This flag enables feedback allocation heuristics to be based on the
function size. The threshold for feedback allocation is set to
4 * bytecode size to roughly mimic the allocation after 4 invocations.
Change-Id: Ia840cd526e3718d4267e01c688c6c6467e352d72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685175
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72631}
Model cppgc::InitializeProcess()/cppgc::ShutdownProcess() similar to
V8's InitializePlatform()/ShutdownPlatform() in that we allow the pair
to be called multiple times.
GCInfoTable will not be freed on ShutdownProcess though as the current
global design uses static indices to retrieve per-type metadata.
Drive-by: Remove stale ShutdownProcess() call.
Change-Id: Ia9b50325a964e85a72f3ef218e72bc386b69be51
Bug: chromium:1176416, chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685171
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72630}
With top-level await, when Evaluate is performed on an already-evaluated
synthetic module, Module::InnerEvaluate returns undefined. This breaks
top-level await's assumption that the returned value is always a
promise.
In order to make SyntheticModule's behavior consistent with
SourceTextModule, the top_level_capability field is moved up to Module
and SyntheticModule::Evaluate places the promise returned from the
host's evaluation steps in that field. Now SourceTextModule and
SyntheticModule can share the same code to handle the case where the
module is either kErrored or kEvaluated, so the code for this
is moved up to Module.
Thus, SyntheticModule is now guaranteed to return the
promise from the evaluation steps even on subsequent Evaluate() calls.
Unfortunately Node hasn't yet updated their EvaluationStepsCallback
to return a Promise, so we can't yet assume that the returned value
is a Promise without breaking Node. So, this change also adds a clause
to check for this condition and create a new resolved Promise if one
was not provided by the callback steps. This could eventually be
removed once Node's callback steps are updated for top-level await.
Change-Id: I2d6ae918abfeba9e3a757838502d4df92946edaa
Bug: v8:11398
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673794
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#72629}
The implementation is similar to the callbacks that already exist for
the origin trial for WebAssembly simd.
Bug: v8:8091
Change-Id: I969b68c209ea62cf70dbaf317616300b782b5e14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672020
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72628}
Previously in https://chromium-review.googlesource.com/c/v8/v8/+/2545573
I updated BasicBlockInstrumentor to use 64-bit floating-point values
rather than 32-bit integers, so that it could never overflow. However,
I've now learned that some builtins (particularly RecordWrite) are not
allowed to use floating-point registers, and so running with
basic block instrumentation enabled could produce incorrect results.
This change switches back to 32-bit integers, but adds saturation logic.
Bug: chromium:1170776
Change-Id: Icbd93919fb05f50d615ec479263142addbe15c9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685617
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#72626}
Dropping the gpu:none dimension broadens the choice of Mac bots from
so far only 8-core VMs to also include 4-core and 12-core Mac Minis.
This CL adjusts the shard configs to account for adding
4-core Mac Minis to the choice.
We also skip a test that's slow only on 4-core bots.
No-Try: true
Bug: chromium:1174040,v8:11418
Change-Id: Ic0be0db197341b7b8f88eb30aa284c38b0e69609
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685164
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72623}
Reorganize shards to account for recent timeouts on the Android
builder. Also ensure we test the same thing on trybots and CI.
No-Try: true
Bug: v8:11428
Change-Id: If245999e0d2e20ecb7f0ee640be5d98f1c90ff64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685165
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72622}
If an attempt to tiering up fails (for ex: there is not enough space
to enqueue a job) then use the existing optimized code from a lower
tier. Currently we just install interpreter entry trampoline as the
function's code object. Though InterpreterEntryTrampoline checks for
any existing optimized code and installs it on the closure, just
returning it from here saves us these additional checks.
Bug: v8:9684
Change-Id: I62b4bc3b114bbbc9b0702cc9e831a3dfb4b37761
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682645
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72621}
By disengaging it from 'let' which is not implemented in liftoff yet.
Bug: v8:7748
Change-Id: I191695767bf8c6153f70d509dd13ff734fe75e01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676631
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72620}
This reverts commit 42cd9eb78d.
Reason for revert: Clusterfuzz issues, e.g.
https://bugs.chromium.org/p/chromium/issues/detail?id=1176318
Original change's description:
> [compiler] Directly read PropertyCells
>
> Main changes:
>
> - Introduce a new broker data kind kBackgroundSerialized for objects
> that can be serialized in the background (when direct reads are on).
> (I'm planning to remove kPossiblyBackgroundSerialized in a followup,
> in favor of a dynamic choice of kSerialized or kBackgroundSerialized).
> - Make PropertyCell use that new kind.
> - Introduce a bottleneck in runtime code for changes to PropertyCells
> and make sure that a certain protocol is followed that allows
> concurrent reads from the background thread.
> - Improve interface of PropertyCell in various ways.
>
> Bug: v8:7790
> Change-Id: If3d7926c3b894808811348b4b2bed153f5c06897
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661462
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72586}
TBR=ulan@chromium.org,neis@chromium.org,verwaest@chromium.org,nicohartmann@chromium.org
Change-Id: Id04145760c49fa379bc5a3fc16eba664025a9180
Bug: v8:7790
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685125
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72619}
TimeToSafepoint is the time needed for all background threads to enter
a safepoint after the GC was started on the main thread. This CL
improves that metric during concurrent compilation to bytecode by doing:
1) Park the LocalIsolate during
InterpreterCompilationJob::ExecuteJobImpl. There are no concurrent
heap accesses happening while generating bytecode for now. So instead
of manually placing Safepoint() invocations in the code, simply park
the local isolate.
2) Destroy the LocalIsolate before the ReleaseParser operation. I've
seen this take around 2ms, which regressed TimeToSafepoint a lot.
3) Add explicit safepoints to concurrent allocations. This covers the
rest of the code and from what I've seen so far this is good enough
to keep TimeToSafepoint around a few microseconds.
I've still seen TimeToSafepoint events with 20-80 microseconds but those
were quite rare and always seemed to be related to Turbofan.
AsLocalIsolate() is necessary in generic code to convert both Isolate
and LocalIsolate to LocalIsolate.
Bug: v8:10315
Change-Id: Idaf9f04ffdf850d0ab0081ec372cc384a9fe7ef9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2663159
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72618}
This reverts commit 5cc7bfd04c.
Reason for revert: Need to revert dependency.
Original change's description:
> [compiler] Clean up ObjectDataKind
>
> In particular: remove PossiblyBackgroundSerializedHeapObject in favor of
> either SerializedHeapObject or BackgroundSerializedHeapObject, depending
> on the (existing) argument to the ObjectRef constructor.
>
> Bug: v8:7790
> Change-Id: I0a67872c377107799233742cc7774bea62811d0f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681946
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72591}
TBR=neis@chromium.org,solanes@chromium.org,nicohartmann@chromium.org
Change-Id: I48a96504c29851587529d7d12cb15e569aec196b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7790
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2685124
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72617}
Extract i8x16.popcnt implementation into a macro-assembler function, and
reuse it in Liftoff.
We need an additional temporary XMMRegister whose lifetimes overlap with
dst and src, so make sure to pin those 2 when getting an unused
XMMRegister.
Bug: v8:11002
Change-Id: I13400b139add6f12316b3f398a796e6bf5a1ea7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676921
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72615}
This is a reland of 00babf0718
No changes from original patch, previous CQ failures were likely
a Mac infra issue https://chromium-review.googlesource.com/c/2682521.
Original change's description:
> [wasm-simd][x64][liftoff] Implement i8x16.popcnt
>
> Extract i8x16.popcnt implementation into a macro-assembler function, and
> reuse it in Liftoff.
>
> Bug: v8:11002
> Change-Id: I86b2f5322c799d44f584cac28c70e0e393bf114f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676280
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72565}
Bug: v8:11002
Change-Id: Ic8bcbdb3444865805d8d2af3669ccb4a05c4426d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682507
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72614}
This is a partial revert of https://crrev.com/c/2457669/.
This change is slightly longer (in code-generator-x64.cc) because we
also implement support when SSE4_2 is not supported (the reverted change
seems to assume SSE4_2, which is not always the case). This code
sequence is from https://github.com/WebAssembly/simd/pull/412.
Bug: v8:11415
Change-Id: I3eef415667b4142887cf1c449d27d19ba5bbd208
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2683219
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72611}
Port 68105996e0
Original Commit Message:
WasmCompileLazy needs to save the content of vector
parameter registers. If Simd is not enabled or the hardware
does not support Simd operations then we need to saves the value of
Double registers instead, therefore we need a way to retrieve the
value of "CpuFeatures::SupportsWasmSimd128()" in builtins
during runtime.
R=mfarazma@redhat.com, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I523f1353c61942acaa97c11637342b5be3d39b9d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2684980
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72610}
Implements https://github.com/tc39/ecma262/issues/2034
Currently the token sequence `for (async of` is ambiguous. It can be the
prefix for either `(async of => {};;);` or `for (async of foo);`. This
CL disallows the token sequence.
Note that `for await (async of` is still allowed, since there is no
C-style `for await (;;)`, and thus no ambiguity.
Bug: v8:11412
Change-Id: I3fede83a69420996baa2bc8b6c1cff000535d990
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2683221
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72607}
- Removes kPadArguments boolean.
- Changes ShouldPadArguments to ArgumentPaddingSlots to reflect
that on some architectures more than 1 padding slot may be needed.
- Adds AddArgumentPaddingSlots and ShouldPadArguments convenience
functions.
Bug: v8:9198
Change-Id: Iba87518e071a75fb951b490d3f75a87ca715cc23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679109
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72605}
Port 3b6eb33543
Original Commit Message:
Prototype these 6 instructions on arm:
- f64x2.convert_low_i32x4_s
- f64x2.convert_low_i32x4_u
- i32x4.trunc_sat_f64x2_s_zero
- i32x4.trunc_sat_f64x2_u_zero
- f32x4.demote_f64x2_zero
- f64x2.promote_low_f32x4
For all these instructions we rely on having Q registers that map to S
registers, which means we can only use q0 to q7. We fix the src/dst
to q0 arbitrarily.
R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Bug: v8:11265
Change-Id: Ibef0b05fe1066cd79ddcda12787441b09cc8ede2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2684360
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72600}
This very large changeset adds support for RISC-V.
Bug: v8:10991
Change-Id: Ic997c94cc12bba6881bc208e66526f423dd0679c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2571344
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72598}
v8_generate_external_defines_header has been enabled for a couple of
weeks now with no problems, so this removes the hybrid state where
V8_GN_HEADER was defined on the command line along with the other
defines.
Bug: v8:11292, v8:11341
Change-Id: Ie78f00afe5d1cbca751101a7beb61a18c7d86d04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681947
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72597}
This CL adds support for generating acquire/release accessors on class
fields. Adds first use of this new feature (@acquireRead and
@releaseWrite) on FunctionTemplateInfo::rare_data.
Bug: v8:7790, v8:11122
Change-Id: I98f533807ab784d8667fd43564fe84686d27830c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679684
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72596}
This fixes a build problem in gcc, where the constexpr function
SwissNameDictionary::SizeFor uses the non-constxpr function
SwissNameDictionary::IsValidCapacity in a DCHECK.
Bug: v8:11388
Change-Id: Iaeb2b80bb72da3a9c895aa33977c160533019c35
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2684514
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Frank Emrich <emrich@google.com>
Cr-Commit-Position: refs/heads/master@{#72595}
The is_awaiting bit on async generators distinguishes waiting on an
await. When the async generator resumes from an await, the is_awaiting
bit is cleared.
It is possible through overriding Promise#constructor that `await`
throws *after* setting is_awaiting. There is an implicit try-catch
around the body of the async generator such that, usually, caught
exceptions would clear the is_awaiting bit. However, the exception
thrown from a monkeypatched Promise#constructor can be caught by script,
and thus never clear the is_awaiting bit.
This CL sets the is_awaiting bit *after* `await` completes, with the
exception of the return resumption. It is not possible to have the
exception thrown by the await in the return resumption be caught by
script.
Bug: chromium:1171667
Change-Id: I0b615617a5c949f03350ab0f06c42920d43b5488
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659508
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72593}
In particular: remove PossiblyBackgroundSerializedHeapObject in favor of
either SerializedHeapObject or BackgroundSerializedHeapObject, depending
on the (existing) argument to the ObjectRef constructor.
Bug: v8:7790
Change-Id: I0a67872c377107799233742cc7774bea62811d0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681946
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72591}
Turboprop doesn't use optimizations based on field constness to reduce
the number of deoptimizations. While this is safe for loads, for stores
if a different value is stored to a const field we should update the
constness of the field. This is needed so we can safely deopt any other
code that is relying on the constness of the field. Currently, turboprop
doesn't do this. So for now treat stores to constant fields similar to
TurboFan. In future, we may consider adding code to update the field
constness if necessary to reduce the number of deoptimizations.
Bug: chromium:1172797, v8:9684
Change-Id: I1d660457cb5d647e1283a495040a7e452fe1ac7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673401
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72590}
The only opcode which can pop the last control block is "end".
There is already validation in place to check that no code is following
the last "end". Thus all checks for a non-empty control stack in other
opcodes are redundant and can be replaced by DCHECKs.
Drive-by: Avoid the use of {PushControl} for pushing the very first
block, to avoid another check for an empty control stack there.
R=thibaudm@chromium.org
Change-Id: I8f04b225a61f832bca2dd7b706e31d1faa173767
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2678162
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72589}
- Fixes a problem when constructing Wasm CallDescriptors, where the
allocation tries to treat parameters and returns as if they are in the
same frame. This doesn't work when slots may be aligned in their
frame. Instead, allocate parameters and returns separately and offset
return slots by the number of parameter slots.
- Adds argument slot padding in the CallDescriptor lowering case, to
prepare for when 32 bit targets align stack frames and require
padding.
- Adds a regression test.
Bug: chromium:1174500
Change-Id: I60d96a94b171a0d27ff61cbab35623976b0c6da8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2683024
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72588}
Main changes:
- Introduce a new broker data kind kBackgroundSerialized for objects
that can be serialized in the background (when direct reads are on).
(I'm planning to remove kPossiblyBackgroundSerialized in a followup,
in favor of a dynamic choice of kSerialized or kBackgroundSerialized).
- Make PropertyCell use that new kind.
- Introduce a bottleneck in runtime code for changes to PropertyCells
and make sure that a certain protocol is followed that allows
concurrent reads from the background thread.
- Improve interface of PropertyCell in various ways.
Bug: v8:7790
Change-Id: If3d7926c3b894808811348b4b2bed153f5c06897
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661462
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72586}
Those dynamic allocations are responsible for 5-10% of execution time in
wasm code publishing, which again is the biggest contributor to
deserialization time. The allocations are used for patching the jump
table. This CL avoids dynamic memory allocation by having some
thread-local space that is re-used for allocations of
ExternalAssemblerBufferImpl. Since those objects are small, memory usage
is not a concern here.
R=jkummerow@chromium.org
Bug: v8:11164
Cq-Include-Trybots: luci.v8.try:v8_linux64_asan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Change-Id: I44aad86fa821a1ccb59b539da861a346f62a9813
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667859
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72585}
WasmCompileLazy needs to save the content of vector
parameter registers. If Simd is not enabled or the hardware
does not support Simd operations then we need to saves the value of
Double registers instead, therefore we need a way to retrieve the
value of "CpuFeatures::SupportsWasmSimd128()" in builtins
during runtime.
Bug: v8:11377
Change-Id: I74a5f870d7077166548472adb25c3fb06d0ebdb9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679682
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72584}
This reverts commit da785659be.
Reason for revert: Investigating regressions https://chromeperf.appspot.com/group_report?rev=72572
Original change's description:
> [compiler] Don't serialize JSTypedArray fields
>
> This CL removes serialization of JSTypedArray fields when direct heap
> reads are enabled. Invariants we rely on:
>
> - Of the underlying interesting fields,
> - base_pointer and external_pointer are set either during
> initialization, or in a one-time on-to-off-heap transition in
> GetBuffer.
> - length and buffer are immutable after initialization.
> - is_on_heap and DataPtr derive from base_pointer and
> external_pointer s.t. is_on_heap == (base_pointer != 0) and
> DataPtr == external_pointer in the off-heap case.
>
> In this CL we add one new invariant:
>
> - For all base_pointer and external_pointer mutations after
> initialization, base_pointer is guaranteed to be release-stored
> after external_pointer has been written.
>
> With these invariants, concurrent access to off-heap typed arrays is
> trivial as long as is_on_heap (= base_pointer) is read before other
> relevant fields.
>
> Note that JSTypedArray remains a kSerializedHeapObject due to the
> serialized superclass JSObject.
>
> Drive-by: Remove unused Torque operators and empty TODOs.
>
> Bug: v8:7790
> Change-Id: I3c4327318f94e4e6083d4e87476069aad2649386
> Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679689
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72572}
TBR=neis@chromium.org,jgruber@chromium.org
Change-Id: I5a7e6bacb7b7a3e3510c778837679e6822f26339
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7790
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681948
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72583}
