To support Fast API calls with overloads, implement compile-time
function resolution based on the number of arguments passed to the JS
function.
Bug: v8:11739
Change-Id: I96839dc0b6fc540eff94573ac9e77f678908fc3a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2901249
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#74837}
The counter as size_t can legitimately overflow on 32-bit systems, since
decreasing the counters is performed after all backing stores were
freed on a background thread. Before sweeping is finished a new backing
store could already be allocated which then leads to the overflow.
Bug: v8:11788, chromium:1211437
Change-Id: Id9f3e58b0e84e831fe47109f7deb3a05ae7e489c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922242
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74836}
This reverts commit 17915002fc.
Reason for revert: Breaks TSAN builds (e.g. https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20builder/19166/overview)
Original change's description:
> [builtins][x64] Use callee-saved registers for write barrier stubs
>
> Calls to the record write stub are quite frequent and the caller has to
> save all registers used by the builtin.
>
> This CL moves the register saving to the builtin itself, reducing the
> call-site code size significantly in many cases and thus improving
> compilation speed of sparkplug.
>
> Follow-up CLs with introduce the same behaviour to other platforms.
>
> - CallRecordWriteStubSaveRegisters preserves the existing behaviour and
> saves clobbered registers.
> - CallRecordWriteStub expects the registers to match the ones specified
> in the WriteBarrierDescriptor for more compact code.
>
> Bug: v8:11420
> Change-Id: Ib1260cf972712bb9ba879beacd34b06a7fa347f1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922103
> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74831}
Bug: v8:11420
Change-Id: I20f239e64ec2834acd651341634974291992add5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922316
Auto-Submit: Adam Klein <adamk@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74832}
Calls to the record write stub are quite frequent and the caller has to
save all registers used by the builtin.
This CL moves the register saving to the builtin itself, reducing the
call-site code size significantly in many cases and thus improving
compilation speed of sparkplug.
Follow-up CLs with introduce the same behaviour to other platforms.
- CallRecordWriteStubSaveRegisters preserves the existing behaviour and
saves clobbered registers.
- CallRecordWriteStub expects the registers to match the ones specified
in the WriteBarrierDescriptor for more compact code.
Bug: v8:11420
Change-Id: Ib1260cf972712bb9ba879beacd34b06a7fa347f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922103
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74831}
This CL does 2 things:
1) Implements forwarding of histogram reporting from cppgc to v8 via
CppHeap.
2) Establishes the pipeline in GCTracer for sending the histograms to
the embedder.
Currently only cppgc histograms are populated.
See crrev.com/c/2916956 for usage.
Bug: chromium:1154636
Change-Id: I8150116f757e105d0dfac96a3f6e7dd95717f5bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2917033
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74830}
With mprotect-based write protection of the WebAssembly code space,
we switch page protection flags each time (at least) one compilation
thread needs write access. Two such switches happen when TurboFan
compilation results are available in {ExecuteCompilationUnits}: One
switch happens when calling {NativeModule::AddCompiledCode} and one more
when calling {NativeModule::PublishCode} via
{SchedulePublishCompilationResults} and {PublishCompilationResults}.
So far, each TurboFan result was published eagerly, i.e., as soon as it
became available. This has the benefit that faster code is available
immediately, and had no large cost or downside without write protection.
However, with write protection switching permissions is expensive (an
mprotect syscall) and needs to lock the
{WasmCodeAllocator::allocation_mutex_} (which causes lock contention and
under Linux many futex syscalls). Thus, immediately publishing each
TurboFan result when using write protection can cause up to 10x slower
compilation compared with not using write protection. In terms of
syscalls we measured (non scientifically) with
{sudo perf stat -e 'syscalls:sys_enter*' d8 ...} on the Unity benchmark:
- mprotect: 10k vs. 44k syscalls (baseline vs. write protection)
- futex: 31k vs. 112k syscalls (baseline vs. write protection)
- sys time: 1.6s vs. 10s (baseline vs. write protection)
All of those are clearly to high.
The fix here is simply to batch togther multiple TurboFan functions into
one publishing step when using write protection. The batching logic
already exists for Liftoff, so we can just disable eager publishing for
TurboFan when using write protection. Additionally, we publish once when
all Liftoff results are available (even if the batch is not complete),
such that time-to-execute is not regressed.
R=clemensb@chromium.org
CC=jkummerow@chromium.org
Bug: v8:11663, chromium:932033
Change-Id: Ibf6f28ecf4733b40322e62761e66046dec60a125
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922114
Commit-Queue: Daniel Lehmann <dlehmann@google.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74829}
This reverts commit 5fd3858258.
Reason for revert: Failures on the predictable bot: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20predictable/36749/overview
Original change's description:
> [flags] Predictable should not imply single-threaded
>
> The --predictable flag is often used to reproduce issues, and having it
> imply --single-threaded can change decisions like which compiler(s) to
> use. This is because --single-threaded is meant to be set by embedders
> (hence we do our best to support single-threaded execution), whereas
> --predictable is a testing-only flag which should not change semantics
> too much. The fact that --predictable executes everything in a single
> thread is already implied by the PredictablePlatform.
>
> R=ahaas@chromium.org, machenbach@chromium.org
> CC=jkummerow@chromium.org
>
> Change-Id: Ic174dd59dfdbd6aa1a410f983db05db26c944cd5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919828
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74822}
Change-Id: Id312cd2b3a150fa3e61daf6550651dc252264ca2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922248
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74828}
When 'beforeScriptExecution' is enabled, a pause event may be generated
with a reason of 'instrumentation' rather than 'other.' This patch
ensures that in the case of a schedule-break, both an 'instrumentation'
and 'other' pause event is generated.
This is important for debuggers that rely on getting 'other' breakpoints
to determine if they should actually break, or continue executation.
Change-Id: I73613f4df6fa7942e7ca2be58853e5420589ba0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2915680
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Scott Violet <sky@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74827}
This adds detection for constant memory indexes which can statically be
proven to be in-bounds (because the effective offset is within the
minimum memory size). In these cases, we can skip the bounds check and
the out-of-line code for the trap-handler.
This often saves 1-2% of code size.
R=ahaas@chromium.org
Bug: v8:11802
Change-Id: I0ee094e6f1f5d132af1d6a8a7c539a4af6c3cb5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919827
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74825}
This is to mitigate flaky timeouts due to memory problems on some
Bionic bots.
Bug: v8:11818
Change-Id: I4758f0f167b94d81f43e183a5599a39d8545b4e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922245
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74824}
This function broke abstraction and as a result became incorrect when
the call feedback was extended with the CallFeedbackContent flag.
Bug: v8:11821, v8:9974
Change-Id: Ic40dc45440a697a554d015dd50f0178e79963920
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919820
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74823}
The --predictable flag is often used to reproduce issues, and having it
imply --single-threaded can change decisions like which compiler(s) to
use. This is because --single-threaded is meant to be set by embedders
(hence we do our best to support single-threaded execution), whereas
--predictable is a testing-only flag which should not change semantics
too much. The fact that --predictable executes everything in a single
thread is already implied by the PredictablePlatform.
R=ahaas@chromium.org, machenbach@chromium.org
CC=jkummerow@chromium.org
Change-Id: Ic174dd59dfdbd6aa1a410f983db05db26c944cd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919828
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74822}
This CL renames the --d8-web-snapshot-api flag to explicitly mark it as
experimental, so that it is ignored by fuzzers.
Bug: v8:11525, v8:11706
Change-Id: Iff8a9d5697b60d0ade841773d1f0b537fcb19b70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922109
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Vicky Kontoura <vkont@google.com>
Cr-Commit-Position: refs/heads/master@{#74820}
Use a read-write lock for protecting original_top, original_limit and
pending_object for all spaces. This way Heap::IsPendingAllocation is
always guaranteed to read a consistent top/limit-pair and also the
last values for those fields.
The main thread will acquire an exclusive lock to update those fields.
Concurrent Turbofan threads will use shared locks to read them.
This may be quite expensive on the Turbofan-side, so landing this CL
should help us figure out how big of a regression this simple fix would
be. For main thread execution performance is supposed to be okay, since
this is only used on the allocation slow path.
Bug: v8:11778, chromium:1213266
Change-Id: I9464f53fd50057ec2540ab5b79f74ee52a5d7500
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903143
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74814}
Based on an analysis of auto-generated code, based on
browser_protocol.pdl and js_protocol.pdl:
https://goreportcard.com/report/github.com/daabr/chrome-vision#misspell
Bug: chromium:1213460
Change-Id: Ib96b2d2700d0bf1ac90e88accd0bc15eccbb9d7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848874
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74810}
The timer might not be started when the main thread starts shutdown
between a background thread invoking RequestGC() and
AwaitCollectionBackground().
Add early bailout to AwaitCollectionBackground() in case shutdown
was already initiated.
Bug: v8:11823
Change-Id: Id646cdefa99adb04553c21337ad19538071ee3d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919957
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74808}
As is, the DCHECK() has a #if inside, and MSVC has trouble
pre-processing that. Fix this by moving the conditional inside the
DCHECK() into a separate helper function.
Bug: v8:11760
Change-Id: Ib4ae0fe263029bb426da378afa5b6881557ce652
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919421
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74807}
Changes:
- Add --experimental-wasm-gc-experiments flag.
- Add array.copy opcode. Implement it in decoding and code generation
behind the new flag.
- Add WasmCodeBuilder::BoundsCheckArrayCopy. Move BoundsCheckArray to
the private section.
- Add WasmArrayCopy and WasmArrayCopyWithChecks builtin.
- Add WasmArrayCopy runtime function.
- Add WasmArray::ElementSlot.
- Always print two hex digits in CHECK_PROTOTYPE_OPCODE.
- In test-gc, print the thrown-error message if the function should not
throw.
- In test-gc, add GetResultObject with one argument.
Bug: v8:7748
Change-Id: I58f4d37e254154596cdef5e78482b55260dd3782
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912729
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74806}
Use compile-time DCHECK instead of Unreachable().
GenerateRecordWrite is disabled to prevent the use of PageFromAddress
when TPH is enabled.
Another user of PageFromAddress is TrapAllocationMemento, this will
be disabled in https://chromium-review.googlesource.com/c/v8/v8/+/2897326.
Bug: v8:11641
Change-Id: I1393d5ad52695a79750be00f2205648458f9c79d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909216
Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74805}
People change their names and email addresses for many reasons. Adding
a `.mailmap` ensures that e.g. `git log` and `git blame` respect
people’s choices.
Bug: chromium:1213438
Change-Id: I03fcacff90d996d423283c345ddfc4ed9fccf98e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919671
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74799}
This is a reland of 916eb86952
Change compared to original:
Remove ternary operator from lambda, as this triggers a gcc bug.
Original change's description:
> Reland "[wasm][bug] Fix a couple of bugs in validation of unreachable code"
>
> This is a reland of 4a037f871e
>
> Changes compared to original change: None. This seems not to create
> problems after all.
>
> Original change's description:
> > [wasm][bug] Fix a couple of bugs in validation of unreachable code
> >
> > Changes:
> > - SetBlockType now instantiates the block's start merge with values of
> > the correct type in unreachable code.
> > - EnsureStackArguments now keeps the existing stack values and moves
> > them over the new bottom values.
> > - Drop stack size validation in Drop().
> > - Add new tests in unreachable-validation.js.
> >
> > Change-Id: Ie68b3d9abb0a41d1623d4a123fb526e71941c4e7
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2902733
> > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#74650}
>
> Change-Id: Id620f7fb6677b772b0dcfd38108256384db44439
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905598
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74677}
Bug: v8:11819
Change-Id: I9b8d915547ec9aee7cb5233937089d431db54c8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919833
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74797}
They check for AVX and uses the AVX instruction if available. This is a
follow-up CL to https://crrev.com/c/v8/v8/+/2912778
Change-Id: Ib53f06f03ac1067366b76b9193d8db98c394ce50
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919853
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74795}
Build with single generation mode failed because
new_space_allocation_top() and new_space_allocation_limit() both return
nullptr now without a new space. Previously the DCHECK succeeded because
both methods would call the NewSpace methods with null as this pointer.
Bug: v8:11708
Change-Id: I74babded2c790642e74722ed53794aecebec4344
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2917604
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74794}
When BranchElimination has to find the common prefix of a set of
BranchConditions in a Merge, it has to traverse a number of linked lists
of individual conditions, which is inefficient.
This CL improves its performance by grouping conditions between an
IfTrue/IfFalse and a Merge in a single entry of BranchConditions.
Additional change: Improve documentation of FunctionalList.
Change-Id: I93a58886151f6831cafb483aafb48e8e6c2433e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2917600
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74793}
The verbose output shown on bots didn't print the first failing result
of a flaky test before. Now the result line shows all results and
the details in the end show the output of the first failure.
Previously it was confusing as it seemed that the json results and
the test runner output differed.
We now print PASS in all caps like the other statuses. A test for
this case already existed and the output is now updated.
Bug: v8:8434
Change-Id: I473ec392e0028bf64b3da53d4b37446ffcd17277
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919670
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74792}
Without the explicit constexpr keyword, Clang seems to be able to treat
these methods as constexpr, whereas MSVC will not.
Bug: v8:11760
Change-Id: I9f6492f38fb50dcaf7a4f09da0bd79c0da6a50eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912916
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74791}
The new functionality is hidden behind the --wasm-gc-js-interop flag.
Bug: v8:11804
Change-Id: I9dd779efe3dbf3c773948b6fd8872e3aea8cd7a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912784
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74790}
