Because Data's ctor is not defined, debug info optimization will
generate empty debug info for it. Adding standalone_debug attribute for
it to have complete debug info for this class.
Bug:
Change-Id: I0ca023518b1f5142a63686ba5a41007ac067c1f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3963719
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Zequan Wu <zequanwu@google.com>
Auto-Submit: Zequan Wu <zequanwu@google.com>
Cr-Commit-Position: refs/heads/main@{#83915}
This reverts commit 05bd7d9cd6.
Reason for revert: Still looks like a reason for rollout tests failure https://ci.chromium.org/ui/p/chromium/builders/try/linux-rel/1179312/overview
Original change's description:
> Reland "[turbofan] Optimize rab/gsab-backed TypedArrays and DataViews"
>
> This reverts commit 4b28d53011.
>
> Original change's description:
> > [turbofan] Optimize rab/gsab-backed TypedArrays and DataViews
> >
> > This CL adds TurboFan optimizations for length and element access
> > of TypedArrays and DataViews that are rab/gsab-backed.
> >
> > To enable this optimization, this CL builds the necessary machinery
> > required to allow machine operators at the front of the pipeline
> > (before simplified lowering). Some key changes to allow this are:
> > - Introduce Type::Machine() to allow the typer and the verifier to
> > provide a type to those machine operators in parts of the pipeline
> > that require nodes to be typed.
> > - Add EnterMachineGraph and ExitMachineGraph operators that define
> > the boundary between early machine graphs and the normal graph with
> > JS semantics.
> > - Give Branch operators a BranchSemantics parameter to distinguish
> > between machine branches (condition is a machine level value) and
> > JS branches (condition is a JS boolean value) and have phases that
> > handle branches decide on the branch's semantics based on this
> > parameter instead of the position in the pipeline.
> > - Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
> > machine graphs. In particular, constants required special handling,
> > because they are cached in the graph but they may have uses in both
> > a machine and the JS graph, which prevents consistent typing of
> > them.
> > - Moved lots of logic from JSCallReducerAssembler into
> > [JS]GraphAssembler such that functionality can be shared between
> > different phases (e.g. JSNativeContextSpecialization and
> > JSCallReducer need to generate logic to compute a TypedArray's
> > byte length). Extended assembler interface in general with
> > additional TNode<> overloads.
> >
> >
> > Bug: v8:11111, chromium:1358505
> > Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> > Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> > Reviewed-by: Clemens Backes <clemensb@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#83881}
>
> Bug: v8:11111, chromium:1358505, v8:13412
> Change-Id: I61664e18a9dba1741bcb70ec22ba6342521f500a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976512
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83904}
Bug: v8:11111, chromium:1358505, v8:13412
Change-Id: I960a34cfdb861feddf51cbcd759218f39b26cd56
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3980313
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Ilya Rezvov <irezvov@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83914}
This CL simplifies safepoint scopes, there are now three kinds of
safepoint scopes:
1) IsolateSafepointScope - performs an isolate local safepoint
2) GlobalSafepointScope - a global safepoint across multiple isolates
3) SafepointScope - chooses based on condition between local/global
This CL is not supposed to change current safepointing behavior in
any way. The CL renames the current SafepointScope to
IsolateSafepointScope and changes GlobalSafepointScope to always
perform a global safepoint. It then also introduces the new
SafepointScope and makes use of it for snapshotting and in heap.cc.
Bug: v8:13267
Change-Id: Ie7e1f81b6158c98d3d98552ba735cc73c9b869c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973310
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83912}
kLiftoffFrameSetupFunctionReg is using r15 which needs it
to be part of the LO cache registers.
Change-Id: I5b2510124d8c5a688decd3874b2fa8c85d40d728
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3975382
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#83911}
Keep track of simple field loads and stores in NodeInfo, and try to
reuse them where possible instead of recalculating them.
Bug: v8:7700
Change-Id: I1f5eb3cb37ac76bcbc1ce75f243a36a31e71c907
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974888
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83909}
We need to update the ZoneHandleSet reference.
Bug: v8:7700
Change-Id: I7908f033170b8d698383bddc10ac55f7bbc7d25e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976042
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83908}
If the lookup-start-object is a constant and we're loading a constant
property, return a constant.
Bug: v8:7700
Change-Id: I260cbb0c69e362bef7ccad3ec8d2ada55fb56bfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976514
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83907}
Improve testing shards on windows, which is the second slowest
configuration.
On the slowest config (linux32) we can't do much as the bottleneck
is gcmole. But the collection of gcmole data is now moved to the
end, which should save ~30 seconds per build at least. That's what
it costs to collect the other tests that run before.
Bug: v8:11428
Change-Id: I0a4f484b37396d4883b4f1d937a476e125c84c00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3978090
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83906}
- Fixes the operand index for the first argument of the builtin.
- Adds fast paths for constant code point.
Bug: v8:7700
Change-Id: I0bf398a7b6410f900b602218c79558af73f42e66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976509
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83905}
This reverts commit 4b28d53011.
Original change's description:
> [turbofan] Optimize rab/gsab-backed TypedArrays and DataViews
>
> This CL adds TurboFan optimizations for length and element access
> of TypedArrays and DataViews that are rab/gsab-backed.
>
> To enable this optimization, this CL builds the necessary machinery
> required to allow machine operators at the front of the pipeline
> (before simplified lowering). Some key changes to allow this are:
> - Introduce Type::Machine() to allow the typer and the verifier to
> provide a type to those machine operators in parts of the pipeline
> that require nodes to be typed.
> - Add EnterMachineGraph and ExitMachineGraph operators that define
> the boundary between early machine graphs and the normal graph with
> JS semantics.
> - Give Branch operators a BranchSemantics parameter to distinguish
> between machine branches (condition is a machine level value) and
> JS branches (condition is a JS boolean value) and have phases that
> handle branches decide on the branch's semantics based on this
> parameter instead of the position in the pipeline.
> - Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
> machine graphs. In particular, constants required special handling,
> because they are cached in the graph but they may have uses in both
> a machine and the JS graph, which prevents consistent typing of
> them.
> - Moved lots of logic from JSCallReducerAssembler into
> [JS]GraphAssembler such that functionality can be shared between
> different phases (e.g. JSNativeContextSpecialization and
> JSCallReducer need to generate logic to compute a TypedArray's
> byte length). Extended assembler interface in general with
> additional TNode<> overloads.
>
>
> Bug: v8:11111, chromium:1358505
> Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83881}
Bug: v8:11111, chromium:1358505, v8:13412
Change-Id: I61664e18a9dba1741bcb70ec22ba6342521f500a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976512
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83904}
With the blocklist re-use experiment we now handle locals near the
script/global scope correctly.
This CL lands the regression test of @bmeurer since it passes now.
R=bmeurer@chromium.org
Fixed: chromium:1209117
Change-Id: I2cb0ec1689b4fd32501886cc8bdd49486beef4dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976513
Commit-Queue: Simon Zünd <szuend@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83903}
Replace the template parameter by a parameter list, so we can also pass
zero observers.
This removes nullptr checks and the {EmptyImmediateObserver}
implementation.
R=jkummerow@chromium.org
Change-Id: Ia10bf319039c2b3af9376deb6613b9b683c40d11
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973268
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83902}
Follow-up to commit 6168782925
With this change 0x14 now also consumes a sig index immediate.
This will allow users to switch from 0x17 back to 0x14 without
breaking changes. After another grace period, 0x17 can be removed.
Reland of commit I65fe8b5bceb70323dd5e6450ec7bcc02696b15fa adapted by the concurrent changes in 35cc93aa42.
(This reverts commit 01379ba6d65371b70908da8e8386a9d9993aa2f9.)
Change-Id: I699095afb85d460e1fef8bd88abfd4c748090eda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3977828
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83900}
This CL solves two problems:
- Eliminating redundant CheckBigInt/CheckBigInt64 by decomposing
CheckBigInt64 to CheckBigInt and CheckedBigIntToBigInt64.
- Having precise checks for SignedBigInt64 to make the range of BigInt64
consistent in CheckedBigInt64Ops and CheckedBigIntToBigInt64.
Otherwise, there would be semantic difference between the subgraphs
where we keep CheckBigInt64 inbetween two CheckedBigInt64Ops (e.g.,
the variant assert_types) and the subgraphs where we eliminate the
checks.
Bug: v8:9407
Change-Id: I79a5c99e12eb3f3ffc7b5cbfc51191e6792f634b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3960333
Commit-Queue: Qifan Pan <panq@google.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83899}
This reverts commit 8f3047531d.
Reason for revert: CL collision:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20builder/63710/overview
Original change's description:
> [wasm] ref.call: Consume sig index immediate
>
> Follow-up to commit 6168782925
> With this change 0x14 now also consumes a sig index immediate.
> This will allow users to switch from 0x17 back to 0x14 without
> breaking changes. After another grace period, 0x17 can be removed.
>
> Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83890}
Change-Id: I65fe8b5bceb70323dd5e6450ec7bcc02696b15fa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976029
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83894}
This code looks like it was copied over of Abseil. However, parts of it
are not used anywhere, aside from their own unit tests, so delete them.
The unused functions are:
- MatchEmptyOrDeleted()
- CountLeadingEmptyOrDeleted()
- ConvertSpecialToEmptyAndFullToDeleted()
In turn, _mm_cmpgt_epi8_fixed() is also unused and can be deleted.
Bug: v8:11388
Change-Id: I35b84600690e6f044a1d5ab4bf41e7f67fb76d87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3965230
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83892}
... as an example of a simple builtin.
Bug: v8:7700
Change-Id: I4eb3479c04066cf4860d1fc28d5f7e9c758a6375
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974773
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83891}
Follow-up to commit 6168782925
With this change 0x14 now also consumes a sig index immediate.
This will allow users to switch from 0x17 back to 0x14 without
breaking changes. After another grace period, 0x17 can be removed.
Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83890}
The wasm decoder immediates are currently templatized by the {validate}
enum value. They do not need to be though; the only difference is in the
constructor, so the constructor should be templatized instead.
This CL implements that, and also changes the {validate} enum to be a
tag (a typename) instead. This is needed in order to enable template
parameter deduction for the constructor calls (C++ does not allow to
explicitly define the template parameter at constructor calls).
As a nice side effect, this produces nicer symbolized stack traces.
Before:
v8::internal::wasm::Decoder::read_u32v<(v8::internal::wasm::Decoder::ValidateFlag)1>
After:
v8::internal::wasm::Decoder::read_u32v<v8::internal::wasm::Decoder::BooleanValidationTag>
R=jkummerow@chromium.org
Change-Id: I013c909ebaf2c8c495f32b5ce598905f3eccc3ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973267
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83889}
This reverts commit bd590292b3.
Reason for revert:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/25069/overview
Original change's description:
> [turbofan] Optimize rab/gsab-backed TypedArrays and DataViews
>
> This CL adds TurboFan optimizations for length and element access
> of TypedArrays and DataViews that are rab/gsab-backed.
>
> To enable this optimization, this CL builds the necessary machinery
> required to allow machine operators at the front of the pipeline
> (before simplified lowering). Some key changes to allow this are:
> - Introduce Type::Machine() to allow the typer and the verifier to
> provide a type to those machine operators in parts of the pipeline
> that require nodes to be typed.
> - Add EnterMachineGraph and ExitMachineGraph operators that define
> the boundary between early machine graphs and the normal graph with
> JS semantics.
> - Give Branch operators a BranchSemantics parameter to distinguish
> between machine branches (condition is a machine level value) and
> JS branches (condition is a JS boolean value) and have phases that
> handle branches decide on the branch's semantics based on this
> parameter instead of the position in the pipeline.
> - Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
> machine graphs. In particular, constants required special handling,
> because they are cached in the graph but they may have uses in both
> a machine and the JS graph, which prevents consistent typing of
> them.
> - Moved lots of logic from JSCallReducerAssembler into
> [JS]GraphAssembler such that functionality can be shared between
> different phases (e.g. JSNativeContextSpecialization and
> JSCallReducer need to generate logic to compute a TypedArray's
> byte length). Extended assembler interface in general with
> additional TNode<> overloads.
>
>
> Bug: v8:11111, chromium:1358505
> Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83881}
Bug: v8:11111, chromium:1358505
Change-Id: Ifa7b81523237ebda941cab2feed42c176846b618
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976028
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83888}
We should not clobber the input registers in the codegen
of a Maglev IR.
We use a new temporary register instead.
Bug: v8:7700
Change-Id: Icacbee4e030f426001c224e25aed6ce86ad8b811
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973311
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83884}
This reverts commit 9dedaaf313.
Reason for revert: crashes have been fixed:
- https://crrev.com/c/v8/v8/+/3888198
- https://crrev.com/c/v8/v8/+/3965723
Original change's description:
> Revert "Enable background merging of deserialized scripts"
>
> This reverts commit f388f96fdb.
>
> Reason for revert: Crashes in canary (https://crbug.com/1360024)
>
> Original change's description:
> > Enable background merging of deserialized scripts
> >
> > This can save memory in cases where multiple frames in a process use the
> > same script, with sufficient time between loads that the script's
> > top-level SharedFunctionInfo is no longer present in the compilation
> > cache. Merging is relatively fast; it generally takes about one tenth as
> > long as deserialization.
> >
> > Bug: v8:12808
> > Change-Id: I7366a51f1d2ca6a9f551cdf2bdbe0441450cf1bb
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3868088
> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#82920}
>
> Bug: v8:12808
> Change-Id: If160173afaab351d995ddcf4b60d6efe656cf70b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3871208
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#82983}
Bug: v8:12808
Change-Id: I1d19a0e9ff4172435f4b2b9bbe3bf72a93e2411c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3972179
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83882}
This CL adds TurboFan optimizations for length and element access
of TypedArrays and DataViews that are rab/gsab-backed.
To enable this optimization, this CL builds the necessary machinery
required to allow machine operators at the front of the pipeline
(before simplified lowering). Some key changes to allow this are:
- Introduce Type::Machine() to allow the typer and the verifier to
provide a type to those machine operators in parts of the pipeline
that require nodes to be typed.
- Add EnterMachineGraph and ExitMachineGraph operators that define
the boundary between early machine graphs and the normal graph with
JS semantics.
- Give Branch operators a BranchSemantics parameter to distinguish
between machine branches (condition is a machine level value) and
JS branches (condition is a JS boolean value) and have phases that
handle branches decide on the branch's semantics based on this
parameter instead of the position in the pipeline.
- Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
machine graphs. In particular, constants required special handling,
because they are cached in the graph but they may have uses in both
a machine and the JS graph, which prevents consistent typing of
them.
- Moved lots of logic from JSCallReducerAssembler into
[JS]GraphAssembler such that functionality can be shared between
different phases (e.g. JSNativeContextSpecialization and
JSCallReducer need to generate logic to compute a TypedArray's
byte length). Extended assembler interface in general with
additional TNode<> overloads.
Bug: v8:11111, chromium:1358505
Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83881}
This removes the temporary option and sets its value to {true}
everywhere.
Bug: v8:7748
Change-Id: Icbc3071b531b130c0eb007758452d09b65491c04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974510
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83880}
Shared space is used concurrently and thus pages cannot shrink like
we do for old or code space.
Bug: v8:13267
Change-Id: I646120b1690d6fe628e524a4926e5648871b960e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974808
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83879}
Isolates need to be deserialized to run a GC. Similarly all client
isolates need to be deserialized for a shared GC.
This CL allows heap expansion during isolate deserialization.
Previously shared heap allocations could fail which would have led to a
CHECK failure in the subsequent GC.
Bug: v8:13267
Change-Id: Iae6934e9372063fcbe7de37128b7e783b09bb3c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974669
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83878}
Rolling v8/build: b8f0bc7..cb6dbd1
Rolling v8/buildtools: 10c7a0a..32851f2
Rolling v8/buildtools/third_party/libc++/trunk: 997e036..166132d
Rolling v8/third_party/depot_tools: 9879712..61ef3d8
Rolling v8/third_party/fuchsia-sdk/sdk: version:10.20221021.3.1..version:10.20221023.3.1
Rolling v8/tools/clang: 7b9e2e2..bc55ae7
Change-Id: Ie718d51122809672447c1d8e7fcb2ff46ce68c01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974078
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#83877}
We don't currently try the fast path if left side
is negative. See {if_lhs_negative} branch.
Change-Id: Ieea2977209902ad90c29ff3b305ca047fafbdd80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974511
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83873}
v8::TracedReference and their underlying traced handles are not
actually phantom references but have been historically represented as
such. This patch splits off their backing implementaton into
`TracedHandles`.
As a drive-by, re-organize the free list to rely on indices instead of
pointers, saving a full word for each node. In additon, the setup also
allows for freeing fully empty node blocks after GCs.
Allocation/free of nodes is also organized in a way that avoids
jumping between handles/blocks/nodes for accounting purposes.
Removing CRTP in GlobalHandle internals is left for a follow up.
Bug: v8:13372
Change-Id: Ib55aa9ba71202d5918b486c161fe6f747d31c719
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3966952
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83872}
Map space is gone now so we can use SnapshotSpace::kOld instead.
Bug: v8:12578
Change-Id: If7509ee6bea04fed263a6d8b15597fd051697e4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968480
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83869}
... and prepare for using PGO profiles for arm builds.
Bug: v8:10470
Change-Id: If71d363195c60277a59dc68d0c18e361e24209c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3970665
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83867}
