Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.
This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js
R=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2045263002
Cr-Commit-Position: refs/heads/master@{#37134}
We need to trim the graph before we execute the MemoryOptimizer, because
that just walks the effect chain from Start to End and cannot deal with
dead nodes in the use lists.
R=jarin@chromium.org
BUG=chromium:614292
Review-Url: https://codereview.chromium.org/2080703003
Cr-Commit-Position: refs/heads/master@{#37133}
Base the fast-path in AdjustAmountOfExternalMemory on a value + limit. To
preserve the behavior the limit is just set using kExternalAllocationLimit.
Redo naming of related members.
R=jochen@chromium.org
BUG=chromium:621829
LOG=N
Review-Url: https://codereview.chromium.org/2085893002
Cr-Commit-Position: refs/heads/master@{#37131}
While the EcmaScript specification doesn't define precise values for the
Math constants or the Math functions, we should at least ensure that the
values of the constants and the functions agree, i.e. Math.E should be
exactly the same value as Math.exp(1).
Also make sure that Math.exp(1) returns the expected value; we should
revisit the fdlibm algorithm and figure out why it's wrong in the last
bit.
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=chromium:626111,v8:3266,v8:3468,v8:3493,v8:5086,v8:5108
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2079233005
Cr-Commit-Position: refs/heads/master@{#37128}
port 757221e574ecba543a65f4822c083aa860e030eb(r36876)
original commit message:
Neither globals nor lookup slots can be hole-initialized anymore, thus
removing some dead code from the code generators and runtime-scopes.
BUG=
Review-Url: https://codereview.chromium.org/2086813002
Cr-Commit-Position: refs/heads/master@{#37127}
Yanking out in an effort to reduce dependencies. We probably want to
separate codegen into instance-specific and module-generic purpose -
eventually.
BUG=
Review-Url: https://codereview.chromium.org/2085863003
Cr-Commit-Position: refs/heads/master@{#37126}
port 406146ff5ca274265ee704d73a00c8a8127f75c6(r36870)
original commit message:
This makes sure we do not compile ToNumber stub on demand. This makes it
easier to use during concurrent compilation.
BUG=
Review-Url: https://codereview.chromium.org/2088633003
Cr-Commit-Position: refs/heads/master@{#37125}
port 40b5c1d41f7da58411d5538f26cc736d2f40abe0(r36842)
original commit message:
BUG=
Review-Url: https://codereview.chromium.org/2080873003
Cr-Commit-Position: refs/heads/master@{#37124}
port 3cfcc7e111 (r36786)
original commit message:
It may be that we have a feedback vector, but no literals. In this case
we can store into the OptimizedCodeMap directly instead of using a WeakCell,
because all data in the feedback vector is already held weakly.
The use of a WeakCell in the OptimizedCodeMap is only required when
there are literals which may hold maps strongly.
This is to address a performance regression caused by the creation of
a large number of WeakCells.
BUG=
Review-Url: https://codereview.chromium.org/2081663004
Cr-Commit-Position: refs/heads/master@{#37123}
Rolling v8/build to 7580e8854eb309008f00f115ea0adb13dac454a4
Rolling v8/buildtools to 4dcb5ed1079e7a527061925637b8cc627e289e82
Rolling v8/tools/clang to ea64c667cd841b2c3268bd7dfd223269f3ea23ba
Rolling v8/tools/gyp to 35eafcd939515d51d19556c543f9cf97faf75ee6
Rolling v8/tools/mb to 8b4a59c463a697a3e418c28e85f534e87337ba7f
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2078333005
Cr-Commit-Position: refs/heads/master@{#37121}
When separating compile from instantiation, I accidentally elided size
reporting for wasm functions. This change fixes that (verified with
re-running benchmarks), and also consolidates the responsibility of
size reporting within the instantiation method, away from the various
compile phases.
We should probably rethink this reporting when we move wasm codegen
off the JS Heap, if the wasm module code ends up being shared.
BUG=
Review-Url: https://codereview.chromium.org/2079353002
Cr-Commit-Position: refs/heads/master@{#37120}
Port cbc6adc86c
Original commit message:
Runtime_DeclareLookupSlot is used when generating code for var and function declarations
originating in an eval. Over time, it's accumulated quite a bit of cruft, which this CL removes:
- With legacy const gone, lookup slots never have any property attributes.
- There was a bit signaling that the variable was from an eval, but that was redundant since
DeclareLookupSlot is only used for eval.
- Some Proxy-related code didn't make sense here.
Its name was also not terribly clear: while "LookupSlot" is used in several places, this
particular function is only used for declaring variables and functions inside sloppy eval.
Renamed (and split into two) to make this clear for future archeologists.
Also added various DCHECKs to check the assumptions being made.
R=adamk@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2085623003
Cr-Commit-Position: refs/heads/master@{#37117}
Port c1d01aea11
Original commit message:
Compilation of wasm functions happens before instantiation. Imports are linked afterwards, at instantiation time. Globals and memory are also
allocated and then tied in via relocation at instantiation time.
This paves the way for implementing Wasm.compile, a prerequisite to
offering the compiled code serialization feature.
Currently, the WasmModule::Compile method just returns a fixed array
containing the code objects. More appropriate modeling of the compiled module to come.
Opportunistically centralized the logic on how to update memory
references, size, and globals, since that logic is the exact same on each
architecture, except for the actual storing of values back in the
instruction stream.
R=mtrofin@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=v8:5072
LOG=N
Review-Url: https://codereview.chromium.org/2087453002
Cr-Commit-Position: refs/heads/master@{#37116}
Port c87168bc8c
Original commit message:
Import base::ieee754::tan() from fdlibm and introduce Float64Tan TurboFan
operator based on that, similar to what we do for Float64Cos and Float64Sin.
Rewrite Math.tan() as TurboFan builtin and use those operators to also
inline Math.tan() into optimized TurboFan functions.
Drive-by-fix: Kill the %_ConstructDouble intrinsics, and provide only
the %ConstructDouble runtime entry for writing tests.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=v8:5086,v8:5126
LOG=N
Review-Url: https://codereview.chromium.org/2080303002
Cr-Commit-Position: refs/heads/master@{#37115}
This brings some more flags in line with the GYP build on Windows. In particular, this ads the SSE2 flag on x86, and the stack linker flag on x64.
Review-Url: https://codereview.chromium.org/2077173002
Cr-Commit-Position: refs/heads/master@{#37114}
Reason for revert:
MIPS compilation error.
Original issue's description:
> Refactor CpuProfiler.
>
> Currently CpuProfiler is a subclass of CodeEventListener, it listens code events
> from Logger, constructs and stores CodeEventsContainer. This patch is part of
> the effort to split the logic of CodeEventListener as ProfilerListener out of
> the profiling functionality logic in CpuProfiler. A ProfilerListener will listen
> to code events, construct code event to CodeEventsContainer and pass it to code
> event handler.
>
> The reason we refactor CpuProfiler is that eventually we want to move
> CpuProfiler as part of sampler library and code event listener should stay
> inside V8.
>
> Main changes:
> 1. Refactored CpuProfiler into two parts, the CpuProfiler with profling
> functionality and the ProfilerListener listening to code events from Logger.
> 2. Created CodeEventObserver and made CpuProfiler inherit from it.
> ProfilerListener will have a list of observers and call CodeEventHandler once a
> code event is created.
> 3. Moved code entry list from CodeEntry to ProfilerListener.
>
> Minor changes:
> 1. Moved static code entry as part of CodeEntry.
> 2. Added ProfilerListener to Logger.
>
> BUG=v8:4789
>
> Committed: https://crrev.com/cb59fc1facc9b390e2c7544b4da56a4e0a9b3222
> Cr-Commit-Position: refs/heads/master@{#37112}
TBR=alph@chromium.org,jochen@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4789
Review-Url: https://codereview.chromium.org/2079273003
Cr-Commit-Position: refs/heads/master@{#37113}
Currently CpuProfiler is a subclass of CodeEventListener, it listens code events
from Logger, constructs and stores CodeEventsContainer. This patch is part of
the effort to split the logic of CodeEventListener as ProfilerListener out of
the profiling functionality logic in CpuProfiler. A ProfilerListener will listen
to code events, construct code event to CodeEventsContainer and pass it to code
event handler.
The reason we refactor CpuProfiler is that eventually we want to move
CpuProfiler as part of sampler library and code event listener should stay
inside V8.
Main changes:
1. Refactored CpuProfiler into two parts, the CpuProfiler with profling
functionality and the ProfilerListener listening to code events from Logger.
2. Created CodeEventObserver and made CpuProfiler inherit from it.
ProfilerListener will have a list of observers and call CodeEventHandler once a
code event is created.
3. Moved code entry list from CodeEntry to ProfilerListener.
Minor changes:
1. Moved static code entry as part of CodeEntry.
2. Added ProfilerListener to Logger.
BUG=v8:4789
Review-Url: https://codereview.chromium.org/2053523003
Cr-Commit-Position: refs/heads/master@{#37112}
Runtime_DeclareLookupSlot is used when generating code for var and function declarations
originating in an eval. Over time, it's accumulated quite a bit of cruft, which this CL removes:
- With legacy const gone, lookup slots never have any property attributes.
- There was a bit signaling that the variable was from an eval, but that was redundant since
DeclareLookupSlot is only used for eval.
- Some Proxy-related code didn't make sense here.
Its name was also not terribly clear: while "LookupSlot" is used in several places, this
particular function is only used for declaring variables and functions inside sloppy eval.
Renamed (and split into two) to make this clear for future archeologists.
Also added various DCHECKs to check the assumptions being made.
Review-Url: https://codereview.chromium.org/2061173002
Cr-Commit-Position: refs/heads/master@{#37111}
Previously we would elide debug slots if the statement position it
belongs to has just already been written. The motivation is that since
we should only break once per statement, we can elide debug slots that
has the same statement position as the previous debug slot.
This is an unnecessary optimization, since the debugger has yet another
check against breaking twice at the same statement at runtime, in
Debug::Break.
This optimization can also be wrong, if there is control flow involved,
for example if we can jump to the elided debug slot without executing
the previous debug slot.
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
R=jgruber@chromium.org
Review-Url: https://codereview.chromium.org/2080173002
Cr-Commit-Position: refs/heads/master@{#37107}
Port 481502dad9
Float32SubMinusZero and Float64SubMinusZero tests are failing because MIPS does not preserve NaN payload according to Wasm spec. Implemented macro-assembler methods that check for NaN operands, and return the qNaN value with preserved payload and sign bits.
TEST=cctest/test-run-wasm/Run_WasmFloat32SubMinusZero, cctest/test-run-wasm/Run_WasmFloat64SubMinusZero
BUG=
patch from issue 2019693002 at patchset 140001 (http://crrev.com/2019693002#ps140001)
R=ahaas@chromium.org
Review-Url: https://codereview.chromium.org/2066483008
Cr-Commit-Position: refs/heads/master@{#37105}
Adds an evacuation mode that allows moving pages within new space without
copying objects.
Basic idea:
a) Move page within new space
b) Sweep page to make iterable and process ArrayBuffers
c) Finish sweep till next scavenge
Threshold is currently 70% live bytes, i.e., the same threshold we use
to determine fragmented pages.
This reverts commit 2263ee9bf4.
BUG=chromium:581412
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg,v8_linux_gc_stress_dbg,v8_mac_gc_stress_dbg,v8_linux64_tsan_rel,v8_mac64_asan_rel
Review-Url: https://codereview.chromium.org/2078863002
Cr-Commit-Position: refs/heads/master@{#37104}
We now spread the word32 truncation even if the inputs can be minus zero
as long as the result is not minus zero.
Review-Url: https://codereview.chromium.org/2078423002
Cr-Commit-Position: refs/heads/master@{#37102}
All function which potentially do heap allocations now take a Handle
on a WasmDebugInfo. This unfortunately requires to make some function
static, since otherwise the "this" pointer would not be handlified.
R=ahaas@chromium.org, titzer@chromium.org
BUG=chromium:613110
Review-Url: https://codereview.chromium.org/2074933005
Cr-Commit-Position: refs/heads/master@{#37099}
The simplified SpeculativeNumber operators shouldn't be in the control
chain at all. They are part of the effect chain to ensure that we can
find a frame state for eager deoptimization.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2083503002
Cr-Commit-Position: refs/heads/master@{#37098}
When updating source positions, we recompute reloc info. Under the
assumption that reloc info is appended to the code, we may or may not
need to allocate a new code object. That assumption is no longer valid
since 2010 (see r5020).
R=mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2077363002
Cr-Commit-Position: refs/heads/master@{#37097}
These are used to check for Smi or HeapObject, and we use them
appropriately in JSNativeContextSpecialization, so we don't need
to introduce dependencies on concrete control flow and/or concrete
frame states.
They will be optimized by a proper check elimination reducer,
which will be added in a separate CL.
R=jarin@chromium.org
BUG=v8:4470
Review-Url: https://codereview.chromium.org/2082523002
Cr-Commit-Position: refs/heads/master@{#37096}
This makes sure we use ninja everywhere if not stated
otherwise explicitly.
BUG=chromium:474921
Review-Url: https://codereview.chromium.org/2078393002
Cr-Commit-Position: refs/heads/master@{#37095}
Reason for revert:
[Sheriff] Speculative revert for crashes on chrubuntu chromebooks:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm/builds/320
Original issue's description:
> Implement WASM big-endian support.
>
> Implement WASM support on big-endian platforms. WASM has
> an implicit requirement that it is running on little-endian
> machine. We achieve WASM support on BE by keeping data
> in memory in little-endian order, and changing data
> endianness before storing to memory and after loading from
> memory.
>
> BUG=
>
> Committed: https://crrev.com/d3f3f6c8186b2a53f0c539f7bba0c3708c4d83f9
> Cr-Commit-Position: refs/heads/master@{#37065}
TBR=titzer@chromium.org,akos.palfi@imgtec.com,balazs.kilvady@imgtec.com,jyan@ca.ibm.com,ivica.bogosavljevic@imgtec.com
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review-Url: https://codereview.chromium.org/2080153002
Cr-Commit-Position: refs/heads/master@{#37091}
Reason for revert:
[Sheriff] Speculative revert: Seems to lead to devtools crashes:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Win/builds/5259
Original issue's description:
> [turbofan] Introduce CheckUnless.
>
> Similarly to CheckIf, CheckUnless is a deoptimization without a specific
> frame state. A frame state is assigned during effect-control linearization
> (and CheckUnless is turned into DeoptimizeUnless).
>
> At the moment, the new operator is only used at one place in native context
> specialization, but we should use it everywhere. The advantage of
> CHeckUnless is that it avoids non-truncating uses of values by frame
> states. This particular change is aimed at Octane's crypto, where this
> enables to turn one NumberMultiply into Int32Mul, and thus improve
> the score by more than 10% (it also needs minus zero truncation and
> typing to be improved, but those CLs are already in flight).
>
> BUG=v8:4470
> R=bmeurer@chromium.org
>
> Committed: https://crrev.com/85fde59d538e0dcaf461108086c2f7cf904f567a
> Cr-Commit-Position: refs/heads/master@{#37085}
TBR=bmeurer@chromium.org,jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4470
Review-Url: https://codereview.chromium.org/2078333002
Cr-Commit-Position: refs/heads/master@{#37090}
Import base::ieee754::tan() from fdlibm and introduce Float64Tan TurboFan
operator based on that, similar to what we do for Float64Cos and Float64Sin.
Rewrite Math.tan() as TurboFan builtin and use those operators to also
inline Math.tan() into optimized TurboFan functions.
Drive-by-fix: Kill the %_ConstructDouble intrinsics, and provide only
the %ConstructDouble runtime entry for writing tests.
BUG=v8:5086,v8:5126
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2083453002
Cr-Commit-Position: refs/heads/master@{#37087}
Compilation of wasm functions happens before instantiation. Imports are linked afterwards, at instantiation time. Globals and memory are also
allocated and then tied in via relocation at instantiation time.
This paves the way for implementing Wasm.compile, a prerequisite to
offering the compiled code serialization feature.
Currently, the WasmModule::Compile method just returns a fixed array
containing the code objects. More appropriate modeling of the compiled module to come.
Opportunistically centralized the logic on how to update memory
references, size, and globals, since that logic is the exact same on each
architecture, except for the actual storing of values back in the
instruction stream.
BUG=v8:5072
Review-Url: https://codereview.chromium.org/2056633002
Cr-Commit-Position: refs/heads/master@{#37086}
Similarly to CheckIf, CheckUnless is a deoptimization without a specific
frame state. A frame state is assigned during effect-control linearization
(and CheckUnless is turned into DeoptimizeUnless).
At the moment, the new operator is only used at one place in native context
specialization, but we should use it everywhere. The advantage of
CHeckUnless is that it avoids non-truncating uses of values by frame
states. This particular change is aimed at Octane's crypto, where this
enables to turn one NumberMultiply into Int32Mul, and thus improve
the score by more than 10% (it also needs minus zero truncation and
typing to be improved, but those CLs are already in flight).
BUG=v8:4470
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2080113002
Cr-Commit-Position: refs/heads/master@{#37085}