[turbofan] Advance bytecode offset after lazy deopt.

[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
Committed: https://crrev.com/93c65952009a611b840142e63237c58c7267bfd1
Cr-Commit-Position: refs/heads/master@{#40887}

[Michael Starzinger, 2016-11-09 10:35:23]

mstarzinger@chromium.org changed reviewers:
+ rmcilroy@chromium.org

[Michael Starzinger, 2016-11-09 10:35:24]

Note that this is still work in progress (i.e. ports are missing and a lot of
debugger test are still failing). But I wanted to send it out so you can take a
high-level look at it if you want.

[Michael Starzinger, 2016-11-09 12:09:38]

Update: The debugger failures are fixed. I will start porting now.

[Jarin, 2016-11-09 12:24:05]

lgtm. Thanks!

[Michael Starzinger, 2016-11-09 13:59:26]

The CQ bit was checked by mstarzinger@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-11-09 13:59:34]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[Michael Starzinger, 2016-11-09 14:01:30]

Description was changed from

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptiminzing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
==========

to

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
==========

[commit-bot: I haz the power, 2016-11-09 14:19:32]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-11-09 14:19:33]

Dry run: Try jobs failed on following builders:
  v8_win64_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win64_rel_ng/builds/17425)
  v8_win64_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win64_rel_ng_triggered/b...)
  v8_win_nosnap_shared_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win_nosnap_shared_rel_ng...)
  v8_win_nosnap_shared_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win_nosnap_shared_rel_ng...)

[Michael Starzinger, 2016-11-09 14:22:41]

The CQ bit was checked by mstarzinger@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-11-09 14:22:52]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[Michael Starzinger, 2016-11-09 14:22:56]

PTAL. This should be ready for prime time now.

[commit-bot: I haz the power, 2016-11-09 14:47:50]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-11-09 14:47:51]

Dry run: This issue passed the CQ dry run.

[rmcilroy, 2016-11-09 14:48:29]

LGTM with one comment.

https://codereview.chromium.org/2487173002/diff/100001/src/builtins/arm/built...
File src/builtins/arm/builtins-arm.cc (right):

https://codereview.chromium.org/2487173002/diff/100001/src/builtins/arm/built...
src/builtins/arm/builtins-arm.cc:1345: FrameScope scope(masm,
StackFrame::MANUAL);
Any reason this couldn't be a standard runtime call? It would seem simpler to me
rather than having to prepare a C++ call frame.

[Michael Starzinger, 2016-11-10 10:09:40]

Thanks! Addressed comment. Landing.

https://codereview.chromium.org/2487173002/diff/100001/src/builtins/arm/built...
File src/builtins/arm/builtins-arm.cc (right):

https://codereview.chromium.org/2487173002/diff/100001/src/builtins/arm/built...
src/builtins/arm/builtins-arm.cc:1345: FrameScope scope(masm,
StackFrame::MANUAL);
On 2016/11/09 14:48:29, rmcilroy wrote:
> Any reason this couldn't be a standard runtime call? It would seem simpler to
me
> rather than having to prepare a C++ call frame. 

Done.

[Michael Starzinger, 2016-11-10 10:12:29]

The CQ bit was checked by mstarzinger@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-11-10 10:12:38]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[rmcilroy, 2016-11-10 10:19:10]

Awesome, thanks! LGTM.

[commit-bot: I haz the power, 2016-11-10 10:31:55]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-11-10 10:31:56]

Dry run: Try jobs failed on following builders:
  v8_linux_dbg_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_dbg_ng/builds/15978)
  v8_linux_dbg_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_dbg_ng_triggered/b...)

[Michael Starzinger, 2016-11-10 10:59:22]

The CQ bit was checked by mstarzinger@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-11-10 10:59:26]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-11-10 11:27:52]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-11-10 11:27:53]

Dry run: This issue passed the CQ dry run.

[Michael Starzinger, 2016-11-10 11:32:44]

The CQ bit was checked by mstarzinger@chromium.org

[Michael Starzinger, 2016-11-10 11:32:45]

The patchset sent to the CQ was uploaded after l-g-t-m from jarin@chromium.org,
rmcilroy@chromium.org
Link to the patchset: https://codereview.chromium.org/2487173002/#ps140001
(title: "Properly restore context.")

[commit-bot: I haz the power, 2016-11-10 11:32:47]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-11-10 11:34:52]

Description was changed from

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
==========

to

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
==========

[commit-bot: I haz the power, 2016-11-10 11:34:53]

Committed patchset #8 (id:140001)

[commit-bot: I haz the power, 2016-11-17 22:28:56]

Description was changed from

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379
==========

to

==========
[turbofan] Advance bytecode offset after lazy deopt.

This changes {FrameState} nodes modeling "after" states to use bytecode
offsets pointing to the deoptimizing bytecode. This is in sync with the
normal execution, as the bytecode offset is advanced after operations
complete in regular bytecode handlers.

The change is necessary to ensure lazy deoptimized frames contain an
accurate bytecode offset while they are on the stack. Such frames can be
inspected by various stack walks. The continuation builtin will advance
the bytecode offset upon return.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-660379
BUG=chromium:660379

Committed: https://crrev.com/93c65952009a611b840142e63237c58c7267bfd1
Cr-Commit-Position: refs/heads/master@{#40887}
==========

[commit-bot: I haz the power, 2016-11-17 22:28:57]

Patchset 8 (id:??) landed as
https://crrev.com/93c65952009a611b840142e63237c58c7267bfd1
Cr-Commit-Position: refs/heads/master@{#40887}