Slightly lowers the interrupt budget for Turboprop and increases the
interrupt budget scaling factor for TurboFan. This gives the best
balance between benchmark performance and reducing optimization
overhead.
BUG=v8:9684
Change-Id: I6d555fb27d089bc8a6849612a4e02b2155020d85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026713
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75764}
This CL fixes the behaviour of String.prototype.startsWith when
undefined is passed as the search term. It also implements a small
shorthand when the search term is empty (according to the spec).
Bug: v8:11977
Change-Id: Iec2aa5f4301fcf444f20d5c1a80d3f634624d6f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035089
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75763}
Convert Low I32x4 (S/U) to FP is changed to use
`Round to nearest with ties to even` which is used by ConvertI32x4
as well as the scalar variant ConvertIntToFloat.
Change-Id: Idcb235bdf7fcd43304af785713a4988986db3544
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032262
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75762}
So far this kind was used only when concurrent inlining was enabled.
With this CL we always use it (for the corresponding objects).
This change has probably little effect but is one step towards the
"final" configuration.
Bug: v8:7790
Change-Id: Id56908382b2cd57e2f85246c814fb58aaea6b3c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030712
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75759}
Use the map for both objects with 0 requested properties and the number
of inobject properties it has (4 currently) to share maptrees.
Change-Id: Ie4859d44bed39effff864d54e7d416b13898c7d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035081
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75757}
This CL adds TypedArrays as supported arguments for fast API calls.
It implements "exact type" matching, i.e. if Float32Array is expected
and e.g. Int32Array is passed instead, the generated code bails to the
slow callback.
Bug: chromium:1052746, chromium:1018624
Change-Id: I01d4e681d2b367cbb57b06effcb591c090a23295
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2999094
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75756}
When the FFT multiplication algorithm invokes itself for the
recursive steps, the input is "mod Fn"-normalized, i.e. it is
at most of the shape (1 << N), but we only read N bits of it,
so in the rare case where it was exactly 1 << N, that lone top
bit was ignored, leading to an incorrect result of the overall
multiplication.
Fixed: chromium:1228267
Change-Id: I7b245fc3701696d95e5d75fb970f02d72ce40ff8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032081
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75755}
vlr is placed in the middle since second input
could be the same as dst register and this avoids overwriting it.
Change-Id: Ifb6c2157d4bc5c3d83fda118b53b4f960291436a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027226
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75753}
Just like many other operations implemented in elements.cc, copyWithin
also needs to use relaxed atomics if operating on a shared array buffer
to avoid races with other threads.
Since the ranges can overlap, this CL also adds a {Relaxed_Memmove}
function that either copies forwards (like {Relaxed_Memcpy}) or
backwards depending on the ordering of source and destination.
R=leszeks@chromium.org
Bug: chromium:1221035
Change-Id: I76b7e43810ac9b85f4ff9abbc5a0406618771c25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032084
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75752}
This CL fixes the syntax of an entry in variants.py for stress_snapshot
(which got introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/3024147).
Change-Id: I8e25ce26d546a022dbf9c038719f3e7cfac1d250
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031898
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75748}
Unfortunately GN check does not detect missing dependencies for headers
that don't appear in any build rule, so it failed to report that these
headers are not referenced at all.
Bug: v8:7330
Change-Id: I5d11467f322e5497f2d952f734bc69ccf0896bfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032082
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75744}
Dividing by first computing a multiplicative inverse is faster than
Burnikel-Ziegler division for very large inputs.
Bug: v8:11515
Change-Id: Ice45690c3fa4eef7102d418cdd3d82a942a076c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3015573
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75743}
This checks if we have emitted the correct constant. If for wherever
reason we grow the assembler buffer and fall back to off-heap
compilation, we must ensure that we have in the buffer a pointer to the
object handle (or the index in embedded_objects_ for arm64).
Bug: v8:11872
Change-Id: If989727206f8ee0fd0035307d2dadc8424676b2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030708
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75741}
... in FixedArrayBaseData's constructor. Also make get/TryGet check
if right-trimming happened (at the moment these methods are used such
that it can't happen yet).
Bug: v8:7790, v8:11956
Change-Id: I6bd23426b26bb7115c9d0f190eb4be04149368fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3018087
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75740}
This removes the low-level {SwitchMemoryPermissionsToWritable()} and
{SwitchMemoryPermissionsToExecutable()} functions. They are only used in
tests and can be replaced by {CodeSpaceWriteScope} objects that we also
use in production.
R=jkummerow@chromium.org
Change-Id: I7ba702c836f3ac2dd7c7a81d6362040b28e8bef4
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024150
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75739}
- Initial implementation of Array.concat on Torque.
- Adds fast paths for `[].concat()` and `x.concat()`, these are now
as fast as `[...x]` and `x.slice()` for non-optimised code.
Bug: v8:7152
Change-Id: I86ca15e4e1e67f53424ef0c8bb7eea12d7e660b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026716
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75737}
The order of the enum values is important for the BreakLocation
predicates. This wasn't an issue so far, since the DEBUG_BREAK_AT_ENTRY
case is anyways treated separately, but for the future I've added a
comment and fixed the order.
Drive-by-fix: Remove the useless `inline` markers on the predicates.
Bug: chromium:1162229, chromium:700516
Change-Id: I05653ac9b5ea225e30c5c2beeff809b8848c2ec7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026712
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75736}
The files src/base/v8-fallthrough.h, src/heap/cppgc/globals.h and
src/heap/cppgc/visitor.h were missing from BUILD.gn. This adds them and
modified the dependencies to make them visible.
Bug: v8:7330
Change-Id: I2be336697d50dd5623c0fc22637c8ab4b184ae39
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028384
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75735}
Use a mutex guard when the unprotection is triggered from a compaction
space in which case it is actually parallel.
Main-thread only unprotection does not require acquiring the mutex.
The list itself is only used from the main thread and thus the actual
process does not require a mutex.
The issue was introduced in https://crrev.com/c/2966382
Bug: v8:11982
Change-Id: I593c0659eb5a96c8206d0b4014f07ab13827be85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026705
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75734}
We had two implementations of a thread-local counter for the number of
writers: One in {CodeSpaceWriteScope} and one in
{WasmCodeManager::SetThreadWritable}. This CL removes the latter, and
uses the counter in {CodeSpaceWriteScope} for all implementations.
R=jkummerow@chromium.org
Bug: v8:11974
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng
Change-Id: I683131296c6106a2b12986942bb18e6c0e716612
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024148
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75733}
Rolling v8/build: 2d99938..a0ffb5c
Rolling v8/buildtools/third_party/libc++abi/trunk: 6803464..bb27865
Rolling v8/buildtools/third_party/libunwind/trunk: a5feaf6..333cca2
Rolling v8/third_party/aemu-linux-x64: m4sM10idq7LeFHXpoLKLBtaOZsQzuj63Usa3Cl9af1YC..LVzqlcQA3SZ_in57BIRK96jsF2AlRnyVHndAywtOCA8C
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2814ff3..f61fac0
Rolling v8/third_party/instrumented_libraries: 4ae2535..9a8087b
Rolling v8/tools/clang: 9d0a403..9ae36fe
Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f
Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f
Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: Ic5336234ae14fd3dcab93b94f433ba1cf1ee76a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027047
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75730}
Change-Id: I9b0f746e68924d22bdd2c0f693a9b0e8b078a4f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026035
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Jing Bao <jing.bao@intel.com>
Cr-Commit-Position: refs/heads/master@{#75729}
This test is only testing a d8-specific feature, so there's no need to
test it under a wide variety of conditions. And at the moment its
flakiness in the arm64/debug/simulator config are blocking the v8 roll.
Change-Id: I35456989f7875331a415ca3ff478c67a8e7e79bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027743
Commit-Queue: Adam Klein <adamk@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Auto-Submit: Adam Klein <adamk@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75728}
Bug: v8:11985
Change-Id: I2d9cd602d9ef2491f0a757773bd4b110b03a064d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028381
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75727}
This reverts commit 0b091e9bd3.
Reason for revert: Causes Web Platform Test failures, blocking roll
E.g., https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux/12616/overview
Original change's description:
> [wasm][eh] Rename Exception to Tag in the JS API
>
> See:
> https://github.com/WebAssembly/exception-handling/issues/159
>
> This change only does the rename where it's observable. This should also
> be renamed throughout the codebase for consistency and will be done
> separately.
>
> R=ahaas@chromium.org
>
> Bug: v8:8091
> Change-Id: Iec1118194981dfd33be6e30256b6e72d12143e1f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021172
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75718}
Bug: v8:8091
Change-Id: Id2067e1cdc33fa657ef738ef5fafad84057f7209
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027261
Auto-Submit: Adam Klein <adamk@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75725}
Previously we had passed kOnEntryBreakpointPosition as a marker through
the regular SetBreakPointForScript() logic and handled that specially in
WasmScript, however this instrumentation breakpoint is special and gets
in the way of returning more information about a regular breakpoint in
case of crbug.com/700516, so I decided to just isolate that into it's
own method, especially since the only user already special-cases Wasm
anyways.
Bug: chromium:1162229, chromium:700516
Change-Id: Ie7966c1701365a4b03710d6dc32cc8278577ee3a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026711
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75724}
This CL includes the following changes:
- Avoid using `UniqueRegister` as much as possible
- Try to group opcodes under Binary or Unary when possible
Separate selectors are added to use `UniqueRegister` when necessary
mainly when `Temp` registers are used. This is to make sure temp, dst
and src registers are allocated differently and cannot be overwritten
during codegen.
Some codegen ops had to also be modified to avoid using `Temp`
registers.
Change-Id: I4d5bdec58cb4874e7c3d344091cde8c8a9a4d01b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024149
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75723}
If the debugger is disabled for an isolate, we first remove all
breakpoints for that isolate, and then tier up the module (if there is
no other isolate that keeps it tiered down).
During the first step, functions might get recompiled since the
set breakpoints change. This is not needed in case we will tier-up the
module afterwards anyway. It also triggers a DCHECK if we reinstall
debugging code even though the module is already marked "tiered up".
This CL avoids the installation of debugging if the module is not tiered
down, and also slightly modified the condition for installing new code
when tiered-up (to allow overwriting debugging code with non-debugging
code even if it's the same tier).
R=thibaudm@chromium.org
Bug: chromium:1228628
Change-Id: I83828d4186e299f779a858006eafa3dbc7966c35
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026707
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75722}
JSHeapBroker::ReadFeedbackForCall() - it may be that the JSFunction
we read in the feedback vector hasn't been store-ordered and is
therefore unsafe to read. Therefore, we need to call the gc
predicate to ensure safety.
JSFunctionRef::feedback_vector() & raw_feedback_cell() - I was able
to remove the TODO warning about uninitialized data visible from
a direct read of these fields from the background. This is because
we either store-order into those fields, or rely on a prior
store-ordering. Additionally, FeedbackVectorRef and FeedbackCellRef
are never-serialized objects, so their first encounter on the
background thread is fine (we don't need to have seen and
serialized them on the main thread first).
Bug: v8:7790
Change-Id: I9cd19999e70fadcf62778dac2b0f679966a4a53f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026708
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75720}
.. and the corresponding map cache.
This cache was only used for CreateArray reductions, thus we mostly
expect to see unmodified JSArray initial maps. These are already
accessible from the native context and don't need to be cached
separately.
We may also see initial maps for custom JSArray subclasses. New map
allocation may be necessary in this case if the requested elements
kind differs from that of the current given initial map. Since we
can't (easily) allocate on the background thread, we skip the
optimization starting with this CL.
Bug: v8:7790
Change-Id: Ib8d81094e1572f49eda18e9ec485d317cec62473
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021175
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75719}
Also, copying hints can be removed from literals. Shallow
copying wasn't used for some time, because of the
way we treat mutable heap numbers.
Change-Id: Ieeba44a9f8e80c4183af8f4751f68dd3a542532e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009230
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75717}
This avoids a DCHECK failure if we continue using the Assembler after
code generation abortion. Even though it might not be the best style to
still call methods on the Assembler after abortion, it's not a problem
apart from the firing DCHECK, so we apply this simple fix instead of
making sure to really abort everything immediately.
R=leszeks@chromium.org
Bug: chromium:1228720, chromium:1217074
Change-Id: Iac3a652f21e34534dd28fb1ab580ab2ee6df06dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024157
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75716}
This is a reland of dcdaf42fa8. It adds
CPU time metrics to the WasmModuleDecoded (except for streaming),
WasmModuleCompiled and WasmModuleTieredUp events. This can later be used
to provide this information as UKMs or UMAs.
Bug: v8:11611
Change-Id: I813fc8de36d1445c6a887abf496ec10e1a803815
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953296
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75715}