Code generation introduces indirections if a builder exists (and the
serializer is active). These indirections are not necessary outside of
embedded builtins (e.g. in bytecode handlers), so let's reduce its
lifetime.
Bug: v8:6666
Change-Id: I57207012997786f599f79f0982da61eea26f3e22
Reviewed-on: https://chromium-review.googlesource.com/1059114
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53194}
https://github.com/tc39/proposal-intl-locale
Rename locale property to baseName to better reflect the intented use case and the change in spec.
TBR: bmeurer@chromium.org
Bug: v8:7684
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I91b630b49ce73abcebd6040ec968c91d75cff879
Reviewed-on: https://chromium-review.googlesource.com/1014411
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53193}
ArrayBuffer memory allocated off-heap was previously tracked by a test-
only retained_size() field on each LocalArrayBufferTracker.
Changes in off-heap ArrayBuffer memory usage are now reported to the
Space with which the ArrayBuffer is associated, so that the value is
cheaply available to include in e.g. GC limit calculations, via a new
getter, ExternalBackingStoreBytes().
Changes to external ArrayBuffer backing-store allocations are tracked in
an AtomicNumber associated with each Space, to allow for ArrayBuffers
being concurrently moved or freed from multiple Pages in the same Space
during sweeps & compactions.
Bug: chromium:837583
Change-Id: I8b1b6addd5cd05533d8da55ca813e134bc36e181
Reviewed-on: https://chromium-review.googlesource.com/1052347
Commit-Queue: Wez <wez@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53192}
With the introduction of a jump table, call targets will not be
{WasmCode} objects any more. Instead, we just call any {Address}.
This CL does not change anything yet, but changes interfaces to accept
an {Address} instead of {WasmCode*}.
R=titzer@chromium.org
Bug: v8:7758
Change-Id: Id299738bb7cc6a1891e4a03d7f67c24cde6d1699
Reviewed-on: https://chromium-review.googlesource.com/1058793
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53191}
We were always using the instance we were currently building. If the
start function is an exported wasm function of another instance, use the
exporting instance instead.
R=titzer@chromium.org
Bug: chromium:843120
Change-Id: I141d272b947bef8e903be7208ddf6ce344e754c4
Reviewed-on: https://chromium-review.googlesource.com/1059620
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53190}
The (currently four, soon five) RelocIterator constructors contain
basically identical logic. Refactor that into a basic version that all
other constructors call.
Bug: v8:6666
Change-Id: Ice7b4891d5e539ff6fe63337fc52d480d85dc270
Reviewed-on: https://chromium-review.googlesource.com/1059109
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53189}
In particular:
* number of pointer fields
* number embedder fields
* number boxed fields
* number of unboxed double field
* number of raw data fields
Bug: v8:7703
Change-Id: I22a310d941317a0f34f67536e55fbfab5f5354cd
Reviewed-on: https://chromium-review.googlesource.com/1056532
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53188}
Since the code around that is quite fragile, and I plan to refactor it,
just add some tests to ensure that everything is and keeps working as
intended.
R=mstarzinger@chromium.org
Bug: v8:7758
Change-Id: Ib3814b93b465286d70b5669ed0161eecb9fc925a
Reviewed-on: https://chromium-review.googlesource.com/1059616
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53187}
The sysroot only contains headers for gcc6, not gcc4.8 which is the version installed on the coverage bots.
Bug: chromium:837238
Change-Id: Ifd9b53dae510b969b4ef5ec8c1c2684eb92a94fa
Reviewed-on: https://chromium-review.googlesource.com/1059150
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53186}
{ImportedFunctionEntry} offers two {set} methods: One takes a
{JSReceiver*}, the other one a {WasmInstanceObject*}. Since
{WasmInstanceObject} inherits from {JSReceiver}, it's quite easy to
confuse the two if the instance is hold as e.g. {JSObject}.
Hence, rename the methods to remove this ambiguity.
R=titzer@chromium.org
Bug: v8:7758
Change-Id: I06617a565faa561d3afc70085e0df3b528c715bb
Reviewed-on: https://chromium-review.googlesource.com/1059147
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53185}
The interpreter entry was sometimes referred to as "interpreter stub"
or "interpreter wrapper". Use the term "interpreter entry" consistently.
R=titzer@chromium.org
Bug: v8:7754
Change-Id: Ia06449c91300fca454c6afd5c82a789749d6b7d0
Reviewed-on: https://chromium-review.googlesource.com/1058794
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53184}
For generating the WasmCompileLazy builtin, we need to know the list of
parameter registers in wasm. Instead of duplicating this, just use the
existing array from wasm-linkage.h.
R=titzer@chromium.org
Change-Id: Ib552af7b6a3defbc9c8b48390244bf943306a4b7
Reviewed-on: https://chromium-review.googlesource.com/1057310
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53182}
Since `at` register is used a lot in macro-assembler-mips, change
usage of this register with `kScratchReg` and `kScratchReg2`.
Also, remove TODO comments for unaligned memory access, since there
is nothing that can be done about it.
Change-Id: Ibf55c04a1f53521f34dfb483294de3010a0120c6
Reviewed-on: https://chromium-review.googlesource.com/1059347
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#53181}
Moving asserts from helpers to the call sites, so the failure messages are more
helpful.
BUG=v8:7308
Change-Id: I1da491d408c2e2a1017b1d3fe484b7b3d877a2cf
Reviewed-on: https://chromium-review.googlesource.com/1058802
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53180}
This is needed since depot_tools may not be in PATH on LUCI bots. Using the copy
of depot_tools that contains the recipes is also incorrect as it is not
guaranteed to contain binaries that do not have corresponding recipe API, which
does not apply to script called from a recipe. This also protects our release
scripts from breaking due to arbitrary changes to depot_tools.
Chromium also pins depot_tools for similar reasons:
https://cs.chromium.org/chromium/src/DEPS?l=525&rcl=f24fa931ae08b0e42aae2d13034229088179da7fR=machenbach@chromium.org
Bug: chromium:831171
Change-Id: I393052b1c489d25e2e3fa173149635448e9bd2dc
Reviewed-on: https://chromium-review.googlesource.com/1054676
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53179}
and comparison with a JS implementation using TypedArray
Change-Id: Ifec9c19f23e182db25ad3e54edc3f60c6e6048f4
Reviewed-on: https://chromium-review.googlesource.com/1057729
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Théotime Grohens <theotime@google.com>
Cr-Commit-Position: refs/heads/master@{#53177}
This will aid with quickly finding the needed builder and verifying whether a
given test definition is already present or not.
R=machenbach@chromium.org
No-Try: true
Change-Id: I5a9b74925fa2bfb27f29434bb43045394b20cf18
Reviewed-on: https://chromium-review.googlesource.com/1053772
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53174}
This CL changes the generated C++ code for LabeledStatementBlocks to
only emit labels if they are used.
Prior to this CL, when a label was only used on one path of an
if constexpr expression, and not at all anywhere else,
the try/label construct would BIND a label that was not used,
causing a CSA verification error.
R=tebbi@chromium.org
Change-Id: Ia81a0cd081b84528c95bbdbdb98b9ab51928e13f
Reviewed-on: https://chromium-review.googlesource.com/1057247
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#53173}
Splitting out hash table into a separate file in
b934607d4c caused a performance
regression.
This inlines GetHash and GetSimpleHash to fix the regression.
Bug: chromium:840694, v8:6443
Change-Id: I0466fa017a179ef2375cec4ddec8f04dfba75921
Reviewed-on: https://chromium-review.googlesource.com/1058446
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53170}
Port 5dfe23a40d
Original Commit Message:
When encountering a LoadStackPointer input to a comparison, generate a register
LocationOperand that points to the stack pointer. This can avoid unnecessary
spilling of the stack pointer.
R=georgia.kouveli@arm.com, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ie3fecf70f78c234fefad86fec74820a61f3d227b
Reviewed-on: https://chromium-review.googlesource.com/1057965
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53167}
Implement atomic compare exchange and atomic bin OPs for
PPC and s390
Change-Id: I8f89a0ebb912082c4c1e6b9a3daf64f28c114010
Reviewed-on: https://chromium-review.googlesource.com/1013861
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53165}
This makes the fact that {WasmSharedModuleData} is shared across
instances explicit by hanging this {shared} reference off the module
object instead of the instance-specific {WasmCompiledModule} object.
R=titzer@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I99bf3d855d6283bdc48373f0f8e2df1990905d3f
Reviewed-on: https://chromium-review.googlesource.com/1051909
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53163}
When encountering a LoadStackPointer input to a comparison, generate a register
LocationOperand that points to the stack pointer. This can avoid unnecessary
spilling of the stack pointer.
Change-Id: Ifd1a5aaf22c9c594e653cf4689ba46587811c4d0
Reviewed-on: https://chromium-review.googlesource.com/1055568
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53161}
This CL disables a DCHECK in RemoveArrayHoles that was triggered for
JSArrays that have read-only elements in the prototype chain.
The DCHECK is not removed because it will be re-enabled later when
the copying from the prototype chain (during sorting) will be done
for JSArrays as well.
R=cbruni@chromium.org
Bug: chromium:840855
Change-Id: Ia278bd2f060df094f477b4efbc3f5bdafd7ea7a8
Reviewed-on: https://chromium-review.googlesource.com/1057588
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#53159}
Liftoff currently does not support all asm.js code, and tier-up does
not work with lazy compilation. Hence, disable Liftoff for asm.js in
general. We will look at this later, when we have better tier-up.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: I00d9e27d861067b22c0738ade7070538ee8c919c
Reviewed-on: https://chromium-review.googlesource.com/1047245
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53158}
Instead of unconditionally copying the script name into a
heap-allocated char vector, use existing storage if possible. Also, try
to avoid materializing the script name for computing its length.
R=titzer@chromium.org
Change-Id: If0e8ac95ecbbb4e7463d9e4a4cdb5579270bcdaf
Reviewed-on: https://chromium-review.googlesource.com/1051230
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53157}
Minor performance optimization: A {WasmDecoder} instantiated with
{validate == false} does not need to check {decoder->ok()}.
R=titzer@chromium.org
Change-Id: Ieac8b18432453e1cfe9ee66a15a5e2145570436e
Reviewed-on: https://chromium-review.googlesource.com/1057567
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53156}
Now that {WasmCode} objects are no longer specific to an instance, it is
no longer needed to patch code when the last instance is finalized. The
code specialization in {WasmCompiledModule::Reset} is no longer needed.
R=clemensh@chromium.org
Change-Id: I430e7f7258d309916de1188d47677c7feb8123b0
Reviewed-on: https://chromium-review.googlesource.com/1057488
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53155}
A std::unique_ptr of array type uses the "delete[]" operator to delete
the memory, hence we should use "new[]" to allocate it.
I sometimes get this reported locally, even though I have
"alloc_dealloc_mismatch=0" in ASAN_OPTIONS. So why not just fix it.
R=marja@chromium.org
Bug: v8:7754
Change-Id: I026287a0e0ee4b9560c4fc7333267e738392b13f
Reviewed-on: https://chromium-review.googlesource.com/1057230
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53154}
The --trace-turbo flag would cause a crash when compiling a WASM_FUNCTION. It
was caused by assuming the OptimizedCompilationInfo had a SharedFunctionInfo
attached if the code isn't a stub and wasm functions are not considered as such.
In order to test this, we've added a new flag to specify were to dump JSON
files: --trace-turbo-path. This is used to make sure we do not leave lots of
files behind in the top-level directory. It should be useful as standalone
feature too.
Change-Id: Ia9442638d28100bea45a8683fb233803cc5393f2
Reviewed-on: https://chromium-review.googlesource.com/1030555
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53153}
The flag hash is used by code caching to recognize incompatible V8
configurations. When the flag hash differs, the cache is thrown out.
Code produced by embed/noembed builds is incompatible, and thus needs
to change the flag hash as well.
Bug: v8:6666, v8:7739
Change-Id: Icae8c6dc39b2eab491d28b2155f67103acf68181
Reviewed-on: https://chromium-review.googlesource.com/1057331
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53152}
This gets rid of the weakness hacks which were needed for remembering that maps
as handlers are weak, and other handles are strong.
BUG=v8:7308
Change-Id: I7fd3252ba67350803e2207dc12bbdf6abbae7e23
Reviewed-on: https://chromium-review.googlesource.com/1055449
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53151}
Module and script SharedFunctionInfos can't be used interchangeably
(e.g.: it should not be possible to bind a Module's SFI to a Context).
The dedicated type disambiguates the two.
This also adds an overload for CreateCodeCache which takes an unbound
module script instead of an unbound script. Both are just a SFI
underneath, so their behavior is identical.
Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Iab519d0d50b6b41c95abdb6397f5622e292da4d8
Reviewed-on: https://chromium-review.googlesource.com/1047107
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53150}
The clusterfuzz issue crashes because VisitBinops expected only but 4
input operands but in the generated graph 5 input operands get created
The issue is fixed by increasing the size of the input operand buffer.
R=jarin@chromium.org
Bug: chromium:842501
Change-Id: I4bbb09a968e165e6f5a0a02d06eee97333f7aa38
Reviewed-on: https://chromium-review.googlesource.com/1056989
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53147}
Makes all but one data member private instead of protected and replaces
all Space::heap_ accesses with Space::heap().
Also moves Executability down from Space into PagedSpace and remove all
references in SemiSpace since it's always initialized with
NOT_EXECUTABLE.
Bug: v8:7754
Change-Id: Ic03ce35a5f970b3c1e25b32da53e4c9717b2ee1e
Reviewed-on: https://chromium-review.googlesource.com/1055510
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53146}
Shares the feedback slot when loading / storing named properties
when the name of the property and the variable corresponding
to the object are the same. This reduces the memory usage on most
real world benchmarks. There is a slight (~1%) increase in the overall
time spent in V8 on a couple of these pages.
There is also no overall performance regression on peak-performance
benchmarks like Octane, ARES. More detailed results are in this doc[1]
[1]: https://docs.google.com/document/d/1rPNjXU-WOlyNQovuQS28Zf2PHCENR97Bi76gV9mHHOc/edit?usp=sharing
BUG: v8:7530
Change-Id: I7dd98c2d26f4e6c94690ca7d9a8a4a8281b3142d
Reviewed-on: https://chromium-review.googlesource.com/966302
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53145}
