FUNCTION) {
     unsigned stack_slots = compiled_code_->stack_slots();
     unsigned outgoing_size = ComputeOutgoingArgumentSize();
     CHECK(result == fixed_size + (stack_slots * kPointerSize) + outgoing_size);
   }
   return result;
 }
 
 
-unsigned Deoptimizer::ComputeFixedSize(JSFunction* function) const {
+unsigned Deoptimizer::ComputeFixedSize(JSFunction* function,
+                                       bool unoptimized_frame) const {
   // The fixed part of the frame consists of the return address, frame
   // pointer, function, context, and all the incoming arguments.
   return ComputeIncomingArgumentSize(function) +
-      StandardFrameConstants::kFixedFrameSize;
+         (unoptimized_frame
+              ? JavaScriptFrameConstants::kUnoptimizedFixedFrameSize
+              : StandardFrameConstants::kFixedFrameSize);
 }
 
 
 unsigned Deoptimizer::ComputeIncomingArgumentSize(JSFunction* function) const {
   // The incoming arguments is the values for formal parameters and
   // the receiver. Every slot contains a pointer.
   if (function->IsSmi()) {
     CHECK_EQ(Smi::cast(function), Smi::FromInt(StackFrame::STUB));
     return 0;
   }
@@ skipping 105 matching lines @@
   }
 
   // Zap all the slots.
   for (unsigned o = 0; o < frame_size; o += kPointerSize) {
     SetFrameSlot(o, kZapUint32);
   }
 }
 
 
 int FrameDescription::ComputeFixedSize() {
-  return StandardFrameConstants::kFixedFrameSize +
-      (ComputeParametersCount() + 1) * kPointerSize;
+  // Full-code javascript frames have a type feedback vector.
+  const int fixed_size =
+      type_ == StackFrame::JAVA_SCRIPT
+          ? JavaScriptFrameConstants::kUnoptimizedFixedFrameSize
+          : StandardFrameConstants::kFixedFrameSize;
+  return fixed_size + (ComputeParametersCount() + 1) * kPointerSize;
 }
 
 
 unsigned FrameDescription::GetOffsetFromSlotIndex(int slot_index) {
   if (slot_index >= 0) {
     // Local or spill slots. Skip the fixed part of the frame
     // including all arguments.
     unsigned base = GetFrameSize() - ComputeFixedSize();
     return base - ((slot_index + 1) * kPointerSize);
   } else {
     // Incoming parameter.
     int arg_size = (ComputeParametersCount() + 1) * kPointerSize;
     unsigned base = GetFrameSize() - arg_size;
     return base - ((slot_index + 1) * kPointerSize);
   }
 }
 
 
 int FrameDescription::ComputeParametersCount() {
   switch (type_) {
+    case StackFrame::OPTIMIZED:
     case StackFrame::JAVA_SCRIPT:
       return function_->shared()->internal_formal_parameter_count();
     case StackFrame::ARGUMENTS_ADAPTOR: {
       // Last slot contains number of incomming arguments as a smi.
       // Can't use GetExpression(0) because it would cause infinite recursion.
       return reinterpret_cast<Smi*>(*GetFrameSlotPointer(0))->value();
     }
     case StackFrame::STUB:
       return -1;  // Minus receiver.
     default:
       FATAL("Unexpected stack frame type");
       return 0;
   }
 }
 
 
 Object* FrameDescription::GetParameter(int index) {
   CHECK_GE(index, 0);
   CHECK_LT(index, ComputeParametersCount());
   // The slot indexes for incoming arguments are negative.
   unsigned offset = GetOffsetFromSlotIndex(index - ComputeParametersCount());
   return reinterpret_cast<Object*>(*GetFrameSlotPointer(offset));
 }
 
 
 unsigned FrameDescription::GetExpressionCount() {
-  CHECK_EQ(StackFrame::JAVA_SCRIPT, type_);
+  CHECK(type_ == StackFrame::JAVA_SCRIPT || type_ == StackFrame::OPTIMIZED);

[Jarin, 2015/02/26 09:22:06]

I am quite confused about how we could get StackFrame::OPTIMIZED here as this
method should only be called for output (i.e., unoptimized) frames. The same
goes for ComputeParametersCount and GetExpression.

[mvstanton, 2015/03/20 12:21:09]

Good point, I've fixed it. That change came out of a kind of dogmatic
refactoring to tolerate StackFrame::OPTIMIZED at downwind locations. 

However, ComputeParametersCount() still needs the check. The reason is that even
though it's nonsensical to examine "expressions" in an optimized frame, it does
happen that we want to know the parameters translation for them. A
FrameDescription is created for the optimized input frame on deoptimization, and
we call ComputeParamersCount() on it.

   unsigned size = GetFrameSize() - ComputeFixedSize();
   return size / kPointerSize;
 }
 
 
 Object* FrameDescription::GetExpression(int index) {
-  DCHECK_EQ(StackFrame::JAVA_SCRIPT, type_);
+  DCHECK(type_ == StackFrame::JAVA_SCRIPT || type_ == StackFrame::OPTIMIZED);
   unsigned offset = GetOffsetFromSlotIndex(index);
   return reinterpret_cast<Object*>(*GetFrameSlotPointer(offset));
 }
 
 
 void TranslationBuffer::Add(int32_t value, Zone* zone) {
   // Encode the sign bit in the least significant bit.
   bool is_negative = (value < 0);
   uint32_t bits = ((is_negative ? -value : value) << 1) |
       static_cast<int32_t>(is_negative);
@@ skipping 763 matching lines @@
            Deoptimizer::GetDeoptimizationId(isolate, info->target_address(),
                                             Deoptimizer::LAZY))) {
         CHECK(RelocInfo::IsRuntimeEntry(info->rmode()));
         return DeoptInfo(last_position, NULL, last_reason);
       }
     }
   }
   return DeoptInfo(0, NULL, Deoptimizer::kNoReason);
 }
 } }  // namespace v8::internal