- Move the CompilationDependencies member of OptimizedCompilationInfo
to Turbofan's PipelineData (and thus into the compiler namespace).
- Move compilation-dependencies.{cc,h} to the compiler directory.
Bug: v8:7902
Change-Id: I5471d0923daf83abe975357325db5bc5ad0a8571
Reviewed-on: https://chromium-review.googlesource.com/1127793
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54295}
When calling an import which is an exported wasm function, the
interpreter needs to look through the jump table to find the
actual code object.
We already had that logic for indirect calls, but it was missing for
imported calls.
R=ahaas@chromium.org
Bug: chromium:860392
Change-Id: I6b5a0192f79c23cb1de55407fe93f6df9a17235a
Reviewed-on: https://chromium-review.googlesource.com/1127671
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54291}
This reverts commit f45045cca5.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> [parser] Move some PPSD sanity checks to debug
>
> Move some of PreParsedScopeData's santity checks, such as the magic
> value separating skippable function data from scope data, to be debug
> only, to save memory.
>
> Start position of inner skippable functions is still kept, because it's
> too good at catching bugs, but we may want to remove it in the future
> as well.
>
> Bug: chromium:818642
> Change-Id: If86ff1b9845e8dd3b015b4e554d0033328b145bf
> Reviewed-on: https://chromium-review.googlesource.com/1127046
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54263}
TBR=marja@chromium.org,leszeks@chromium.org
Change-Id: I15ceedd66d9ecb66cf65f5834d09975b41d3ed27
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1127859
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54290}
This CL implements Reduction and Lowering for the DataView Int32,
Uint32, Float32 and Float64 getters.
This makes DataView getters fully supported in TurboFan (except for
BigInts), and should bridge the performance gap with TypedArrays.
Change-Id: Ifa98df9cf13e44d6468ad9ec8a19c86b41c6d2b1
Reviewed-on: https://chromium-review.googlesource.com/1127360
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54288}
This CL surfaces AssemblerOptions to CodeAssembler::GenerateCode and
to pipeline methods. To allow forward declaring AssemblerOptions,
AssemblerBase::Options was moved out of the AssemblerBase class.
Bug: v8:6666
Change-Id: If9fc50d3d4767bb5dd39a0c3b6e094021f4cae2b
Reviewed-on: https://chromium-review.googlesource.com/1127039
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54286}
This is a reland of 4b9b9b6845, which
accidentally disabled optimization after dependency changes (instead
of retrying).
TBR=jarin@chromium.orgTBR=mstarzinger@chromium.org
Original change's description:
> Reland "[turbofan] Rewrite CompilationDependencies"
>
> This is a reland of 52a10e5081, after
> eliminating an invalid assumption about maps.
>
> TBR=jarin@chromium.org
> TBR=mstarzinger@chromium.org
>
> Original change's description:
> > [turbofan] Rewrite CompilationDependencies
> >
> > Instead of installing code dependencies during graph reduction,
> > install them after code generation.
> >
> > Bug: v8:7902, v8:7790
> > Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
> > Reviewed-on: https://chromium-review.googlesource.com/1119913
> > Commit-Queue: Georg Neis <neis@chromium.org>
> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#54170}
>
> Bug: v8:7902, v8:7790
> Change-Id: I9cbaf98980379b9b17464af5952ec0c47e1cdc6f
> Reviewed-on: https://chromium-review.googlesource.com/1126999
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54254}
Bug: v8:7902, v8:7790
Change-Id: I2b7a7d186e03990350e375470569177e3309683c
Reviewed-on: https://chromium-review.googlesource.com/1127579
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54280}
After liveedit removed - we do not need this context any more.
R=yangguo@chromium.orgTBR=clemensh@chromium.org
Bug: v8:5530
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idb43d016d51b8048f6cd2ca590fd7510abcacb49
Reviewed-on: https://chromium-review.googlesource.com/1106802
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54273}
* Rename BoilerplateDescription to ObjectBoilerplateDescription
* Add literal_type flag to ObjectBoilerplateDescription,
which is stored as zeroth element of Fixed array
* Create ArrayBoilerplateDescription with elements_kind and
constant_elements field
* Replace CompileTimeValue and ConstantElementPair with
ArrayBoilerplateDescription
* Kill ConstantElementPair and CompileTimeValue
Change-Id: Icb42dcfd575a27e2b64ffd5e2e61f9d703d5e986
Bug: v8:7787, chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1122411
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54272}
This CL adds a Reduction for the DataViewGetInt16 and -Uint16 builtins,
and the corresponding handling in LoadDataViewElement node in the
effect control linearizer.
It also adds tests for the new getters.
Change-Id: I5101755e47657c25f10be1417f105e3ae72a3c39
Reviewed-on: https://chromium-review.googlesource.com/1126919
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54271}
Replace CHECK with throwing exception when no or invalid arguments
are passed to async_hooks.createHook.
Bug: chromium:860481
Change-Id: Ie5a915ee66f2a0ff79c4df5aef94ff883866ecda
Reviewed-on: https://chromium-review.googlesource.com/1127054
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54264}
Move some of PreParsedScopeData's santity checks, such as the magic
value separating skippable function data from scope data, to be debug
only, to save memory.
Start position of inner skippable functions is still kept, because it's
too good at catching bugs, but we may want to remove it in the future
as well.
Bug: chromium:818642
Change-Id: If86ff1b9845e8dd3b015b4e554d0033328b145bf
Reviewed-on: https://chromium-review.googlesource.com/1127046
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54263}
The embedder should ultimately be responsible for handling this since they
anyway give us a copy of the data. They can easily make sure that the chunks we
get do not have lonely bytes.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie862107bbbdd00c4d904fbb457a206c2fd52e5d0
Reviewed-on: https://chromium-review.googlesource.com/1127044
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54262}
This introduces a second factory method for allocating new module
objects that are based on existing native modules which are potentially
shared between multiple Isolates.
R=clemensh@chromium.org
TEST=cctest/test-wasm-shared-engine
BUG=v8:7424
Change-Id: I8c74d821542d443a8ad2352cb77b84b445e21acb
Reviewed-on: https://chromium-review.googlesource.com/1126931
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54261}
Creates two different functions specialized for string and boolean
types.
Gets rid of several allocations and keeps the C++ <-> JS type
conversions to a minimum. Improves the API as we don't have to create
the fallback or V8 Strings unnecessarily.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I788e43e6ef23f3e9144ff719f01d6334fe6cb9ce
Reviewed-on: https://chromium-review.googlesource.com/1126750
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54259}
This is a reland of 52a10e5081, after
eliminating an invalid assumption about maps.
TBR=jarin@chromium.orgTBR=mstarzinger@chromium.org
Original change's description:
> [turbofan] Rewrite CompilationDependencies
>
> Instead of installing code dependencies during graph reduction,
> install them after code generation.
>
> Bug: v8:7902, v8:7790
> Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
> Reviewed-on: https://chromium-review.googlesource.com/1119913
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54170}
Bug: v8:7902, v8:7790
Change-Id: I9cbaf98980379b9b17464af5952ec0c47e1cdc6f
Reviewed-on: https://chromium-review.googlesource.com/1126999
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54254}
This is a first set of test cases for sharing an {WasmEngine} and the
contained {WasmCode} between multiple Isolates. Currently this can only
be done using internal API methods on the Isolate, an external API that
is usable by embedders does not exist yet.
R=clemensh@chromium.org
TEST=cctest/test-wasm-shared-engine
BUG=v8:7424
Change-Id: I35541a76b5aceec4519e3a46e6a9ef4d01cad22b
Reviewed-on: https://chromium-review.googlesource.com/1126382
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54248}
In the WebAssembly fuzzers we detect infinite loops with the
interpreter: if the interpreter does not finish after a finite number
of steps, we do not execute the compiled code. However, we cannot
redirect the start function to the interpreter in the fuzzer, and
therefore we cannot detect infinite loops in the start function. With
this CL we avoid the problem completely by not instantiating a module
in the fuzzer which has a start function. Note that the module still
gets compiled.
R=clemensh@chromium.org
Bug: chromium:858914
Change-Id: Icbbe9a003544918d5267cdd1d9405b21bb681133
Reviewed-on: https://chromium-review.googlesource.com/1126766
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54246}
Replace Is<oddball>(GetIsolate()) calls with a no-parameter version
that goes through ReadOnlyRoots, and add a version that takes a
ReadOnlyRoots if that is available in the parent (but Isolate isn't).
Also opportunistically clean up a few places where ReadOnlyRoots are
available but we still pass in an Isolate parameter.
TBR=yangguo@chromium.org
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icc0b8a7d8f9c6b84c0ec8fe771fcfb75c9dc5468
Reviewed-on: https://chromium-review.googlesource.com/1126302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54245}
Now that ReadOnlyRoots is used everywhere to access the read-only roots,
this makes the Heap accessors for such roots private.
It also adds tests that the roots reachable from ReadOnlyRoots are all
in RO_SPACE as well as tests that the roots still publicly accessible
from Heap are not in RO_SPACE. There's a white list in the file for
the few roots where the root pointer itself can change. (For instance
materialized_objects points to empty_fixed_array to start with before
before later pointing to a mutable array).
Also fixes up new use of heap->empty_fixed_array() in elements.cc added
since I cleaned it up.
Bug: v8:7786
Change-Id: I9ac7985c9f85910b5b22d2f9f559dfd04d43ed44
Reviewed-on: https://chromium-review.googlesource.com/1126252
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54240}
Fixes V8 correctness failure when there's a proxy in the global object
prototype chain and unsuccessful attempt is made to access a property.
Bug: chromium:849024
Change-Id: I829e1a6c038982b7c7a77f8bdefb61facb4614f0
Reviewed-on: https://chromium-review.googlesource.com/1124446
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54237}
If the first object in the space already exceeds the target chunk size,
we would leave the first chunk empty. That violates some assumptions
later when we allocate for deserialization.
R=hpayer@chromium.org, jgruber@chromium.orgTBR=hpayer@chromium.org
Bug: v8:7887
Change-Id: Iee8147fe1205bb6b1c893d48acde1099b5032a14
Reviewed-on: https://chromium-review.googlesource.com/1126763
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54235}
This is just derived from is_wasm_memory.
Change-Id: I2f77fb5e32e325c51de9af4228ca33313c21abc6
Reviewed-on: https://chromium-review.googlesource.com/1126107
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54230}
Changes SharedFunctionInfo to store a function_token_offset, relative
to the start_position, instead of the full function_token_position.
This enables us to reduce both FunctionTokenPosition and
ExpectedNofProperties to 16 bits each, saving 32 bits per SFI.
BUG=chromium:818642,chromium:783853
TBR=yangguo@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I45aefcec605c1da502053c23c73564ceaed6c9b5
Reviewed-on: https://chromium-review.googlesource.com/1122982
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54220}
This reverts commit e438d5d4de.
Reason for revert: TSAN failures - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/21357
Original change's description:
> [heap] Make objects allocated in new_lo_space look like young generation objects.
>
> The scavenger still does not handle young generation large objects correctly.
> This will be added in a follow-up CL.
>
> Bug: chromium:852420
> Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
> Reviewed-on: https://chromium-review.googlesource.com/1124477
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54197}
TBR=ulan@chromium.org,hpayer@chromium.org
Change-Id: Ief44cfd841278f2d53d51f3a21c03b70b8025a7a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:852420
Reviewed-on: https://chromium-review.googlesource.com/1125979
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54205}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2f2c031c03d56d360ef940fc925e0583e6ae31dc
Reviewed-on: https://chromium-review.googlesource.com/1125720
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54202}
The scavenger still does not handle young generation large objects correctly.
This will be added in a follow-up CL.
Bug: chromium:852420
Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
Reviewed-on: https://chromium-review.googlesource.com/1124477
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54197}
This is a reland of 8e0f67be3f
Previously landed as: 3c4d0316e4 / 1065818
Previously landed as: 8e0f67be3f / 1088890
Original change's description:
> [async] Expose async hooks to d8
>
> This implementation follows the Node.js API as a guideline.
Bug: chromium:850530
Change-Id: I8ba22b11c80328108b197d687826ce0198420c9c
Reviewed-on: https://chromium-review.googlesource.com/1125679
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54191}
This is a reland of 3dfaf8264f
Original change's description:
> [debug] liveedit in native
>
> Liveedit step-by-step:
> 1. calculate diff between old source and new source,
> 2. map function literals from old source to new source,
> 3. create new script for new_source,
> 4. mark literals with changed code as changed, all others as unchanged,
> 5. check that for changed literals there are no:
> - running generators in the heap,
> - non droppable frames (e.g. running generator) above them on stack.
> 6. mark the bottom most frame with changed function as scheduled for
> restart if any.
> 7. for unchanged functions:
> - deoptimize,
> - remove from cache,
> - update source positions,
> - move to new script,
> - reset feedback information and preparsed scope information if any,
> - replace any sfi in constant pool with changed one if any.
> 8. for changed functions:
> - deoptimize
> - remove from cache,
> - reset feedback information,
> - update all links from js functions to old shared with new one.
> 9. swap scripts.
>
> TBR=ulan@chromium.org
>
> Bug: v8:7862,v8:5713
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
> Reviewed-on: https://chromium-review.googlesource.com/1105493
> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54146}
TBR=dgozman@chromium.org
Bug: v8:7862, v8:5713
Change-Id: I163ed2fd2ca3115ba0de74cb35a6fac9e40fdd94
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1124879
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54187}
We need to push the sign-extended constant instead of just the lower 32
bits. Otherwise, the callee might read stale data from the stack.
Bug: chromium:854011, v8:6600
R=ahaas@chromium.orgCC=rodolph.perfetta@arm.com
Change-Id: Iafcfd6ba9532771615b41215fb4d1a2b85ce5623
Reviewed-on: https://chromium-review.googlesource.com/1124683
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54185}
