Issue 184923002: Clear optimized code cache in shared function info when code gets deoptimized

Issue 184923002: Clear optimized code cache in shared function info when code gets deoptimized (Closed)

Created:
6 years, 9 months ago by ulan

Modified:
6 years, 9 months ago

Reviewers:
titzer, Yang, Jakob Kummerow

CC:
v8-dev

Base URL:
https://v8.googlecode.com/svn/branches/bleeding_edge

Visibility:
Public.

More Reviews

Description

Clear optimized code cache in shared function info when code gets deoptimized. This adds a pointer to the shared function info into deoptimization data of an optimized code. Whenever the code is deoptimized, it clears the cache in the shared function info. This fixes the problem when the optimized function dies in new space GC before the code is deoptimized due to code dependency and before the optimized code cache is cleared in old space GC (see mjsunit/regress/regress-343609.js). This partially reverts r19603 because we need to be able to evict specific code from the optimized code cache. BUG=343609 LOG=Y TEST=mjsunit/regress/regress-343609.js R=yangguo@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=19635

Patch Set 1 : #

Total comments: 5

Patch Set 2 : add comments #

Total comments: 2

Patch Set 3 : Fix comment #

Patch Set 4 : Add expose-gc flag #

Patch Set 5 : Fix assert #

Total comments: 2

Created: 6 years, 9 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+166 lines, -55 lines)			Patch
M	src/a64/deoptimizer-a64.cc	View	1 2	1 chunk	+5 lines, -3 lines	0 comments	Download
M	src/a64/lithium-codegen-a64.cc	View		1 chunk	+5 lines, -0 lines	0 comments	Download
M	src/arm/deoptimizer-arm.cc	View	1 2	1 chunk	+5 lines, -2 lines	0 comments	Download
M	src/arm/lithium-codegen-arm.cc	View	1 2 3 4	1 chunk	+7 lines, -0 lines	0 comments	Download
M	src/compiler.cc	View		1 chunk	+1 line, -4 lines	0 comments	Download
M	src/deoptimizer.cc	View		1 chunk	+0 lines, -2 lines	0 comments	Download
M	src/factory.cc	View	1 2 3 4	1 chunk	+1 line, -0 lines	0 comments	Download
M	src/ia32/deoptimizer-ia32.cc	View	1 2	2 chunks	+5 lines, -3 lines	0 comments	Download
M	src/ia32/lithium-codegen-ia32.cc	View	1 2 3 4	1 chunk	+7 lines, -0 lines	0 comments	Download
M	src/mips/deoptimizer-mips.cc	View	1 2	1 chunk	+5 lines, -2 lines	0 comments	Download
M	src/mips/lithium-codegen-mips.cc	View	1 2 3 4	1 chunk	+7 lines, -0 lines	0 comments	Download
M	src/objects.h	View		3 chunks	+5 lines, -4 lines	0 comments	Download
M	src/objects.cc	View		1 chunk	+25 lines, -29 lines	2 comments	Download
M	src/objects-inl.h	View		1 chunk	+0 lines, -2 lines	0 comments	Download
M	src/runtime.cc	View		2 chunks	+4 lines, -4 lines	0 comments	Download
M	src/x64/deoptimizer-x64.cc	View	1 2	1 chunk	+6 lines, -0 lines	0 comments	Download
M	src/x64/lithium-codegen-x64.cc	View	1 2 3 4	1 chunk	+7 lines, -0 lines	0 comments	Download
M	test/cctest/test-heap.cc	View		1 chunk	+5 lines, -0 lines	0 comments	Download
A	test/mjsunit/regress/regress-343609.js	View	1 2 3	1 chunk	+66 lines, -0 lines	0 comments	Download

Messages

Total messages: 7 (0 generated)

Expand Messages | Collapse Messages

ulan

PTAL https://codereview.chromium.org/184923002/diff/20001/src/compiler.cc File src/compiler.cc (right): https://codereview.chromium.org/184923002/diff/20001/src/compiler.cc#newcode1073 src/compiler.cc:1073: return Handle<Code>(shared->GetCodeFromOptimizedCodeMap(index)); Revert change from r19603 https://codereview.chromium.org/184923002/diff/20001/src/factory.cc File ...

6 years, 9 months ago (2014-03-01 13:59:43 UTC) #1

Yang

LGTM. We may want to discuss whether it makes sense to leave other optimized code ...

6 years, 9 months ago (2014-03-03 07:50:14 UTC) #2

ulan

https://codereview.chromium.org/184923002/diff/20002/src/arm/deoptimizer-arm.cc File src/arm/deoptimizer-arm.cc (right): https://codereview.chromium.org/184923002/diff/20002/src/arm/deoptimizer-arm.cc#newcode74 src/arm/deoptimizer-arm.cc:74: // deoptimization entry. On 2014/03/03 07:50:14, Yang wrote: > ...

6 years, 9 months ago (2014-03-03 09:20:33 UTC) #3

titzer

https://codereview.chromium.org/184923002/diff/80001/src/objects.cc File src/objects.cc (right): https://codereview.chromium.org/184923002/diff/80001/src/objects.cc#newcode9641 src/objects.cc:9641: for (i = kEntriesStart; i < code_map->length(); i += ...

6 years, 9 months ago (2014-03-03 12:02:44 UTC) #5

Yang

On 2014/03/03 12:02:44, titzer wrote: > https://codereview.chromium.org/184923002/diff/80001/src/objects.cc > File src/objects.cc (right): > > https://codereview.chromium.org/184923002/diff/80001/src/objects.cc#newcode9641 > ...

6 years, 9 months ago (2014-03-03 12:04:34 UTC) #6

ulan

6 years, 9 months ago (2014-03-03 12:24:54 UTC) #7

Message was sent while issue was closed.

On 2014/03/03 12:04:34, Yang wrote:
> On 2014/03/03 12:02:44, titzer wrote:
> > https://codereview.chromium.org/184923002/diff/80001/src/objects.cc
> > File src/objects.cc (right):
> > 
> >
>
https://codereview.chromium.org/184923002/diff/80001/src/objects.cc#newcode9641
> > src/objects.cc:9641: for (i = kEntriesStart; i < code_map->length(); i +=
> > kEntryLength) {
> > This code is relying on the code appearing only once in this optimized code
> map,
> > which is an invariant that should hold, but based on my investigation, looks
> > quite fragile.
> > 
> > Can we put an extra level of checking in this loop?
> > 
> > I.e. either go through the entire map and remove _all_ occurrences, or
assert
> > there is only one.
> > 
> > I would prefer the former, since we have to loop over the entire array
anyway,
> > even if we found it.
> > 
> >
>
https://codereview.chromium.org/184923002/diff/80001/src/objects.cc#newcode9643
> > src/objects.cc:9643: if (Code::cast(code_map->get(i + 1)) == optimized_code)
{
> > Please use kCachedCodeOffset here.
> 
> That's actually a good point. I agree.

Uploaded a CL that addresses it: https://codereview.chromium.org/181493004

Expand Messages | Collapse Messages