[Compiler] asm.js instantiate failures should call CompileLazy builtin.

Have asm.js instantiate failures tail call the function object again, which
has been reset to the CompileLazy builtin, rather than explicitly calling
the CompileLazy runtime function. This ensures that we call any optimized
code or respect the optimization marker on the feedback vector, and can
introduce DCHECKS in Compiler::Compile to this effect.

Change-Id: I69a1de006c4da8f667a3e8ae8cf69ecf241dae9a
Reviewed-on: https://chromium-review.googlesource.com/618714
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47402}

src/builtins/arm/builtins-arm.cc

@@ -1578,8 +1578,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ pop(r0);
     __ SmiUntag(r0);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ ldr(r4, FieldMemOperand(r1, JSFunction::kCodeOffset));
+  __ add(r4, r4, Operand(Code::kHeaderSize - kHeapObjectTag));
+  __ Jump(r4);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/arm64/builtins-arm64.cc

@@ -1595,8 +1595,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(x3, x1, x0);
     __ SmiUntag(x0);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ Ldr(x4, FieldMemOperand(x1, JSFunction::kCodeOffset));
+  __ Add(x4, x4, Operand(Code::kHeaderSize - kHeapObjectTag));
+  __ Jump(x4);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/ia32/builtins-ia32.cc

@@ -1364,8 +1364,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ pop(eax);
     __ SmiUntag(eax);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ mov(ecx, FieldOperand(edi, JSFunction::kCodeOffset));
+  __ add(ecx, Immediate(Code::kHeaderSize - kHeapObjectTag));
+  __ jmp(ecx);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/mips/builtins-mips.cc

@@ -1555,8 +1555,10 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(a0, a1, a3);
     __ SmiUntag(a0);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ lw(t0, FieldMemOperand(a1, JSFunction::kCodeOffset));
+  __ Jump(t0, Code::kHeaderSize - kHeapObjectTag);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/mips64/builtins-mips64.cc

@@ -1560,8 +1560,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(a0, a1, a3);
     __ SmiUntag(a0);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ Ld(t0, FieldMemOperand(a1, JSFunction::kCodeOffset));
+  __ Daddu(t0, t0, Operand(Code::kHeaderSize - kHeapObjectTag));
+  __ Jump(t0);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/ppc/builtins-ppc.cc

@@ -1605,8 +1605,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(r3, r4, r6);
     __ SmiUntag(r3);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ LoadP(ip, FieldMemOperand(r4, JSFunction::kCodeOffset));
+  __ addi(ip, ip, Operand(Code::kHeaderSize - kHeapObjectTag));
+  __ JumpToJSEntry(ip);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/s390/builtins-s390.cc

@@ -1600,8 +1600,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(r2, r3, r5);
     __ SmiUntag(r2);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ LoadP(ip, FieldMemOperand(r3, JSFunction::kCodeOffset));
+  __ AddP(ip, ip, Operand(Code::kHeaderSize - kHeapObjectTag));
+  __ JumpToJSEntry(ip);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/builtins/x64/builtins-x64.cc

@@ -1341,8 +1341,11 @@ void Builtins::Generate_InstantiateAsmJs(MacroAssembler* masm) {
     __ Pop(rax);
     __ SmiToInteger32(rax, rax);
   }
-  // On failure, tail call back to regular js.
-  GenerateTailCallToReturnedCode(masm, Runtime::kCompileLazy);
+  // On failure, tail call back to regular js by re-calling the function
+  // which has be reset to the compile lazy builtin.
+  __ movp(rcx, FieldOperand(rdi, JSFunction::kCodeOffset));
+  __ addp(rcx, Immediate(Code::kHeaderSize - kHeapObjectTag));
+  __ jmp(rcx);
 }
 
 static void GenerateMakeCodeYoungAgainCommon(MacroAssembler* masm) {

src/compiler.cc

@@ -923,9 +923,8 @@ bool Compiler::Compile(Handle<JSFunction> function, ClearExceptionFlag flag) {
   // We should never reach here if the function is already compiled or optimized
   DCHECK(!function->is_compiled());
   DCHECK(!function->IsOptimized());
-  // TODO(leszeks): DCHECK that there there aren't any optimization markers or
-  // optimized code on the feedback vector once asm.js calls the compile lazy
-  // builtin rather than the runtime function.
+  DCHECK(!function->HasOptimizationMarker());
+  DCHECK(!function->HasOptimizedCode());
 
   Isolate* isolate = function->GetIsolate();
   Handle<SharedFunctionInfo> shared_info = handle(function->shared());