This assumes that Phi nodes never point to untagged values and
TemporaryRegisters are always general registers.
Bug: v8:7700
Change-Id: I74a6c43ff9f1ba87dd258e90a193f683d666b8ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598883
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80144}
The `set disable-randomization off` command may fail on some platforms,
such as the `rr` debugger. We can just ignore the error and carry on.
Change-Id: I9b8dae183a9852178a3d3411172bf3aef173c995
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602519
Auto-Submit: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80143}
We need to use MachineRepresentation to properly distinguish
the types in compiler::UnallocatedOperand.
Bug: v8:7700
Change-Id: I4273512a00290bb85b09aeb3788643e346be03f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602515
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80140}
For call_direct, feedback (for the first level of inlining) only
records call counts, not the statically-known target. So to be
able to make feedback for potential additional inlining levels
available, the feedback processor must look to the wire bytes
to extract the call targets. Without feedback and hence unknown
call counts, such multi-level inlining would not happen.
Bug: v8:12166
Change-Id: I84ca58019e927a8bf9dad4e4aceddd341f945c04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579105
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80139}
TurboShaft is a new, CFG-based IR for TurboFan.
This CL adds the basic IR and bidirectional translation from/to
TurboFan's sea-of-nodes-based IR for some common operators (still
incomplete even for JS).
Bug: v8:12783
Change-Id: I162fdf10d583a9275a9f655f5b44b888faf813f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563562
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80136}
In Oilpan minor GCs we don't trace the V8 subgraph. The commit
2da23bd5e0 broke it for the concurrent marker case. This CL bails
out from visiting TracedReferences in the concurrent marker visitor,
same as what we do for the mutator marking visitor.
Bug: chromium:1029379
Change-Id: Iabeba11fd3d030e9dc5961a364481a0a7d8b8245
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602520
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80135}
And port commit 5ee6b7a701
Change-Id: Ia43d1d888154ebffcd56d436e6dfa8970eae6583
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600174
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#80132}
- In DeserializeContext, scope info local values
snapshot is in order of `name,value,name,value`,
and we should ReadValue after ReadString.
- Support non-inlined ScopeInfo locals, use
NameToIndexHashTable to serialize and deserialize
scope info local values when its local count is
more than kScopeInfoMaxInlinedLocalNamesSize.
Bug: v8:11525, v8:12820
Change-Id: I6ea2c498b594bed7ba8ca5be6af2ab9f0d39aa2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600531
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80130}
Rolling v8/build: 28bea73..c68def5
Rolling v8/buildtools/linux64: git_revision:1cdd270be9803dbfcdd0343f6104ad4dc30c38ce..git_revision:7c8e511229f0fc06f6250367d51156bb6f578258
Rolling v8/third_party/android_platform: 2760db4..36c1580
Rolling v8/third_party/android_sdk/public: ppQ4TnqDvBHQ3lXx5KPq97egzF5X2FFyOrVHkGmiTMQC..bY55nDqO6FAm6FkGIj09sh2KW9oqAkCGKjYok5nUvBMC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/960c656..88422dc
Rolling v8/third_party/depot_tools: 89ccf4a..dc8ca44
Rolling v8/third_party/zlib: a0906c7..32e65ef
Rolling v8/tools/clang: 4dd2e32..cd131c2R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I41663d5f20246e9b86ef73f0e264b67b390a4a83
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599730
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80129}
These were originally proposed as a part of the fixed-width SIMD
proposal, and were then migrated to the relaxed-simd proposal
which also deems these operations out of scope.
Github issue: https://github.com/WebAssembly/relaxed-simd/issues/4
Bug: v8:12284
Change-Id: I65ceb6dfd25c43cf49bd7ec5b5ecd6b32cc3516a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595970
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80125}
This reverts commit 370cae1d8f.
Reason for revert: Breaking gcc and bazel builds:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20gcc%20-%20builder/1646/overviewhttps://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20bazel%20-%20builder/1714/overview
Original change's description:
> heap: Inline GCTracer::Scope::Name
>
> This is a follow-up to https://crrev.com/c/3581774.
> It inlines method GCTracer::Scope::Name so that the calculation of the
> name of the trace event can be performed at compile time and optimized
> away, at most call sites.
>
> Bug: chromium:1318062
> Change-Id: I483d8fdfcc2c82c2a88d245326f27e7e787979aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602511
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80122}
Bug: chromium:1318062
Change-Id: Ib33472a3a51fa3922a0af4d1c7dbac4b30b0098b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600682
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Owners-Override: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80124}
One of the biggest categories in heap snapshots is named “(system)”,
which gives developers no indication of why all that memory is used or
what they might do to reduce it. In this change, I propose that we
create a new category for Maps, DescriptorArrays, and related objects,
and call this new category “(object shape)” in the devtools. I think
that this category name would be more meaningful, while still grouping
those objects together so that they mostly stay out of the way.
Bug: v8:12769
Doc: https://docs.google.com/document/d/1a-6V_2LIJuRcsppwh6E18g8OSnC9j6gN4ao2gq--BiU
Change-Id: I282a7b87c34ca6ed371ff32f3c7332d794ae42ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3587974
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80123}
This is a follow-up to https://crrev.com/c/3581774.
It inlines method GCTracer::Scope::Name so that the calculation of the
name of the trace event can be performed at compile time and optimized
away, at most call sites.
Bug: chromium:1318062
Change-Id: I483d8fdfcc2c82c2a88d245326f27e7e787979aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602511
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80122}
RegisterFrameState is a container for free registers and values.
It abstracts operations for GeneralRegisters and DoubleRegisters.
It will be used later to call generic functions from the allocator,
depending on the register type needed.
See PrintLiveRegs as an example of function reuse.
Bug: v8:7700
Change-Id: If8e6cdb048c1782ca097d9bc2d810c66f680601a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596127
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80121}
Removes the full Smi handler from LoadField, leaving just the offset.
All other handler-based decisions (inline vs out-of-line, tagged vs.
double) should be done at graph building time and as separate IR nodes.
Bug: v8:7700
Change-Id: I55ba49edba5ef5628d5f30fc6ba60c8774e2ef9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602510
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80120}
Remove PENDING state as handles were always immediately transitioned
into FREE or NEAR_DEATH state.
Bug: v8:12672
Change-Id: I9a9d40b573e862282d41d7a4a3f9c8c8ed21b9e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599473
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80119}
As per https://tc39.es/ecma262/#sec-hostimportmoduledynamically defined,
referencingScriptOrModule in HostImportModuleDynamically can be a Script
Record, a Module Record, or null.
So to https://tc39.es/proposal-shadowrealm/#sec-shadowrealmimportvalue,
the HostImportModuleDynamicallyCallback is been invoked with a `null`
resource_name. This may not be considered a breaking change as the
parameter resource_name is defined as Local<Value>.
Updates d8's DoHostImportModuleDynamically to handle null resource_name,
and resolve the dynamically imported specifier relative to the executing
script's origin. In this way, we have to set ModuleEmbedderData.origin
even if the JavaScript source to be evaluated is Script. Also, a
ModuleEmbedderData is created for each ShadowRealm to separate their
module maps from the initiator context's.
Bug: v8:11989
Change-Id: If70fb140657da4f2dd92eedfcc4515211602aa46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522883
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#80118}
It should delegate to VisitLdaContextSlot.
Bug: v8:7700
Change-Id: I1591594648cfb038abccabb46a20c1b0c23b07a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602512
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80117}
- Introduces an array of RegisterStates for double registers
- Adds two functions to iterate over the arrays
We will be able to call the ForEach functions using a templated lambda
for RegisterBase<T>.
Bug: v8:7700
Change-Id: I7ef86917d9377933a4bc3456e30de3e4ec547f65
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596122
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80116}
Using this flag has led to several duplicate issues. We need to stop
using the flag for a while until the issues are investigated.
Potentially these are all false positives.
No-Try: true
Bug: chromium:1317880
Change-Id: I09f4e1c642befc3a8f5b88c2eb003931dc112826
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602508
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80114}
Result of `and` is stored in cr0.
Change-Id: I113ff7ceb9412d2f1f8ffdd58397123603b5818a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600550
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80113}
This CL extends GetIterator to check whether the result of
calling @@iterator is JSReceiver and throw SymbolIteratorInvalid
if it's not JSReceiver.
GetIterator bytecode involves 3 steps now:
- method = GetMethod(obj, @@iterator)
- iterator = Call(method, obj)
- if(!IsJSReceiver(iterator)) throw SymbolIteratorInvalid [Added]
New Builtin: CallIteratorWithFeedbackLazyDeoptContinuation, which
is used when lazy deopt is triggered by call @@iterator.
Related spec: https://tc39.es/ecma262/#sec-getiterator.
Related doc: https://docs.google.com/document/d/1s67HC2f-4zxA_s1Bmm7dfwMFv_KDUfMiWIKkNSeQNKw/edit#heading=h.kdzv8mq4g4ks.
Bug: v8:9489
Change-Id: I17952c0f3e24e1e600ee1348809fb188c2c70f8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563447
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80112}
There is currently a bug in docker where fstat may not
return the correct device id and as a result a check under
`OS::RemapPages, stat_buf.st_dev != enclosing_region.dev`
fails, details on the bug:
https://github.com/moby/moby/issues/43512
Platform specific page sizes are also defined for kMaxPageSize
to fix compilation errors.
Change-Id: I026609329aa6432eda4f1880a0f586c0c2162461
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3601211
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80111}
This reverts commit 267b962d23.
Reason for revert: Flake turned out to not be reproducible: https://ci.chromium.org/ui/p/v8/builders/try.triggered/v8_flako/b8816185753319345009/overview
Original change's description:
> Revert "[base/platform] Simplify fast TLS on macOS"
>
> This reverts commit 9cdee4f418.
>
> Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20-%20debug/38658/overview
>
> Original change's description:
> > [base/platform] Simplify fast TLS on macOS
> >
> > Since the TLS offset is constant across all supported OS releases, we
> > no longer need to adjust it, nor to read it at runtime. This also aligns
> > the code in V8 with what is done in Chromium.
> >
> > Change-Id: I0f3c54da39a776406083c897de888f06c61852b8
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599481
> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> > Commit-Queue: Benoit Lize <lizeb@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#80106}
>
> Change-Id: Ie6371c2ad12ed6f63be51b819083a7c0c4e22751
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602502
> Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Owners-Override: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80108}
Change-Id: I6c50a568751a3892b82fe2dce6fe940fce293b3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602503
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Owners-Override: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80110}
This reverts commit 9cdee4f418.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20-%20debug/38658/overview
Original change's description:
> [base/platform] Simplify fast TLS on macOS
>
> Since the TLS offset is constant across all supported OS releases, we
> no longer need to adjust it, nor to read it at runtime. This also aligns
> the code in V8 with what is done in Chromium.
>
> Change-Id: I0f3c54da39a776406083c897de888f06c61852b8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599481
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Benoit Lize <lizeb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80106}
Change-Id: Ie6371c2ad12ed6f63be51b819083a7c0c4e22751
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602502
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Owners-Override: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80108}
Since the TLS offset is constant across all supported OS releases, we
no longer need to adjust it, nor to read it at runtime. This also aligns
the code in V8 with what is done in Chromium.
Change-Id: I0f3c54da39a776406083c897de888f06c61852b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599481
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Benoit Lize <lizeb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80106}
Bazel bot is red due to ICU problem.
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20bazel%20-%20builder
Temporarily compiling V8 without ICU until the problem is solved.
Change-Id: I98b9ce9ca445d100896c43ae24d5fa73463cdfbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598884
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80105}
should using scratch register to hold intermediate result.
Change-Id: I08e2236fd0a491398ffaa15c4fd9ae3d0e9ef535
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596441
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#80103}
