This CL simplifies the API calls by removing some instructions from
the most common path.
Bug: v8:11880
Change-Id: Id8a62c35af51947ad2c152e093346d03c8e2f508
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3855039
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82718}
Add static asserts that we only use specific types for flag values.
Also, document that string values are not be frozen yet, and add TODOs
to fix that.
R=cbruni@chromium.org
Bug: v8:12887
Change-Id: I7367108810f0c6463509f744c5cefd9392c469fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852487
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82714}
This reverts commit d84b4664fa.
Reason for revert: Fails "Mutable Constants" check on android-binary-size: https://ci.chromium.org/ui/p/chromium/builders/try/android-binary-size/1211670/overview
For details about this check, see https://chromium.googlesource.com/chromium/src/+/main/docs/speed/binary_size/android_binary_size_trybot.md#Mutable-Constants
Original change's description:
> [flags] Rename v8_flags to FLAGS
>
> Team members expressed concerns that "v8_flags" is easier to miss in the
> code than the previous "FLAG_" syntax. After a poll and discussions we
> decided to rename the struct to "FLAGS", so the new syntax for
> addressing flag values is "FLAGS.foo" instead of the previous
> "FLAG_foo".
>
> R=cbruni@chromium.org
> CC=jkummerow@chromium.org
>
> Bug: v8:12887
> Change-Id: I51af4aa7fd5a3b3c29310c0cb4c4ff42086ff012
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854508
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82701}
Bug: v8:12887
Change-Id: I75516a0be9bc475afa2bbaa96a05e8a9b5be9be7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3855936
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82711}
Resident set size may be smaller than the recorded size in
StatsCollector due to discarded memory.
Change-Id: I7e052fc4412afc64dc1ed5be6ed7dc9271e6f9d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3855204
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82709}
Computation of this constant should obviously use kMaximumReprSizeLog2.
It's unclear if this could have caused observable misbehavior.
Change-Id: Iafdcbeb77d582f5f4e4aad07581377b74bb776c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854316
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82706}
When walking the stack and visiting compressed spill slots, maintain
their compressedness so that generated code can rely on spilled values
not magically changing.
Tested manually using the benchmark in the associated bug, as I'm not
sure how to create a fast, reliable regression test for this.
Fixed: v8:13216
Change-Id: Iebd1fb513975d9ee2567f7141f3ab18a04b0f4e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854507
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82705}
When we spill a register that we know contains only 32 interesting bits
and then reload it from the spill slot, it's enough to reload its lower
half. This may save a few bytes, and guards against accidental changes
to the upper half (e.g. via pointer decompression).
Bug: v8:13216
Change-Id: I1d950d6e33d8ae94cf385af4f3e1db028bf333c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854506
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82704}
Many tests have a long execution time already, and running them in
stress mode is unlikely to flush out bugs (spec tests are supposed to
check for spec-conform behaviour, and this is unlikely to change if run
multiple times).
R=jkummerow@chromium.org
Bug: v8:13195
Change-Id: I029102e31f1e2e240e02376fbd5cd40ff0acc07a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852488
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82703}
On arm, SIMD registers alias with pairs of double registers. When
deciding where to allocate the parameter values, we expect to see
all register-passed parameters before all stack-passed parameters;
but due to s128 and f64 params being arbitrarily interleaved this
doesn't always hold.
This patch fixes that by first finding all registers used for
parameters, and then blocking these when allocating registers
for other parameters.
Fixed: chromium:1355070
Change-Id: I20deace58b960a9d1a5e3b794c46011f8f31b333
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854497
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82702}
Team members expressed concerns that "v8_flags" is easier to miss in the
code than the previous "FLAG_" syntax. After a poll and discussions we
decided to rename the struct to "FLAGS", so the new syntax for
addressing flag values is "FLAGS.foo" instead of the previous
"FLAG_foo".
R=cbruni@chromium.orgCC=jkummerow@chromium.org
Bug: v8:12887
Change-Id: I51af4aa7fd5a3b3c29310c0cb4c4ff42086ff012
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854508
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82701}
Since the function entry stack check happens outside of the IR, the
standard register spilling mechanisms don't kick in and registers that
expect to be valid might be clobbered.
The only such case is, in fact, the new.target register, so make sure
it is preserved across the stack check.
R=jgruber@chromium.org
Bug: v8:7700
Change-Id: I530b6af882ca188b0e3c7da752f810506f3340a0
Fixed: v8:13226, chromium:1356082
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852389
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82700}
This reverts commit aa541f1c9c.
Reason for revert: Reverting due to large regressions for motionmark on M1.
Original change's description:
> [turbofan][arm64] Emit Lsl for Int32MulWithOverflow when possible
>
> Int32MulWithOverflow on arm64 uses a cmp to set flags rather than
> the multiply instruction itself, thus we can use a left shift when
> the multiplication is by a power of two.
>
> This provides 0.15% for Speedometer2 on a Neoverse-N1 machine,
> with React being improved by 0.45%.
>
> Change-Id: Ic8db42ecc7cb14cf1ac7bbbeab0e9d8359104351
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829472
> Commit-Queue: George Wort <george.wort@arm.com>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82499}
Change-Id: I896530a53fbdf6d397922124abddda4140144448
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854222
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: George Wort <george.wort@arm.com>
Cr-Commit-Position: refs/heads/main@{#82696}
This CL adds a soft limit (via AllocationObserver) to run
incremental marking for MinorMC.
Once the soft limit is triggered, roots are marked.
This a stepping stone for concurrent marking
(YoungGenerationConcurrentMarkingVisitor, go/YGCMV) integration.
Bug: v8:13012
Change-Id: I5bc9aeb80511159561845deb494023ade3fb7365
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824339
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#82695}
Objects in the from page could be promoted into the shared heap as
well. While this shouldn't happen for references into evacuation
candidates, I think it's easier to understand when there is a single
conditional branch at the end.
Bug: v8:13227, v8:11708
Change-Id: I999f10228ed5fdd70675a6d9c1e178eb152f39f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854502
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82694}
This is a reland of commit 2115ba5053.
Adds flags to allow overriding marking support. This adds
compatibility with EmbedderHeapTracer which allows for disabling
incremental marking support with `--no-incremental-marking-wrappers`.
The corresponding CppHeap flags are
* `--cppheap-incremental-marking`
* `--cppheap-concurrent-marking`
This allows embedders that use types that do not support incremental
and concurrent marking to switch from EmbedderHeapTracer to CppHeap.
Bug: v8:13207
Change-Id: I43a47d7d035bff5d4b437c5bf01336a895b61217
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3851543
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82693}
The StructProxy::Create() used the static type information to inspect
the value. However, for abstract references like anyref, dataref, ...
this does not contain the required struct_index.
To fix this the WasmTypeInfo stores the type_index for structs and
arrays.
Bug: v8:7748
Change-Id: I6e1af054711ada5e12c08949c125007e8185e486
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850296
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82691}
Concurrent markers could add work into the worklist before the CHECK.
Bug: v8:12775, v8:13223
Change-Id: I8ac252b0fec8e5acbcfec56dad04830e596c709d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854496
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82690}
This is a reland of commit b3a27f22cd.
Conditions needed to be switched to still ensure eager compilation
of tiered-down modules (otherwise an existing test would fail).
I opened https://crbug.com/v8/13224 to switch to lazy compilation
for tier-down.
Original change's description:
> Reland "[wasm] Refactor compilation tier computations"
>
> This is a reland of commit e50472d6a3.
> In {ApplyCompilationHintToInitialProgress} we would reset the baseline
> tier to {kNone} if the compilation strategy is {kDefault}, which is
> wrong. We would not generate code but also not install the lazy stub,
> so whenever we start executing the code before top-tier is ready we
> would crash.
>
> Original change's description:
> > [wasm] Refactor compilation tier computations
> >
> > The way we initialized the "compilation progress" was pretty convoluted,
> > with multiple levels of functions being called for initializing every
> > single slot.
> >
> > This CL refactors this to compute one default value for the whole
> > module, and only modifies those slots that need special handling (e.g.
> > because of compilation hints, or lazy/eager compilation after
> > deserialization).
> >
> > We also rename "liftoff_functions" to "eager_functions" in the
> > deserialization path; the idea is that those functions should get
> > eagerly compiled because we expect them to be needed during execution.
> > Usually they would be Liftoff-compiled, but it's more consistent to use
> > the existing logic to choose the baseline tier. In the default
> > configuration, this will still use Liftoff, but if Liftoff is disabled
> > we will use TurboFan instead.
> >
> > R=jkummerow@chromium.org, ahaas@chromium.org
> >
> > Bug: v8:12425
> > Change-Id: Ie58840b19efd0b1e98f1b02d5f1d4369410ed8e1
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829606
> > Commit-Queue: Clemens Backes <clemensb@chromium.org>
> > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#82521}
>
> Bug: v8:12425
> Change-Id: Ie41e63148bf6bd0e38fc07a3a514f1094d9d26cf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3838409
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82585}
Bug: v8:12425, v8:13224
Change-Id: I7da418a393cd470cfbe368f12b30a045b1bf9dcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850841
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82688}
.. to track how often OSR is used in the real world.
Chromium CL: crrev.com/c/3853648
Bug: v8:13228
Change-Id: I9aee2eefb8a7b479e6ade403f46bfd7eac9ac5cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852388
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82685}
This is a reland of commit abd0adf106
Original change's description:
> [compiler] Make ReduceWord32EqualForConstantRhs work for Word64Equal
>
> Adds reduction case in MachineOperatorReducer for when the left-hand side of a
> Word64Equals is based on a 64-bit shift-and-mask operation, as is the case
> when Torque accesses 64-bit bitfields.
>
> This improves Speedometer2 by 0.15% on a Neoverse-N1 machine, with
> React-Redux being improved by 0.4%.
>
> Change-Id: Icd0451c00c1b25f7d370e81bddcfd668a5b2523c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3834027
> Commit-Queue: George Wort <george.wort@arm.com>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82593}
Change-Id: I62393c062b2c785a5dfa3500b80fe44ec08f6f21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3841569
Commit-Queue: George Wort <george.wort@arm.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82684}
Users should rely on CppHeap which is the only supported way of using
v8::TracedReference in going forward.
Bug: v8:13207
Change-Id: Idd03f458167c74b06f285bb568e5c77ad46003fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3849037
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82681}
All (most) accesses to start_of_evacuation_area_ must be atomic as that
value may be written to from a background marking thread (when
compaction is aborted). Further, when evacuating entries, the
start_of_evacuation_area_ should not be reloaded during entry allocation
as it may have been modified by another background thread. In that case,
the method may end up allocating an evacuation entry _after_ the entry
to be evacuated, which doesn't make sense.
Drive-by: move some methods from external-pointer-table-inl.h into
external-pointer-table.cc.
Bug: v8:10391
Change-Id: Ia93cffb2cc311ef03d96d3a9ae6f0cf461cf2434
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3849376
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82679}
This CL introduces new FixedArray subclasses that behave like
fixed-sized arrays of integers. Under the hood, these are just
ByteArrays with integer element accessors.
These new classes will be used in follow-up CLs which moves various
integer arrays from the native heap onto the V8 heap.
Bug: chromium:1335046
Change-Id: Ie7497b4464c1a037e4eaf49e8bf7ac4da62512de
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3838775
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82678}
When a NativeContext is being serialized, the NativeContext's
microtask_queue is set to nullptr as it is not included in the snapshot.
However, when the sandbox is enabled, this will only set the pointer in
the external pointer table to nullptr, but not the handle stored in the
object. This then causes the deserialized object to briefly be invalid,
before it's microtask queue handle is (re-)initialized. If a GC runs
during that timeframe, it will see an invalid external pointer handle,
which may cause DCHECK failures.
To fix this, this CL now introduces a generic mechanism for clearing and
restoring external pointer slots for serialization.
Bug: v8:13218
Change-Id: I03c8779bbec0a42a0b66687e76c951b1887e6122
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850294
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82677}
Post-early-errors, syntax errors can't be caught, so the testcase has
to be modified so that we parse successfully (then overflow the stack).
Bug: v8:13163
Change-Id: I894c65bb4712f557d697b028b220444ccf6bb09c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3818602
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82676}
This reverts commit 2115ba5053.
Reason for revert: Breaking Blink tests.
Original change's description:
> [cppgc-js] Allow overriding marking support
>
> Adds flags to allow overriding marking support. This adds
> compatibility with EmbedderHeapTracer which allows for disabling
> incremental marking support with `--no-incremental-marking-wrappers`.
>
> The corresponding CppHeap flags are
> * `--cppheap-incremental-marking`
> * `--cppheap-concurrent-marking`
>
> This allows embedders that use types that do not support incremental
> and concurrent marking to switch from EmbedderHeapTracer to CppHeap.
>
> Bug: v8:13207
> Change-Id: I74bdf8ef4be3f6aed8d4d587ea4399546ba2fda4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3840939
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82652}
Bug: v8:13207
Change-Id: I9e0de0cacfab8489902fef1c371e36c2d45b80ec
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850723
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82671}
This can save memory in cases where multiple frames use the same script,
with sufficient time between loads that the script's top-level
SharedFunctionInfo is no longer present in the compilation cache.
Merging is relatively fast; it generally takes about one tenth as long
as deserialization.
Bug: v8:12808
Change-Id: I317a89b77fb218798dfc9dfd888e808b17d62fdd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3845792
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#82670}
