.. and inline them into callsites. These were thin wrappers around
MapUpdater methods.
This is part of moving towards MapUpdater as the bottleneck for map
updates.
Bug: v8:7790
Change-Id: Ie79ee063b83892d3c233581832361295aeb8e90f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2807600
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73804}
This is a reland of b9c521d0ea.
Fixes crashes by calling kInstallBaselineCode from BaselineEntry if
needed, i.e. when there is no feedback vector (required a bit of
register rejiggling).
This can happen with cross-realm calls. The OSR arming is stored as
part of the BytecodeArray and therefore shared across realms.
Original change's description:
> [sparkplug] OSR Ignition -> Sparkplug
>
> Add support for OSR to baseline code.
> We compile baseline and perform OSR immediately when the bytecode budget
> interrupt hits.
>
> Drive-by: Clean-up deoptimizer special handling of JumpLoop by using
> the newly introduced GetBaselinePCForNextExecutedBytecode instead of
> GetBaselineEndPCForBytecodeOffset.
>
> Bug: v8:11420
> Change-Id: Ifbea264d4a83a127dd2a11e28626bf2a5e8aca59
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2784687
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73677}
Bug: v8:11420
Change-Id: I67325450514ed5a1170b730b1dd59fa6acc6e1d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2800112
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73803}
Allow all allocations to fail in StressConcurrentAllocatorTask, this
still stresses the concurrent allocation code path but makes
--stress-concurrent-allocation more resilient against OOM. In case the
allocation fails try to start a GC.
Bug: v8:9337
Change-Id: I3633687d67d3a135114a3ea46b5238378153f377
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797280
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73802}
This is a reland of 9eba2d85f4.
The reland fixes a global state variable which was incompatible
with the --isolate flag in d8, which runs the same script in a
different isolate.
Original change's description:
> [fastcall] Add fast API testing facilities to d8
>
> This CL provides the minimum necessary functionality to expose fast API
> for testing in mjsunit, exposing the fast path for fuzzing. It exposes
> a d8.test.fast_c_api with an `add_all` method, which exercises primitive
> types. On x64, all integer and floating point types are supported. On
> other platforms currently only 32-bit integers are included in the test.
>
> Design doc:
> https://docs.google.com/document/d/1KUKPfXkSRZTA2gMwaWbpQKlYfw0C-T6AE3XzC4viHbo/
>
> Bug: chromium:1052746
> Change-Id: Icc824199a26dd2abd2b869f5483a39d38e4dce3e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749154
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73670}
Bug: chromium:1052746
Change-Id: I33b265b97bf7c797eee7d4cce5066999358a8c66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2790174
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73801}
If end_ is smaller than sizeof(double), the result would wrap
around, and lead to an invalid memory access.
Refs: https://github.com/nodejs/node/issues/37978
Change-Id: Ibc8ddcb0c090358789a6a02f550538f91d431c1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2801353
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73800}
Full GCs on non-main-frame context disposals show up on real-world web
workloads and often cause missed frames. Remove and let the regular
scheduler take over these workloads.
Bug: chromium:1191325
Change-Id: Ib58419e4623c096321860db05c36ddf9c8e9f4e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2773347
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73799}
PDFium builds V8 with MSVC and is_debug=true (which is not a
configuration covered by the V8 bots). crrev.com/c/2690588 introduced a
DCHECK_EQ which triggers an MSVC compiler error due to comparing a bool
and a uint8_t value.
This change converts the uint8_t value into a bool using "!!", fixing
the MSVC error. This will unblock V8 rolls into PDFium.
Example build log:
https://logs.chromium.org/logs/pdfium/buildbucket/cr-buildbucket.appspot.com/8851041716432959712/+/steps/compile_with_ninja/0/stdout
Change-Id: I5c365696ead7958709df145ccc2e5f796dec80ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806743
Auto-Submit: K. Moon <kmoon@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73797}
This is a reland of e28dadc207
The original failure was due to a stale Win32 bot. The reland failure
was due to idempotent task deduplication returning the exact same
failure. See crbug/1196064
Original change's description:
> [ptr-cage] Rename IsolateRoot to PtrComprCageBase
>
> Currently, IsolateRoot is both the address of the Isolate root and the
> base address of the pointer compression reservation. This CL teases the
> two uses apart by renaming IsolateRoot to PtrComprCageBase.
>
> - In addition to V8_COMPRESS_POINTERS, add a
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
>
> - Rename GetIsolate* helpers to GetPtrComprCageBase. When
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
> aliases to GetPtrComprCageBase.
>
> - Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
>
> Bug: v8:11460
> Change-Id: I1d715f678ce9a0b5731895612ca14f56579b1c48
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Auto-Submit: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73790}
Bug: v8:11460
No-Try: true
Tbr: ishell@chromium.org
Tbr: rmcilroy@chromium.org
Change-Id: Id69311cf3267ebe1297fff159de0be48b15b65a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806546
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73795}
These functions have the same signature for both SSE and AVX versions.
We move them all into SharedTurboAssembler. Need to fixup a couple of
callsites, since now we use a template helper to call the right
function, whereas previously it was overloaded and there was implicit
conversions from int to uint8_t.
Bug: v8:11589
Change-Id: I8b4146ba1fb838f6b0d6f78f6b95495b8988fc4c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2800569
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73794}
This reverts commit 15c78b45a6.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win32/32277/overview
Original change's description:
> Reland "[ptr-cage] Rename IsolateRoot to PtrComprCageBase"
>
> This is a reland of e28dadc207
>
> Relanding to see if Win32 rel failures from
> https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win32/32275/overview
> were infra flakes. Could not repro on try bots.
>
> Original change's description:
> > [ptr-cage] Rename IsolateRoot to PtrComprCageBase
> >
> > Currently, IsolateRoot is both the address of the Isolate root and the
> > base address of the pointer compression reservation. This CL teases the
> > two uses apart by renaming IsolateRoot to PtrComprCageBase.
> >
> > - In addition to V8_COMPRESS_POINTERS, add a
> > V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
> >
> > - Rename GetIsolate* helpers to GetPtrComprCageBase. When
> > V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
> > aliases to GetPtrComprCageBase.
> >
> > - Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
> >
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
>
> No-Try: true
> Bug: v8:11460
> Tbr: ishell@chromium.org
> Tbr: rmcilroy@chromium.org
> Change-Id: I0a8c3a48999d6737c8c64d2c2703607f14f3fdd0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806169
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73792}
Bug: v8:11460
Change-Id: Ifee92d622c43a91c15f45ef94ff739237bd2024b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806545
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73793}
This is a reland of e28dadc207
Relanding to see if Win32 rel failures from
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win32/32275/overview
were infra flakes. Could not repro on try bots.
Original change's description:
> [ptr-cage] Rename IsolateRoot to PtrComprCageBase
>
> Currently, IsolateRoot is both the address of the Isolate root and the
> base address of the pointer compression reservation. This CL teases the
> two uses apart by renaming IsolateRoot to PtrComprCageBase.
>
> - In addition to V8_COMPRESS_POINTERS, add a
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
>
> - Rename GetIsolate* helpers to GetPtrComprCageBase. When
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
> aliases to GetPtrComprCageBase.
>
> - Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
>
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
No-Try: true
Bug: v8:11460
Tbr: ishell@chromium.org
Tbr: rmcilroy@chromium.org
Change-Id: I0a8c3a48999d6737c8c64d2c2703607f14f3fdd0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806169
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73792}
This reverts commit e28dadc207.
Reason for revert: failed test262 tests;; see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win32/32275/steps?succeeded=true&debug=false
Original change's description:
> [ptr-cage] Rename IsolateRoot to PtrComprCageBase
>
> Currently, IsolateRoot is both the address of the Isolate root and the
> base address of the pointer compression reservation. This CL teases the
> two uses apart by renaming IsolateRoot to PtrComprCageBase.
>
> - In addition to V8_COMPRESS_POINTERS, add a
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
>
> - Rename GetIsolate* helpers to GetPtrComprCageBase. When
> V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
> aliases to GetPtrComprCageBase.
>
> - Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
>
> Bug: v8:11460
> Change-Id: I1d715f678ce9a0b5731895612ca14f56579b1c48
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Auto-Submit: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73790}
Bug: v8:11460
Change-Id: I19d0e28194fcdb28e89f129a7694ca3fe29fa17a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2806168
Auto-Submit: Francis McCabe <fgm@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73791}
Currently, IsolateRoot is both the address of the Isolate root and the
base address of the pointer compression reservation. This CL teases the
two uses apart by renaming IsolateRoot to PtrComprCageBase.
- In addition to V8_COMPRESS_POINTERS, add a
V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
- Rename GetIsolate* helpers to GetPtrComprCageBase. When
V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
aliases to GetPtrComprCageBase.
- Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
Bug: v8:11460
Change-Id: I1d715f678ce9a0b5731895612ca14f56579b1c48
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73790}
Rolling v8/build: 78cec98..5ed00b7
Rolling v8/third_party/aemu-linux-x64: mAkAmWQOG_3Yi-STt7JV1kfCSro_GtZ3D7vtsV21J6sC..3rPTIlJKMg1Z5vCo_OfxOVIQD_pJ1XvXE7OcYDYNk8cC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a6cbca9..6412f1c
Rolling v8/third_party/depot_tools: 9a94a95..da76875
Rolling v8/third_party/requests: bfb93d4..2c2138e
Rolling v8/tools/clang: f7cbd24..afd983d
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I188881fdaddf911704ff3a8a94faf85fa7134ff3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2803911
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73787}
Feedback from Microsoft partners indicates that it would be beneficial
to enable ETW stack-walking events by default.
This is difficult, because the --interpreted-frames-native-stack flag
comes with a significant perf degradation. Ideally, we would turn
this flag on dynamically, only when a ETW recorder is actively
triggering the provider. Unfortunately, the flag in its current state
cannot be enabled dynamically.
In light of this, we have decided to only flip the build flag.
Bug: v8:11043
Change-Id: Id883b9bcd635b41139450ab2d5c92511422525a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2773792
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sara Tang <sartang@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#73784}
- v8.runtime category should be disabled by default (duplicate entry)
- V8.HandleInterrupts is not a trace category name. It's only used as
a trace name with v8.execute (unused entry)
Change-Id: I2528f575d00dd92b3a029e07f46f3ab3e36e1674
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2791563
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73783}
This includes the simulator, PPC64 Linux (little endian)
and PPC64 AIX (Big endian) running on P9.
Also enable the related simd tests for PPC64.
Qfma opcodes are added to the selector as part of the enablement.
Change-Id: Idf2bf2eaa9cee489e7315031976bc412358b9868
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799942
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73782}
We are overwriting rhs when dst == rhs && dst != lhs. This is not a
problem on TurboFan because we specify unique registers and dst == lhs
in the instruction-selector.
The fix is to use the helper EmitSimdCommutativeBinOp, which will check
for dst == rhs (pmuludq is commutative).
Bug: v8:11612
Change-Id: I38c3a2b7f3c7bcf2d7e8faec1a67f0814d44ed20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798527
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73780}
This is a reland of 9a6567b482
The fix is to specialize float/double compare ops to fix msvc build.
On msvc builds, we were selecting the overloaded Equal/NotEqual (etc)
functions that takes float/double as arguments, but we intended to
refer to the function templates.
Original change's description:
> [wasm-simd] Move test helpers into wasm-simd-utils
>
> Move many test helpers into wasm-simd-utils. These helper functions can
> potentially be useful for relaxed-simd test in the future. I left behind
> simd specific test helpers, like load extend helpers, because those are
> for simd instructions.
>
> Bug: v8:11583,v8:11384
> Change-Id: Id9ed452b06eaf5c97a5dda174b53a37aede2a937
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783295
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73675}
Bug: v8:11583
Bug: v8:11384
Change-Id: Id8895900af2688aee8c67eb937acca12c2d65944
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2792668
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73779}
Mostly a port of changes from chromium to support building from
directories other than out/Release or out/Debug.
Also moved tools/ninja/ninja_output.py to tools/vim/ninja_output.py to
be more consistent with chromium's layout.
Change-Id: I73199f10e48b6d9a229bef6af14b84b1ae6be1c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797536
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73777}
It's locked exclusively in the MapUpdater API methods, and locked
shared in ComputePropertyAccessInfo (CPAI).
This lock is a step towards running CPAI on background threads. The
simple lock portion is landed separately in this CL to get an early
signal on potential lock overhead perf impact.
The lock is implemented and used very conservatively at the moment:
- it's a single global lock (and not e.g. per-map).
- it's locked for the entire method call duration (instead of only in
relevant parts).
Both points can potentially be improved in the future.
Bug: v8:7790
Change-Id: I073423497e01b4901101973387a19962f953a576
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797286
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73773}
This fixes a bug introduced in crrev.com/c/2660995.
String.prototype.indexOf must clamp the `position` argument as per
step:
7. Let start be the result of clamping pos between 0 and len.
Source: tc39.es/ecma262/#sec-string.prototype.indexof
Previously, this was done in the StringIndexOf builtin, but the recent
refactor changed builtin implementations to match the spec more
closely (i.e. to clamp in String.prototype.indexOf, not
StringIndexOf). This means we now have to clamp in
JSCallReducer::ReduceStringPrototypeIndexOf.
Tbr: neis@chromium.org
Bug: chromium:1194869
Change-Id: I5af8d41b50f4905453f03079e3ee6d46186536db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799359
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73772}
Main change: Remove CALL_INTERFACE macro. Use
CALL_INTERFACE_IF_REACHABLE or invoke interface directly instead.
Reasoning: Interfaces assume the Decoder is in a non-error state,
therefore CALL_INTERFACE invoked DCHECK(this->ok()). However,
CALL_INTERFACE (1) was sometimes erroneously called with an error in the
decoder, especially in cases where the error occurred inside immediate
argument parsing, (2) was always called in contexts where the current
control was guaranteed to be reachable. Due to (1) and (2),
CALL_INTERFACE is equivalent to CALL_INTERFACE_IF_REACHABLE (there are
a few exceptions where we can call the interface directly).
Additional change:
- Rename current_code_reachable_ to current_code_reachable_and_ok_
to make its name reflect its meaning better.
Bug: chromium:1194784
Change-Id: I52055161a802e6981506b2a8dc8bb8233198aa2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799351
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73771}
.. and enable it on fyi bots. Skip one test in this variant due to
incompatible flags.
Bug: v8:7790
Change-Id: I5b8fdd8572435c6f4474c505464ff1a22c830757
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797287
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73770}
... for primitive receivers. We should use initial map taken from
constructor function as a prototype chain lookup root instead of the
receiver map.
Bug: v8:11248
Change-Id: I91fde2f1102029654c7fdd8890d265ae8bad2791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797281
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73769}
It printed the pointer instead of the block and when run from gdb the
output was swallowed because there was no newline.
Change-Id: I55cdd3c791ff639d5b81e480aef77ac211490f77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799357
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73768}
Bug: v8:11604
Change-Id: Ic4aa3ae64aa9c9a60aceade9072a5ead1c894b7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799356
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73767}
That test is already slow on non-tsan bots, and we do not need TSan
coverage here. Thus keep it skipped, but update the comment.
R=mslekova@chromium.org
Fixed: v8:11610
No-Try: true
Change-Id: I1dedcc7b4d5736aca7c4cc0dc0526e4df7502440
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797290
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73766}
Introduce two machine nodes for FABD and fold Float32/64 Abs,Sub
during instruction selection.
This gives ~1% speed improvement of the Bullet physics engine
compiled as wasm.
Change-Id: Ifd985538e6ebb280bc0eaf11b0ebfc687891cf91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2786854
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#73765}
Check directly whether there is runtime support for traps instead of
encoding this in the trap ID. For OOB traps we always use the actual
trap ID, so we always emitted the code that assumes runtime support,
which is not true in some cctests.
R=ahaas@chromium.org
Bug: v8:11587
Change-Id: I29df463561bcfb3452e75b209a70c4f4d9941044
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797289
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73764}
This is a reland of e70cbb83da
Moved the ConsString comparison logic out-of-line, both to make gcc
happy, and to reduce the size of the fast-path in IsEqualToImpl.
Original change's description:
> [string] Fix non-SeqStrings in IsEqualTo
>
> Bug: chromium:1193903
> Change-Id: I80704dd3cba5754779432356b20bd3ea99630291
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2794426
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73746}
Bug: chromium:1193903
Change-Id: Iae6f078853438427e86d3ac68bcfed0712a85bf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797288
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73763}
Assembler::EmitVeneers has potential quadratic behavior, which appears
as hangs on chromecrash (see the linked bug). We iterate a list of
branches (unresolved_branches_), and for each branch iterate yet another
list of branches (the label link list in
RemoveBranchFromLabelLinkChain).
Ordering decisions increase the problem, by iterating in the outer loop
in ascending pc offset order, and in the inner loop (which removes the
branch from the linked list) in descending order.
This CL mostly refactors the outer loop:
- Instead of iterating over the whole unresolved_branches_ list, iterate
only the relevant part.
- Call RemoveBranchFromLabelLinkChain in descending pc offset order.
- Keep veneer emission in ascending pc offset order.
Bug: chromium:1162080
Change-Id: I77bb3d961c1b19ef1c31e777b640b213869bc1d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2794435
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73762}
Rolling v8/build: d01f8cf..b962cf8
Rolling v8/third_party/aemu-linux-x64: 2zvSiyDoNIOA05-NfIzaaqrW2-5iI24Lkw3TJ8uGtFAC..WdwDIQC1_Ug_YFwjZ39W0oe0J4kXmVVQJba0vkkqNmsC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1178627..da171bf
Rolling v8/third_party/depot_tools: f2cfd3d..053a717
Rolling v8/tools/clang: ddfad9c..15a4172
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I8d229d890ade0268e5e37fd2b61635d8dcad3a46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798974
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73761}
This is a reland of de5f8614a7
Original change's description:
> [atomics] Fix critical section for Atomics.waitAsync
>
> Loading the value at the index for the futex wait should be protected by
> the waiterlist mutex for both sync and async waits.
>
TBR=marja@chromium.org
Bug: chromium:1194026
Change-Id: Id495a7778adf23a7d9dcd80f58179fe8d22fde2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798511
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73759}
