v8
diff --git a/‎src/builtins/builtins-definitions.h‎
Lines changed: 1 addition & 0 deletions b/‎src/builtins/builtins-definitions.h‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/builtins/builtins-regexp-gen.cc‎
Lines changed: 103 additions & 91 deletions b/‎src/builtins/builtins-regexp-gen.cc‎
Lines changed: 103 additions & 91 deletions
diff --git a/‎src/builtins/builtins-regexp-gen.h‎
Lines changed: 2 additions & 0 deletions b/‎src/builtins/builtins-regexp-gen.h‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/codegen/arm/macro-assembler-arm.cc‎
Lines changed: 7 additions & 0 deletions b/‎src/codegen/arm/macro-assembler-arm.cc‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/codegen/arm/macro-assembler-arm.h‎
Lines changed: 1 addition & 0 deletions b/‎src/codegen/arm/macro-assembler-arm.h‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/codegen/arm64/macro-assembler-arm64.cc‎
Lines changed: 7 additions & 0 deletions b/‎src/codegen/arm64/macro-assembler-arm64.cc‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/codegen/arm64/macro-assembler-arm64.h‎
Lines changed: 1 addition & 0 deletions b/‎src/codegen/arm64/macro-assembler-arm64.h‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/codegen/ia32/macro-assembler-ia32.cc‎
Lines changed: 6 additions & 0 deletions b/‎src/codegen/ia32/macro-assembler-ia32.cc‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/codegen/ia32/macro-assembler-ia32.h‎
Lines changed: 1 addition & 0 deletions b/‎src/codegen/ia32/macro-assembler-ia32.h‎
Lines changed: 1 addition & 0 deletions
@@ -863,6 +863,7 @@ namespace internal {
   /* RegExp helpers */                                                         \
   TFS(RegExpExecAtom, kRegExp, kString, kLastIndex, kMatchInfo)                \
   TFS(RegExpExecInternal, kRegExp, kString, kLastIndex, kMatchInfo)            \
+  ASM(RegExpInterpreterTrampoline, CCall)                                      \
   TFS(RegExpMatchFast, kReceiver, kPattern)                                    \
   TFS(RegExpPrototypeExecSlow, kReceiver, kString)                             \
   TFS(RegExpSearchFast, kReceiver, kPattern)                                   \
 
@@ -10,6 +10,7 @@
 #include "src/builtins/growable-fixed-array-gen.h"
 #include "src/codegen/code-factory.h"
 #include "src/codegen/code-stub-assembler.h"
+#include "src/codegen/macro-assembler.h"
 #include "src/execution/protectors.h"
 #include "src/heap/factory-inl.h"
 #include "src/logging/counters.h"
@@ -25,12 +26,60 @@ using compiler::Node;
 template <class T>
 using TNode = compiler::TNode<T>;
 
+// Tail calls the regular expression interpreter.
+// static
+void Builtins::Generate_RegExpInterpreterTrampoline(MacroAssembler* masm) {
+  ExternalReference interpreter_code_entry =
+      ExternalReference::re_match_for_call_from_js(masm->isolate());
+  masm->Jump(interpreter_code_entry);
+}
+
 TNode<Smi> RegExpBuiltinsAssembler::SmiZero() { return SmiConstant(0); }
 
 TNode<IntPtrT> RegExpBuiltinsAssembler::IntPtrZero() {
   return IntPtrConstant(0);
 }
 
+// If code is a builtin, return the address to the (possibly embedded) builtin
+// code entry, otherwise return the entry of the code object itself.
+TNode<RawPtrT> RegExpBuiltinsAssembler::LoadCodeObjectEntry(TNode<Code> code) {
+  TVARIABLE(RawPtrT, var_result);
+
+  Label if_code_is_off_heap(this), out(this);
+  {
+    // TODO(pthier): A potential optimization for the future is to make this
+    // decision based on the builtin index instead of flags, and avoid the
+    // additional load below.
+    TNode<Int32T> code_flags = UncheckedCast<Int32T>(
+        LoadObjectField(code, Code::kFlagsOffset, MachineType::Int32()));
+    GotoIf(IsSetWord32(code_flags, Code::IsOffHeapTrampoline::kMask),
+           &if_code_is_off_heap);
+    var_result = ReinterpretCast<RawPtrT>(
+        IntPtrAdd(BitcastTaggedToWord(code),
+                  IntPtrConstant(Code::kHeaderSize - kHeapObjectTag)));
+    Goto(&out);
+  }
+
+  BIND(&if_code_is_off_heap);
+  {
+    TNode<Int32T> builtin_index = UncheckedCast<Int32T>(
+        LoadObjectField(code, Code::kBuiltinIndexOffset, MachineType::Int32()));
+    TNode<IntPtrT> builtin_entry_offset_from_isolate_root =
+        IntPtrAdd(IntPtrConstant(IsolateData::builtin_entry_table_offset()),
+                  ChangeInt32ToIntPtr(Word32Shl(
+                      builtin_index, Int32Constant(kSystemPointerSizeLog2))));
+
+    var_result = ReinterpretCast<RawPtrT>(
+        Load(MachineType::Pointer(),
+             ExternalConstant(ExternalReference::isolate_root(isolate())),
+             builtin_entry_offset_from_isolate_root));
+    Goto(&out);
+  }
+
+  BIND(&out);
+  return var_result.value();
+}
+
 // -----------------------------------------------------------------------------
 // ES6 section 21.2 RegExp Objects
 
@@ -336,8 +385,7 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
   ToDirectStringAssembler to_direct(state(), string);
 
   TVARIABLE(HeapObject, var_result);
-  Label out(this), interpreted(this), atom(this),
-      runtime(this, Label::kDeferred);
+  Label out(this), atom(this), runtime(this, Label::kDeferred);
 
   // External constants.
   TNode<ExternalReference> isolate_address =
@@ -406,12 +454,13 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
 
   to_direct.TryToDirect(&runtime);
 
-  // Load the irregexp code object and offsets into the subject string. Both
-  // depend on whether the string is one- or two-byte.
+  // Load the irregexp code or bytecode object and offsets into the subject
+  // string. Both depend on whether the string is one- or two-byte.
 
   TVARIABLE(RawPtrT, var_string_start);
   TVARIABLE(RawPtrT, var_string_end);
   TVARIABLE(Object, var_code);
+  TVARIABLE(Object, var_bytecode);
 
   {
     TNode<RawPtrT> direct_string_data = to_direct.PointerToData(&runtime);
@@ -427,6 +476,8 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
                         &var_string_start, &var_string_end);
       var_code =
           UnsafeLoadFixedArrayElement(data, JSRegExp::kIrregexpLatin1CodeIndex);
+      var_bytecode = UnsafeLoadFixedArrayElement(
+          data, JSRegExp::kIrregexpLatin1BytecodeIndex);
       Goto(&next);
     }
 
@@ -437,6 +488,8 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
                         &var_string_start, &var_string_end);
       var_code =
           UnsafeLoadFixedArrayElement(data, JSRegExp::kIrregexpUC16CodeIndex);
+      var_bytecode = UnsafeLoadFixedArrayElement(
+          data, JSRegExp::kIrregexpUC16BytecodeIndex);
       Goto(&next);
     }
 
@@ -458,14 +511,28 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
 #endif
 
   GotoIf(TaggedIsSmi(var_code.value()), &runtime);
-  GotoIfNot(IsCode(CAST(var_code.value())), &interpreted);
   TNode<Code> code = CAST(var_code.value());
 
-  // Ensure that a RegExp stack is allocated when using compiled Irregexp.
+  // Tier-up in runtime if ticks are non-zero and tier-up hasn't happened yet
+  // and ensure that a RegExp stack is allocated when using compiled Irregexp.
   {
+    Label next(this);
+    GotoIfNot(TaggedIsSmi(var_bytecode.value()), &next);
+    CSA_ASSERT(this, SmiEqual(CAST(var_bytecode.value()),
+                              SmiConstant(JSRegExp::kUninitializedValue)));
+
+    // Ensure RegExp stack is allocated.
     TNode<IntPtrT> stack_size = UncheckedCast<IntPtrT>(
         Load(MachineType::IntPtr(), regexp_stack_memory_size_address));
     GotoIf(IntPtrEqual(stack_size, IntPtrZero()), &runtime);
+
+    // Check if tier-up is requested.
+    TNode<Smi> ticks = CAST(
+        UnsafeLoadFixedArrayElement(data, JSRegExp::kIrregexpTierUpTicksIndex));
+    GotoIf(SmiToInt32(ticks), &runtime);
+
+    Goto(&next);
+    BIND(&next);
   }
 
   Label if_success(this), if_exception(this, Label::kDeferred);
@@ -489,25 +556,39 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
     MachineType arg1_type = type_int32;
     TNode<Int32T> arg1 = TruncateIntPtrToInt32(int_last_index);
 
-    // Argument 2: Start of string data.
+    // Argument 2: Start of string data. This argument is ignored in the
+    // interpreter.
     MachineType arg2_type = type_ptr;
     TNode<RawPtrT> arg2 = var_string_start.value();
 
-    // Argument 3: End of string data.
+    // Argument 3: End of string data. This argument is ignored in the
+    // interpreter.
     MachineType arg3_type = type_ptr;
     TNode<RawPtrT> arg3 = var_string_end.value();
 
     // Argument 4: static offsets vector buffer.
     MachineType arg4_type = type_ptr;
     TNode<ExternalReference> arg4 = static_offsets_vector_address;
 
-    // Argument 5: Set the number of capture registers to zero to force global
-    // regexps to behave as non-global.  This does not affect non-global
-    // regexps.
+    // Argument 5: Number of capture registers.
+    // Setting this to the number of registers required to store all captures
+    // forces global regexps to behave as non-global.
+    TNode<Smi> capture_count = CAST(UnsafeLoadFixedArrayElement(
+        data, JSRegExp::kIrregexpCaptureCountIndex));
+    // capture_count is the number of captures without the match itself.
+    // Required registers = (capture_count + 1) * 2.
+    STATIC_ASSERT(Internals::IsValidSmi((JSRegExp::kMaxCaptures + 1) << 1));
+    TNode<Smi> register_count =
+        SmiShl(SmiAdd(capture_count, SmiConstant(1)), 1);
+
     MachineType arg5_type = type_int32;
-    TNode<Int32T> arg5 = Int32Constant(0);
+    TNode<Int32T> arg5 = SmiToInt32(register_count);
 
-    // Argument 6: Start (high end) of backtracking stack memory area.
+    // Argument 6: Start (high end) of backtracking stack memory area. This
+    // argument is ignored in the interpreter.
+    // TODO(pthier): We should consider creating a dedicated external reference
+    // for top of regexp stack instead of calculating it here for every
+    // execution.
     TNode<RawPtrT> stack_start = UncheckedCast<RawPtrT>(
         Load(MachineType::Pointer(), regexp_stack_memory_address_address));
     TNode<IntPtrT> stack_size = UncheckedCast<IntPtrT>(
@@ -520,22 +601,26 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
 
     // Argument 7: Indicate that this is a direct call from JavaScript.
     MachineType arg7_type = type_int32;
-    TNode<Int32T> arg7 = Int32Constant(1);
+    TNode<Int32T> arg7 = Int32Constant(RegExp::CallOrigin::kFromJs);
 
     // Argument 8: Pass current isolate address.
     MachineType arg8_type = type_ptr;
     TNode<ExternalReference> arg8 = isolate_address;
 
-    TNode<RawPtrT> code_entry = ReinterpretCast<RawPtrT>(
-        IntPtrAdd(BitcastTaggedToWord(code),
-                  IntPtrConstant(Code::kHeaderSize - kHeapObjectTag)));
+    // Argument 9: Regular expression object. This argument is ignored in native
+    // irregexp code.
+    MachineType arg9_type = type_tagged;
+    TNode<JSRegExp> arg9 = regexp;
+
+    TNode<RawPtrT> code_entry = LoadCodeObjectEntry(code);
 
     TNode<Int32T> result = UncheckedCast<Int32T>(CallCFunction(
         code_entry, retval_type, std::make_pair(arg0_type, arg0),
         std::make_pair(arg1_type, arg1), std::make_pair(arg2_type, arg2),
         std::make_pair(arg3_type, arg3), std::make_pair(arg4_type, arg4),
         std::make_pair(arg5_type, arg5), std::make_pair(arg6_type, arg6),
-        std::make_pair(arg7_type, arg7), std::make_pair(arg8_type, arg8)));
+        std::make_pair(arg7_type, arg7), std::make_pair(arg8_type, arg8),
+        std::make_pair(arg9_type, arg9)));
 
     // Check the result.
     // We expect exactly one result since we force the called regexp to behave
@@ -556,78 +641,6 @@ TNode<HeapObject> RegExpBuiltinsAssembler::RegExpExecInternal(
     Goto(&runtime);
   }
 
-  BIND(&interpreted);
-  {
-    // Tier-up in runtime to compiler if ticks are non-zero.
-    TNode<Smi> ticks = CAST(
-        UnsafeLoadFixedArrayElement(data, JSRegExp::kIrregexpTierUpTicksIndex));
-    GotoIf(SmiToInt32(ticks), &runtime);
-
-    IncrementCounter(isolate()->counters()->regexp_entry_native(), 1);
-
-    // Set up args for the final call into IrregexpInterpreter.
-
-    MachineType type_int32 = MachineType::Int32();
-    MachineType type_tagged = MachineType::AnyTagged();
-    MachineType type_ptr = MachineType::Pointer();
-
-    // Result: A IrregexpInterpreter::Result return code.
-    MachineType retval_type = type_int32;
-
-    // Argument 0: Pass current isolate address.
-    MachineType arg0_type = type_ptr;
-    TNode<ExternalReference> arg0 = isolate_address;
-
-    // Argument 1: Regular expression object.
-    MachineType arg1_type = type_tagged;
-    TNode<JSRegExp> arg1 = regexp;
-
-    // Argument 2: Original subject string.
-    MachineType arg2_type = type_tagged;
-    TNode<String> arg2 = string;
-
-    // Argument 3: Static offsets vector buffer.
-    MachineType arg3_type = type_ptr;
-    TNode<ExternalReference> arg3 = static_offsets_vector_address;
-
-    // Argument 4: Length of static offsets vector buffer.
-    TNode<Smi> capture_count = CAST(UnsafeLoadFixedArrayElement(
-        data, JSRegExp::kIrregexpCaptureCountIndex));
-    TNode<Smi> register_count =
-        SmiShl(SmiAdd(capture_count, SmiConstant(1)), 1);
-
-    MachineType arg4_type = type_int32;
-    TNode<Int32T> arg4 = SmiToInt32(register_count);
-
-    // Argument 5: Previous index.
-    MachineType arg5_type = type_int32;
-    TNode<Int32T> arg5 = TruncateIntPtrToInt32(int_last_index);
-
-    TNode<ExternalReference> code_entry = ExternalConstant(
-        ExternalReference::re_match_for_call_from_js(isolate()));
-
-    TNode<Int32T> result = UncheckedCast<Int32T>(CallCFunction(
-        code_entry, retval_type, std::make_pair(arg0_type, arg0),
-        std::make_pair(arg1_type, arg1), std::make_pair(arg2_type, arg2),
-        std::make_pair(arg3_type, arg3), std::make_pair(arg4_type, arg4),
-        std::make_pair(arg5_type, arg5)));
-
-    TNode<IntPtrT> int_result = ChangeInt32ToIntPtr(result);
-    GotoIf(
-        IntPtrEqual(int_result, IntPtrConstant(RegExp::kInternalRegExpSuccess)),
-        &if_success);
-    GotoIf(
-        IntPtrEqual(int_result, IntPtrConstant(RegExp::kInternalRegExpFailure)),
-        &if_failure);
-    GotoIf(IntPtrEqual(int_result,
-                       IntPtrConstant(RegExp::kInternalRegExpException)),
-           &if_exception);
-
-    CSA_ASSERT(this, IntPtrEqual(int_result,
-                                 IntPtrConstant(RegExp::kInternalRegExpRetry)));
-    Goto(&runtime);
-  }
-
   BIND(&if_success);
   {
     // Check that the last match info has space for the capture registers and
@@ -1812,7 +1825,6 @@ void RegExpBuiltinsAssembler::RegExpPrototypeMatchBody(TNode<Context> context,
         TNode<RegExpMatchInfo> match_indices =
             RegExpPrototypeExecBodyWithoutResult(context, CAST(regexp), string,
                                                  &if_didnotmatch, true);
-
         Label dosubstring(this), donotsubstring(this);
         Branch(var_atom.value(), &donotsubstring, &dosubstring);
 
 
@@ -30,6 +30,8 @@ class RegExpBuiltinsAssembler : public CodeStubAssembler {
   TNode<Smi> SmiZero();
   TNode<IntPtrT> IntPtrZero();
 
+  TNode<RawPtrT> LoadCodeObjectEntry(TNode<Code> code);
+
   // Allocate a RegExpResult with the given length (the number of captures,
   // including the match itself), index (the index where the match starts),
   // and input string.
 
@@ -217,6 +217,13 @@ void TurboAssembler::Jump(Handle<Code> code, RelocInfo::Mode rmode,
   Jump(static_cast<intptr_t>(code.address()), rmode, cond);
 }
 
+void TurboAssembler::Jump(const ExternalReference& reference) {
+  UseScratchRegisterScope temps(this);
+  Register scratch = temps.Acquire();
+  Move(scratch, reference);
+  Jump(scratch);
+}
+
 void TurboAssembler::Call(Register target, Condition cond) {
   // Block constant pool for the call instruction sequence.
   BlockConstPoolScope block_const_pool(this);
 
@@ -409,6 +409,7 @@ class V8_EXPORT_PRIVATE TurboAssembler : public TurboAssemblerBase {
   void Jump(Register target, Condition cond = al);
   void Jump(Address target, RelocInfo::Mode rmode, Condition cond = al);
   void Jump(Handle<Code> code, RelocInfo::Mode rmode, Condition cond = al);
+  void Jump(const ExternalReference& reference) override;
 
   // Perform a floating-point min or max operation with the
   // (IEEE-754-compatible) semantics of ARM64's fmin/fmax. Some cases, typically
 
@@ -1867,6 +1867,13 @@ void TurboAssembler::Jump(Handle<Code> code, RelocInfo::Mode rmode,
   }
 }
 
+void TurboAssembler::Jump(const ExternalReference& reference) {
+  UseScratchRegisterScope temps(this);
+  Register scratch = temps.AcquireX();
+  Mov(scratch, reference);
+  Jump(scratch);
+}
+
 void TurboAssembler::Call(Register target) {
   BlockPoolsScope scope(this);
   Blr(target);
 
@@ -889,6 +889,7 @@ class V8_EXPORT_PRIVATE TurboAssembler : public TurboAssemblerBase {
   void Jump(Register target, Condition cond = al);
   void Jump(Address target, RelocInfo::Mode rmode, Condition cond = al);
   void Jump(Handle<Code> code, RelocInfo::Mode rmode, Condition cond = al);
+  void Jump(const ExternalReference& reference) override;
 
   void Call(Register target);
   void Call(Address target, RelocInfo::Mode rmode);
 
@@ -1957,6 +1957,12 @@ void TurboAssembler::JumpCodeObject(Register code_object) {
   jmp(code_object);
 }
 
+void TurboAssembler::Jump(const ExternalReference& reference) {
+  DCHECK(root_array_available());
+  jmp(Operand(kRootRegister, RootRegisterOffsetForExternalReferenceTableEntry(
+                                 isolate(), reference)));
+}
+
 void TurboAssembler::Jump(Handle<Code> code_object, RelocInfo::Mode rmode) {
   DCHECK_IMPLIES(options().isolate_independent_code,
                  Builtins::IsIsolateIndependentBuiltin(*code_object));
 
@@ -96,6 +96,7 @@ class V8_EXPORT_PRIVATE TurboAssembler : public TurboAssemblerBase {
   void LoadCodeObjectEntry(Register destination, Register code_object) override;
   void CallCodeObject(Register code_object) override;
   void JumpCodeObject(Register code_object) override;
+  void Jump(const ExternalReference& reference) override;
 
   void RetpolineCall(Register reg);
   void RetpolineCall(Address destination, RelocInfo::Mode rmode);
Original file line number	Diff line number	Diff line change
`@@ -1867,6 +1867,13 @@ void TurboAssembler::Jump(Handle<Code> code, RelocInfo::Mode rmode,`
`1867`	`1867`	`}`
`1868`	`1868`	`}`
`1869`	`1869`
	`1870`	`+void TurboAssembler::Jump(const ExternalReference& reference) {`
	`1871`	`+ UseScratchRegisterScope temps(this);`
	`1872`	`+ Register scratch = temps.AcquireX();`
	`1873`	`+ Mov(scratch, reference);`
	`1874`	`+ Jump(scratch);`
	`1875`	`+}`
	`1876`	`+`
`1870`	`1877`	`void TurboAssembler::Call(Register target) {`
`1871`	`1878`	`BlockPoolsScope scope(this);`
`1872`	`1879`	`Blr(target);`