When suspending, rather than saving all registers up to a certain index,
only save the ones that are live according to the liveness analysis.
Others are saved as optimized out constants, and are skipped during the
GenaratorStore lowering. Symmetrically, only restore live registers when
resuming.
Change-Id: Icc2df905b0fe2fe5c372097bd67d5316edcd1b54
Reviewed-on: https://chromium-review.googlesource.com/905662
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51153}
We reuse most of the infrastructure to set break points, with minor
differences when we encounter functions where we can only break on entry:
- PrepareFunctionForBreakPoints simply deopts all functions.
- Break point objects have the canonical source position 0.
- Break point is set/checked/cleared via bit on the DebugInfo.
- Debug::Break do not continue stepping since stepping is implemented via
regular break points and therefore do not interfere with break on entry.
I promise to add more tests.
Bug: v8:178
Change-Id: Ifc8231995c771286db0b848b811e1c3ad3b12494
Reviewed-on: https://chromium-review.googlesource.com/906245
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51152}
Cleanup CL that removes unnecessary builtins that were just wrapping
the throwing of errors. Use the ThrowTypeError and ThrowRangeError
helpers more consistently from CSA.
Change-Id: I2d0c3647340c88c457b27e16c0a81567869b7ec7
Reviewed-on: https://chromium-review.googlesource.com/906769
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51150}
If the interpreter has an upper limit of instructions to execute, treat
grow_memory like 1000 other instructions in order to account for the
huge execution time of grow_memory.
R=ahaas@chromium.org
Bug: chromium:807383
Change-Id: Id513a41257734a3041bef45bbc00c461fdec6787
Reviewed-on: https://chromium-review.googlesource.com/905605
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51149}
Port 7c14a408f9
Original Commit Message:
It turns out that .incbin can be problematic for build systems, in
that the included binary file is not detected as a build-time
dependency.
The alternative is .byte inclusion, which we test here.
R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ie42da993ae61964eb3f02f328333ec140902d929
Reviewed-on: https://chromium-review.googlesource.com/906688
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#51148}
The .byte directive will be used instead of .incbin since the latter
comes with complications involving build-time dependency detection.
Drive-by-edits: Move macro definitions closer to their use-sites.
TBR=rmcilroy@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_win64_msvc_compile_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Bug: v8:6666
Change-Id: Ibda0b3577688248dbf627cb69965d28309193859
Reviewed-on: https://chromium-review.googlesource.com/906488
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51147}
We need a deopt point for the case when we fail to find an initial
element from which to begin the reduction step.
Bug: v8:7384
Change-Id: I5e476ddc433be690577677b018639c4c0c70809b
Reviewed-on: https://chromium-review.googlesource.com/906508
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51146}
There are functions that were called by TypedArraySpeciesCreate that
is deleted now. This CL removes Create, HasJSTypedArrayPrototype,
DefaultConstructor in JSTypedArray, which is not used anymore.
Change-Id: Ib4785cc52a8f18f2a3dfc3f27e39a23260cb2a4f
Reviewed-on: https://chromium-review.googlesource.com/905712
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51145}
We don't need these wrappers - we can just use ThrowTypeError from CSA
instead. There were also a bunch of unused runtime functions which we
can just delete.
This CL has no behavior changes.
Change-Id: I5efefd726aff4cca8e8feba6cd05fe8ff5663931
Reviewed-on: https://chromium-review.googlesource.com/906470
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51144}
This makes it easier to restart an aborted merge.
R=machenbach@chromium.org
TEST=ran tools/release/script_test.py locally
Bug: v8:7410
Change-Id: I26b1b09e0000c9c689ad80be32ced9e35634bcec
Reviewed-on: https://chromium-review.googlesource.com/905665
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51143}
Port 0761b55d21
Original Commit Message:
"Extend the code-generator tests to cover AssembleMove and AssembleSwap with
Simd128 registers and stack slots, for targets that support them.
For this to work however, we need support for passing Simd128 stack parameters
in TurboFan which this patch implements for Arm and x86. PPC and S390 both do
not support the Simd128 representation and it appears MIPS and MIPS64's
implementation of AssembleMove and AssembleSwap do not support it either.
As per the design of the tests, the set of values to perform moves on are
represented in a FixedArray of Smis (for kTagged) and HeapNumbers (for kFloat32
and kFloat64). They are converted to raw values for the moves to be performed
on, to be then converted back into a FixedArray. For the kSimd128
representation, we represent values as a FixedArray of 4 Smis, each representing
a lane. They are converted to a raw Simd128 vector using the `I32x4ReplaceLane`
and `I32x4ExtractLane` operations.
Finally, these tests need Simd128 variables mixed with the CodeStubAssembler
which is not a use-case officially supported. And as a result, the `RecordWrite`
stub does not guarantee to preserve Simd128 registers. To get around this, we
have to be careful to skip write barriers when dealing with Simd128 parameters
inside the "teardown" function, and we've had to move all allocations to the
"setup" function.
Thanks to this, we are able to catch bugs such as this one
https://bugs.chromium.org/p/v8/issues/detail?id=6843."
Change-Id: If867dedf4a2c72cb75c58effda93e3eec432fd67
Reviewed-on: https://chromium-review.googlesource.com/906469
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#51142}
Move the class declaration for SpeciesCreateByLength to a header file
so that we can share more TypedArray CSA code.
Delete the C++ implementation of species create for typed arrays
because it is no longer used.
Change-Id: I7c43b8ef144ba9a8ce12516f7cb8fb570491cb26
Reviewed-on: https://chromium-review.googlesource.com/904987
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51139}
Introduce DispatchTypedArrayByElementsKind function to avoid repeated
macro uses of CSA switch statements for typed array elements kind.
Change-Id: I31d143cdf223fe164f2b248099ad874f83e8317b
Reviewed-on: https://chromium-review.googlesource.com/906163
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51137}
We are seeing rare crashes due to dereferencing a null pointer shortly after
calling NewNativeModule. The most likely cause is that we failed the allocation
and returned a null pointer. Now we will use V8::FatalProcessOutOfMemory so that
this gets handled correctly.
Bug: chromium:809002
Change-Id: I7e11897c4b93a1fb9eab3b5f16fb42c27e719f87
Reviewed-on: https://chromium-review.googlesource.com/905685
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51134}
It will record the time-to-schedule-after-job-start for different
task types to try to highlight use cases where contention might
be a problem (and show improvements to it later).
Also introducing AsyncTimedHistogram to support this use case whose
reported timings go beyond a single scope (i.e. the async version of
ScopedTimedHistogram).
Bug: chromium:807606
Change-Id: Ib4d581fa8b001723dfe8c91102280e9608b4fabb
Reviewed-on: https://chromium-review.googlesource.com/899365
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Gabriel Charette <gab@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51131}
Turns out this path is used in the wild for logs and counters.
We may eventually want to split TimedHistograms based on low resolution
clocks to avoid polluting metrics but for now just make it a warning
to raise awereness when debugging in such an environment.
R=hpayer@chromium.org
Bug: chromium:809016
Change-Id: I5f2dd511d5fce730256979d58212468f08a2d680
Reviewed-on: https://chromium-review.googlesource.com/904045
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Gabriel Charette <gab@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51130}
Cleans up the implementation of trapping/saturating operations to
use existing models of types, instead of defining new ones. That is,
it uses MachineType to represent the kind of integer/float value the
conversion is operating on.
It also removes the need to define NumericImplementation by using
the actual opcodes to determine if the instruction is trapping or
saturating.
Finally, it now defines a single method to implement the truncating
(that doesn't use a ccall) conversions. The previous code had two
methods, one for I32 and one for I64.
Bug: v8:7226
Change-Id: Ia869416c8bd1abe76d0583c28a3105102d130b46
Reviewed-on: https://chromium-review.googlesource.com/900558
Commit-Queue: Karl Schimpf <kschimpf@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51129}
The task count was reset after handling the first task, so the wait
loop would end after one iteration. As a result unmapping tasks might
have been left running even after waiting for the tasks to be
completed.
Bug: v8:7412
Change-Id: I869848477946589d0370ab038d135393e816a7c0
Reviewed-on: https://chromium-review.googlesource.com/903166
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51127}
In the contexts for the resolver closures used in Promise.all we can
save the "already visited" cell, by just setting the index slot to a
negative value, which then indicates that this element was already
done.
Bug: v8:7253
Change-Id: I1296a2216eac3b51368c1e7795dbcd2c80cc430a
Reviewed-on: https://chromium-review.googlesource.com/903928
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51125}
Port 47e272b206
Original Commit Message:
This is a reland of ef06feded6.
Original change's description:
> Reland "[builtins] Add .incbin cctest"
>
> This is a reland of b012816155.
>
> Original change's description:
> > [builtins] Add .incbin cctest
> >
> > Just to ensure this is portable across all platforms.
> >
> > Credits go to https://github.com/graphitemaster/incbin, bits of the
> > .incbin code were taken from there. Thanks!
> >
> > Reland of https://crrev.com/c/881181
> >
> > Bug: v8:6666
> > Change-Id: I5c0dbf56b1c987fd88607dca69b39d65b59cdefc
> > Reviewed-on: https://chromium-review.googlesource.com/895597
> > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#51042}
>
> Cq-Include-Trybots: luci.v8.try:v8_win64_msvc_compile_rel
> Bug: v8:6666
> Change-Id: I8fc0963e28996a84ed56c2e740d895e26611abf0
> Reviewed-on: https://chromium-review.googlesource.com/897630
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51054}
R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I863d01a4a7d91f9f2128e4598f417efe49c43e7b
Reviewed-on: https://chromium-review.googlesource.com/902431
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#51124}
- Remove redundant instruction from I16x8Splat
- Force F32x4Splat to use movss, as using MacroAssembler can mix SSE/AVX
instructions
Bug: v8:6020
Change-Id: I781c22adecf892a79b6a38c3d83fc4022f9067de
Reviewed-on: https://chromium-review.googlesource.com/898429
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51123}
This is the last piece of the TypedArray constructors that was still
written in JS.
Bug: v8:7102
Change-Id: I7c4dc867b09408caa4eec2873ea7185b6c61a525
Reviewed-on: https://chromium-review.googlesource.com/888751
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51122}
The num_tasks computation has long been based on NumberOfAvailableBackgroundThreads()
We used to have one background worker per core, stealing cycles from
the main thread. I fixed that @ crrev.com/534414. But now this
computation is wrong and generates one less task than it should (one
per worker but the main thread takes task #0 in practice).
Other usage of NumberOfAvailableBackgroundThreads() in V8 seem correct
already so this is the only tweak required.
R=mlippautz@chromium.org
Bug: chromium:808028
Change-Id: I784ed9b764017f146931547d30be4a3b180b5a2c
Reviewed-on: https://chromium-review.googlesource.com/904662
Commit-Queue: Gabriel Charette <gab@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51121}
This merely re-uses the same ScopeId as the task. Tracing shows these
as a nested layer with the same name. This is not the cleanest way to
do this but it makes the trace clearer for a minimal diff.
R=mlippautz@chromium.org
Bug: chromium:651354
Change-Id: Ib30ec7d04a30657a63a49aba9698cacd9af950d3
Reviewed-on: https://chromium-review.googlesource.com/904164
Commit-Queue: Gabriel Charette <gab@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51120}
Removes the overhead of Zone allocating temporary space
that only slightly improved performance of the overlap
(less common) case.
Bug: chromium:808360
Change-Id: Ic92f20f15decb12b916ee23267debd9adc785ee0
Reviewed-on: https://chromium-review.googlesource.com/904462
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#51119}
The perf jit support assumes that if a code object has source position entries,
then it has a source file associated with them. However, the WasmToJS wrapper
stubs are exceptions to this rule which causes a crash when using `--perf-prof`
with asm.js or WASM code.
Change-Id: I047e229477844bf5357c8553ee50e22c089ab1c2
Reviewed-on: https://chromium-review.googlesource.com/897643
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#51118}
Break points are cleared to empty fixed array, not undefined.
R=jgruber@chromium.org
Change-Id: Id8dcd08ed0aebc5c4f7745982cde48d562af9772
Reviewed-on: https://chromium-review.googlesource.com/904202
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51117}
Add a fast-path to Promise#finally, which skips the "then" lookup of the
Promise#then lookup chain is intact, similar to what we already do for
Promise#catch.
Drive-by-fix: Also use the @@species protector to speed up the lookup
of the SpeciesConstructor in Promise#finally.
Bug: v8:7253
Change-Id: If77e779a0188904effc4528beffc8f0bdd7c2efe
Reviewed-on: https://chromium-review.googlesource.com/902283
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51116}
Use unique pointers in vectors of current and finished profiles.
Change-Id: Ifb78f7d3804e9883062741fd4e4e31109965d501
Reviewed-on: https://chromium-review.googlesource.com/898984
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51113}
Move the nexus.IsUninitialized() check into ExtractReceiverMaps so that
we don't need to duplicate the bailout.
Change-Id: I55bdb9baca22f25f681a7a32f4ec56d599c748c6
Reviewed-on: https://chromium-review.googlesource.com/903169
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51112}
The stack overflow boilerplate has been removed since the Error
refactoring in 2016. These explicit stack space checks can now be
removed in favor of standard Throw semantics.
Change-Id: I8b02b9641ebd01e12d12b8da2454d2d04b65df3d
Reviewed-on: https://chromium-review.googlesource.com/903168
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51111}
MIPS64 requires that each allocated page is aligned to 256 MB.
This is so because we use J instruction for long branches
that are withing a 256 MB block of code.
Change-Id: I1222842a5b8ecfacc0397a744ab464e9a747f8b7
Reviewed-on: https://chromium-review.googlesource.com/901611
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51110}
It turns out that .incbin can be problematic for build systems, in
that the included binary file is not detected as a build-time
dependency.
The alternative is .byte inclusion, which we test here.
Cq-Include-Trybots: luci.v8.try:v8_win64_msvc_compile_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Bug: v8:6666
Change-Id: Ie24f4191db17c920c617987d1bee730208776b91
Reviewed-on: https://chromium-review.googlesource.com/901352
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51109}
The `simpleBind` function exposed by V8 Extras was initially added to
work around the terrible performance of `Function.prototype.bind` at
the time. Nowadays `Function.prototype.bind` is significantly faster
and fully optimized by TurboFan, however, so there’s no need for the
`simpleBind` helper anymore.
Bug: chromium:807522
Change-Id: I1a0456e2aa34f92a3c9a0234a812b660f969d016
Reviewed-on: https://chromium-review.googlesource.com/903164
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51108}
We want to be able to use this from other builtins as well, so move it
to somewhere common.
Also adds typing and cleans up the coding style to match newer CSA code
a bit more. GrowableFixedArray is now a subclass of CodeStubAssembler
to make things easier and cleaner. The growing strategy has also been
slightly changed so that empty arrays can be produced.
Change-Id: I20cbd1069d489a6875804736d3e5abab80d0f777
Reviewed-on: https://chromium-review.googlesource.com/901324
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51107}
The catch prediction logic got confused when we merged the reactions and
result fields of JSPromise, because for settled promises it would start
to treat the result as reactions list, leading to a crash most likely or
memory corruption in the worst case (only if break on uncaught exception
is enabled). We can only inspect reactions when the promise is still in
"pending" state.
Bug: chromium:808973, v8:7253
Change-Id: I15162c96fce959a052fbc628addd9418da39327c
Reviewed-on: https://chromium-review.googlesource.com/903163
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51106}
This adds support for the {i64.const} opcode. Since this makes i64
values show up on the wasm stack, quite some code paths need to handle
them. The {CheckSupportedType} method still returns false for kWasmI64,
which will be changed in a follow-up CL. That requires more changes
since it unlocks more uses of i64, e.g. in loads and stores.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: Ie012d0cd3db001f8693573fd16a3cfafe187009b
Reviewed-on: https://chromium-review.googlesource.com/893319
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51105}
