1. 16 Feb, 2021 1 commit
  2. 25 Jan, 2021 1 commit
  3. 18 Jan, 2021 1 commit
  4. 16 Dec, 2020 3 commits
  5. 01 Dec, 2020 1 commit
    • Ross McIlroy's avatar
      [Turboprop] Move deoptimizations for dynamic map checks into builtin. · b6643320
      Ross McIlroy authored
      In order to reduce the codegen size of dynamic map checks, add the
      ability to have an eager with resume deopt point, which can call
      a given builitin to perform a more detailed check than can be done
      in codegen, and then either deoptimizes itself (as if the calling
      code had performed an eager deopt) or resumes execution in the
      calling code after the check.
      
      In addition, support for adding extra arguments to a
      deoptimization continuation is added to enable us to pass the
      necessary arguments to the DynamicMapChecks builtin.
      
      Finally, a trampoline is added to the DynamicMapChecks which saves
      the registers that might be clobbered by that builtin, to avoid
      having to save them in the generated code. This trampoline also
      performs the deoptimization based on the result of the
      DynamicMapChecks builtin.
      
      In order to ensure both the trampoline and DynamicMapChecks
      builtin have the same call interface, and to limit the number
      of registers that need saving in the trampoline, the
      DynamicMapChecks builtin is moved to be a CSA builtin with a
      custom CallInterfaceDescriptor, that calls an exported Torque
      macro that implements the actual functionality.
      
      All told, this changes the codegen for a monomorphic dynamic
      map check from:
          movl rbx,<expected_map>
          cmpl [<object>-0x1],rbx
          jnz <deferred_call>
         resume_point:
          ...
         deferred_call:
          <spill registers>
          movl rax,<slot>
          movq rbx,<object>
          movq rcx,<handler>
          movq r10,<DynamicMapChecks>
          call r10
          cmpq rax,0x0
          jz <restore_regs>
          cmpq rax,0x1
          jz <deopt_point_1>
          cmpq rax,0x2
          jz <deopt_point_2>
          int3l
         restore_regs:
          <restore_regs>
          jmp <resume_point>
          ...
         deopt_point_1:
          call Deoptimization_Eager
         deopt_point_2:
          call Deoptimization_Bailout
      
      To: movl rax,<slot>
          movl rcx,<expected_map>
          movq rdx,<handler>
          cmpl [<object>-0x1],rcx
          jnz <deopt_point>
         resume_point:
          ...
         deopt_point:
          call DynamicMapChecksTrampoline
          jmp <resume_point>
      
      BUG=v8:10582
      
      Change-Id: Ica4927b9acc963b9b73dc62d9379a7815335650f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560197
      Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#71545}
      b6643320
  6. 21 Oct, 2020 1 commit
    • Jakob Gruber's avatar
      Reland "Reland "[deoptimizer] Change deopt entries into builtins"" · c7cb9bec
      Jakob Gruber authored
      This is a reland of fbfa9bf4
      
      The arm64 was missing proper codegen for CFI, thus sizes were off.
      
      Original change's description:
      > Reland "[deoptimizer] Change deopt entries into builtins"
      >
      > This is a reland of 7f58ced7
      >
      > It fixes the different exit size emitted on x64/Atom CPUs due to
      > performance tuning in TurboAssembler::Call. Additionally, add
      > cctests to verify the fixed size exits.
      >
      > Original change's description:
      > > [deoptimizer] Change deopt entries into builtins
      > >
      > > While the overall goal of this commit is to change deoptimization
      > > entries into builtins, there are multiple related things happening:
      > >
      > > - Deoptimization entries, formerly stubs (i.e. Code objects generated
      > >   at runtime, guaranteed to be immovable), have been converted into
      > >   builtins. The major restriction is that we now need to preserve the
      > >   kRootRegister, which was formerly used on most architectures to pass
      > >   the deoptimization id. The solution differs based on platform.
      > > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING.
      > > - Removed heap/ support for immovable Code generation.
      > > - Removed the DeserializerData class (no longer needed).
      > > - arm64: to preserve 4-byte deopt exits, introduced a new optimization
      > >   in which the final jump to the deoptimization entry is generated
      > >   once per Code object, and deopt exits can continue to emit a
      > >   near-call.
      > > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit
      > >   sizes by 4/8, 5, and 5 bytes, respectively.
      > >
      > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes
      > > by using the same strategy as on arm64 (recalc deopt id from return
      > > address). Before:
      > >
      > >  e300a002       movw r10, <id>
      > >  e59fc024       ldr ip, [pc, <entry offset>]
      > >  e12fff3c       blx ip
      > >
      > > After:
      > >
      > >  e59acb35       ldr ip, [r10, <entry offset>]
      > >  e12fff3c       blx ip
      > >
      > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases
      > > with CFI). Additionally, up to 4 builtin jumps are emitted per Code
      > > object (max 32 bytes added overhead per Code object). Before:
      > >
      > >  9401cdae       bl <entry offset>
      > >
      > > After:
      > >
      > >  # eager deoptimization entry jump.
      > >  f95b1f50       ldr x16, [x26, <eager entry offset>]
      > >  d61f0200       br x16
      > >  # lazy deoptimization entry jump.
      > >  f95b2b50       ldr x16, [x26, <lazy entry offset>]
      > >  d61f0200       br x16
      > >  # the deopt exit.
      > >  97fffffc       bl <eager deoptimization entry jump offset>
      > >
      > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before:
      > >
      > >  bb00000000     mov ebx,<id>
      > >  e825f5372b     call <entry>
      > >
      > > After:
      > >
      > >  e8ea2256ba     call <entry>
      > >
      > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before:
      > >
      > >  49c7c511000000 REX.W movq r13,<id>
      > >  e8ea2f0700     call <entry>
      > >
      > > After:
      > >
      > >  41ff9560360000 call [r13+<entry offset>]
      > >
      > > Bug: v8:8661,v8:8768
      > > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834
      > > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#70597}
      >
      > Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org
      > Bug: v8:8661,v8:8768,chromium:1140165
      > Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#70655}
      
      Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org
      Bug: v8:8661
      Bug: v8:8768
      Bug: chromium:1140165
      Change-Id: I471cc94fc085e527dc9bfb5a84b96bd907c2333f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488682Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70672}
      c7cb9bec
  7. 20 Oct, 2020 3 commits
    • Maya Lekova's avatar
      Revert "Reland "[deoptimizer] Change deopt entries into builtins"" · 7c7aa4fa
      Maya Lekova authored
      This reverts commit fbfa9bf4.
      
      Reason for revert: Seems to break arm64 sim CFI build (please see DeoptExitSizeIfFixed) - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20CFI/2808
      
      Original change's description:
      > Reland "[deoptimizer] Change deopt entries into builtins"
      >
      > This is a reland of 7f58ced7
      >
      > It fixes the different exit size emitted on x64/Atom CPUs due to
      > performance tuning in TurboAssembler::Call. Additionally, add
      > cctests to verify the fixed size exits.
      >
      > Original change's description:
      > > [deoptimizer] Change deopt entries into builtins
      > >
      > > While the overall goal of this commit is to change deoptimization
      > > entries into builtins, there are multiple related things happening:
      > >
      > > - Deoptimization entries, formerly stubs (i.e. Code objects generated
      > >   at runtime, guaranteed to be immovable), have been converted into
      > >   builtins. The major restriction is that we now need to preserve the
      > >   kRootRegister, which was formerly used on most architectures to pass
      > >   the deoptimization id. The solution differs based on platform.
      > > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING.
      > > - Removed heap/ support for immovable Code generation.
      > > - Removed the DeserializerData class (no longer needed).
      > > - arm64: to preserve 4-byte deopt exits, introduced a new optimization
      > >   in which the final jump to the deoptimization entry is generated
      > >   once per Code object, and deopt exits can continue to emit a
      > >   near-call.
      > > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit
      > >   sizes by 4/8, 5, and 5 bytes, respectively.
      > >
      > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes
      > > by using the same strategy as on arm64 (recalc deopt id from return
      > > address). Before:
      > >
      > >  e300a002       movw r10, <id>
      > >  e59fc024       ldr ip, [pc, <entry offset>]
      > >  e12fff3c       blx ip
      > >
      > > After:
      > >
      > >  e59acb35       ldr ip, [r10, <entry offset>]
      > >  e12fff3c       blx ip
      > >
      > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases
      > > with CFI). Additionally, up to 4 builtin jumps are emitted per Code
      > > object (max 32 bytes added overhead per Code object). Before:
      > >
      > >  9401cdae       bl <entry offset>
      > >
      > > After:
      > >
      > >  # eager deoptimization entry jump.
      > >  f95b1f50       ldr x16, [x26, <eager entry offset>]
      > >  d61f0200       br x16
      > >  # lazy deoptimization entry jump.
      > >  f95b2b50       ldr x16, [x26, <lazy entry offset>]
      > >  d61f0200       br x16
      > >  # the deopt exit.
      > >  97fffffc       bl <eager deoptimization entry jump offset>
      > >
      > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before:
      > >
      > >  bb00000000     mov ebx,<id>
      > >  e825f5372b     call <entry>
      > >
      > > After:
      > >
      > >  e8ea2256ba     call <entry>
      > >
      > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before:
      > >
      > >  49c7c511000000 REX.W movq r13,<id>
      > >  e8ea2f0700     call <entry>
      > >
      > > After:
      > >
      > >  41ff9560360000 call [r13+<entry offset>]
      > >
      > > Bug: v8:8661,v8:8768
      > > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834
      > > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#70597}
      >
      > Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org
      > Bug: v8:8661,v8:8768,chromium:1140165
      > Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#70655}
      
      TBR=ulan@chromium.org,rmcilroy@chromium.org,jgruber@chromium.org,tebbi@chromium.org
      
      Change-Id: I4739a3475bfd8ee0cfbe4b9a20382f91a6ef1bf0
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:8661
      Bug: v8:8768
      Bug: chromium:1140165
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485223Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70658}
      7c7aa4fa
    • Jakob Gruber's avatar
      Reland "[deoptimizer] Change deopt entries into builtins" · fbfa9bf4
      Jakob Gruber authored
      This is a reland of 7f58ced7
      
      It fixes the different exit size emitted on x64/Atom CPUs due to
      performance tuning in TurboAssembler::Call. Additionally, add
      cctests to verify the fixed size exits.
      
      Original change's description:
      > [deoptimizer] Change deopt entries into builtins
      >
      > While the overall goal of this commit is to change deoptimization
      > entries into builtins, there are multiple related things happening:
      >
      > - Deoptimization entries, formerly stubs (i.e. Code objects generated
      >   at runtime, guaranteed to be immovable), have been converted into
      >   builtins. The major restriction is that we now need to preserve the
      >   kRootRegister, which was formerly used on most architectures to pass
      >   the deoptimization id. The solution differs based on platform.
      > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING.
      > - Removed heap/ support for immovable Code generation.
      > - Removed the DeserializerData class (no longer needed).
      > - arm64: to preserve 4-byte deopt exits, introduced a new optimization
      >   in which the final jump to the deoptimization entry is generated
      >   once per Code object, and deopt exits can continue to emit a
      >   near-call.
      > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit
      >   sizes by 4/8, 5, and 5 bytes, respectively.
      >
      > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes
      > by using the same strategy as on arm64 (recalc deopt id from return
      > address). Before:
      >
      >  e300a002       movw r10, <id>
      >  e59fc024       ldr ip, [pc, <entry offset>]
      >  e12fff3c       blx ip
      >
      > After:
      >
      >  e59acb35       ldr ip, [r10, <entry offset>]
      >  e12fff3c       blx ip
      >
      > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases
      > with CFI). Additionally, up to 4 builtin jumps are emitted per Code
      > object (max 32 bytes added overhead per Code object). Before:
      >
      >  9401cdae       bl <entry offset>
      >
      > After:
      >
      >  # eager deoptimization entry jump.
      >  f95b1f50       ldr x16, [x26, <eager entry offset>]
      >  d61f0200       br x16
      >  # lazy deoptimization entry jump.
      >  f95b2b50       ldr x16, [x26, <lazy entry offset>]
      >  d61f0200       br x16
      >  # the deopt exit.
      >  97fffffc       bl <eager deoptimization entry jump offset>
      >
      > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before:
      >
      >  bb00000000     mov ebx,<id>
      >  e825f5372b     call <entry>
      >
      > After:
      >
      >  e8ea2256ba     call <entry>
      >
      > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before:
      >
      >  49c7c511000000 REX.W movq r13,<id>
      >  e8ea2f0700     call <entry>
      >
      > After:
      >
      >  41ff9560360000 call [r13+<entry offset>]
      >
      > Bug: v8:8661,v8:8768
      > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#70597}
      
      Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org
      Bug: v8:8661,v8:8768,chromium:1140165
      Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70655}
      fbfa9bf4
    • Jakob Gruber's avatar
      Revert "[deoptimizer] Change deopt entries into builtins" · 8bc9a794
      Jakob Gruber authored
      This reverts commit 7f58ced7.
      
      Reason for revert: Segfaults on Atom_x64 https://ci.chromium.org/p/v8-internal/builders/ci/v8_linux64_atom_perf/5686?
      
      Original change's description:
      > [deoptimizer] Change deopt entries into builtins
      >
      > While the overall goal of this commit is to change deoptimization
      > entries into builtins, there are multiple related things happening:
      >
      > - Deoptimization entries, formerly stubs (i.e. Code objects generated
      >   at runtime, guaranteed to be immovable), have been converted into
      >   builtins. The major restriction is that we now need to preserve the
      >   kRootRegister, which was formerly used on most architectures to pass
      >   the deoptimization id. The solution differs based on platform.
      > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING.
      > - Removed heap/ support for immovable Code generation.
      > - Removed the DeserializerData class (no longer needed).
      > - arm64: to preserve 4-byte deopt exits, introduced a new optimization
      >   in which the final jump to the deoptimization entry is generated
      >   once per Code object, and deopt exits can continue to emit a
      >   near-call.
      > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit
      >   sizes by 4/8, 5, and 5 bytes, respectively.
      >
      > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes
      > by using the same strategy as on arm64 (recalc deopt id from return
      > address). Before:
      >
      >  e300a002       movw r10, <id>
      >  e59fc024       ldr ip, [pc, <entry offset>]
      >  e12fff3c       blx ip
      >
      > After:
      >
      >  e59acb35       ldr ip, [r10, <entry offset>]
      >  e12fff3c       blx ip
      >
      > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases
      > with CFI). Additionally, up to 4 builtin jumps are emitted per Code
      > object (max 32 bytes added overhead per Code object). Before:
      >
      >  9401cdae       bl <entry offset>
      >
      > After:
      >
      >  # eager deoptimization entry jump.
      >  f95b1f50       ldr x16, [x26, <eager entry offset>]
      >  d61f0200       br x16
      >  # lazy deoptimization entry jump.
      >  f95b2b50       ldr x16, [x26, <lazy entry offset>]
      >  d61f0200       br x16
      >  # the deopt exit.
      >  97fffffc       bl <eager deoptimization entry jump offset>
      >
      > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before:
      >
      >  bb00000000     mov ebx,<id>
      >  e825f5372b     call <entry>
      >
      > After:
      >
      >  e8ea2256ba     call <entry>
      >
      > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before:
      >
      >  49c7c511000000 REX.W movq r13,<id>
      >  e8ea2f0700     call <entry>
      >
      > After:
      >
      >  41ff9560360000 call [r13+<entry offset>]
      >
      > Bug: v8:8661,v8:8768
      > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#70597}
      
      TBR=ulan@chromium.org,rmcilroy@chromium.org,jgruber@chromium.org,tebbi@chromium.org
      
      # Not skipping CQ checks because original CL landed > 1 day ago.
      
      Bug: v8:8661,v8:8768,chromium:1140165
      Change-Id: I3df02ab42f6e02233d9f6fb80e8bb18f76870d91
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485504Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70649}
      8bc9a794
  8. 19 Oct, 2020 1 commit
    • Jakob Gruber's avatar
      [deoptimizer] Change deopt entries into builtins · 7f58ced7
      Jakob Gruber authored
      While the overall goal of this commit is to change deoptimization
      entries into builtins, there are multiple related things happening:
      
      - Deoptimization entries, formerly stubs (i.e. Code objects generated
        at runtime, guaranteed to be immovable), have been converted into
        builtins. The major restriction is that we now need to preserve the
        kRootRegister, which was formerly used on most architectures to pass
        the deoptimization id. The solution differs based on platform.
      - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING.
      - Removed heap/ support for immovable Code generation.
      - Removed the DeserializerData class (no longer needed).
      - arm64: to preserve 4-byte deopt exits, introduced a new optimization
        in which the final jump to the deoptimization entry is generated
        once per Code object, and deopt exits can continue to emit a
        near-call.
      - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit
        sizes by 4/8, 5, and 5 bytes, respectively.
      
      On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes
      by using the same strategy as on arm64 (recalc deopt id from return
      address). Before:
      
       e300a002       movw r10, <id>
       e59fc024       ldr ip, [pc, <entry offset>]
       e12fff3c       blx ip
      
      After:
      
       e59acb35       ldr ip, [r10, <entry offset>]
       e12fff3c       blx ip
      
      On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases
      with CFI). Additionally, up to 4 builtin jumps are emitted per Code
      object (max 32 bytes added overhead per Code object). Before:
      
       9401cdae       bl <entry offset>
      
      After:
      
       # eager deoptimization entry jump.
       f95b1f50       ldr x16, [x26, <eager entry offset>]
       d61f0200       br x16
       # lazy deoptimization entry jump.
       f95b2b50       ldr x16, [x26, <lazy entry offset>]
       d61f0200       br x16
       # the deopt exit.
       97fffffc       bl <eager deoptimization entry jump offset>
      
      On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before:
      
       bb00000000     mov ebx,<id>
       e825f5372b     call <entry>
      
      After:
      
       e8ea2256ba     call <entry>
      
      On x64 the deopt exit size is reduced from 12 to 7 bytes. Before:
      
       49c7c511000000 REX.W movq r13,<id>
       e8ea2f0700     call <entry>
      
      After:
      
       41ff9560360000 call [r13+<entry offset>]
      
      Bug: v8:8661,v8:8768
      Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#70597}
      7f58ced7
  9. 02 Sep, 2020 1 commit
  10. 09 Jul, 2020 1 commit
  11. 02 Jul, 2020 1 commit
  12. 07 May, 2020 1 commit
  13. 17 Mar, 2020 1 commit
  14. 05 Mar, 2020 3 commits
    • Clemens Backes's avatar
      Reland "[wasm] Further reduce the size of WasmCode" · 13cdf3a7
      Clemens Backes authored
      This is a reland of 79398ab0
      
      Original change's description:
      > [wasm] Further reduce the size of WasmCode
      >
      > Also, save dynamic allocations (plus their memory overhead).
      > This is realized by storing the relocation information, source position
      > table, and protected instruction information together in one "metadata"
      > byte array.
      > For each of the three components, we just store their size, such that
      > the accessors can return the respecitive {Vector} views as before.
      >
      > This makes each WasmCode object 24 bytes smaller on 64-bit
      > architectures. It also saves a few more bytes per code object because
      > less padding is needed for the individual allocations, and each dynamic
      > allocation comes with some constant memory overhead.
      >
      > Since the protected instructions will just be stored in a byte array
      > now, some APIs are refactored to just return that byte array directly
      > (instead of an array of {ProtectedInstructionData}). This also
      > simplifies serialization and deserialization, and will allow for
      > switching to a more compact representation in the future.
      >
      > Drive-by: Add some more checks to {Vector::cast} to protect against
      >   undefined behaviour.
      >
      > R=ahaas@chromium.org
      >
      > Bug: v8:10254
      > Change-Id: I81ca847023841110e3e52cc402fcb0349325d7af
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2078545
      > Reviewed-by: Andreas Haas <ahaas@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Commit-Queue: Clemens Backes <clemensb@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#66596}
      
      Tbr: ahaas@chromium.org
      Bug: v8:10254
      Change-Id: Idcdcb4f13c3eb7a3f7fb5ef8a1229103ca0ae975
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2089934Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#66598}
      13cdf3a7
    • Clemens Backes's avatar
      Revert "[wasm] Further reduce the size of WasmCode" · 28afd1c9
      Clemens Backes authored
      This reverts commit 79398ab0.
      
      Reason for revert: Makes UBSan unhappy: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10186
      
      Original change's description:
      > [wasm] Further reduce the size of WasmCode
      > 
      > Also, save dynamic allocations (plus their memory overhead).
      > This is realized by storing the relocation information, source position
      > table, and protected instruction information together in one "metadata"
      > byte array.
      > For each of the three components, we just store their size, such that
      > the accessors can return the respecitive {Vector} views as before.
      > 
      > This makes each WasmCode object 24 bytes smaller on 64-bit
      > architectures. It also saves a few more bytes per code object because
      > less padding is needed for the individual allocations, and each dynamic
      > allocation comes with some constant memory overhead.
      > 
      > Since the protected instructions will just be stored in a byte array
      > now, some APIs are refactored to just return that byte array directly
      > (instead of an array of {ProtectedInstructionData}). This also
      > simplifies serialization and deserialization, and will allow for
      > switching to a more compact representation in the future.
      > 
      > Drive-by: Add some more checks to {Vector::cast} to protect against
      >   undefined behaviour.
      > 
      > R=​ahaas@chromium.org
      > 
      > Bug: v8:10254
      > Change-Id: I81ca847023841110e3e52cc402fcb0349325d7af
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2078545
      > Reviewed-by: Andreas Haas <ahaas@chromium.org>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Commit-Queue: Clemens Backes <clemensb@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#66596}
      
      TBR=jkummerow@chromium.org,ahaas@chromium.org,clemensb@chromium.org,tebbi@chromium.org
      
      Change-Id: Id80aa82cfce8942879031032b322ee66855b5600
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:10254
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2089933Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#66597}
      28afd1c9
    • Clemens Backes's avatar
      [wasm] Further reduce the size of WasmCode · 79398ab0
      Clemens Backes authored
      Also, save dynamic allocations (plus their memory overhead).
      This is realized by storing the relocation information, source position
      table, and protected instruction information together in one "metadata"
      byte array.
      For each of the three components, we just store their size, such that
      the accessors can return the respecitive {Vector} views as before.
      
      This makes each WasmCode object 24 bytes smaller on 64-bit
      architectures. It also saves a few more bytes per code object because
      less padding is needed for the individual allocations, and each dynamic
      allocation comes with some constant memory overhead.
      
      Since the protected instructions will just be stored in a byte array
      now, some APIs are refactored to just return that byte array directly
      (instead of an array of {ProtectedInstructionData}). This also
      simplifies serialization and deserialization, and will allow for
      switching to a more compact representation in the future.
      
      Drive-by: Add some more checks to {Vector::cast} to protect against
        undefined behaviour.
      
      R=ahaas@chromium.org
      
      Bug: v8:10254
      Change-Id: I81ca847023841110e3e52cc402fcb0349325d7af
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2078545Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#66596}
      79398ab0
  15. 28 Feb, 2020 1 commit
  16. 22 Jan, 2020 1 commit
  17. 16 Jan, 2020 1 commit
    • Jakob Gruber's avatar
      [compiler] Consider pushed arguments in stack check offset · 2cd24eba
      Jakob Gruber authored
      Function calls can push arguments onto the stack. The consumed stack
      slots are not considered by the function-entry stack check, since
      initial frame setup only reserves space for local slots, not call
      arguments. This CL adds such logic by tracking the maximum pushed
      argument count during instruction selection, and adding these slots to
      the (existing) stack check offset logic in code generation.
      
      Bug: chromium:1030167
      Change-Id: I26a9407cf38009839b1dda2ff0c8ec297c15ed8d
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002540
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65814}
      2cd24eba
  18. 30 Oct, 2019 1 commit
    • Jakob Gruber's avatar
      Reland "[compiler] Optionally apply an offset to stack checks" · b875f466
      Jakob Gruber authored
      This is a reland of 4a16305b
      
      The original CL adjust only one part of the stack check, namely the
      comparison of the stack pointer against the stack limit in generated code.
      There is a second part: Runtime::kStackGuard repeats this check to
      distinguish between a stack overflow and an interrupt request.
      
      This second part in runtime must apply the offset just like in generated
      code. It is implemented in this reland by the StackCheckOffset operator
      and a new StackGuardWithGap runtime function.
      
      Original change's description:
      > [compiler] Optionally apply an offset to stack checks
      >
      > The motivation behind this change is that the frame size of an optimized
      > function and its unoptimized version may differ, and deoptimization
      > may thus trigger a stack overflow. The solution implemented in this CL
      > is to optionally apply an offset to the stack check s.t. the check
      > becomes 'sp - offset > limit'. The offset is applied to stack checks at
      > function-entry, and is set to the difference between the optimized and
      > unoptimized frame size.
      >
      > A caveat: OSR may not be fully handled by this fix since we've already
      > passed the function-entry stack check. A possible solution would be to
      > *not* skip creation of function-entry stack checks for inlinees.
      >
      > This CL: 1. annotates stack check nodes with the stack check kind, where
      > kind is one of {function-entry,iteration-body,unknown}. 2. potentially
      > allocates a temporary register to store the result of the 'sp - offset'
      > in instruction selection (and switches input registers to 'unique'
      > mode). 3. Applies the offset in code generation.
      >
      > Drive-by: Add src/compiler/globals.h for compiler-specific globals.
      >
      > Bug: v8:9534,chromium:1000887
      > Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#63701}
      
      Bug: v8:9534, chromium:1000887
      Change-Id: I71771c281afd7d57c09aa48ea1b182d01e6dee2a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822037Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#64634}
      b875f466
  19. 13 Sep, 2019 1 commit
  20. 12 Sep, 2019 2 commits
    • Jakob Gruber's avatar
      Revert "[compiler] Optionally apply an offset to stack checks" · ba72dc08
      Jakob Gruber authored
      This reverts commit 4a16305b.
      
      Reason for revert: Need to revalidate assumptions behind the CHECK.
      
      Original change's description:
      > [compiler] Optionally apply an offset to stack checks
      > 
      > The motivation behind this change is that the frame size of an optimized
      > function and its unoptimized version may differ, and deoptimization
      > may thus trigger a stack overflow. The solution implemented in this CL
      > is to optionally apply an offset to the stack check s.t. the check
      > becomes 'sp - offset > limit'. The offset is applied to stack checks at
      > function-entry, and is set to the difference between the optimized and
      > unoptimized frame size.
      > 
      > A caveat: OSR may not be fully handled by this fix since we've already
      > passed the function-entry stack check. A possible solution would be to
      > *not* skip creation of function-entry stack checks for inlinees.
      > 
      > This CL: 1. annotates stack check nodes with the stack check kind, where
      > kind is one of {function-entry,iteration-body,unknown}. 2. potentially
      > allocates a temporary register to store the result of the 'sp - offset'
      > in instruction selection (and switches input registers to 'unique'
      > mode). 3. Applies the offset in code generation.
      > 
      > Drive-by: Add src/compiler/globals.h for compiler-specific globals.
      > 
      > Bug: v8:9534,chromium:1000887
      > Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#63701}
      
      TBR=neis@chromium.org,sigurds@chromium.org,jgruber@chromium.org
      
      Change-Id: Iebf46d5256b6dee13451741781ef85a5fe9b1628
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:9534, chromium:1000887
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800565Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63706}
      ba72dc08
    • Jakob Gruber's avatar
      [compiler] Optionally apply an offset to stack checks · 4a16305b
      Jakob Gruber authored
      The motivation behind this change is that the frame size of an optimized
      function and its unoptimized version may differ, and deoptimization
      may thus trigger a stack overflow. The solution implemented in this CL
      is to optionally apply an offset to the stack check s.t. the check
      becomes 'sp - offset > limit'. The offset is applied to stack checks at
      function-entry, and is set to the difference between the optimized and
      unoptimized frame size.
      
      A caveat: OSR may not be fully handled by this fix since we've already
      passed the function-entry stack check. A possible solution would be to
      *not* skip creation of function-entry stack checks for inlinees.
      
      This CL: 1. annotates stack check nodes with the stack check kind, where
      kind is one of {function-entry,iteration-body,unknown}. 2. potentially
      allocates a temporary register to store the result of the 'sp - offset'
      in instruction selection (and switches input registers to 'unique'
      mode). 3. Applies the offset in code generation.
      
      Drive-by: Add src/compiler/globals.h for compiler-specific globals.
      
      Bug: v8:9534,chromium:1000887
      Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63701}
      4a16305b
  21. 29 Aug, 2019 1 commit
  22. 23 Aug, 2019 1 commit
  23. 30 Jul, 2019 1 commit
    • Georgia Kouveli's avatar
      [arm64] Reduce code size of deoptimization exits · 207d6b35
      Georgia Kouveli authored
      Do not pass the deoptimization index in a register, instead infer it
      from the address we made the deoptimization call from. This makes the
      deoptimization exit sequence one instruction long instead of two.
      
      This requires emitting all deoptimization exits at the end of the
      function in a contiguous block, making sure no constant or veneer
      pools are emitted in between. This means that soft deoptimizations
      require an additional branch to the end of the function, which
      counteracts the removal of the move instruction, however soft
      deoptimizations are rare compared to eager and lazy ones.
      
      This reduces the code size of optimised functions for benchmarks like
      Octane and ARES-6 by about 4%.
      
      Change-Id: I771f9104a07de7931a4bb9c5836e25fb55b1a2a4
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714876
      Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#62991}
      207d6b35
  24. 24 May, 2019 1 commit
  25. 21 May, 2019 1 commit
  26. 20 May, 2019 3 commits
  27. 01 Apr, 2019 1 commit
  28. 29 Mar, 2019 1 commit
  29. 12 Feb, 2019 1 commit
  30. 01 Feb, 2019 1 commit
  31. 30 Jan, 2019 1 commit