All of this is controlled by the CallDescriptor. It's simply the case
that if you specify less registers than the function arity calls for,
the rest are assumed to be on the stack.
Bailout handlers accept these constant stack arguments too.
BUG=
Review URL: https://codereview.chromium.org/1250563004
Cr-Commit-Position: refs/heads/master@{#29813}
This reverts commit 80b3f16951.
Revert "Record code slots that may point to evacuation candidate objects after deoptimizing them."
This reverts commit 4621210cfe.
BUG=chromium:507840
LOG=n
Review URL: https://codereview.chromium.org/1239383004
Cr-Commit-Position: refs/heads/master@{#29778}
Additionally, push the allocation site or undefined independently of creating a memento to preserve a fixed size for the construct frames.
BUG=
Review URL: https://codereview.chromium.org/1239593003
Cr-Commit-Position: refs/heads/master@{#29719}
Note that there are currently no objects that require a pre-allocated
properties backing store, all such slots are in-object properties from
the begining. Hence {unused + pre_allocated - inobject == 0} holds.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/1226203011
Cr-Commit-Position: refs/heads/master@{#29590}
The only right way to enable access checks is to install access check callbacks on an object template via v8::ObjectTemplate::SetAccessCheckCallbacks(). It does not make sense to enable access checks on an arbitrary object.
Review URL: https://codereview.chromium.org/1217893012
Cr-Commit-Position: refs/heads/master@{#29439}
Up until now the context register was listed explicitly in each stub's
CallInterfaceDescriptor. This was problematic, because it was listed
first in the list of register parameters--which is fine for Crankshaft,
which is more or less built to handle the context as the first
parameter-- but not ideal for TurboFan, which adds the context at
the end of all function parameters. Now the context register is no
longer in the register list and can be handled appropriately by both
compilers. Specifically, this allows the FunctionType specified for
each CallInterfaceDescriptor to exactly match the parameter register
list.
Review URL: https://codereview.chromium.org/1211333003
Cr-Commit-Position: refs/heads/master@{#29402}
On MIPS32 we can't read a 8 bytes long data from a not 8 bytes aligned memory address.
BUG=
TEST=mjsunit/debug-backtrace
Review URL: https://codereview.chromium.org/1193433002
Cr-Commit-Position: refs/heads/master@{#29100}
Up until now we can only inline based on JSFunction, because of the way
the deoptimization works. With this change we will be able to inline
based on the SharedFunctionInfo and materialize the JSFunction from a
literal or a stack slot when necessary.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1169103004
Cr-Commit-Position: refs/heads/master@{#28906}
Use the new TranslatedState and friends, which work at a higher level
than the TranslationIterator, which will make it easier to change the
deoptimization commands in subsequent CLs.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1166353004
Cr-Commit-Position: refs/heads/master@{#28862}
This unifies methods Deoptimizer::DoTranslateCommand, Deotpimizer::DoTranslateObject and the arguments object materializer.
To unify these, we have to separate reading of the input frame from writing to the output frame because the argument materializer does not write to output frames.
Instead, we now deoptimize in following stages:
1. Read out the input frame/registers, decode them using the translations from the deoptimizer and store them in the deoptimizer (Deoptimizer::translated_state_). This is done in TranslatedState::Init.
2. Write out into the output frame buffer all the values that do not require allocation. We also remember references to the values that require materialization. As before, this is done in Deoptimizer::DoCompute*Frame method, but instead calling to DoTranslateCommand, we use the translated frame to obtain the values and write them to the output frames.
3. The platform specific code then sets up the output frames and calls into the deoptimization notification. This has not been changed at all.
4. Once the stack is setup, we handlify all the references in the saved translated values (TranslatedState::Prepare).
5. Finally, we materialize all the values we remembered in step (1) and write them to their frames on the stack (using the TranslatedValue::GetValue method).
BUG=
Review URL: https://codereview.chromium.org/1136223004
Cr-Commit-Position: refs/heads/master@{#28826}
Embed constant pools within their corresponding Code
objects.
This removes support for out-of-line constant pools in favor
of the new approach -- the main advantage being that it
eliminates the need to allocate and manage separate constant
pool array objects.
Currently supported on PPC and ARM. Enabled by default on
PPC only.
This yields a 6% improvment in Octane on PPC64.
R=bmeurer@chromium.org, rmcilroy@chromium.org, michael_dawson@ca.ibm.com
BUG=chromium:478811
LOG=Y
Review URL: https://codereview.chromium.org/1162993006
Cr-Commit-Position: refs/heads/master@{#28801}
When compiling on a laptop I like to concatenate the small test files.
This makes a big difference to compile times. These changes make that
easier.
R=ulan@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1163803002
Cr-Commit-Position: refs/heads/master@{#28742}
Replace the --turbo-deoptimization flag with --turbo-asm-deoptimization
and enable deoptimization for non-asm.js TurboFan code unconditionally.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1153483002
Cr-Commit-Position: refs/heads/master@{#28543}
TurboFan compilation was committing dependencies long before the
optimized function made it's way into the optimized code list for
the native context. The problem is that once the code pointer is out
there in dependency arrays, it is eligible for deopt. But the deopt
logic needs the code to be in the optimized code list to fully do it's
job.
BUG=
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1136693003
Cr-Commit-Position: refs/heads/master@{#28312}
AFAICT none of these can actually be triggered currently; but it's still good to harden the code a little.
Review URL: https://codereview.chromium.org/1058533007
Cr-Commit-Position: refs/heads/master@{#27848}
Deoptimization infrastructure already handles it correctly.
This change fixes repetitive deoptimizations in the code like this:
var u32 = new Uint32Array(1);
u32[0] = -1;
function tr(x) { return x|0; }
function ld() { return tr(u32[0]); }
while (true) ld();
Currently inlined tr will contain HArgumentsObject that is considered uint32-unsafe use and prevents u32[0] from becoming uint32 load - instead a speculative int32 load is generated which just deopts.
BUG=
Review URL: https://codereview.chromium.org/1077113002
Cr-Commit-Position: refs/heads/master@{#27781}
The original code always returned the first entry from RelocInfo that matched with
bailout_id. But we may have a few different deopt reasons for one bailout_id.
So we need to get the one which matches with a particular call from JumpTable.
We can do this by checking not 'target_address' (it maps to bailout_id)
but 'from' address which maps to a particular JumpTable entry.
The test was reworked so it tests identical functions against different reasons.
BUG=chromium:452067
LOG=n
Review URL: https://codereview.chromium.org/984773003
Cr-Commit-Position: refs/heads/master@{#27076}
Save Unknown position as zero in RelocInfo.
Remove copy constructor of SourcePosition because it is trivial.
Mechanical replace int raw_position with SourcePosition position.
BUG=452067
LOG=n
Review URL: https://codereview.chromium.org/959203002
Cr-Commit-Position: refs/heads/master@{#26916}
We accessed to cpu_profiler for tracking SharedFunctionInfo objects movements and used their addresses for generating function_id. Actually we could replace the manually generated shared_id by the pair script_id + position. In this case we can drop SharedFunctionInfo events support from cpu_profiler and remove the dependency.
BTW GetCallUid was used as an unique identifier of the function on the front-end side. Actually it is a hash which might not be unique. So I renamed GetCallUid with GetHash and implemented GetFunctionId method.
BUG=452067
LOG=n
Review URL: https://codereview.chromium.org/941973002
Cr-Commit-Position: refs/heads/master@{#26775}
1) Deoptimizer::Reason was replaced with Deoptimizer::DeoptInfo
because it also has raw position. Also the old name clashes with DeoptReason enum.
2) c_entry_fp assignment call was added to EntryGenerator::Generate
So we can calculate sp and have a chance to record the stack for the deopting function.
btw it makes the test stable.
3) new kind of CodeEvents was added to cpu-profiler
4) GetDeoptInfo method was extracted from PrintDeoptLocation.
So it could be reused in cpu profiler.
BUG=452067
LOG=n
Review URL: https://codereview.chromium.org/910773002
Cr-Commit-Position: refs/heads/master@{#26545}
1) The hardcoded strings were converted into DeoptReason enum.
2) Deopt comment were converted into a pair location and deopt reason entries so
the deopt reason tracking mode would less affect the size of the RelocInfo table and heap.
3) DeoptReason entry in RelocInfo reuses kCommentTag value and generates short entry in RelocInfo table.
BUG=452067
LOG=n
Committed: https://crrev.com/c49820e45b57f128a98690940875c049f612dde6
Cr-Commit-Position: refs/heads/master@{#26434}
Committed: https://crrev.com/ec42e002da03adb2db968dd5b7453341ddc59a5c
Cr-Commit-Position: refs/heads/master@{#26448}
Review URL: https://codereview.chromium.org/874323003
Cr-Commit-Position: refs/heads/master@{#26463}
Reason for revert:
This CL breaks RelocInfo::INTERNAL_REFERENCE (and maybe others that come after DEOPT_REASON), which is currently (mostly) unused on tip-of-tree, but will be used for jump tables soon(ish) and should therefore work. It seems to be a problem with implicitly assumptions about the number of reloc info modes. Needs further investigation.
Original issue's description:
> Externalize deoptimization reasons.
>
> 1) The hardcoded strings were converted into DeoptReason enum.
>
> 2) Deopt comment were converted into a pair location and deopt reason entries so
> the deopt reason tracking mode would less affect the size of the RelocInfo table and heap.
>
> 3) DeoptReason entry in RelocInfo reuses kCommentTag value and generates short entry in RelocInfo table.
>
> BUG=452067
> LOG=n
>
> Committed: https://crrev.com/c49820e45b57f128a98690940875c049f612dde6
> Cr-Commit-Position: refs/heads/master@{#26434}
>
> Committed: https://crrev.com/ec42e002da03adb2db968dd5b7453341ddc59a5c
> Cr-Commit-Position: refs/heads/master@{#26448}
TBR=alph@chromium.org,mstarzinger@chromium.org,svenpanne@chromium.org,yurys@chromium.org,loislo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=452067
Review URL: https://codereview.chromium.org/900223002
Cr-Commit-Position: refs/heads/master@{#26457}
1) The hardcoded strings were converted into DeoptReason enum.
2) Deopt comment were converted into a pair location and deopt reason entries so
the deopt reason tracking mode would less affect the size of the RelocInfo table and heap.
3) DeoptReason entry in RelocInfo reuses kCommentTag value and generates short entry in RelocInfo table.
BUG=452067
LOG=n
Committed: https://crrev.com/c49820e45b57f128a98690940875c049f612dde6
Cr-Commit-Position: refs/heads/master@{#26434}
Review URL: https://codereview.chromium.org/874323003
Cr-Commit-Position: refs/heads/master@{#26448}
Reason for revert:
it broke the build
Original issue's description:
> Externalize deoptimization reasons.
>
> 1) The hardcoded strings were converted into DeoptReason enum.
>
> 2) Deopt comment were converted into a pair location and deopt reason entries so
> the deopt reason tracking mode would less affect the size of the RelocInfo table and heap.
>
> 3) DeoptReason entry in RelocInfo reuses kCommentTag value and generates short entry in RelocInfo table.
>
> BUG=452067
> LOG=n
>
> Committed: https://crrev.com/c49820e45b57f128a98690940875c049f612dde6
> Cr-Commit-Position: refs/heads/master@{#26434}
TBR=alph@chromium.org,mstarzinger@chromium.org,svenpanne@chromium.org,yurys@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=452067
Review URL: https://codereview.chromium.org/892843007
Cr-Commit-Position: refs/heads/master@{#26435}
1) The hardcoded strings were converted into DeoptReason enum.
2) Deopt comment were converted into a pair location and deopt reason entries so
the deopt reason tracking mode would less affect the size of the RelocInfo table and heap.
3) DeoptReason entry in RelocInfo reuses kCommentTag value and generates short entry in RelocInfo table.
BUG=452067
LOG=n
Review URL: https://codereview.chromium.org/874323003
Cr-Commit-Position: refs/heads/master@{#26434}
