These instructions aren't implemented yet in TF or in Liftoff, but they
are properly decoded.
The table instructions (i.e. `table.{init,drop,copy}`) are validated,
since the table and element sections occur before the code section. The
memory instructions (i.e. `memory.{init,drop,copy,fill}`) are not
validated because the data section occurs after the code section, so it
can't be verified in one pass (without throwing a validation error
later).
There is currently a discussion about whether to add a new section
(similar to `func`) that predefines the number of expected data
segments. If we add this, then we can validate in one pass. For now,
we'll leave it unimplemented.
Bug: v8:7747
Change-Id: I839edf51721105a47a1fa8dd5e5e1bd855e72447
Reviewed-on: https://chromium-review.googlesource.com/c/1339241
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57622}
Port 1952f92838
Original Commit Message:
The platform specific macro assembler headers can not be included
directly. They require symbols declared in macro-assembler.h.
We also cannot include macro-assembler.h from the platform specific
headers, because that would form a cycle, and the include in
macro-assembler.h would be skipped, which then also fails.
This CL documents and enforces this unfortunate situation.
This helps with further iwyu cleanups.
Note that current code which includes the platform specific headers
only works because we transitively included macro-assembler.h already
before.
R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Iff6217ccb961d009a31f6adc50a7ef77ca1c8b70
Reviewed-on: https://chromium-review.googlesource.com/c/1342977
Reviewed-by: Muntasir Mallick <mmallick@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#57618}
Port 6e5671e1cd
Original Commit Message:
This marks the InterpreterEntryTrampoline as isolate-independent. With
this change, all builtins are now embedded.
Slight changes were needed to how we deopt into the trampoline. We now
store the entry address within the Interpreter class instead of
embedding the builtin code target.
R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I88aa263793c38cb60300fd795c0bd7011f337739
Reviewed-on: https://chromium-review.googlesource.com/c/1342738
Reviewed-by: Muntasir Mallick <mmallick@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#57617}
It removes special handling for Cells and PropertyCells. That handling
was required before when new space objects were embedded in code objects
via Cells. Since code objects support direct embedding now, the handling
can be removed.
The patch also makes sure to load the map of the object once using
the synchronized accessor, which will be needed for concurrent visiting
of code object.
Bug: v8:8459
Change-Id: I83833e19ad1da4a92e1a9be60b7c1dcd05c2b2be
Reviewed-on: https://chromium-review.googlesource.com/c/1337745
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57616}
which will eventually replace kPointerSize[Log2] to make it explicit what kind
of values is expected. With enabled pointer compression these sizes will not
be equal anymore.
This CL starts an incremental migration to proper constants.
Bug: v8:8477, v8:8238
Change-Id: Ia134d5a1c0639d9f9103d7a88bf87211e353ad50
Reviewed-on: https://chromium-review.googlesource.com/c/1340298
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57614}
Do less work in MultipleProfilers. Reduces runtime from ~8 mins to ~40
seconds.
Bug: v8:8474
Change-Id: I72b3266941ce40c8d064deaf00fb06f8d9fa8a70
Reviewed-on: https://chromium-review.googlesource.com/c/1341956
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57613}
Windows MASM becomes extremely slow when given very large data streams.
Runtime behavior is super-linear, with compile times of
5s for 50 KLOC in embedded.S
15s for 100KLOC
40s for 150KLOC
Compilation of the 320KLOC file produced for debug builds took more than
5 minutes.
This CL reduces compile time by emitting QWORD directives instead,
which reduces the emitted debug embedded.S to around 120KLOC and
compile times to around 40s.
Bug: v8:8475,v8:6666
Change-Id: I19903cdf7d1b70a65c00ca67f40129847b17f386
Reviewed-on: https://chromium-review.googlesource.com/c/1341951
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57609}
So far, we always finished the baseline units before finishing any
tiering unit. This will be refactored to finish all units from the
background threads, so the finishing can happen in any order.
Thus refactor the counters to count both separately, and trigger the
right events.
R=ahaas@chromium.org
Bug: v8:7921
Change-Id: Ia2d8ab3f70f9bc3406eff428da5d22580558887b
Reviewed-on: https://chromium-review.googlesource.com/c/1333669
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57608}
That way we can also cache A-Z, 0-9, _, $ (and all others obviously).
Change-Id: I394001646c80bbabf9b09f66eddc1bef82ae91b3
Reviewed-on: https://chromium-review.googlesource.com/c/1341948
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57606}
This reverts commit f09bec92c1.
Reason for revert: This CL was reverted by accident.
Original change's description:
> Revert "[wasm] Open HandleScope in LogCode"
>
> This reverts commit 2035042e87.
>
> Reason for revert: Blocks the roll, see https://chromium-swarm.appspot.com/task?id=41356e9eff2a5010&refresh=10&show_raw=1 for error message
>
> Original change's description:
> > [wasm] Open HandleScope in LogCode
> >
> > In WasmCode::LogCode we allocate handles, but not all callers of LogCode
> > open a HandleScope. Since the handles do not escape LogCode, we can just
> > open a Handlescope in the function.
> >
> > R=herhut@chromium.org
> >
> > Bug: v8:8461
> > Change-Id: I2031b467f976a9af6f541b60af245573f33d9676
> > Reviewed-on: https://chromium-review.googlesource.com/c/1337736
> > Reviewed-by: Stephan Herhut <herhut@chromium.org>
> > Commit-Queue: Andreas Haas <ahaas@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#57550}
>
> TBR=ahaas@chromium.org,herhut@chromium.org
>
> NOTRY=true
>
> Bug: v8:8461
> Change-Id: I4c95c79c029f4eed2bbaf1fcf7ccb04203335659
> Reviewed-on: https://chromium-review.googlesource.com/c/1340287
> Commit-Queue: Michael Hablich <hablich@chromium.org>
> Reviewed-by: Michael Hablich <hablich@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57583}
TBR=hablich@chromium.org,ahaas@chromium.org,herhut@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:8461
Change-Id: Ieaabde1c686505795e9059354573c38dd982c52a
Reviewed-on: https://chromium-review.googlesource.com/c/1340251
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57603}
This reverts commit 585b4eef6a.
Reason for revert: Speculative, crbug 906567.
Original change's description:
> [turbofan] Improve NumberMultiply typing rule.
>
> The NumberMultiply typing rule gave up in the presence of NaN inputs,
> but we can still infer useful ranges here and just union the result
> of that with the NaN propagation (similar for MinusZero propagation).
> This way we can still makes sense of these ranges at the uses.
>
> Bug: v8:8015
> Change-Id: Ic4c5e8edc6c68776ff3baca9628ad7de0f8e2a92
> Reviewed-on: https://chromium-review.googlesource.com/c/1261143
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56539}
TBR=sigurds@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:8015
Change-Id: I3c652bafbbc0e5d1ad4ff288264fd4f4cbf71330
Reviewed-on: https://chromium-review.googlesource.com/c/1340253
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57602}
{RegisterConfiguration} is not used inside assembler.h.
Instead, include it where needed.
R=mstarzinger@chromium.org
Bug: v8:8238, v8:7490
Change-Id: Ic1aca23e862c30f5b5c7d13b866a859f1a4d4803
Reviewed-on: https://chromium-review.googlesource.com/c/1340244
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57601}
Fail IsInvalid check if the property cell has been invalidated.
Bug: chromium:905555
Change-Id: Ia0712b97bd6ba628936b74b3893ddb1c229ee686
Reviewed-on: https://chromium-review.googlesource.com/c/1339863
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57597}
This updates the fast path check in RegExp.p.test reduction to
trigger with constant field tracking.
Bug: v8:8361
Change-Id: I05d2c44189d0cc647b898599d519c2af1d78487f
Reviewed-on: https://chromium-review.googlesource.com/c/1340250
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57596}
Small readability increase for the keyword check magic, using memcmp
instead of a chain of raw comparisons. Could allow better codegen for
memcmp-aware compilers, though in practice seems to have little effect
on generated code.
Change-Id: I91020fe67cebc9270c61c4c678e15217e436afff
Reviewed-on: https://chromium-review.googlesource.com/c/1340291
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57595}
In preparation for converting these stubs to builtins. This turns the
compile-time IsJSArray parameter into a runtime check.
Bug: v8:7777
Change-Id: Ief44e7cd77e772809e50618e55f51268e9ac8ad9
Reviewed-on: https://chromium-review.googlesource.com/c/1339868
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57594}
KeyedLoadSloppyArguments -> KeyedLoadIC_SloppyArguments
KeyedStoreSloppyArguments -> KeyedStoreIC_SloppyArguments
LoadIndexedIntercepter -> LoadIndexedInterceptorIC
StoreInArrayLiteralSlowStub -> StoreInArrayLiteralIC_Slow
StoreInterceptor -> StoreInterceptorIC
StoreSlowElementStub -> KeyedStoreIC_Slow
A few Store stubs were parameterized for the sole purpose of
determining the KeyedAccessStoreMode later on. These are now
implemented as a dedicated builtin for each store mode.
Bug: v8:7777
Change-Id: I743474b0e6c5d6ec2513bb9f8f3a93c5c0535927
Reviewed-on: https://chromium-review.googlesource.com/c/1339859
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57592}
Both regress-8432 and regress-8413 pass with the latest ICU
roll to 407b393.
TBR=ftang@chromium.org,gsathya@chromium.org,machenbach@chromium.org
Bug: v8:8432,v8:8414
Change-Id: I56f3d88c1f90021ad51062bc5f26a9e88877f954
Reviewed-on: https://chromium-review.googlesource.com/c/1341455
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57590}
This roll should cover the last batch of upstream $DONOTEVALUATE
updates.
TBR=gsathya@chromium.org
Bug: v8:7834, v8:8467
Change-Id: Ia1c6e8fa2fd7fd020c5499b3825a8c1e6c14db47
Reviewed-on: https://chromium-review.googlesource.com/c/1338348
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57587}
The CamelCase file is deprecated and I'd like to remove it at some point.
Change-Id: Iba491b01e5993ce2778c2ec58123e3aecafaf0ae
Reviewed-on: https://chromium-review.googlesource.com/c/1338346
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57585}
This patch allows the deoptimizer to keep embedded pointers intact.
Previously, the deoptimizer had to clear embedded pointers because
the mark-compactor relied on the Code::marked_for_deoptimization flag
to indicate whether the embedder pointers were cleared or not.
This patch adds a new flag called Code::embedded_objects_cleared()
and thus can correctly clear dead weak objects in deoptimized code.
Bug: v8:8459
Change-Id: I6eb6ff3aa2182bc41730e0a249965f8d8c0525ce
Reviewed-on: https://chromium-review.googlesource.com/c/1335943
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57584}
This reverts commit 2035042e87.
Reason for revert: Blocks the roll, see https://chromium-swarm.appspot.com/task?id=41356e9eff2a5010&refresh=10&show_raw=1 for error message
Original change's description:
> [wasm] Open HandleScope in LogCode
>
> In WasmCode::LogCode we allocate handles, but not all callers of LogCode
> open a HandleScope. Since the handles do not escape LogCode, we can just
> open a Handlescope in the function.
>
> R=herhut@chromium.org
>
> Bug: v8:8461
> Change-Id: I2031b467f976a9af6f541b60af245573f33d9676
> Reviewed-on: https://chromium-review.googlesource.com/c/1337736
> Reviewed-by: Stephan Herhut <herhut@chromium.org>
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57550}
TBR=ahaas@chromium.org,herhut@chromium.org
NOTRY=true
Bug: v8:8461
Change-Id: I4c95c79c029f4eed2bbaf1fcf7ccb04203335659
Reviewed-on: https://chromium-review.googlesource.com/c/1340287
Commit-Queue: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57583}
Weak callbacks should not trigger recursive GCs during first round callbacks.
Any non-trivial work is supposed to be enqueued in the second round of
callbacks.
Bug: chromium:843903
Change-Id: Ieba58f31bab54c95b7d4027d3e16ee2d765438e7
Reviewed-on: https://chromium-review.googlesource.com/c/1340285
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57581}
This is the first in a series of patches for adding support to execute
without feedback vectors. This cl updates some of the bytecode handlers
to check for feedback before using them. All these bytecodes only collect
type feedback, so their funcitonality would not change. This cl changes the
implementation for following bytecode:
BinaryOperation
CompareOperation
UnaryOperation
Call
Bug: v8:8394
Change-Id: I284bf9c010718c65f3fe76b6f3f4461b5bfa6742
Reviewed-on: https://chromium-review.googlesource.com/c/1333667
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57580}
This way we'll always only use the variables_ map of the first ScopeInfo-backed
Scope in the Scope chain.
Change-Id: I9187f7ef0b300b3ee36184d6dddd37242786c19a
Reviewed-on: https://chromium-review.googlesource.com/c/1340284
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57579}
The platform specific macro assembler headers can not be included
directly. They require symbols declared in macro-assembler.h.
We also cannot include macro-assembler.h from the platform specific
headers, because that would form a cycle, and the include in
macro-assembler.h would be skipped, which then also fails.
This CL documents and enforces this unfortunate situation.
This helps with further iwyu cleanups.
Note that current code which includes the platform specific headers
only works because we transitively included macro-assembler.h already
before.
R=mstarzinger@chromium.org
Bug: v8:8238, v8:7490
Change-Id: I2dc65ad950400941406e1f2f8969d0d15f524bf8
Reviewed-on: https://chromium-review.googlesource.com/c/1340240
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57578}
Under normal execution, we commit code space in page chunks as we
need it. However, this confuses linux perf, as it generates mmap
events in the trace that seem to override the synthetic ones that
are inserted by perf inject.
Instead, when profiling with perf, we now commit the maximum code
space size upfront, leading to a single mmap event early on. While
this significantly increases memory use, it should not impact
profiling of running wasm code.
Bug: v8:8462
Change-Id: I078e9e486fe4ddecdea0b58543cc6bc5873cdfee
Reviewed-on: https://chromium-review.googlesource.com/c/1340279
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57577}
GC needs to be able to read a bigint's length while the main thread may
change the length and the sign (bigints are intentionally mutable as
long as they haven't escaped to user code). Since both values are stored
in the same bitfield, we need to make these accesses atomic.
Also change right-trimming to not insert a filler when the object is
in large object space (it makes no sense there).
Bug: v8:8440
Change-Id: I72a1b6f1eda54566d3cfad554dda1a98ddd61975
Reviewed-on: https://chromium-review.googlesource.com/c/1337737
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57576}
We now only cache Variable* in entry_point->variables_ so there's no point in
looking at all variables_ in the entire chain.
Change-Id: I3d1f389a9ad7d790d2e778a72cd5f7fc47880233
Reviewed-on: https://chromium-review.googlesource.com/c/1340245
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57574}
For short inputs (<= size of the type we want to generate), we fell back
to just generating constants. This CL changes that to only fall back to
constants once a single byte remains, and adds options to use constants
already before that.
R=ahaas@chromium.org
Bug: v8:894307
Change-Id: Ic4bf05d06090f52b67de2b322a9d5dcab6bbbe39
Reviewed-on: https://chromium-review.googlesource.com/c/1337739
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57573}
