Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(562)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 8492004: Fix lazy deoptimization at HInvokeFunction and enable target-recording call-function stub. (Closed)

Created:
9 years, 1 month ago by fschneider
Modified:
9 years, 1 month ago
CC:
v8-dev
Visibility:
Public.

Description

Fix lazy deoptimization at HInvokeFunction and enable target-recording call-function stub. Changes the way we do lazy deoptimization: 1. For side-effect instructions, we insert the lazy-deopt call at the following LLazyBailout instruction. CALL GAP LAZY-BAILOUT ==> lazy-deopt-call 2. For other instructions (StackCheck) we insert it right after the instruction since the deopt targets an earlier deoptimization environment. STACK-CHECK GAP ==> lazy-deopt-call The pc of the lazy-deopt call that will be patched in is recorded in the deoptimization input data. Each Lithium instruction can have 0..n safepoints. All safepoints get the deoptimization index of the associated LAZY-BAILOUT instruction. On lazy deoptimization we use the return-pc to find the safepoint. The safepoint tells us the deoptimization index, which in turn finds us the PC where to insert the lazy-deopt-call. Additional changes: * RegExpLiteral marked it as having side-effects so that it gets an explicitlazy-bailout instruction (instead of treating it specially like stack-checks) * Enable target recording CallFunctionStub to achieve more inlining on optimized code. BUG=v8:1789 TEST=jslint and uglify run without crashing, mjsunit/compiler/regress-lazy-deopt.js Committed: http://code.google.com/p/v8/source/detail?r=10006

Patch Set 1 #

Patch Set 2 : working ia32 version #

Patch Set 3 : fixed resizing of reloc info, --print-code flag and presubmit errors #

Patch Set 4 : added unit test #

Total comments: 14

Patch Set 5 : addressed comments #

Patch Set 6 : Port to x64 and ARM. #

Patch Set 7 : fixed missing deopt index on ARM. #

Total comments: 8

Patch Set 8 : '' #

Patch Set 9 : added nop-padding and assertions on all platforms #

Unified diffs Side-by-side diffs Delta from patch set Stats (+548 lines, -805 lines) Patch
M src/arm/deoptimizer-arm.cc View 1 2 3 4 5 6 7 8 3 chunks +22 lines, -54 lines 0 comments Download
M src/arm/lithium-codegen-arm.h View 1 2 3 4 5 6 7 6 chunks +15 lines, -13 lines 0 comments Download
M src/arm/lithium-codegen-arm.cc View 1 2 3 4 5 6 7 8 27 chunks +98 lines, -124 lines 0 comments Download
M src/deoptimizer.cc View 1 2 3 4 5 6 7 1 chunk +2 lines, -16 lines 0 comments Download
M src/hydrogen-instructions.h View 1 2 3 4 5 6 7 1 chunk +1 line, -0 lines 0 comments Download
M src/ia32/deoptimizer-ia32.cc View 1 2 3 4 5 6 7 8 4 chunks +48 lines, -70 lines 0 comments Download
M src/ia32/full-codegen-ia32.cc View 1 2 3 4 5 6 7 1 chunk +1 line, -3 lines 0 comments Download
M src/ia32/lithium-codegen-ia32.h View 1 2 3 4 5 6 7 7 chunks +13 lines, -21 lines 0 comments Download
M src/ia32/lithium-codegen-ia32.cc View 1 2 3 4 5 6 7 8 27 chunks +98 lines, -114 lines 0 comments Download
M src/ia32/lithium-ia32.h View 1 2 3 4 5 6 7 1 chunk +0 lines, -10 lines 0 comments Download
M src/lithium.h View 1 2 3 4 5 6 7 4 chunks +7 lines, -1 line 0 comments Download
M src/objects.h View 1 2 3 4 5 6 7 2 chunks +3 lines, -1 line 0 comments Download
M src/objects.cc View 1 2 3 4 5 6 7 8 1 chunk +6 lines, -3 lines 0 comments Download
M src/safepoint-table.h View 1 2 3 4 5 6 7 5 chunks +29 lines, -49 lines 0 comments Download
M src/safepoint-table.cc View 1 2 3 4 5 6 7 4 chunks +24 lines, -36 lines 0 comments Download
M src/x64/deoptimizer-x64.cc View 1 2 3 4 5 6 7 8 3 chunks +16 lines, -131 lines 0 comments Download
M src/x64/lithium-codegen-x64.h View 1 2 3 4 5 6 7 7 chunks +15 lines, -14 lines 0 comments Download
M src/x64/lithium-codegen-x64.cc View 1 2 3 4 5 6 7 8 27 chunks +94 lines, -142 lines 0 comments Download
M test/mjsunit/compiler/regress-funcaller.js View 1 2 3 4 5 6 7 4 chunks +8 lines, -3 lines 0 comments Download
A test/mjsunit/compiler/regress-lazy-deopt.js View 1 2 3 1 chunk +48 lines, -0 lines 0 comments Download

Messages

Total messages: 5 (0 generated)
fschneider
This is ia32 only.
9 years, 1 month ago (2011-11-09 14:16:22 UTC) #1
Vyacheslav Egorov (Chromium)
lgtm http://codereview.chromium.org/8492004/diff/15004/src/ia32/deoptimizer-ia32.cc File src/ia32/deoptimizer-ia32.cc (right): http://codereview.chromium.org/8492004/diff/15004/src/ia32/deoptimizer-ia32.cc#newcode62 src/ia32/deoptimizer-ia32.cc:62: Address curr_reloc_address = code_start_address + pc_offset; You can ...
9 years, 1 month ago (2011-11-10 15:50:54 UTC) #2
fschneider
Ported to ARM and x64. Please review the new files. http://codereview.chromium.org/8492004/diff/15004/src/ia32/deoptimizer-ia32.cc File src/ia32/deoptimizer-ia32.cc (right): http://codereview.chromium.org/8492004/diff/15004/src/ia32/deoptimizer-ia32.cc#newcode62 ...
9 years, 1 month ago (2011-11-11 14:09:08 UTC) #3
Vyacheslav Egorov (Chromium)
lgtm http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm.cc File src/arm/lithium-codegen-arm.cc (left): http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm.cc#oldcode282 src/arm/lithium-codegen-arm.cc:282: __ nop(); Maybe add an assertion to check ...
9 years, 1 month ago (2011-11-15 12:03:56 UTC) #4
fschneider
9 years, 1 month ago (2011-11-15 13:35:24 UTC) #5 
Added function EnsureSpaceForLazyDeopt() on all platforms. It inserts
nop-padding when needed at each LLazyBailout instruction and at the end of the
function body.

It turns out that a function ending with a Throw has a lazy-bailout as last
instruction and therefore needs padding before emitting the deopt data table.

http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm.cc
File src/arm/lithium-codegen-arm.cc (left):

http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm...
src/arm/lithium-codegen-arm.cc:282: __ nop();
On 2011/11/15 12:03:56, Vyacheslav Egorov wrote:
> Maybe add an assertion to check that we always have enough space for patching
> (or at least a comment about why it is so).
> 
> Especially interesting is the case at the end of the function: @call
> @lazy-bailout @return

Done.

http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm.cc
File src/arm/lithium-codegen-arm.cc (right):

http://codereview.chromium.org/8492004/diff/27004/src/arm/lithium-codegen-arm...
src/arm/lithium-codegen-arm.cc:4515:
safepoints_.RecordLazyDeoptimizationIndex(env->deoptimization_index());
On 2011/11/15 12:03:56, Vyacheslav Egorov wrote:
> I think it should emit nop padding (the one removed from SafepointGenerator).

Done.

http://codereview.chromium.org/8492004/diff/27004/src/ia32/lithium-codegen-ia...
File src/ia32/lithium-codegen-ia32.cc (right):

http://codereview.chromium.org/8492004/diff/27004/src/ia32/lithium-codegen-ia...
src/ia32/lithium-codegen-ia32.cc:4422:
safepoints_.RecordLazyDeoptimizationIndex(env->deoptimization_index());
On 2011/11/15 12:03:56, Vyacheslav Egorov wrote:
> Are we sure we always have enough space between lazy-bailout and other lazy
> bailout or the end of the code?
> 
> If we are sure please add a comment explaining why and assertion.

Done.

http://codereview.chromium.org/8492004/diff/27004/src/x64/lithium-codegen-x64.cc
File src/x64/lithium-codegen-x64.cc (right):

http://codereview.chromium.org/8492004/diff/27004/src/x64/lithium-codegen-x64...
src/x64/lithium-codegen-x64.cc:4128:
safepoints_.RecordLazyDeoptimizationIndex(env->deoptimization_index());
On 2011/11/15 12:03:56, Vyacheslav Egorov wrote:
> This code does not pad the last @lazy-bailout in the code.

Done.

Powered by Google App Engine
This is Rietveld 408576698