This adds a separate test module and output expectation for Wasm GC.
This covers the new types and instructions from
https://github.com/WebAssembly/gc/blob/main/proposals/gc/MVP.md
Unlike the previous disassembler tests, one cannot easily create the
module bytes with WABT's `wat2wasm` from the expected text output (at
least right now), so I used Binaryen's `wasm-as` instead to generate
the module from a separate input file (not included here, because it
uses folded expressions, which the debugger doesn't.)
Change-Id: Id0205b2788fd7be5ea7696242cbe8a74a4bca892
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4013265
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Daniel Lehmann <dlehmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84264}
Apparently the server-provided information changed, so we need to
work a little harder to find the latest release.
No-Try: true
Change-Id: Idc030fb648e39039175133dc0cb052c296193b94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023861
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84263}
... to make it independent of the pointer compression scheme used for
the main cage and for code cage.
When external code space is enabled the next pointer is encoded as
Smi values representing a diff from the current FreeSpace object
address in kObjectAlignment chunks. Terminating value is stored as 0.
Such a representation has the following properties:
a) it can hold both positive an negative diffs for full pointer
compression cage size (HeapObject address has only valuable 30 bits
while Smis have 31 bits),
b) it's independent of the pointer compression base and pointer
compression scheme used for main cage and code cage.
When external code space is not enabled the old encoding is used:
it's either 0 or tagged pointer to the next FreeSpace "object".
Bug: v8:11880
Change-Id: Ie7bcd97964c52cce178bfc49355378dded465830
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023083
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84262}
... to make it independent of the pointer compression scheme used for
the main cage and for code cage.
When external code space is enabled forwarding pointers are encoded as
Smi values representing a diff from the source or map word host object
address in kObjectAlignment chunks. Such a representation has the
following properties:
a) it can hold both positive an negative diffs for full pointer
compression cage size (HeapObject address has only valuable 30 bits
while Smis have 30 bits + 1 sign bit),
b) it's independent of the pointer compression base and pointer
compression scheme used for main cage and code cage.
When external code space is not enabled the old encoding is used:
the forwared pointer represents the address of the new object location.
Bug: v8:11880
Change-Id: I8bd302874c45fce346d30d91ffcbc9b4ef2c1353
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023081
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84260}
Tests don't work when incremental marking is started before the test
is run.
Bug: v8:13267
Change-Id: I00e30ede96bfe3632ef701436395479f5ef083ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4026843
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84259}
For Int32Div (and Uint32- and -Mod), Turbofan has long had the ability
to replace division-by-constant with multiplication-by-inverse. This
patch brings the same goodness to Int64Div and friends.
This benefits Wasm code that uses i64.{div,rem}_{s,u} instructions.
Fun fact: Turboshaft supports this already.
Change-Id: I4be5536dfb81fb2f1c5d812f2a289da7dc2eef30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4026762
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84257}
Changes since original:
- Updated to use the returned value from CompleteMergeInForeground as
the compilation result, which is important for correctness.
- Added a test to verify the above.
- Moved the merge code into code-serializer.cc so that it can run before
FinalizeDeserialization, which makes it more consistent with
background deserialization.
Original change's description:
> Merge with cached Script after synchronous deserialization
>
> Currently, if a script is deserialized on a background thread and a
> matching Script object is found in the Isolate compilation cache, the
> new content is merged into the existing Script. This CL implements the
> same merging for the much simpler case of deserializing on the main
> thread. I expect speed changes to be minimal, because merging is only
> needed in a small minority of compilations. When needed, it usually
> takes about 10% as long as the corresponding deserialization.
>
> Bug: v8:12808
> Change-Id: Ie7a92bcb3111edf4cdab0eddeb7567979b35f437
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4010100
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#84123}
Bug: v8:12808
Change-Id: I0628a381644e79888cb3ebdd97bda270814d0e9b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4014644
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84255}
I recently updated the GC's bytecode flushing logic to accept the
possibility that two SharedFunctionInfos refer to the same
BytecodeArray (see https://crrev.com/c/v8/v8/+/3916272 ). However, that
change was insufficient for baseline code flushing. This change updates
the flushing logic to also check for already decompiled bytecode held by
the baseline code.
Bug: v8:13473
Change-Id: I58694727c417d608de3f8bf26dfd765fda1ae4f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4018272
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#84254}
This is a reland of commit 05a80427dc.
We skip the test for now, until we figure out how to make it fast
enough.
Original change's description:
> [wasm] Do not add too much code at once
>
> Especially on arm64 we have a rather low code space limit (128MB), so it
> can happen that a background thread generates more code in one batch
> than can be held in a single code space. This case is not implemented
> yet.
>
> This CL implements this by never batch-adding more than half of a code
> space.
>
> In order to test the implementation, we add a new flag called
> --wasm-max-code-space-size-mb which can be used to artificially lower
> the code space size limits in tests.
>
> R=jkummerow@chromium.org
>
> Bug: v8:13436
> Change-Id: I18a3457fda724129fb1bb8c44a9815df265b6b2c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023072
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84245}
Bug: v8:13436
Change-Id: I983ef2f2cc2316172edab1f62dbde0dd4cb56fdc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4025548
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84253}
We were truncating Number inputs for identity bitwise Int32 Smi ops, but
forgot to truncate Int32 ones (in particular, those with Uint32 inputs).
Bug: v8:7700
Change-Id: Ifda802d0e0030f0102201550eca05d3f0f9bd475
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4025984
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84252}
Do not post a task if --single-threaded is enabled. Instead, execute
the task synchronously.
R=ahaas@chromium.org
Bug: v8:13447
Change-Id: I853125325953a750cb32984db449b3e07ccc4dce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4026342
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84251}
... this allows functions to builtin with spread to
be be potentially inlined by ReduceCall.
Bug: v8:7700
Change-Id: Ieda98259449d6e0ae5ea9c2637fd37a24e2493e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023080
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84250}
This reverts commit 05a80427dc.
Reason for revert: Getting timeouts on some slow bots.
Original change's description:
> [wasm] Do not add too much code at once
>
> Especially on arm64 we have a rather low code space limit (128MB), so it
> can happen that a background thread generates more code in one batch
> than can be held in a single code space. This case is not implemented
> yet.
>
> This CL implements this by never batch-adding more than half of a code
> space.
>
> In order to test the implementation, we add a new flag called
> --wasm-max-code-space-size-mb which can be used to artificially lower
> the code space size limits in tests.
>
> R=jkummerow@chromium.org
>
> Bug: v8:13436
> Change-Id: I18a3457fda724129fb1bb8c44a9815df265b6b2c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023072
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84245}
Bug: v8:13436
Change-Id: I0b2492eb7fee40b7d62b3b3a8fb19a4bc7fda26b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4025546
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#84248}
The test was introduced in https://crrev.com/c/4023072, but times out in
gc-stress.
R=leszeks@chromium.org
Bug: v8:13436
Change-Id: I2991083a2a229cbc5e307aebf1a44acf169ac4fb
No-Try: true
No-Tree-Checks: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023860
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84247}
When runnig cppgc_unittests in a cppgc standalone build, the test
ConcurrentSweeperTest.IncrementalSweeping fails. This is becuase
TestPlatform::RunAllForegroundTasks was actually not running all
tasks becasue v8::platform::PumpMessageLoop only runs a single task.
Change-Id: Ie68eee369abd12edcf04e697a1d8ca574059d160
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4026163
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84246}
Especially on arm64 we have a rather low code space limit (128MB), so it
can happen that a background thread generates more code in one batch
than can be held in a single code space. This case is not implemented
yet.
This CL implements this by never batch-adding more than half of a code
space.
In order to test the implementation, we add a new flag called
--wasm-max-code-space-size-mb which can be used to artificially lower
the code space size limits in tests.
R=jkummerow@chromium.org
Bug: v8:13436
Change-Id: I18a3457fda724129fb1bb8c44a9815df265b6b2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023072
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84245}
This is a reland of commit 5223f19753
Add new nodes to EnsureTagged DCHECK and drive-by fix missing safepoint
in StringCharCodeAt which was the root cause of JetStream failures.
Original change's description:
> Reland "[maglev] Float64 bitwise ops as truncation + Int32"
>
> This is a reland of commit 2adc620152
>
> Rebased on fix which changes Int32 from always being checked as Smi,
> to being explicitly checked as Smi when used by SignedSmall (and not
> checked to be Smi in the new truncating code, but instead allowing
> overflow into a HeapNumber).
>
> Original change's description:
> > [maglev] Float64 bitwise ops as truncation + Int32
> >
> > Implement truncating bitwise ops (ops that treat their input as a number
> > truncated to int32) for Float64 representation, by adding truncation
> > operations for Float64 and tagged Number.
> >
> > Bug: v8:7700
> > Change-Id: I36f423ba8d5332e8eb8c3d6357bbaed7ea4bbb37
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4013685
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#84182}
>
> Bug: v8:7700
> Change-Id: I518f3414aa98eb1d2edf61980554e4682bd83c8a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4022710
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84234}
Bug: v8:7700
Change-Id: I47af624c11e586af2914d51b13d22f6a863ef13f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020304
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84244}
The condition clearing the "known HeapObject" bit was wrong -- it was
checking whether the _map_ was a HeapObject (spoiler alert, it is), not
whether it was the map _of_ a HeapObject, i.e. not a HeapNumberMap which
returns true for Smis.
Bug: v8:7700
Change-Id: I5af4c1a662bb16bacdfcf178819d912332ecefd6
Fixed: chromium:1383712
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023077
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84243}
Rename the '--wasm-max-code-space' flag to
'--wasm-max-committed-code-mb'. We will introduce a new flag to set the
maximum size of a wasm code space, so the old name would be misleadingly
close to the new flag.
R=jkummerow@chromium.org
Bug: v8:13436
Change-Id: I7a86300e4f25858add1a62f9989189035ea855ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4022709
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84242}
Modify the existing x64 trap handler test to support arm64 too.
Bug: v8:13383
Change-Id: I23eb8276ad94289e9a27b756d51040321778d912
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3990564
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84241}
This is a reland of commit 936b61a209
Change compared to original: Fix parameter types for CallRuntimeStub
in Liftoff.
Original change's description:
> [wasm-gc] Canonicalize JS Numbers as i31ref at the boundary
>
> JS numbers flowing into Wasm as i31ref should be canonicalized at the
> boundary. In-range numbers get canonicalized to Smis, and out-of-range
> numbers to HeapNumbers. This way, casting to i31ref, or checking for
> i31ref when casting to other types, is reduced to a Smi check.
>
> Bug: v8:7748
> Change-Id: Icd2bbca7870c094f32ddc9cba1d2be16207e80d1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4008345
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84219}
Bug: v8:7748
Change-Id: I67737150252b844a296338db0c60f76b470aa43b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4022711
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84240}
This prepares work for speeding up gcmole infrastructure by adding
more checks and testing.
- Add a presubmit check that verifies gcmole directives in gn files.
- Simplify gcmole directives in gn files. Drop all but the
architecture property as the others were unused. Simplify regular
expressions.
- Fix some gcmole directives (fly by - only on untested
architectures).
- Add a python test for the changed function in gcmole.py. There's
no other testing yet and this starts somewhere. The test simulates
real BUILD.gn files via checked-in test data.
Bug: v8:12660
Change-Id: I9ca3152b2c3b806de5d4509c152283b36294950d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020268
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84239}
Reland of https://crrev.com/c/3998633.
Each thread has its own MarkingBarrier instance for incremental
marking. A thread local variable is used to get the current thread's
instance on background threads.
However on main threads this thread local variable was always
set to nullptr. The main thread would get to its own instance through
the heap_ field in the host object's page header. This was solved this
way because setting current_marking_barrier on the main thread
seemed quite complex. Multiple isolates may be run on the same thread
and isolates may even be migrated between threads.
However, with --shared-space loading the heap_ field for a shared
object would return the main isolate's heap and we end up with
the wrong MarkingBarrier instance on client isolates. So this
CL makes main and background threads more uniform by setting the
thread local field also on the main thread. The field is set by
the already existing v8::Isolate::Scope API. Some embedders might have
to add these scopes if they don't use them properly already.
Bug: v8:13267
Change-Id: Idc257ecf6b6af09a379bdd7cd7c1d4a5e46689c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4016715
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84237}
This is a reland of commit 2adc620152
Rebased on fix which changes Int32 from always being checked as Smi,
to being explicitly checked as Smi when used by SignedSmall (and not
checked to be Smi in the new truncating code, but instead allowing
overflow into a HeapNumber).
Original change's description:
> [maglev] Float64 bitwise ops as truncation + Int32
>
> Implement truncating bitwise ops (ops that treat their input as a number
> truncated to int32) for Float64 representation, by adding truncation
> operations for Float64 and tagged Number.
>
> Bug: v8:7700
> Change-Id: I36f423ba8d5332e8eb8c3d6357bbaed7ea4bbb37
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4013685
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84182}
Bug: v8:7700
Change-Id: I518f3414aa98eb1d2edf61980554e4682bd83c8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4022710
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84234}
... which checks if we need to add deoptinfo at runtime.
This allows us to delay SetAccumulator and remove the boolean
argument in the ReduceCall functions.
Bug: v8:7700
Change-Id: I87cc8937ae05dce13c80b3e2fe00d031a483ef19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023066
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84233}
This constant wasn't really used anymore anymore, so we can drop
this constant and initialize the --concurrent-marking flag from
V8_ATOMIC_OBJECT_FIELD_WRITES instead.
Bug: v8:13267
Change-Id: I2533d80cd08fd799441a7dba764fd392bb9151d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020428
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84232}
For SignedSmall binary ops, we know that the output has to fit in a Smi.
So, emit a Smi check eagerly after these operations, so that future Smi
untagging knows that it doesn't need to do a check.
Bug: v8:7700
Change-Id: I117c55caa5e2ebe870fd964908564d74df726546
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020434
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84223}
After a cache hit we need to get a fresh pointer to the {WasmModule}
from the {NativeModule}. The old {NativeModule} might have died at that
point, including the old {WasmModule}.
R=ahaas@chromium.org
Bug: v8:13472
Change-Id: I101a2bb6e381d09a87d8de352030c5533541270e
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020244
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84222}
This reverts commit 936b61a209.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20no%20pointer%20compression/2000/overview
Original change's description:
> [wasm-gc] Canonicalize JS Numbers as i31ref at the boundary
>
> JS numbers flowing into Wasm as i31ref should be canonicalized at the
> boundary. In-range numbers get canonicalized to Smis, and out-of-range
> numbers to HeapNumbers. This way, casting to i31ref, or checking for
> i31ref when casting to other types, is reduced to a Smi check.
>
> Bug: v8:7748
> Change-Id: Icd2bbca7870c094f32ddc9cba1d2be16207e80d1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4008345
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84219}
Bug: v8:7748
Change-Id: Ia74e49147d230f9217ebeb2bf435d10d8f93126e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020457
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84221}
This is a reland of commit 109e19554b
Original change's description:
> [maglev] Unify call building functions
>
> ... so that we have more reduce/inline opportunities.
> It changes CallArguments to hold a vector of ValueNodes.
>
> Change-Id: I9c282631c0dcc2756edc2e2c1f892c3855e1286d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020381
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Victor Gomes <victorgomes@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84205}
Change-Id: Ib27cdcc05b45ea5366c7790f849dcfed4300bbb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4023067
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84220}
JS numbers flowing into Wasm as i31ref should be canonicalized at the
boundary. In-range numbers get canonicalized to Smis, and out-of-range
numbers to HeapNumbers. This way, casting to i31ref, or checking for
i31ref when casting to other types, is reduced to a Smi check.
Bug: v8:7748
Change-Id: Icd2bbca7870c094f32ddc9cba1d2be16207e80d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4008345
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84219}
This CL fixes the bug where x ^ x is reduced to Int32Constant(0) for
both word32 and word64.
Bug: chromium:1383362, v8:9407
Change-Id: I8a2ed879f0626071f560cc5ba8c21ef2d4107e62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020424
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Qifan Pan <panq@google.com>
Cr-Commit-Position: refs/heads/main@{#84218}
This CL adds a check that the actual arguments passed to runtime
functions (via `VarState`s) match the declared parameters in the
signature.
We have many mismatches, which are probably harmless now but can easily
lead to bugs in the future.
In turn, we remove a few DCHECKs that are redundant now.
R=ahaas@chromium.org
Change-Id: I4038cc24e3a9b44ae9fdfc5a204be351784ae5e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4020294
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84216}
