PPC/s390: Reland^2 "[runtime] Move Context::native_context to the map"

Port 3cad6bf5 Original Commit Message: This is a reland of c7c47c68. This makes TSAN happy in addition to: Previously I presumed that the context read from a frame in the profiler was a valid context. Turns out that on non-intel we're not guaranteed that the frame is properly set up. In the case we looked at, the profiler took a sample right before writing the frame marker indicating a builtin frame, causing the "context" pointer from that frame to be a bytecode array. Since we'll read random garbage on the stack as a possible context pointer, I made the code reading the native context from it a little more defensive. Original change's description: > [runtime] Move Context::native_context to the map > > Remove the native context slot from contexts by making context maps > native-context-specific. Now we require 2 loads to go from a context to the > native context, but we have 1 field fewer to store when creating contexts. > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64296} R=verwaest@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I48b21f189e782a338eb2508edd57b7b2cf5ce240 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1865607Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#64362}

PPC/s390: Reland^2 "[runtime] Move Context::native_context to the map"
Port 3cad6bf5 Original Commit Message: This is a reland of c7c47c68. This makes TSAN happy in addition to: Previously I presumed that the context read from a frame in the profiler was a valid context. Turns out that on non-intel we're not guaranteed that the frame is properly set up. In the case we looked at, the profiler took a sample right before writing the frame marker indicating a builtin frame, causing the "context" pointer from that frame to be a bytecode array. Since we'll read random garbage on the stack as a possible context pointer, I made the code reading the native context from it a little more defensive. Original change's description: > [runtime] Move Context::native_context to the map > > Remove the native context slot from contexts by making context maps > native-context-specific. Now we require 2 loads to go from a context to the > native context, but we have 1 field fewer to store when creating contexts. > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64296} R=verwaest@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I48b21f189e782a338eb2508edd57b7b2cf5ce240 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1865607Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#64362}
36ab93d8 · Milad Farazmand · Commit Bot · 56111139 · 36ab93d8 · 36ab93d8
Commit 36ab93d8 authored Oct 17, 2019 by Milad Farazmand Committed by Commit Bot Oct 17, 2019
4 changed files
--- a/src/codegen/ppc/macro-assembler-ppc.cc
+++ b/src/codegen/ppc/macro-assembler-ppc.cc
@@ -1451,7 +1451,7 @@ void MacroAssembler::CompareObjectType(Register object, Register map,
                                       Register type_reg, InstanceType type) {
  const Register temp = type_reg == no_reg ? r0 : type_reg;

-  LoadP(map, FieldMemOperand(object, HeapObject::kMapOffset));
+  LoadMap(map, object);
  CompareInstanceType(map, temp, type);
 }

@@ -1769,9 +1769,15 @@ void TurboAssembler::Abort(AbortReason reason) {
  // will not return here
 }

+void MacroAssembler::LoadMap(Register destination, Register object) {
+  LoadP(destination, FieldMemOperand(object, HeapObject::kMapOffset));
+}
+
 void MacroAssembler::LoadNativeContextSlot(int index, Register dst) {
-  LoadP(dst, NativeContextMemOperand());
-  LoadP(dst, ContextMemOperand(dst, index));
+  LoadMap(dst, cp);
+  LoadP(dst, FieldMemOperand(
+                 dst, Map::kConstructorOrBackPointerOrNativeContextOffset));
+  LoadP(dst, MemOperand(dst, Context::SlotOffset(index)));
 }

 void MacroAssembler::AssertNotSmi(Register object) {
@@ -1796,7 +1802,7 @@ void MacroAssembler::AssertConstructor(Register object) {
    TestIfSmi(object, r0);
    Check(ne, AbortReason::kOperandIsASmiAndNotAConstructor, cr0);
    push(object);
-    LoadP(object, FieldMemOperand(object, HeapObject::kMapOffset));
+    LoadMap(object, object);
    lbz(object, FieldMemOperand(object, Map::kBitFieldOffset));
    andi(object, object, Operand(Map::IsConstructorBit::kMask));
    pop(object);
@@ -1836,7 +1842,7 @@ void MacroAssembler::AssertGeneratorObject(Register object) {
  // Load map
  Register map = object;
  push(object);
-  LoadP(map, FieldMemOperand(object, HeapObject::kMapOffset));
+  LoadMap(map, object);

  // Check if JSGeneratorObject
  Label do_check;
@@ -1864,7 +1870,7 @@ void MacroAssembler::AssertUndefinedOrAllocationSite(Register object,
    AssertNotSmi(object);
    CompareRoot(object, RootIndex::kUndefinedValue);
    beq(&done_checking);
-    LoadP(scratch, FieldMemOperand(object, HeapObject::kMapOffset));
+    LoadMap(scratch, object);
    CompareInstanceType(scratch, scratch, ALLOCATION_SITE_TYPE);
    Assert(eq, AbortReason::kExpectedUndefinedOrCell);
    bind(&done_checking);

--- a/src/codegen/ppc/macro-assembler-ppc.h
+++ b/src/codegen/ppc/macro-assembler-ppc.h
@@ -694,6 +694,8 @@ class V8_EXPORT_PRIVATE MacroAssembler : public TurboAssembler {
  void LeaveExitFrame(bool save_doubles, Register argument_count,
                      bool argument_count_is_length = false);

+  void LoadMap(Register destination, Register object);
+
  // Load the global proxy from the current context.
  void LoadGlobalProxy(Register dst) {
    LoadNativeContextSlot(Context::GLOBAL_PROXY_INDEX, dst);
@@ -962,17 +964,6 @@ class V8_EXPORT_PRIVATE MacroAssembler : public TurboAssembler {
  DISALLOW_IMPLICIT_CONSTRUCTORS(MacroAssembler);
 };

-// -----------------------------------------------------------------------------
-// Static helper functions.
-
-inline MemOperand ContextMemOperand(Register context, int index = 0) {
-  return MemOperand(context, Context::SlotOffset(index));
-}
-
-inline MemOperand NativeContextMemOperand() {
-  return ContextMemOperand(cp, Context::NATIVE_CONTEXT_INDEX);
-}
-
 #define ACCESS_MASM(masm) masm->

 }  // namespace internal

--- a/src/codegen/s390/macro-assembler-s390.cc
+++ b/src/codegen/s390/macro-assembler-s390.cc
@@ -1511,7 +1511,7 @@ void MacroAssembler::CompareObjectType(Register object, Register map,
                                       Register type_reg, InstanceType type) {
  const Register temp = type_reg == no_reg ? r0 : type_reg;

-  LoadP(map, FieldMemOperand(object, HeapObject::kMapOffset));
+  LoadMap(map, object);
  CompareInstanceType(map, temp, type);
 }

@@ -1719,9 +1719,15 @@ void TurboAssembler::Abort(AbortReason reason) {
  // will not return here
 }

+void MacroAssembler::LoadMap(Register destination, Register object) {
+  LoadP(destination, FieldMemOperand(object, HeapObject::kMapOffset));
+}
+
 void MacroAssembler::LoadNativeContextSlot(int index, Register dst) {
-  LoadP(dst, NativeContextMemOperand());
-  LoadP(dst, ContextMemOperand(dst, index));
+  LoadMap(dst, cp);
+  LoadP(dst, FieldMemOperand(
+                 dst, Map::kConstructorOrBackPointerOrNativeContextOffset));
+  LoadP(dst, MemOperand(dst, Context::SlotOffset(index)));
 }

 void MacroAssembler::AssertNotSmi(Register object) {
@@ -1745,7 +1751,7 @@ void MacroAssembler::AssertConstructor(Register object, Register scratch) {
    STATIC_ASSERT(kSmiTag == 0);
    TestIfSmi(object);
    Check(ne, AbortReason::kOperandIsASmiAndNotAConstructor);
-    LoadP(scratch, FieldMemOperand(object, HeapObject::kMapOffset));
+    LoadMap(object, object);
    tm(FieldMemOperand(scratch, Map::kBitFieldOffset),
       Operand(Map::IsConstructorBit::kMask));
    Check(ne, AbortReason::kOperandIsNotAConstructor);
@@ -1784,7 +1790,7 @@ void MacroAssembler::AssertGeneratorObject(Register object) {
  // Load map
  Register map = object;
  push(object);
-  LoadP(map, FieldMemOperand(object, HeapObject::kMapOffset));
+  LoadMap(map, object);

  // Check if JSGeneratorObject
  Label do_check;
@@ -1812,7 +1818,7 @@ void MacroAssembler::AssertUndefinedOrAllocationSite(Register object,
    AssertNotSmi(object);
    CompareRoot(object, RootIndex::kUndefinedValue);
    beq(&done_checking, Label::kNear);
-    LoadP(scratch, FieldMemOperand(object, HeapObject::kMapOffset));
+    LoadMap(scratch, object);
    CompareInstanceType(scratch, scratch, ALLOCATION_SITE_TYPE);
    Assert(eq, AbortReason::kExpectedUndefinedOrCell);
    bind(&done_checking);

--- a/src/codegen/s390/macro-assembler-s390.h
+++ b/src/codegen/s390/macro-assembler-s390.h
@@ -1165,6 +1165,8 @@ class V8_EXPORT_PRIVATE MacroAssembler : public TurboAssembler {
  void LeaveExitFrame(bool save_doubles, Register argument_count,
                      bool argument_count_is_length = false);

+  void LoadMap(Register destination, Register object);
+
  // Load the global proxy from the current context.
  void LoadGlobalProxy(Register dst) {
    LoadNativeContextSlot(Context::GLOBAL_PROXY_INDEX, dst);
@@ -1288,17 +1290,6 @@ class V8_EXPORT_PRIVATE MacroAssembler : public TurboAssembler {
  DISALLOW_IMPLICIT_CONSTRUCTORS(MacroAssembler);
 };

-// -----------------------------------------------------------------------------
-// Static helper functions.
-
-inline MemOperand ContextMemOperand(Register context, int index = 0) {
-  return MemOperand(context, Context::SlotOffset(index));
-}
-
-inline MemOperand NativeContextMemOperand() {
-  return ContextMemOperand(cp, Context::NATIVE_CONTEXT_INDEX);
-}
-
 #define ACCESS_MASM(masm) masm->

 }  // namespace internal