The problem was that in AsyncCompileJob::FinishModule we allocate a
handle, but when this function is called from streaming compilation, then
there was no HandleScope around AsyncCompileJob::FinishModule. This issue
was fixed in another CL, https://crrev.com/c/1172357. This CL is just a
rebase of the original CL.
Original change's description:
> [wasm] Implement the new API for WebAssembly.instantiateStreaming
> This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
> make it spec compliant again. The design doc where the whole change is
> discussed is available in the tracking bug. The tracking bug also
> references prototype implementations of the whole change, which includes
> the changes in this CL.
R=starzinger@chromium.org
Bug: chromium:860637
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib0cb25488654d2b325b4f529d33b76b846c64436
Reviewed-on: https://chromium-review.googlesource.com/1172429
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55106}
This was an oversight from the previous CL. It doesn't really matter
with the current code generation pattern, since the upper bits of the
index will always be zero, but that might change in the future.
Bug: chromium:225811
Change-Id: I568a0824cad9ce9b73a56decc15d146c7dc675a1
Reviewed-on: https://chromium-review.googlesource.com/1174111
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55104}
This affects map, filter, every, some, indexOf and includes.
Tests for those cases and more are also added.
Bug: v8:8049
Change-Id: I196abd8e7e2419a2bb465f44caf4de52990ffced
Reviewed-on: https://chromium-review.googlesource.com/1172346
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#55103}
This adds support for unaligned load/store access to the DataView
backing store and uses byteswap operations to fix up the endianess
when necessary. This changes the Word32ReverseBytes operator to be
a required operator and adds the missing support on the Intel and
ARM platforms (on 64-bit platforms the Word64ReverseBytes operator
is also mandatory now).
This further improves the performance on the dataviewperf.js test
mentioned in the tracking bug by up to 40%, and at the same time
reduces the code complexity in the EffectControlLinearizer.
Bug: chromium:225811
Change-Id: I296170b828c2ccc1c317ed37840b564aa14cdec2
Reviewed-on: https://chromium-review.googlesource.com/1172777
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55099}
The DataView access methods can use the neutering protector to avoid
introducing an explicit check into the optimized code to see if the
backing store was neutered. Instead the optimized code has an implicit
dependency on the global neutering protector which gets invalidated
when the first array buffer is neutered (globally). We use the same
trick for typed arrays already.
Bug: chromium:225811
Change-Id: I9b3c95b3113b8fa00dcbba216ef29c84c0056951
Reviewed-on: https://chromium-review.googlesource.com/1172779
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55097}
After https://crrev.com/c/1172285, abortion and deletion of an
{AsyncCompileJob} is the same. Hence, remove the
{AbortCompileJobsOnIsolate} method and replace all uses by
{DeleteCompileJobsOnIsolate}.
R=ahaas@chromium.orgCC=mstarzinger@chromium.org
Bug: chromium:869420
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I053dc47395a257066bbca55069d53445dc28eeb9
Reviewed-on: https://chromium-review.googlesource.com/1172288
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55092}
This should make the uses of binary vs. bitwise not very clear:
- Word32BinaryNot for logical negation
- Word32BitwiseNot for bitwise negation
Change-Id: I3345913111da0dbdae6fdf285f090b67eb3f3afc
Reviewed-on: https://chromium-review.googlesource.com/1169205
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55091}
This patch also includes some CSS tweaks and other minor cleanup.
Bug: v8:6240
Change-Id: I86e26fe53465dff6f9a706f58e565b1f1ee559da
Reviewed-on: https://chromium-review.googlesource.com/1172360
Commit-Queue: Bret Sepulveda <bsep@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55089}
{AsyncCompileJob::FinishCompile} assumes that it is called within a
{HandleScope}. This was not the case when it was called at the end of
streaming compilation.
R=clemensh@chromium.org
Bug: chromium:860637
Change-Id: I74508e6cdfc145efb9adc76176abce1ca5713515
Reviewed-on: https://chromium-review.googlesource.com/1172357
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55086}
By using NAL for reading PC instead of BAL, we are acctualy not taking
branch. Thus optimizing code for instruction pipeline and address
predictor.
Change-Id: I574dc98390dc850443de06c928022292e2b50747
Reviewed-on: https://chromium-review.googlesource.com/1170777
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#55085}
This simplifies a bit.
R=jgruber@chromium.org
Change-Id: If7a433c9d2b13edf4fe4485816ac5ab06435773e
Reviewed-on: https://chromium-review.googlesource.com/1172299
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55084}
In {WasmEngine::DeleteCompileJobsOnIsolate} (triggered on isolate
teardown), we are deleting the {AsyncCompileJob} with the expectation
that this cancels all background compilation. Since the introduction of
the CompilationState, this is not true any more. The call to
{CompilationState::Abort} is missing.
This CL fixes this by moving the logic from {AsyncCompileJob::Abort} to
{~AsyncCompileJob}, since the former calls the latter anyway.
R=ahaas@chromium.org
Bug: chromium:869420
Change-Id: I4644d161270def0fe3a94d09cde0135ee420a383
Reviewed-on: https://chromium-review.googlesource.com/1172285
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55083}
Decodes SFI::Flags on construction and sets properties in ParseInfo::flags_ directly, as well
as adding a FunctionKind field, instead of keeping the encoded SFI flags in the ParseInfo.
BUG=v8:8041
Change-Id: I9bd9345b29a8b0e9ffb3e2e73aac11ae6ef69322
Reviewed-on: https://chromium-review.googlesource.com/1169181
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55080}
All these methods did was executing DCHECKs. This CL just writes out
the DCHECKs directly.
R=mstarzinger@chromium.org
Bug: v8:8015
Change-Id: I01d4c536ea354d158da5f628aeab35fb13b80a58
Reviewed-on: https://chromium-review.googlesource.com/1170822
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55079}
This patch reshuffles the colors used for the various tick categories in
the visualization. Category rows are now light gray. The new colors are
taken from the Material palette. See screenshots on the associated bug.
This patch also labels the GC bucket as such, instead of having the same
label as uncategorized C++.
Bug: v8:6240
Change-Id: I3909a177148b98e99d63f5ec9ae02e3c6f63eb24
Reviewed-on: https://chromium-review.googlesource.com/1172139
Commit-Queue: Bret Sepulveda <bsep@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55078}
With the origin trial for WebAssembly threads, threads can be turned on
and off by the embedder depending on the context we are currently in.
With this CL we call the embedder callback stored on the isolate to
determine whether threads are enabled in the current context or not.
Design decision:
I decided to extend the {WasmFeaturesFromIsolate} function to ask the
embedder if WebAssembly threads are enabled. This is the function which
defines dynamically which features are turned on. It would be awkward
to have two such functions, one which calls the embedder and one which
does not.
A downside is that in WasmJs::Install the embedder does not seem to be
ready to be called. That's why I changed the code there to call
{WasmFeaturesFromFlags} instead.
R=titzer@chromium.org, mstarzinger@chromium.org
Bug: chromium:868844
Change-Id: I6bfa89960a54cec71992756e3717bbb3a9fe195e
Reviewed-on: https://chromium-review.googlesource.com/1169180
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55076}
This CL implements several things needed for full SIMD BE support in WASM:
* Global variables are now kept in little-endian order as per specification
* Added support for SIMD on BE in wasm interpreter
* Fixed several tests that didn't work on BE because input or output
data were not using LE in-memory layout
Change-Id: I4542d13d09fd276e15b0fc39f02e4a58831f65e4
Reviewed-on: https://chromium-review.googlesource.com/1160484
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55075}
The break id is no longer used.
Bug: v8:5530
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib07046d66497cbd5e01a8a1248afd890180200bf
Reviewed-on: https://chromium-review.googlesource.com/1172136
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55074}
This reverts commit 5b434929a3.
Changes after the original CL:
- Right-trimming registers the array as an object with invalidated
slots.
- Left-trimming moves the array start in the invalidated slots map.
Original change's description:
> Fix invalidation of old-to-old slots after object trimming.
>
> A recorded old-to-old slot may be overwritten with a pointer to a new
> space object. If the object containing the slot is trimmed later on,
> then the mark-compactor may crash on a stale pointer to new space.
>
> This patch ensures that:
> 1) On trimming of an object we add it to the invalidated_slots sets.
> 2) The InvalidatedSlotsFilter::IsValid returns false for slots outside
> the invalidated object unless the page was already swept.
>
> Array left-trimming is handled as a special case because object start
> moves and cannot be added to the invalidated set. Instead, we clear
> the freed memory so that the recorded slots contain Smi values.
>
> Bug: chromium:870226,chromium:816426
> Change-Id: Iffc05a58fcf52ece45fdb085b5d1fd4b3acb5d53
> Reviewed-on: https://chromium-review.googlesource.com/1163784
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54953}
Change-Id: I1f1080f680196c581f62aef8d3a00a595f9bb9b0
Reviewed-on: https://chromium-review.googlesource.com/1165555
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55066}
This is a reland of a4355b77b3
Original change's description:
> [test] Add files not pushed for test on Android
>
> TBR=neis@chromium.org
> NOTRY=true
>
> Bug: v8:8047
> Change-Id: I6d59cd9137f56a5061d836afb02b33f7b25d4aa0
> Reviewed-on: https://chromium-review.googlesource.com/1170772
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55047}
TBR=neis@chromium.org
NOTRY=true
Bug: v8:8047
Change-Id: If273d9407ed17f4de827b08039efe4d5cd34632e
Reviewed-on: https://chromium-review.googlesource.com/1171282
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55063}
Previously, we created a JSObject with a non null prototype for an
internal object which isn't what we want as it casues side effects.
Bug: chromium:872514
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I3318044a03318f3d7099f3ba889450c651cea9e1
Reviewed-on: https://chromium-review.googlesource.com/1171186
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55062}
|Shell::externalized_contents_| is guarded by |Shell::workers_mutex_|,
but wasn't being acquired when the serialize WriteValue call failed.
Bug: v8:8034
Change-Id: Idd0448e9f44d6b26c17987405d5d7394449e8bb3
Reviewed-on: https://chromium-review.googlesource.com/1170316
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55060}
This is a reland of 4c0943424c
Original change's description:
> [test] Add logic to run tests on Android
>
> This adds a new command abstraction for running commands on Android
> using dockered devices on swarming.
>
> The new abstraction handles pushing all required files to the device.
> The logic used for pushing and running is reused from the perf runner.
>
> This adds only the mjsunit test suite. Others will be handled in
> follow up CLs. The suite logic is enhanced with auto-detection of files
> to be pushed to devices, for e.g. load or import statements.
>
> Some test cases need an extra resource section for specifying required
> files.
>
> Remaining failing tests are marked in the status files for later
> triage.
>
> Bug: chromium:866862
> Change-Id: I2b957559f07fdcd8c1bd2f7034f5ba7754a31fb7
> Reviewed-on: https://chromium-review.googlesource.com/1150153
> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55041}
Bug: chromium:866862
Change-Id: Icf7e04c75d4abeab7254d10ba21240e46b0022ae
Reviewed-on: https://chromium-review.googlesource.com/1170643
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55059}
This reverts commit 4c0943424c.
Reason for revert: Unfortunately this broke all perf builders.
Original change's description:
> [test] Add logic to run tests on Android
>
> This adds a new command abstraction for running commands on Android
> using dockered devices on swarming.
>
> The new abstraction handles pushing all required files to the device.
> The logic used for pushing and running is reused from the perf runner.
>
> This adds only the mjsunit test suite. Others will be handled in
> follow up CLs. The suite logic is enhanced with auto-detection of files
> to be pushed to devices, for e.g. load or import statements.
>
> Some test cases need an extra resource section for specifying required
> files.
>
> Remaining failing tests are marked in the status files for later
> triage.
>
> Bug: chromium:866862
> Change-Id: I2b957559f07fdcd8c1bd2f7034f5ba7754a31fb7
> Reviewed-on: https://chromium-review.googlesource.com/1150153
> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55041}
TBR=machenbach@chromium.org,yangguo@chromium.org,sergiyb@chromium.org
Change-Id: If80129810586b709dab762c9b5724888e15daec2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:866862
Reviewed-on: https://chromium-review.googlesource.com/1170962
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55058}