[v8-dev] Remove separate construct stub for new.target users. (issue 1213623020 by mstarzinger@chromium.org)

[mstarzinger]

Reviewers: arv, Benedikt Meurer,

https://codereview.chromium.org/1213623020/diff/1/src/ia32/builtins-ia32.cc
File src/ia32/builtins-ia32.cc (right):

https://codereview.chromium.org/1213623020/diff/1/src/ia32/builtins-ia32.cc#newcode108
src/ia32/builtins-ia32.cc:108: int offset = kPointerSize;
There actually seems to be a off-by-one here in the original
implementation. I wonder how this ever worked.

Description:
Remove separate construct stub for new.target users.

R=bmeu...@chromium.org

Please review this at https://codereview.chromium.org/1213623020/

Base URL: https://chromium.googlesource.com/v8/v8.git@master

Affected files (+19, -36 lines):
  M src/builtins.h
  M src/compiler.cc
  M src/deoptimizer.cc
  M src/frames.h
  M src/ia32/builtins-ia32.cc


Index: src/builtins.h
diff --git a/src/builtins.h b/src/builtins.h
index  
e1e202b3f724cabca5529a821d3d6e6fdbec8838..e3cfb0c3d854589fa443893ae39cd59b16fad0c2  
100644
--- a/src/builtins.h
+++ b/src/builtins.h
@@ -70,7 +70,6 @@ enum BuiltinExtraArguments {
   V(JSConstructStubGeneric, BUILTIN, UNINITIALIZED,  
kNoExtraICState)         \
   V(JSConstructStubForDerived, BUILTIN, UNINITIALIZED,  
kNoExtraICState)      \
   V(JSConstructStubApi, BUILTIN, UNINITIALIZED,  
kNoExtraICState)             \
-  V(JSConstructStubNewTarget, BUILTIN, UNINITIALIZED,  
kNoExtraICState)       \
   V(JSEntryTrampoline, BUILTIN, UNINITIALIZED,  
kNoExtraICState)              \
   V(JSConstructEntryTrampoline, BUILTIN, UNINITIALIZED,  
kNoExtraICState)     \
   V(CompileLazy, BUILTIN, UNINITIALIZED,  
kNoExtraICState)                    \
@@ -317,7 +316,6 @@ class Builtins {
   static void Generate_JSConstructStubGeneric(MacroAssembler* masm);
   static void Generate_JSConstructStubForDerived(MacroAssembler* masm);
   static void Generate_JSConstructStubApi(MacroAssembler* masm);
-  static void Generate_JSConstructStubNewTarget(MacroAssembler* masm);
   static void Generate_JSEntryTrampoline(MacroAssembler* masm);
   static void Generate_JSConstructEntryTrampoline(MacroAssembler* masm);
   static void Generate_NotifyDeoptimized(MacroAssembler* masm);
Index: src/compiler.cc
diff --git a/src/compiler.cc b/src/compiler.cc
index  
0f3ebe0e6726666acba53cb8745366e992aed288..fbe885fe1c948dfb0c6504052a8b01f3d405f349  
100644
--- a/src/compiler.cc
+++ b/src/compiler.cc
@@ -1443,11 +1443,6 @@ Handle<SharedFunctionInfo>  
Compiler::GetSharedFunctionInfo(
     // first time. It may have already been compiled previously.
     result->set_never_compiled(outer_info->is_first_compile() && lazy);

-    if (literal->scope()->new_target_var() != nullptr) {
-      Handle<Code> stub(isolate->builtins()->JSConstructStubNewTarget());
-      result->set_construct_stub(*stub);
-    }
-
     RecordFunctionCompilation(Logger::FUNCTION_TAG, &info, result);
     result->set_allows_lazy_compilation(literal->AllowsLazyCompilation());
      
result->set_allows_lazy_compilation_without_context(allow_lazy_without_ctx);
Index: src/deoptimizer.cc
diff --git a/src/deoptimizer.cc b/src/deoptimizer.cc
index  
684a37ff87ee10abe9b965a390a12c51f22f0414..40f1db3d57aead60040ffc849f5d7b27f7bfd13b  
100644
--- a/src/deoptimizer.cc
+++ b/src/deoptimizer.cc
@@ -1230,6 +1230,12 @@ void  
Deoptimizer::DoComputeConstructStubFrame(TranslationIterator* iterator,
     PrintF(trace_scope_->file(), "(%d)\n", height - 1);
   }

+  // The original constructor.
+  output_offset -= kPointerSize;
+  value = reinterpret_cast<intptr_t>(isolate_->heap()->undefined_value());
+  output_frame->SetFrameSlot(output_offset, value);
+  DebugPrintOutputSlot(value, frame_index, output_offset, "new.target\n");
+
   // The newly allocated object was passed as receiver in the artificial
   // constructor stub environment created by  
HEnvironment::CopyForInlining().
   output_offset -= kPointerSize;
Index: src/frames.h
diff --git a/src/frames.h b/src/frames.h
index  
910dc18cfbf70c5942483b02eadb4001c768d0aa..0d2a2e3aa832d055d0ac269a58ed5d7641a792fd  
100644
--- a/src/frames.h
+++ b/src/frames.h
@@ -155,7 +155,7 @@ class ConstructFrameConstants : public AllStatic {
  public:
   // FP-relative.
   static const int kImplicitReceiverOffset =
-      StandardFrameConstants::kExpressionsOffset - 2 * kPointerSize;
+      StandardFrameConstants::kExpressionsOffset - 3 * kPointerSize;
   static const int kOriginalConstructorOffset =
       StandardFrameConstants::kExpressionsOffset - 2 * kPointerSize;
   static const int kLengthOffset =
@@ -164,7 +164,7 @@ class ConstructFrameConstants : public AllStatic {
       StandardFrameConstants::kExpressionsOffset - 0 * kPointerSize;

   static const int kFrameSize =
-      StandardFrameConstants::kFixedFrameSize + 3 * kPointerSize;
+      StandardFrameConstants::kFixedFrameSize + 4 * kPointerSize;
 };


Index: src/ia32/builtins-ia32.cc
diff --git a/src/ia32/builtins-ia32.cc b/src/ia32/builtins-ia32.cc
index  
ef9f30d715106dea2224cab66c426bbc8842d75e..b195c4e0cdf52c6c32e0b2c24a7b88f6a61feab9  
100644
--- a/src/ia32/builtins-ia32.cc
+++ b/src/ia32/builtins-ia32.cc
@@ -105,12 +105,12 @@ static void  
Generate_Runtime_NewObject(MacroAssembler* masm,
                                        Register original_constructor,
                                        Label* count_incremented,
                                        Label* allocated) {
-  int offset = 0;
+  int offset = kPointerSize;
   if (create_memento) {
     // Get the cell or allocation site.
-    __ mov(edi, Operand(esp, kPointerSize * 2));
+    __ mov(edi, Operand(esp, kPointerSize * 3));
     __ push(edi);
-    offset = kPointerSize;
+    offset += kPointerSize;
   }

   // Must restore esi (context) and edi (constructor) before calling
@@ -138,7 +138,6 @@ static void Generate_Runtime_NewObject(MacroAssembler*  
masm,

 static void Generate_JSConstructStubHelper(MacroAssembler* masm,
                                            bool is_api_function,
-                                           bool use_new_target,
                                            bool create_memento) {
   // ----------- S t a t e -------------
   //  -- eax: number of arguments
@@ -163,9 +162,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,
     __ SmiTag(eax);
     __ push(eax);
     __ push(edi);
-    if (use_new_target) {
-      __ push(edx);
-    }
+    __ push(edx);

     __ cmp(edx, edi);
     Label normal_new;
@@ -393,8 +390,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,
     __ bind(&allocated);

     if (create_memento) {
-      int offset = (use_new_target ? 3 : 2) * kPointerSize;
-      __ mov(ecx, Operand(esp, offset));
+      __ mov(ecx, Operand(esp, 3 * kPointerSize));
       __ cmp(ecx, masm->isolate()->factory()->undefined_value());
       __ j(equal, &count_incremented);
       // ecx is an AllocationSite. We are creating a memento from it, so we
@@ -405,9 +401,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,
     }

     // Restore the parameters.
-    if (use_new_target) {
-      __ pop(edx);  // new.target
-    }
+    __ pop(edx);  // new.target
     __ pop(edi);  // Constructor function.

     // Retrieve smi-tagged arguments count from the stack.
@@ -416,9 +410,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,

     // Push new.target onto the construct frame. This is stored just below  
the
     // receiver on the stack.
-    if (use_new_target) {
-      __ push(edx);
-    }
+    __ push(edx);

     // Push the allocated receiver to the stack. We need two copies
     // because we may have to return the original one and the calling
@@ -452,9 +444,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,
     }

     // Store offset of return address for deoptimizer.
-    // TODO(arv): Remove the "!use_new_target" before supporting  
optimization
-    // of functions that reference new.target
-    if (!is_api_function && !use_new_target) {
+    if (!is_api_function) {
        
masm->isolate()->heap()->SetConstructStubDeoptPCOffset(masm->pc_offset());
     }

@@ -482,8 +472,7 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,
     // Restore the arguments count and leave the construct frame. The  
arguments
     // count is stored below the reciever and the new.target.
     __ bind(&exit);
-    int offset = (use_new_target ? 2 : 1) * kPointerSize;
-    __ mov(ebx, Operand(esp, offset));
+    __ mov(ebx, Operand(esp, 2 * kPointerSize));

     // Leave construct frame.
   }
@@ -499,17 +488,12 @@ static void  
Generate_JSConstructStubHelper(MacroAssembler* masm,


 void Builtins::Generate_JSConstructStubGeneric(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, false, false,  
FLAG_pretenuring_call_new);
+  Generate_JSConstructStubHelper(masm, false, FLAG_pretenuring_call_new);
 }


 void Builtins::Generate_JSConstructStubApi(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, true, false, false);
-}
-
-
-void Builtins::Generate_JSConstructStubNewTarget(MacroAssembler* masm) {
-  Generate_JSConstructStubHelper(masm, false, true,  
FLAG_pretenuring_call_new);
+  Generate_JSConstructStubHelper(masm, true, false);
 }




--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.