This separates the fast-non-asan path from the asan path so it can be inlined.
Additionally avoid updating allocation_size_ on each Zone::New call.
Inlining Zone::New actually reduces binary size by 50kb...
Change-Id: Ie5d58638284e5a1a5e0198c24080b0f600d79092
Reviewed-on: https://chromium-review.googlesource.com/c/1288641
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56780}
Teach TurboFan about the maps produced by JSPerformPromiseThen and
JSCreatePromise, which yields a ~1-2% improvement on the doxbee
promises benchmark by removing the redundant checks from the optimized
code with promise chaining.
Bug: v8:7253
Change-Id: If0edce8ba15917c1b7e76b9d06490cfffe911650
Reviewed-on: https://chromium-review.googlesource.com/c/1288639
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56778}
This will be rewritten soon to not use the sampling processor, we can
reenable it then.
Bug: v8:5193
Change-Id: I1d50cf39048e7b5ddeea8d333dcf808fe5c28396
Reviewed-on: https://chromium-review.googlesource.com/c/1288636
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56777}
It seems that the Promise.resolve() lowering in JSCallReducer was no
longer called.
Bug: v8:7253
Change-Id: I3c80aed085d15fb54d88245b9d71b9caed7de075
Reviewed-on: https://chromium-review.googlesource.com/c/1288452
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56773}
If the user's cleanup function didn't iterate all available WeakCells, we need
to schedule the cleanup task again at some point. The previous condition
resulted it never being scheduled.
BUG=v8:8179
Change-Id: I8f5f4c01d1eb6a3cca8bd21bdc52c38663889882
Reviewed-on: https://chromium-review.googlesource.com/c/1286686
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56772}
Change-Id: Ic7d90d479b090670339200e4b6255fb1fb2441a5
Reviewed-on: https://chromium-review.googlesource.com/c/1288352
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#56770}
In preparation for enabling embedded builtins on ia32 by default, this
switches all embed bots to noembed to keep some coverage in this brave
new world.
Bug: v8:6666
Change-Id: I61ef21aea49e6f7d471f1fd284a097fcd63c6073
Reviewed-on: https://chromium-review.googlesource.com/c/1288591
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56769}
When creating the buffer for the fall back, the initial entry was not
considered when calculating the size.
Bug: chromium:896181
Change-Id: I7f15bb1bdf31b3255db91b1fe8dcd68c76033980
Reviewed-on: https://chromium-review.googlesource.com/c/1286957
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#56768}
This is necessary for the arguments adaptor, as there are only
5 gp registers available and a call to the arguments adaptor
trampoline that does not have the trampoline address as a immediate
needs 6 (4 arguments + esi as context + register to call through).
Bug: v8:6666
Change-Id: Ie96cf0352c323e07e0daf369953df8f4ee9acb81
Reviewed-on: https://chromium-review.googlesource.com/c/1283050
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56767}
I had forgotten to upload this to my previous CL.
TBR: mslekova@chromium.org
Change-Id: I1195ffd947ad82226af41cd7103b389a6733f4e4
Reviewed-on: https://chromium-review.googlesource.com/c/1288590
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56766}
Adding test to confirm that no one-shot optimizations are not done
for functions enclosed in parentheses but not immediately invoked
in an assignment.
Bug: v8:8072
Change-Id: I282132a7cc570b59290f2ec314462be060d48e5a
Reviewed-on: https://chromium-review.googlesource.com/c/1238576
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56763}
Flags are copied from infra side's builders.py. They will be removed
afterwards with: https://crrev.com/c/1288412
NOTRY=true
TBR=sergiyb@chromium.org
Bug: chromium:830557
Change-Id: If9794e4f9f396770219cf0563a37d6304b6a96ff
Reviewed-on: https://chromium-review.googlesource.com/c/1288589
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56762}
This lets us remove the unsafe object<T>() getter.
Bug: v8:7790
Change-Id: Ie438c68d4c96f1525eee5afd252523b222dc8f53
Reviewed-on: https://chromium-review.googlesource.com/c/1288411
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56761}
AllocateJSArray always allocates in new space, so we bailout of the fast
path for strings if the new array does not fit in new space.
Bug found by ClusterFuzz. Regression test added.
This also switches to the BranchIf pattern to avoid materialize a bool.
Bug: chromium:895860, v8:7980
Change-Id: Ic7c41268c394ac2796b7694252390ab50fd74838
Reviewed-on: https://chromium-review.googlesource.com/c/1286337
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#56759}
We can strength-reduce JSResolvePromise(p,v) to JSFulfillPromise(p,v)
if the v is known to be a primitive. This not only avoids the dynamic
checks for v inside JSResolvePromise, but also removes the need to
have a frame state, as the JSFulfillPromise operation cannot call
back into arbitrary JavaScript, and thus cannot deoptimize lazily.
This triggers for example for async functions where the return value
is known (to TurboFan) to be a primitive value.
Bug: v8:7253
Change-Id: I4698d6026e0632ab3e2fef6c7f4aaacf6c2a508c
Reviewed-on: https://chromium-review.googlesource.com/c/1288449
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56758}
We use the object<T>() getter to extract the handle from an ObjectRef
instance and cast it to Handle<T>. In DEBUG mode, the cast does a type
check which accesses the heap. We must not access the heap though. This
CL is a quick fix that skips the type check. Eventually we should
replace the templatized accessor with a subclass-specific one to have
some safety.
Bug: v8:7790, v8:8316
Change-Id: I71048be2bc36570cce33b0e680824dd6bc407d14
Reviewed-on: https://chromium-review.googlesource.com/c/1282963
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56756}
We'll automatically figure out that we can't parse an expression at the EOS
anyway.
Change-Id: I663e3b9d030ee048b28472710071778bfc511747
Reviewed-on: https://chromium-review.googlesource.com/c/1286681
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56755}
This is a preparation CL to remove -Wno-unused-lambda-capture warning suppression.
Bug: chromium:681136
Change-Id: Iacd0933363cfe7e4a17191f83f567f2834dee6aa
Reviewed-on: https://chromium-review.googlesource.com/c/1288209
Commit-Queue: Takuto Ikuta <tikuta@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56754}
Non-Android platforms are protected in Chrome by site isolation, therefore we can
disable the untrusted code mitigations. We still enable them on Android, and on
simulator builds since that is where we do much of the correctness testing for Android.
Mitigations for ia32 are disabled since they conflict with upcoming work on an ia32
root register.
BUG=chromium:860429, v8:6666
Change-Id: I7831071ec1c4490b7d303314c53c27078fa04979
Reviewed-on: https://chromium-review.googlesource.com/c/1276470
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56753}
We forgot to eliminate the read accesses of these two cells.
Bug: v8:7790, v8:8315
Change-Id: Id175e4d96461f88759b2d29ab1d407ba4c54e733
Reviewed-on: https://chromium-review.googlesource.com/c/1286680
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56752}
This reverts commit a12203c64b.
Reason for revert: Breaks isolate_tests
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20builder/36777
Original change's description:
> [wasm] Add a new wasm-js testsuite to run js-api tests
>
> These changes were necessary to run with the new style of jsapi tests
> introduced in https://github.com/WebAssembly/spec/pull/883.
>
> Change-Id: I4629dd48d595ed97ed0607dec9e7d9808c706a7e
> Reviewed-on: https://chromium-review.googlesource.com/c/1277724
> Commit-Queue: Ben Smith <binji@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Mathias Bynens <mathias@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56745}
TBR=binji@chromium.org,machenbach@chromium.org,yangguo@chromium.org,ahaas@chromium.org,clemensh@chromium.org,mathias@chromium.org
Change-Id: I2edd0ca94cb5990322571879c81671fa835f3ecd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1286526
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56746}
These changes were necessary to run with the new style of jsapi tests
introduced in https://github.com/WebAssembly/spec/pull/883.
Change-Id: I4629dd48d595ed97ed0607dec9e7d9808c706a7e
Reviewed-on: https://chromium-review.googlesource.com/c/1277724
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56745}
From what I understand, it's been slated for removal for a long time, and
more accutely, Clang recently started warning about it being shadowed by
another kWeak enum:
../../v8/include/v8-profiler.h:369:5: warning: declaration shadows a variable
in namespace 'v8' [-Wshadow]
kWeak = 6 // A weak reference (ignored by the GC).
^
../../v8/include/v8-util.h:29:3: note: previous declaration is here
kWeak = kWeakWithParameter // For backwards compatibility. Deprecate.
^
Bug: chromium:895475
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I07de1418aea2d68ef5641ece4ab13f71b6d5ec7f
Reviewed-on: https://chromium-review.googlesource.com/c/1285189
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Hans Wennborg <hans@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56743}
Failing test are: cctest/cctest/test-run-wasm/RunWasmLiftoff*.
Test started to fail after this commit: 56b8ab5d07
This patch also fixes MIPS big endian build failure.
Change-Id: I333450f2a8f9c9a61db9aea18e5e973f48742d52
Reviewed-on: https://chromium-review.googlesource.com/c/1286348
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#56742}
Some confusion has crept in over time, specifically around
the distinction between an offset to an external reference's
address and an offset to its entry in the external reference
table. This CL unifies naming and interfaces.
Drive-by: Fix formatting in macro-assembler-x64.
Bug: v8:6666
Change-Id: Iade98ca28a7304aba0254b92b553343826a08e41
Reviewed-on: https://chromium-review.googlesource.com/c/1286674
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56741}
Currently ProfilerListener channels the code events to Processor
via CpuProfiler - we don't need this indirection and can just hook
it up directly. This also makes it easier to test because we don't need
a CpuProfiler object just to test the Processor.
Drive-by cleanup:
- Remove NUMBER_OF_TYPES from CodeEventRecord as it is not used.
- Remove Isolate* parameter from AddDeoptStack and AddCurrentStack as
a Processor object is only ever for one Isolate. Store the Isolate*
on the ProfilerEventsProcessor object itself.
- Remove the default case from switch in ProcessCodeEvent().
Bug: v8:5193
Change-Id: I26c1a46b0eec34b5248b707d1997c3a9409a9604
Reviewed-on: https://chromium-review.googlesource.com/c/1286341
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56740}
Drive-by: Fix ExternalReferenceAddressAsOperand. Now it correctly
returns an operand to within the external reference table.
Bug: v8:6666
Change-Id: I8226257f27a2747584d37fd948d66c6e9b0d7ecf
Reviewed-on: https://chromium-review.googlesource.com/c/1286671
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56739}
This is cleanups that I forgot to include in the previous CLs or that
did not fit in any of them.
This is the eighth CL in a series to improve our module decoder tests
and make them more readable.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: I0db04288f1efd9bb4642478d22c0edc8ac17e024
Reviewed-on: https://chromium-review.googlesource.com/c/1286669
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56738}
This is the seventh CL in a series to improve our module decoder tests
and make them more readable.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: Ib8bd2cc3f2fdb23b39511657a4af99f6fa781172
Reviewed-on: https://chromium-review.googlesource.com/c/1286346
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56737}
Currently, the empty function bodies actually contain the byte 0, which
is the unreachable opcode. This CL fixes this to be empty function
bodies, and uses the macros more consistently.
This is the sixth CL in a series to improve our module decoder tests and
make them more readable.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: I5f029210b4589797ee194e4082afec2c7bc31561
Reviewed-on: https://chromium-review.googlesource.com/c/1286343
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56736}
This will also be useful for JSCallReducer.
In order to avoid extra work, the CL restricts one path of the JSCall
lowering to functions from the own native context.
Bug: v8:7790
Change-Id: I9f3a478969d641da59661ff196fdedae8195d680
Reviewed-on: https://chromium-review.googlesource.com/c/1286335
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56733}
This enables by the default the
export * as foo from "bar"
syntax in modules.
Bug: v8:8101
Change-Id: I98b07d217ae08ff6a556e69cb3bf6e8f4bd46a07
Reviewed-on: https://chromium-review.googlesource.com/c/1282972
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56732}