SharedFunctionInfos store their original function literal's id. This is
also their index in the Script's SFI list.
The function literal id is only needed for lazy compilation and live edit,
and access only has to be fast in the former. So, we can move the SFI
function literal id field to UncompiledData, and if patching with live
edit, or discarding compiled code, we can perform a slower linear search
through the Script's SFI list.
This is a reland of
1) https://chromium-review.googlesource.com/1082480 and
2) https://chromium-review.googlesource.com/1128854
the differences being:
1) caching the literal id on UncompiledData rather than always linearly
searching the SFI list, and removing the unused runtime-liveedit.cc
file instead of fixing it to support this change.
2) clearing padding on UncompiledData now that it has 3 int32 fields,
making its end unaligned on x64.
TBR=yangguo@chromium.org,marja@chromium.org,ulan@chromium.org,cbruni@chromium.org
Bug: chromium:818642
Change-Id: I58dcb12a2a60a680f662568da428e01189c62638
Reviewed-on: https://chromium-review.googlesource.com/1138325
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54473}
This reverts commit 1d4a1172f5.
Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/21989
Original change's description:
> [sfi] Remove SFI function literal id field
>
> SharedFunctionInfos store their original function literal's id. This is
> also their index in the Script's SFI list.
>
> The function literal id is only needed for lazy compilation and live edit,
> and access only has to be fast in the former. So, we can move the SFI
> function literal id field to UncompiledData, and if patching with live
> edit, or discarding compiled code, we can perform a slower linear search
> through the Script's SFI list.
>
> This is a reland of
> https://chromium-review.googlesource.com/c/v8/v8/+/1082480
> but caching the literal id on UncompiledData rather than always linearly
> searching the SFI list. Also, removes the unused runtime-liveedit.cc file
> instead of fixing it to support this change.
>
> Bug: chromium:818642
> Change-Id: I977bcca0dc72903ca476a7079d156cc8bbe88fde
> Reviewed-on: https://chromium-review.googlesource.com/1128854
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54464}
TBR=ulan@chromium.org,marja@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,cbruni@chromium.org,leszeks@chromium.org,verwaest@chromium.org
Change-Id: Icee5ee3ab7688b93e2963f91debed65a58164534
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1138276
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54466}
SharedFunctionInfos store their original function literal's id. This is
also their index in the Script's SFI list.
The function literal id is only needed for lazy compilation and live edit,
and access only has to be fast in the former. So, we can move the SFI
function literal id field to UncompiledData, and if patching with live
edit, or discarding compiled code, we can perform a slower linear search
through the Script's SFI list.
This is a reland of
https://chromium-review.googlesource.com/c/v8/v8/+/1082480
but caching the literal id on UncompiledData rather than always linearly
searching the SFI list. Also, removes the unused runtime-liveedit.cc file
instead of fixing it to support this change.
Bug: chromium:818642
Change-Id: I977bcca0dc72903ca476a7079d156cc8bbe88fde
Reviewed-on: https://chromium-review.googlesource.com/1128854
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54464}
This CL adds inlining for the Number constructor if new.target is not
present. The lowering is BigInt compatible, i.e. it converts BigInts to
numbers.
Bug: v8:7904
Change-Id: If03b9f872d82e50b6ded7709069181c33dc44e82
Reviewed-on: https://chromium-review.googlesource.com/1118557
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54454}
- Reorganizes shuffle tests into tabular form.
- Adds a test that composes random numbers of random shuffles to
make new shuffles.
- Adds a test that generates functions to compute a complex expression
consisting of shuffles, and compares interpreter results to compiled
code results.
- Fixes a problem with temp register exhaustion on ARM 32-bit.
- Matches identity shuffles (returning first or second operand
unchanged) and uses EmitIdentity() for these.
Bug: v8:6020
Change-Id: Ie41c14fee52a7406b1d32e731e050096400e12f5
Reviewed-on: https://chromium-review.googlesource.com/1119567
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54446}
This will allow us to migrate our deprecated configs to android_docker.
R=machenbach@chromium.org
Bug: chromium:838864
Change-Id: I5f7db648520847aa2077e9fc2a5970e63daa9a50
Reviewed-on: https://chromium-review.googlesource.com/1131944
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54441}
All auto-generated with some fix-ups including marking the following
classes as NeverReadOnlySpaceObject so their GetIsolate/GetHeap methods
are safe to use:
Code, CodeDataContainer, AbstractCode, DeoptimizationData,
CompilationCacheTable, NormalizedMapCache, Script, SharedFunctionInfo
TBR=yangguo@chromium.org
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I6cb5dcca88a0bc99b5afe80f553e06a661b5da3c
Reviewed-on: https://chromium-review.googlesource.com/1135306
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54439}
The code under test is handling of multi-return values in TurboFan and
hence actually independent of WebAssembly. The only reason to generate
WasmCode is in order to use the WebAseembly linkages. This changes the
generated code to have {STUB} kind instead of {WASM_FUNCTION} kind to
avoid having stack checks in the generated code which would require a
proper WasmInstanceObject to be allocated.
R=ahaas@chromium.org
BUG=chromium:862508
Change-Id: I4feb7bff1a42bbf59cfc5f249f2e0585ce7011ad
Reviewed-on: https://chromium-review.googlesource.com/1136438
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54436}
This removes an occurrence where the "%Foo" native syntax appears as part
of a string. Such strings are picked up by the fuzzer and recombined in
unsupported ways, producing false-positive crash reports. Simply avoid
having those strings in the fuzzing corpus.
R=clemensh@chromium.org
TEST=mjsunit/regress/wasm/regress-808848
BUG=chromium:844842
Change-Id: I017c1552578f0d26033e58b11353e87e27a69ebf
Reviewed-on: https://chromium-review.googlesource.com/1136300
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54432}
This CL adds constants that can be defined in the module scope:
const kConstexprConst: constexpr int31 = 5;
const kIntptrConst: intptr = 4;
const kSmiConst: Smi = 3;
They are implemented by generating "mini-macros" that return the
expression on the right-hand side of the assignment.
Bug: v8:7793
Change-Id: I0a476cb3111707fad56bf15e9547b377c7adab37
Reviewed-on: https://chromium-review.googlesource.com/1114745
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54430}
This moves the entire code generation phase (including code emission
into the native module) into the background task. The code manager is
fully thread safe by now and there are no Isolate-bound steps anymore.
The only step remaining on the foreground task is publishing the fully
finished code to other threads via {NativeModule::PublishCode}.
R=clemensh@chromium.org
BUG=v8:7921
Change-Id: Ia64c6ce945aabd071b26e61ef8d397fb7727a038
Reviewed-on: https://chromium-review.googlesource.com/1135004
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54425}
The manual scope is usually used to test corner cases of GC behavior so
disable the ineffective GC detecton there.
Bug: v8:7859
Change-Id: I92a1e43db739846ff0db20a60cc2ace79496e5fe
Reviewed-on: https://chromium-review.googlesource.com/1135140
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54418}
Since Liftoff is fully implemented on arm64, we can enable the
wasm/liftoff test.
R=ahaas@chromium.org
Bug: v8:6600
Change-Id: I901480a417a7cc438357a67b819f226e4d3b1df4
Reviewed-on: https://chromium-review.googlesource.com/1134776
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54417}
This patch adds a variant of EmbedderGraph::AddEdge() which
allows the embedder to specify the name of an edge. The edges
added without name are element edges with auto-incremented indexes
while the edges added with names will be internal edges with
the specified names for more meaningful output in the heap
snapshot.
Refs: https://github.com/nodejs/node/pull/21741
Bug: v8:7938
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I8feefa2cf6911743e24b3b2024e0e849b0c65cd3
Reviewed-on: https://chromium-review.googlesource.com/1133299
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54412}
Currently the fuzzer only tests Turbofan and Liftoff in isolation. In
order to test that both tiers use the same ABI, it should also test
calls from one tier to the other.
This CL introduces a new flag which controls which function will be
compiled by which tier, and uses that in the fuzzer.
R=ahaas@chromium.org
Bug: chromium:862931, v8:6600
Change-Id: I450b906700972cfdb496b1734faed9f8208d652f
Reviewed-on: https://chromium-review.googlesource.com/1134775
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54409}
When we changed FeedbackMetadata to be it's own type instead of a
subtype of FixedArray, we missed this check for valid objects in old
space. This restores the old behavior during verification.
Bug: chromium:862433
Change-Id: Icdb144df4aebc0c6d78a28405c7f53e40b2e1376
Reviewed-on: https://chromium-review.googlesource.com/1134995
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54408}
Instead of passing {uint8_t*, size_t} pairs as arguments, pass
{Vector<uint8_t>}. This is less error prone and {Vector} provides some
helpful methods.
R=ahaas@chromium.org
Bug: v8:7754
Change-Id: I7469054774618e0bd5c9d38501759b1b2c51d104
Reviewed-on: https://chromium-review.googlesource.com/1134773
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54406}
getGetoption() in intl.js misimplemented Ecma 402 #sec-getoption by
calling options[property] twice, once to check if it's defined
and the second time to retrieve the value when it's defined.
Bug: v8:7869
Test: test262/intl402/RelativeTimeFormat/con*/cons*/option*order
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I6d585767232c9f4c0252e65e2891c813db3da641
Reviewed-on: https://chromium-review.googlesource.com/1128444
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54405}
An unordered_map typically provides better performance. Instead of a
compare function, we now need a hash function and equality defined on
{Signature<T>}.
R=mstarzinger@chromium.org
Bug: chromium:862123
Change-Id: Iba71030f91949d7453740c884de1d8a4f921c618
Reviewed-on: https://chromium-review.googlesource.com/1131182
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54404}
The instruction got removed from the proposal.
R=titzer@chromium.org
Bug: v8:7581
Change-Id: I3e27bad923544896ebf6ab8969e5c365a397f6c9
Reviewed-on: https://chromium-review.googlesource.com/1128754
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54402}
With ReadOnlyRoots and GetIsolate on JSReceiver, we can remove almost
every isolate parameter from <Object>::Print. The remaining ones, like
Map, are special-caseable for read-only maps, and as a result we can
remove isolate parameters from <Object>::Print entirely.
This patch also opportunistically cleans up a few places where isolates
were only needed for Object::Print, such as TransitionAccessors and
DescriptorArrays.
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Bug: v8:7786
Change-Id: Id44bd53b9893e679eea5f37b9548257595a1bfd9
Reviewed-on: https://chromium-review.googlesource.com/1133385
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54401}
With the introduction of multiple tables the element section is able to
initialize any of the defined tables. However, the spec says that only
tables of type AnyFunc can be initialized.
With this CL we validate that entries in the element section only
target AnyFunc tables.
R=titzer@chromium.org
Bug: v8:7581
Change-Id: Ifea383b13c91f582813b2aa4f01a5f724575cfa0
Reviewed-on: https://chromium-review.googlesource.com/1130519
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54400}
Uses Heap::FromWritableHeapObject where the object must be mutable and
otherwise pass Isolate in. String and subclasses should now be free of
GetIsolate/GetHeap.
Bug: v8:7786
Change-Id: Ic9d55250ea4afebbebda87be9415ccdaa4fc8779
Reviewed-on: https://chromium-review.googlesource.com/1131736
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54395}
Move some of PreParsedScopeData's santity checks, such as the magic
value separating skippable function data from scope data, to be debug
only, to save memory.
Start position of inner skippable functions is still kept, because it's
too good at catching bugs, but we may want to remove it in the future
as well.
Relanding unchanged after the (unrelated) flake it exposed is fixed in:
https://chromium-review.googlesource.com/1131503
Bug: chromium:818642
Change-Id: Id1d9fe757875cd05ea9a92b41e7256c3ee86fc8e
Reviewed-on: https://chromium-review.googlesource.com/1131505
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54380}
See
https://chromium-review.googlesource.com/c/chromium/deps/icu/+/1128503
for ICU changes.
Fix tests for ICU 61/Unicode 11/CLDR 33.1
* Update mjsunit/harmony/regexp-property-script-extensions.js per
ScriptExtensions.txt in Unicode 11
* Update mjsunit/intl-numberformat-formattoparts.js for CLDR 33.1
* Mark an invalid Mozilla test (Georgian uppercasing)
* Fix currency format test (U+00A0 instead of U+0020)
* Enable Script_Extensions tests (test262)
* Add support for Extended_Pictographic in regex
Ref. https://github.com/tc39/ecma262/issues/1219.
Bug: chromium:850334, v8:7825
Test: intl/*, test262/intl402/*
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I146080cdc1164db4a71f484918723cf302666df8
Reviewed-on: https://chromium-review.googlesource.com/1111857
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54376}
