Shared objects have fixed layout (i.e. immutable maps) and start off
sealed. Ordinary JS objects allow writable properties to be redefined to
be non-writable. This violates the fixed layout invariant and needs to
be disallowed.
Also contains a drive-by fix removing
@highestInstanceTypeWithinParentClassRange, which is unneeded.
Bug: chromium:1407595, v8:12547
Change-Id: I0257fa19f59ccfaaf0e07cb42aeedd71e132d21a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4190525
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85570}
Forcibly enable jitless mode since we do not have access to executable
code pages. This will also disables wasm.
Do not enable JSCVT based on the compiler since older iPhones may not
have the JSVCT instruction. This will eventually need to be done
dynamically.
Use the host toolchain when compiling on M1 Macbooks for iOS devices.
Ensure we use 16k alignment for pages.
Bug: chromium:1411704
Change-Id: I0019a2fc7b645b96ae105504d915cd0c3e3eafdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4206250
Commit-Queue: Dave Tapuska <dtapuska@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85569}
This reverts commit 596e56868d.
Reason for revert: Breaks JetStream2 on perf bots.
Original change's description:
> [turboshaft] Implement structural optimization reducer
>
> This CL adds a new Turboshaft reducer that is suitable for changing the
> graph in a way that doesn't reduce individual operations, rather changes
> the structure of the graph. The first such reduction we support is
> transforming if-else cascades that check if a given value is equal to
> any constant from a given set into a switch with cases corresponding to
> the constants in the set.
>
> Bug: v8:12783
> Change-Id: Iee1e5581a334c3dc255d673d2178f76706e6dae2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4106752
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85561}
Bug: v8:12783
Change-Id: Ic9ded7f4e18258346f547600cb541b2fa094fb8d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4210088
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85566}
This CL adds a new Turboshaft reducer that is suitable for changing the
graph in a way that doesn't reduce individual operations, rather changes
the structure of the graph. The first such reduction we support is
transforming if-else cascades that check if a given value is equal to
any constant from a given set into a switch with cases corresponding to
the constants in the set.
Bug: v8:12783
Change-Id: Iee1e5581a334c3dc255d673d2178f76706e6dae2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4106752
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85561}
An unified scratch scope for Maglev.
- For arm64 we reuse the architecture scope.
- For x64, we create a simple linked list scope.
DeferredCode carries the same temporary scope.
The node temporaries registers now represents the available
temporary registers (i.e., minus fixed/specific ones).
Also refactor some shared code to maglev-assembler-inl.h, so
that DeferredCode can use scratch scopes.
Bug: v8:7700
Change-Id: I1019a03627f390aa8a69916a227e0007229d63ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4178817
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85397}
This CL reinstates the trampoline for pushing the values of
callee-saved registers on the stack, which is used for stack scanning.
It reintroduces the set of architecture-specific functions
PushAllRegistersAndIterateStack, removed in crrev.com/c/3989143.
The reason for this change is that the simpler architecture-specific
functions SaveCalleeSavedRegisters failed to correctly save the
values of the registers, in the presence of C++ compiler optimizations.
It also removes the stack context, introduced in crrev.com/c/4017512,
and uses again the trampoline for iterating through the stack.
Bug: v8:13257
Change-Id: I9e656a9b3ba6616168602300f2180b4f340593f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4171639
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85394}
This does:
- Move gcmole runs to bots with matching arch.
- Update mb_configs to enable gcmole on the bots that run it.
- Add a GN target that extracts some compiler flags from a
ninja file of one of V8's other targets.
- Use the extracted flags in the gcmole script and remove other
hard-coded arch-specific flags.
This is done for DEFINES and includes for now. Other compiler flags
are still a TODO.
Bug: v8:9287
Change-Id: Icba9ce59e0bfffd138d9207b1c2ad64d42bf6a91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4055629
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85341}
This is a reland of commit b791f4f040
More bugs have been fixed.
Original change's description:
> Reland "[maglev] Test maglev on Mac Arm64 bots"
>
> This is a reland of c6e96cf622
>
> Various bugs have been fixed since the revert and we're ready to try
> again.
>
> Original change's description:
> > [maglev] Test maglev on Mac Arm64 bots
> >
> > Also remove unnecessary maglev runs on x64 FYI bots, since maglev runs
> > on the main waterfall's x64 bots already.
> >
> > Bug: v8:7700
> > Change-Id: I5bb23c3ba7696b48f2fe1af4036a3de8c5b1801a
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128092
> > Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#85174}
>
> Bug: v8:7700
> Change-Id: I969e6ae7bd01adb12da0f1240e152232cca00f33
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156056
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
> Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85275}
Bug: v8:7700
Change-Id: I274d6cac2f39cb4bffcf346649fb9b9676b7d93f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4164681
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85305}
Chromium now defines its own android_assets() rather than using this
target (assets are about how things are packaged, so make more sense
living in embedders).
Bug: chromium:1402705
Change-Id: I95ff828393cec4e1e388776ed2e6be09c67b1e30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4157274
Auto-Submit: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85298}
kDataViewGetVariableLength has JS linkage, and so it has a strong
requirement to what should be in the stack and in the registers
(including having a JSFunction for kDataViewGetVariableLength).
These were missing before, which would crash when checking the frame.
Fixed: chromium:1406727
Bug: v8:7700
Change-Id: Iad878cbc06d46403e21162dfdfd3bcd1a2a063d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4162926
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85284}
This is a reland of c6e96cf622
Various bugs have been fixed since the revert and we're ready to try
again.
Original change's description:
> [maglev] Test maglev on Mac Arm64 bots
>
> Also remove unnecessary maglev runs on x64 FYI bots, since maglev runs
> on the main waterfall's x64 bots already.
>
> Bug: v8:7700
> Change-Id: I5bb23c3ba7696b48f2fe1af4036a3de8c5b1801a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128092
> Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85174}
Bug: v8:7700
Change-Id: I969e6ae7bd01adb12da0f1240e152232cca00f33
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156056
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85275}
This will allow embedders to build the snapshot file without building
all of v8.
Bug: chromium:1402705
Change-Id: I5049c18a803fd664e10036adcaef93503f013304
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4157273
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Andrew Grieve <agrieve@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85268}
We introduce high-level typed load elimination for wasm. It is based
on CSALoadElimination. It operates on wasm struct.set/get and
array.length operators (with array operations pending). Wasm types are
used to refine the may-alias analysis ran for stores.
Drive-by:
- Type more nodes in wasm-compiler and wasm-gc-operator-reducer.
- Remove an unsafe-cast test which now hits an Unreachable Turbofan
node.
Bug: v8:7748
Change-Id: I309e4af4d9f9c584e27ff79804a776666b5dc3c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4146430
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85255}
Introduces a slim write barrier for Oilpan behind
`cppgc_enable_slim_write_barrier` that is enabled by default. The slim
write barrier only performs a single approximate global check for
whether the write barrier is needed and delegates all other checks to
a slow path call. This is beneficial in configurations that do not need
many checks for the barrier overall, i.e., configurations without
young generation. Young generation is off by default which is why this
approach is beneficial.
On Speedometer the write barrier is hit 75M times with a fast bailout
of 99.3%. Progression on Speedometer2 is somewhere around 0.2-0.5%.
The resulting code embedded in another function is only 34 bytes
compared to 128 bytes before. See attached bug for detailed assembly
snippet.
Change-Id: I6869513186e7a26104c46f1f2ac2cfa855689f64
Bug: chromium:1406464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152488
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85232}
When disabled, Turbofan is fully excluded from the compilation result.
This is expected to reduce V8's contribution to chromium's binary size
by roughly 20%.
If Turbofan is disabled, Maglev and Webassembly must also be disabled
(since both depend on TF).
Note this new configuration (v8_enable_turbofan=false) is not yet
used anywhere - we'll probably enable it for lite_mode bots in an
upcoming CL for test coverage.
Changes in detail:
- Split out all src/compiler files from the main source sets. This
was mostly done already, here we only clean up the few files that
were left.
- Define a new main TF entry point in turbofan.h. `NewCompilationJob`
replaces `Pipeline::NewCompilationJob`.
- When TF is enabled, turbofan-enabled.cc implements the above.
- When disabled, turbofan-disabled stubs out the above with a runtime
FATAL message.
- The build process is modified s.t. mksnapshot always has TF
available since it's needed to generate builtins. When disabled,
TF is removed from other components, in particular it is no longer
included in v8_compiler and transitively in v8_base.
- When disabled, v8_for_testing no longer has v8_initializers
available. These were only needed for test-serialize.cc, which
is now excluded from this build mode.
- When disabled, remove all related cctest/ und unittest/ files from
the build.
Bug: v8:13629
Change-Id: I63ab7632f03d0ee4a787cfc01574b5fdb08fd80b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128529
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85210}
Also remove unnecessary maglev runs on x64 FYI bots, since maglev runs
on the main waterfall's x64 bots already.
Bug: v8:7700
Change-Id: I5bb23c3ba7696b48f2fe1af4036a3de8c5b1801a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128092
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85174}
This is a reland of commit ebd933037e
Original change's description:
> [flags,testrunner] Consider readonly flags for conflict detection
>
> Flag conflict detection 1) bails out on incompatible flag values (e.g.
> --jitless and --turbofan) and 2) handles such bailouts transparently in
> the test runner by marking affected tests as OUTCOMES_FAIL.
>
> This CL adds full support for readonly flags to this system, together
> with required additional annotations in variants.py.
>
> Drive-by: assert proper use of v8_enable_slow_dchecks, and add
> support when dcheck_always_on is set.
> Drive-by: introduce has_maglev build variable detection based on
> v8_enable_maglev and use that for .status file annotations.
> Drive-by: protect against unintended overwrites of build variables
> in statusfile.py.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel
> Bug: v8:13629,v8:10577
> Change-Id: I04de399139a0490806df8bfee7e75e2ec767b4b5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4135879
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85130}
Bug: v8:13629,v8:10577
Change-Id: I49ce322c3fda00a1e1e280d99d2d818772533927
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4151087
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85172}
This CL introduces typed optimizations for Turboshaft, which replaces all operations that produce a constant output (and don't have side effects) by the corresponding constant.
In addition, a new pass for eliminating dead code is introduced that cannot only remove dead operations, but also rewrite branches that are not required into GotoOps.
Drive-by: Introduce -0 as a "special value" for Float32Type and Float64Type to fix a few issues where 0 and -0 have been treated as identical.
Bug: v8:12783
Change-Id: Ia1450ad7a9abb5d58c7d753596ed08a33a73184f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4110993
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85143}
This reverts commit ebd933037e.
Reason for revert: Breaks a test: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8792462319927467985/+/u/OptimizeForSize/CreateIsolateFromReadOnlySnapshot
Original change's description:
> [flags,testrunner] Consider readonly flags for conflict detection
>
> Flag conflict detection 1) bails out on incompatible flag values (e.g.
> --jitless and --turbofan) and 2) handles such bailouts transparently in
> the test runner by marking affected tests as OUTCOMES_FAIL.
>
> This CL adds full support for readonly flags to this system, together
> with required additional annotations in variants.py.
>
> Drive-by: assert proper use of v8_enable_slow_dchecks, and add
> support when dcheck_always_on is set.
> Drive-by: introduce has_maglev build variable detection based on
> v8_enable_maglev and use that for .status file annotations.
> Drive-by: protect against unintended overwrites of build variables
> in statusfile.py.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel
> Bug: v8:13629,v8:10577
> Change-Id: I04de399139a0490806df8bfee7e75e2ec767b4b5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4135879
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85130}
Bug: v8:13629,v8:10577
Change-Id: I0cb072c6c9f05d92894cc0af83c4d1a28df100d5
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4147098
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85133}
Flag conflict detection 1) bails out on incompatible flag values (e.g.
--jitless and --turbofan) and 2) handles such bailouts transparently in
the test runner by marking affected tests as OUTCOMES_FAIL.
This CL adds full support for readonly flags to this system, together
with required additional annotations in variants.py.
Drive-by: assert proper use of v8_enable_slow_dchecks, and add
support when dcheck_always_on is set.
Drive-by: introduce has_maglev build variable detection based on
v8_enable_maglev and use that for .status file annotations.
Drive-by: protect against unintended overwrites of build variables
in statusfile.py.
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel
Bug: v8:13629,v8:10577
Change-Id: I04de399139a0490806df8bfee7e75e2ec767b4b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4135879
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85130}
This reverts commit 31ccfed461.
Reason for revert: Fails compilation on: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20cfi%20-%20builder/6527/overview
Original change's description:
> [x64] Add support for "cold calls" in hot paths
>
> This makes (specially annotated) calls to "cold functions" in hot paths
> more efficient by hiding the fact that we are actually calling a
> function here. Clang would otherwise unconditionally spill and reload
> registers that might be clobbered by the call. This would slow down the
> fast path.
>
> This CL allows to reverse priorities here: The fast path can stay fast
> (no spills and loads), but the slow path gets even slower. The inline
> assembly that implements the cold call spills and reloads *all*
> registers, because we do not know which registers are in use in the
> scope where the cold call is being emitted.
>
> I.e. this behaves like a custom calling convention with no caller-saved
> registers.
>
> The `preserve_all` attribute (experimental in clang, and incomplete for
> C++) would also solve this, but it is not production-ready yet (leads to
> crashes of clang and crashes of the generated code).
>
> R=leszeks@chromium.org
> CC=dlehmann@chromium.org
>
> Bug: v8:13565, v8:13570
> Change-Id: I2b54a480da1c689113a67c601c29d73239b0ff2b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4116584
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Anton Bikineev <bikineev@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85127}
Bug: v8:13565, v8:13570
Change-Id: I2f5b3343eb372fea13d2c4ab6354f2bc52e2c338
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4145819
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#85128}
This makes (specially annotated) calls to "cold functions" in hot paths
more efficient by hiding the fact that we are actually calling a
function here. Clang would otherwise unconditionally spill and reload
registers that might be clobbered by the call. This would slow down the
fast path.
This CL allows to reverse priorities here: The fast path can stay fast
(no spills and loads), but the slow path gets even slower. The inline
assembly that implements the cold call spills and reloads *all*
registers, because we do not know which registers are in use in the
scope where the cold call is being emitted.
I.e. this behaves like a custom calling convention with no caller-saved
registers.
The `preserve_all` attribute (experimental in clang, and incomplete for
C++) would also solve this, but it is not production-ready yet (leads to
crashes of clang and crashes of the generated code).
R=leszeks@chromium.org
CC=dlehmann@chromium.org
Bug: v8:13565, v8:13570
Change-Id: I2b54a480da1c689113a67c601c29d73239b0ff2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4116584
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85127}
This will prevent building v8 arm code when all we want is the snapshot
file.
Bug: chromium:1402705
Change-Id: If8137e8ef79ff1943c24d5bd71d8374e59bdf561
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4117695
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84981}
This CL implements a new %CheckTurboshaftTypeOf(e, type_string)
intrinsic allowing tests to express that the expression e is supposed
to have the turboshaft type expressed by type_string eventually during
lowering.
Test that use this intrinsic are verifying implementation details and
are thus somewhat brittle and potentially platform depedent. This
intrinsic is not supposed to be used broadly, but rather to write
some tests that check the precision of turboshaft's new type system.
This intrinsic may be removed once the type system is shipped and gets
coverage in other ways.
Bug: v8:12783
Change-Id: I4cc2582273f3d668601a3203c400a8461b470cac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4061889
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84894}
... and any other node needed to test it.
Bug: v8:7700
Change-Id: Ia37fdcb1db3b6fb986f026696454d443236d011c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4111600
Reviewed-by: Patrick Thier <pthier@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84893}
This stores the CallDescriptors used for i64 <-> BigInt conversion
builtins as process-globals on the WasmEngine, instead of creating
them as temporaries whenever they're needed.
The primary purpose of this change is to simplify the interface to
the Int64Lowering by eliminating its "special case" parameter, in
preparation for moving that lowering to a different point in the
compilation pipeline.
A minor secondary benefit is that this will save a little bit of
(repeated) Zone memory usage.
Bonus change: drop the Int64Lowering from 64-bit builds, where it
isn't used, but was compiled in up to now. This saves ~17 KiB on
Android-arm64 builds.
Change-Id: Ib35d2e0f772110652eb05abd4c42d848108164b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4110898
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84884}
Add gen-static-roots.py to conveniently re-generate the static roots
table when it needs changing.
Additionally, ensure the first read-only page is allocated as first page
during mksnapshot, to move static roots closer to start.
Bug: v8:13466
Change-Id: Ie72b64d0ad0dd3e5fccd3b41e8ed00a4a55a0033
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4096481
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Olivier Flückiger <olivf@chromium.org>
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84844}
Build mode for serializing the read only heap as a memory dump in the
startup snapshot. This makes compressed pointers of root objects
statically known at mksnapshot time.
This CL also adds a feature to mksnapshot to dump the static addresses
to a C++ header file. This will allow us to use these addresses in the
future.
The mode is disabled for now since we need some build infrastructure
first to conveniently re-generate the table when the layout changes.
Bug: v8:13466
Change-Id: I975b15bd89fedf713fb7d12b4929935ece78139d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4056181
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84815}
Shared heap is not available without write barriers, therefore skip all
tests that require shared heap when write barriers are disabled.
Change-Id: I66a9a94941ffab792ced964f12df6930b13c92cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4079120
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84682}
This reverts commit 0bd121f8e6.
MemoryAnalyzer wasn't calling LateEscapeAnalysisReducer's
ShouldSkipOperation method, but instead was calling the BaseReducer's
method (because it was using a generic Operation) for the call, which
resulted in some memory corruptions, because MemoryAnalyzer was
planning some folding which was never actually happening.
Original change's description:
> [turboshaft] Port LateEscapeAnalysis
>
> Bug: v8:12783
> Change-Id: Id5fa026d103dc67e05322b725f34186124bc5936
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4054621
> Commit-Queue: Darius Mercadier <dmercadier@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84603}
Bug: v8:12783
Change-Id: I103eb2f518943c0c57bc3e10471d1c47f5262599
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4075724
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Darius Mercadier <dmercadier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84660}