Reviewers: ulan,
Message:
PTAL.
Description:
Fail early when re-entering code that has been patched for lazy deopt
Please review this at https://codereview.chromium.org/184373004/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+53, -0 lines):
M src/a64/deoptimizer-a64.cc
M src/arm/deoptimizer-arm.cc
M src/ia32/deoptimizer-ia32.cc
M src/mips/deoptimizer-mips.cc
M src/objects.h
M src/x64/deoptimizer-x64.cc
Index: src/a64/deoptimizer-a64.cc
diff --git a/src/a64/deoptimizer-a64.cc b/src/a64/deoptimizer-a64.cc
index
660feb2394351f95d40eae6e39ec7d745a930f70..66e501aeeba27bc6144882b0891e724ae1ada455
100644
--- a/src/a64/deoptimizer-a64.cc
+++ b/src/a64/deoptimizer-a64.cc
@@ -50,6 +50,9 @@ void Deoptimizer::PatchCodeForDeoptimization(Isolate*
isolate, Code* code) {
// code patching below, and is not needed any more.
code->InvalidateRelocation();
+ // TODO(jkummerow): if (FLAG_zap_code_space), make the code object's
+ // entry sequence unusable (see other architectures).
+
// For each LLazyBailout instruction insert a call to the corresponding
// deoptimization entry.
DeoptimizationInputData* deopt_data =
Index: src/arm/deoptimizer-arm.cc
diff --git a/src/arm/deoptimizer-arm.cc b/src/arm/deoptimizer-arm.cc
index
6031499dbd1724df63317670c8de32d61359e58f..ceca7b6a458e976541eb5b754c6092968da0bd40
100644
--- a/src/arm/deoptimizer-arm.cc
+++ b/src/arm/deoptimizer-arm.cc
@@ -50,6 +50,18 @@ void Deoptimizer::PatchCodeForDeoptimization(Isolate*
isolate, Code* code) {
// code patching below, and is not needed any more.
code->InvalidateRelocation();
+ if (FLAG_zap_code_space) {
+ // Fail hard and early if we enter this code object again.
+ byte* pointer = code->FindCodeAgeSequence();
+ if (pointer != NULL) {
+ pointer += kNoCodeAgeSequenceLength;
+ } else {
+ pointer = code->instruction_start();
+ }
+ CodePatcher patcher(pointer, 1);
+ patcher.masm()->bkpt(0);
+ }
+
// For each LLazyBailout instruction insert a call to the corresponding
// deoptimization entry.
DeoptimizationInputData* deopt_data =
Index: src/ia32/deoptimizer-ia32.cc
diff --git a/src/ia32/deoptimizer-ia32.cc b/src/ia32/deoptimizer-ia32.cc
index
5300dde9a21e490eaef923710341dfa97d2c135c..c0845d06d5a3efda0e7d875a6cabb6fe869db458
100644
--- a/src/ia32/deoptimizer-ia32.cc
+++ b/src/ia32/deoptimizer-ia32.cc
@@ -116,6 +116,19 @@ void
Deoptimizer::EnsureRelocSpaceForLazyDeoptimization(Handle<Code> code) {
void Deoptimizer::PatchCodeForDeoptimization(Isolate* isolate, Code* code)
{
Address code_start_address = code->instruction_start();
+
+ if (FLAG_zap_code_space) {
+ // Fail hard and early if we enter this code object again.
+ byte* pointer = code->FindCodeAgeSequence();
+ if (pointer != NULL) {
+ pointer += kNoCodeAgeSequenceLength;
+ } else {
+ pointer = code->instruction_start();
+ }
+ CodePatcher patcher(pointer, 1);
+ patcher.masm()->int3();
+ }
+
// We will overwrite the code's relocation info in-place. Relocation info
// is written backward. The relocation info is the payload of a byte
// array. Later on we will slide this to the start of the byte array and
Index: src/mips/deoptimizer-mips.cc
diff --git a/src/mips/deoptimizer-mips.cc b/src/mips/deoptimizer-mips.cc
index
6bd9ba7b7f14e785423b9f03461161d94dcef950..a9c4e626a1b80aadf7720a0b5bf9eb2bf635070e
100644
--- a/src/mips/deoptimizer-mips.cc
+++ b/src/mips/deoptimizer-mips.cc
@@ -49,6 +49,18 @@ void Deoptimizer::PatchCodeForDeoptimization(Isolate*
isolate, Code* code) {
// code patching below, and is not needed any more.
code->InvalidateRelocation();
+ if (FLAG_zap_code_space) {
+ // Fail hard and early if we enter this code object again.
+ byte* pointer = code->FindCodeAgeSequence();
+ if (pointer != NULL) {
+ pointer += kNoCodeAgeSequenceLength;
+ } else {
+ pointer = code->instruction_start();
+ }
+ CodePatcher patcher(pointer, 1);
+ patcher.masm()->break_(0xCC);
+ }
+
// For each LLazyBailout instruction insert a call to the corresponding
// deoptimization entry.
DeoptimizationInputData* deopt_data =
Index: src/objects.h
diff --git a/src/objects.h b/src/objects.h
index
f1fd3b9f13b2f04a279de5f1079cf0ce5f867af2..154c46f1cd207d2e5980d73365f860cbd3129852
100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -5627,6 +5627,7 @@ class Code: public HeapObject {
private:
friend class RelocIterator;
+ friend class Deoptimizer; // For FindCodeAgeSequence.
void ClearInlineCaches(Kind* kind);
Index: src/x64/deoptimizer-x64.cc
diff --git a/src/x64/deoptimizer-x64.cc b/src/x64/deoptimizer-x64.cc
index
aee8be6e1bbda80cd9907508f46af8c1c9da6016..31e0b68d2a8abac629cc9e9359a2efdc6900399c
100644
--- a/src/x64/deoptimizer-x64.cc
+++ b/src/x64/deoptimizer-x64.cc
@@ -51,6 +51,18 @@ void Deoptimizer::PatchCodeForDeoptimization(Isolate*
isolate, Code* code) {
// code patching below, and is not needed any more.
code->InvalidateRelocation();
+ if (FLAG_zap_code_space) {
+ // Fail hard and early if we enter this code object again.
+ byte* pointer = code->FindCodeAgeSequence();
+ if (pointer != NULL) {
+ pointer += kNoCodeAgeSequenceLength;
+ } else {
+ pointer = code->instruction_start();
+ }
+ CodePatcher patcher(pointer, 1);
+ patcher.masm()->int3();
+ }
+
// For each LLazyBailout instruction insert a absolute call to the
// corresponding deoptimization entry, or a short call to an absolute
// jump if space is short. The absolute jumps are put in a table just
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
