This is a cleanup to remove unneeded flags after these changes (in
https://crrev.com/c/1988548):
* --future does not imply --wasm-tier-up any more, and
* --wasm-tier-up does not imply --liftoff any more.
Instead, now
* --wasm-tier-up is enabled by default,
* --wasm-tier-up has no effect if --liftoff is not set, and
* --future implies --liftoff.
R=ahaas@chromium.org
Bug: chromium:1040061
Change-Id: I5d04ee1f1d84ddcd0654df0e0a4c6298f80aee9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1993280
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65666}
This is a loop over an address range; the loop condition was
incorrectly implemented as a signed comparison.
Bug: chromium:876210
Change-Id: If7276d8ba50f46600f2dfc31268fd02cbb173f15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1985997
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65664}
This changes the marking worklist draining for the main thread
marker and the concurrent marker to use the following algorithm in
per-context mode:
1) Pop an object from the marking worklist.
2) Try to infer the native context that owns the objects.
This is done using a new NativeContextInferrer class.
3) If the inference is successful, then change the active marking
worklist to the worklist of the inferred native context.
4) Otherwise, keep the current active marking worklist.
5) Visit the object. Newly discovered objects will be pushed
onto the active marking worklist.
6) Account the object size for the native context corresponding
to the active marking worklist.
This is done using a new NativeContextStats class.
The main property of the algorithm is that each object for which
we couldn't infer the native context is either attributed to
the native context retaining it or is not attributed to any native
context.
Bug: chromium:973627
Change-Id: Ide4ab992275d115279f971d89ace657f4c05e176
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1981491
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65663}
If --no-liftoff is passed, we should never compile with Liftoff,
independent of the --wasm-tier-up flag.
The current logic hard-coded Liftoff as baseline tier and TurboFan as
top tier for the tiering case.
Drive-by: Remove unused {default_tier_} field from
{CompilationUnitBuilder}.
R=ahaas@chromium.org
Bug: chromium:1040061
Change-Id: I65bc5e4aad85396e3b952b41cfe1150f6cd29890
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1992439
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65662}
This tnodifies:
TaggedToNumeric
TaggedToNumericWithFeedback
ThrowIfNotInstanceType (also made void since its return value was never
used).
IsSharedFunctionInfo
ComputeUnseededHash (and moves it to builtins-collections-gen.cc)
ComputeSeededHash
TrapAllocationMemento
BranchIfAccessorPair
GotoIfNumberGreaterThanOrEqual
CodeStubArguments::PopAndReturn
Also removes CodeStubArguments::GetArguments which was never called.
Bug: v8:10021
Change-Id: Iaa434f933f0d37ff999ba41601e982b62cfab048
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1989828
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65661}
Inspector will no longer report per-function wasm scripts or
provide wasm disassembly. Locations in wasm are now consistently
reported through the inspector API as lineNumber=0
columnNumber=byte offset in module.
Bug: chromium:1013527, chromium:1003022
Change-Id: Ide85bbaa85ad75f29248ff82a3e7f3e40688d377
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991481
Commit-Queue: Eric Leese <leese@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65660}
When FLAG_noconcurrent_recompilation is turned on we always run on main
thread. So it is safe to derefernce handles when printing the turbofan
graph. We should only add a DCHECK when dereferencing read-only heap
objects when optimizing concurrently.
Bug: chromium:1040444,chromium:1040403
Change-Id: I6bde966690458b1d122611b02e713c581c87f534
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1992433
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65659}
Adds an paged space object iterator for OffThreadSpace, and removes
the Heap pointer from the iterator so that it can be used off-thread.
Bug: chromium:1011762
Change-Id: I025edf144f393e61d89cce2485c0ff1fe8c80c56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991488
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65658}
When parsing an arrowhead, it's possible for temporary variables to be
created with a different index depending on whether the parsing is lazy
or eager. This then results in bytecode mismatches as the index is used
to determine which register to use.
To make the ordering stable, this changes variable allocation in arrow
functions to always allocate the non-temporaries first and then the
temporaries.
Bug: chromium:1020162
Change-Id: Ia47c4c2916d63f12d20d663e4e3842bfd68f6d8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977865
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65657}
Matched:
Load\(MachineType::(.*)\(\),
To:
Load<$1T>(
for cases that were possible in CSA. Example:
Load(MachineType::Int32(), counter_address);
To:
Load<Int32T>(counter_address);
There are some cases that change a bit (e.g "Pointer" to "RawPtrT").
As a drive-by eliminate redundant UncheckedCasts.
Bug: v8:10021
Change-Id: I1135d5986ca7d1cd10ccdceb6c9b4c0aefedb685
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977863
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65656}
This currently runs into UNIMPLEMENTED. Since the fuzzer starts hitting
this, make the error message a bit nicer to spot this more easily.
R=ahaas@chromium.org
Bug: chromium:1035233
Change-Id: I63caac37e9b767fba9d6e4b71cb54a8a77b87ab9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991493
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65655}
We were missing some possible load compressions due to not having these
bitcasts as cases.
Bug: v8:7703
Change-Id: I866196c4fd09d313d3a461cb7f8f80bc92278e13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1989830
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65647}
These are already enabled by default on Chrome, but disabled on
platforms without site isolation. Moving to staging to get some
fuzzer coverage.
Bug: v8:10065
Change-Id: I11309926109441083ca39406dfbcc9108e6dd6fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1972406
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65646}
Upstream PR: https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1989575
Remove support for emitting cbor into an std::string.
New Revision: b29d8a5d2bb56b3e555bb27a0e035a9d571c5f28
Change-Id: I6bf63822c4c6551db30f5902d1f27f6933b209a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1989973
Auto-Submit: Johannes Henkel <johannes@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65645}
For I16x8Splat and I8x16Splat, the arguments takes I32, which can hold a
value larger than what should be splatted. We add tests to check that
the splatted values is the truncated I32 value (top bits masked off).
See https://github.com/WebAssembly/simd/pull/151 for the updated to
proposal text.
Change-Id: Ib32770872e70c7cde2028130d2b44b416594610e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986200
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65642}
So far creating scripts always grew the script_list without ever
reusing cleared slots or shrinking. While this is probably not a
problem with script_list in practice, this is still a memory leak.
Fix this leak by using WeakArrayList::Append instead of AddToEnd.
Append adds to the end of the array, but potentially compacts and
shrinks the list as well. Other WeakArrayLists can use this method as
well, as long as they are not using indices into this array.
Bug: v8:10031
Change-Id: If743c4cc3f8d67ab735522f0ded038b2fb43e437
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967385
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65640}
Clean up isolate inference and non-allocating/allocating parts of
SharedFunctionInfo::InitFromFunctionLiteral, so that it can more easily
be refactored for off-thread allocation in the future. Also, make
SharedFunctionInfo::SetScript a member function, to acknowledge that it
is non-allocating.
Bug: chromium:1011762
Change-Id: I26624fceb642dfdf257ec3d96aab31ea90e48870
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991482
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65639}
This reverts commit 7a0ae73b76.
Reason for revert: Not useful after all, no tests, we can reland if we
do end up needing it.
Original change's description:
> [ast] Add a Flatten method for AstConsString
>
> This allows off-thread flattening.
>
> Bug: chromium:1011762
> Change-Id: If83f7bbcbf74165987a4c157184f5b92dc554971
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924437
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65075}
TBR=leszeks@chromium.org,verwaest@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:1011762
Change-Id: Ia72e5abdc9b6149a337565576806427dcd1d11c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991484
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65638}
Add jkummerow, thibaudm, zhin; drop titzer.
Also make src/wasm/OWNERS the source of truth and let test-specific
OWNERS files refer to that.
No-Try: true
Change-Id: I9862ae452970e20b7842269721ad6a7953f275fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1989827
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65636}
For finching Liftoff on mobile, we want to support Liftoff-only,
TurboFan-only, and Liftoff with tier-up to TurboFan. Hence, chrome needs
to be able to set the liftoff flag separately from the tier-up flag, and
there should not be an implication, since that implication would be
applied before all flags have been set to their final state.
See https://crrev.com/c/1988360 for the chromium-side change.
Note that this CL does not change any defaults.
After this change, Liftoff can be disabled by passing '--no-liftoff',
independent of the tier-up flag (this would be a TurboFan-only
configuration).
A Liftoff-only version would specify --liftoff and --no-wasm-tier-up.
The default on Desktop (--liftoff and --wasm-tier-up) compiles with
Liftoff first, and tiers up to TurboFan.
R=ahaas@chromium.org
Bug: chromium:1040061
Change-Id: I0291ec20f5a29f3a9e23c25c93907d1d8ffabd51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1988548
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65635}
The only one remaining was the one in CSA. Once that was removed, we can
simplify the pipeline.
In order to remove it, we have to update the machine graph verifer so
that Word32Equal can accept Tagged values as well.
Bug: v8:7703
Change-Id: Ia3c4d872babc2005be1b402b4614a6039c59dbf3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1987254
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65634}
It has been deprecated in v7.9, but needed to be changed
again for v8.0 by providing a default implementation. This
allowed embedders to remove all overrides. We can now
remove the definitions in v8.1.
R=ulan@chromium.org
CC=ahaas@chromium.org
Bug: v8:9810
Change-Id: I9d303bf8a01d863bce3522abccdd3ded5e551818
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1868620
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65633}
The optimized code for String.charCodeAt(BigInt.asUintN(64, 10n)) did
not throw a TypeError due to how lowering of CheckBounds triggers
RepresentationChanger.
Bug: chromium:1038573
Change-Id: Ie0f9ca95de5af5fd3701841ab169e11ccc77216c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986003
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65632}
Put the nesting limit of the serializer back to 25.
Bug: chromium:1034768
Change-Id: I7ea827d27241ea930bae40142069bab1962e4133
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1981156
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65630}
Remove the explicit script handle from ParseInfo, and make it either
a Handle that is passed around where needed, or one inferred from the
SharedFunctionInfo.
This will be useful for compilation finalization using the off-thread
factory, which will not generate real Handles since it has no access
to the Isolate.
Bug: chromium:1011762
Change-Id: I5d9564009ec83bb9fc74191b4aa69735d132c2f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977861
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65629}
Currently, the code does not take hint register in preference.
This CL initializes current_free according to initial reg (which maybe hint_reg),
to ensure that any candidate that equals this one won't replace hint register.
Contributed by yolanda.chen@intel.com
Change-Id: I6acc1d031e6b130e69d650667dbf98551c52ff7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1973671
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65628}
The code in TurboAssembler::LoadFromConstantsTable uses special code
to avoid clobbering the scratch register ip by giving different
argument registers to ldr. This used to be motivated by
DirectCEntryStub::GenerateCall relying on LookupConstant not clobbering
ip (see https://crrev.com/c/1070980). Now that this code is gone,
there is no more reason for preserving ip and it's fragile, so it's better
to remove this special handling.
Bug: v8:10077
Change-Id: I683d7c63e2a3c8ba554cd99299206ed9e5df835d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1981160
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65625}
Background threads are not supposed to use any handles, so this
handle scope is not needed.
R=ahaas@chromium.org
Change-Id: I2f4776b897256684205c35633fbe1e1365abab91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1981151
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65624}
AllocateScopeInfos should only be called for not-yet unallocated scopes,
so we can DCHECK for nullness rather than having a branch for it.
Change-Id: I65767c22d6fd7b12c4564c5ecc52f9486229affa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1981159
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65623}
Most dead variable warnings in GCMole are false positives, either from
failing to detect that TryEvacuateObject returning false means it didn't
allocate, or a regex error thinking that GarbageCollectionReasonToString
causes garbage collection (because the mangled version is something like
GarbageCollectionReasonToString[...]GarbageCollectionReason, and that
matches /Collect.*Garbage/).
Update the whitelist and fix the "Collect.*Garbage" regex to only look
at the function name.
Bug: v8:9985
Change-Id: I62284e97e4975a6a87616d1d535b2ac7958d17bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1989829
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65622}
