This CL inserts NOP instructions a little bit earlier into empty
blocks; this ensures that instructions keep their initial position.
Bug: v8:7327
Change-Id: Idee5269f4fd7fc15c44bda83a2be74e8cff62df8
Reviewed-on: https://chromium-review.googlesource.com/1097078
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53672}
This is a necessary cleanup before porting Array[No,Single,N]ArgumentsConstructor
builtins to CSA.
Bug: v8:5269, v8:7703
Change-Id: I40a2dd83faab1f8c3c180d461ef62fa4d8578f5e
Reviewed-on: https://chromium-review.googlesource.com/1097079
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53671}
These tests are also affected by duplicate builtin copies (on- and
off-heap).
TBR=yangguo@chromium.org
Bug: v8:6666, v8:7718
Change-Id: I8adfe8b8b63fb5f539cdff5e709e9358a47dfc7e
Reviewed-on: https://chromium-review.googlesource.com/1097088
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53668}
This makes sure debug code in WasmCode traps immediately instead of
embedding a call to the Abort builtin, which would be Isolate specific.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: I08799d41b5e8d21b9f7af97d65f80a1594d9a613
Reviewed-on: https://chromium-review.googlesource.com/1095113
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53667}
Indirections for external references are now handled completely in
macro assemblers, which can produce more efficient code.
Bug: v8:6666
Change-Id: I158f2e2517e2d97a1006cec6e3b4ac3a7ef3fab6
Reviewed-on: https://chromium-review.googlesource.com/1095307
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53666}
This limits the call targets of {WasmCode} to only reference a limited
set of builtins via the {RelocInfo::CODE_TARGET} relocation mode. By now
most calls have been made independent of the Isolate.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: If4c643a7104e2ff0536ceb0f0de7fd30a923d854
Reviewed-on: https://chromium-review.googlesource.com/1092576
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53665}
In the process:
- Add strict ordering of Types so that name mangling is consistent
and build time. Previously, the UnionType stored the union's
types in a std::set<const Type*>, which did not have a consistent
ordering of the types in the set.
- Add a int31 type to enable consistency and correctness of
handling of 'constexpr int31' values on the C++ side.
- By removing the "implicit" keyword for operators, there is now
one less difference between operators and calls, another
incremental step in unifying operators and calls.
- Enable external (i.e. C++-defined) generic specializations
- Add CSA support for checking double ElementsKinds, including
tests.
- Clean up some constexpr/non-constexpr handling of ElementsKinds.
Bug: v8:7793
Change-Id: I27699aba70b98ebf5466e5b62b045d7b1dad62c8
Reviewed-on: https://chromium-review.googlesource.com/1091155
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53664}
Introduce debug-only non-isolate versions of oddball checks so that
we can check for oddballs in DCHECKs without requiring an isolate.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I97ee22fb99b23dbfa5d2d0bc7c6b22392d16d694
Reviewed-on: https://chromium-review.googlesource.com/1094875
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53662}
External references located within the isolate can be loaded as a
fixed offset from the root register. This avoids one load from memory
over the default indirect method (which reads from the external
reference table).
Bug: v8:6666
Change-Id: I569308c03f1a8c3feb1be7ceb072178b5be17b25
Reviewed-on: https://chromium-review.googlesource.com/1092739
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53661}
This CL re-enables a mjsunit test for some simulator configurations
after Array.p.sort pivot selection improvements have landed.
R=jgruber@chromium.org
Bug: v8:7795
Change-Id: I03599c34e34a0bafd5f276b03aa4f059a8078026
Reviewed-on: https://chromium-review.googlesource.com/1096764
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#53660}
This moves all accesses from Typer to the broker. This is policed by
DisallowHandleDereferenceScope in Typer::Visitor::Reduce.
Bug: v8:7790
Change-Id: Ic37d029261b3302eedb902a3b2249834a5dd0512
Reviewed-on: https://chromium-review.googlesource.com/1095305
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53659}
Code generation for stack checks and protected loads produces duplicate
loads of the stack pointer and memory base address. Without gvn these
turn into actual move operations and sign conversions. Even worse, as
turbofan seems to hoist the stack pointer loads to early blocks, I saw
a high register pressure and many spills.
While there is some compile time cost for gvn, I expect it to be rather
low. On the positive side, I see about a 5% performance inprovement for
some benchmarks. If compilation time turns out to be an issue, we can
still revert.
Change-Id: I13be2ace5b27c51c32430d0cb14fbbe8f31fbf6f
Reviewed-on: https://chromium-review.googlesource.com/1095335
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53657}
Loading a root generates a kRootRegister-relative load on all
architectures but ia32 (where we currently don't have a root
register).
This is preferable to loading an external reference, which will
usually embed an absolute pointer into the generated code, or add an
indirection when within an embedded builtin.
Bug: v8:6666
Change-Id: I1a93b1325b375bfcf3547977760e1d9ada1d0ee4
Reviewed-on: https://chromium-review.googlesource.com/1095260
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53656}
This patch ports over the spec defined operation `GetOption` from
JavaScript to C++:
https://tc39.github.io/ecma402/#sec-getoption
The JS implementation will be deleted once all it's
users are migrated.
Refactors LocaleConstructor to use this method which fixes some test262
tests. The test262 test status file is updated to reflect this.
Bug: v8:5751, v8:7684
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ief5eae9b69dcea50062825163ca7658ed20bd0cf
Reviewed-on: https://chromium-review.googlesource.com/1094201
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53652}
See: https://trac.webkit.org/changeset/232253/webkit
This is a defensive fix insofar as we were not observing any
issues, hence there is no regression test either.
Bug: v8:6791, v8:3770
Change-Id: Icdabe6a26aca9a5913fba278ae1fd0a79857dfd9
Reviewed-on: https://chromium-review.googlesource.com/1077660
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53651}
- Shuffle canonicalization improved to reverse operands to match
more architectural shuffles.
- Handles shuffles where the order of operands is reversed.
- Adds tests for non-canonical shuffles, and for swizzles.
- Improves TryMatchConcat method.
- Substantially rewrites shuffles on ia32 to better handle swizzles
and fix bugs on reversed shuffles where source registers are
overwritten.
- Adds Palignr macro-assembler instructions for ia32.
Bug: v8:6020
Change-Id: I8e43a1e7650057c66690af1504b67509a1437d75
Reviewed-on: https://chromium-review.googlesource.com/1070934
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53648}
The current implementation allocates a new {NativeModule} if trap
handlers are disabled. Afterwards, all export wrappers need to be
patched to call to the code objects in this new native module (this
patching is done in {CodeSpecialization}).
With the jump table, we want to get rid of this patching, hence we need
to reuse the same jump table, hence we cannot allocate a new
{NativeModule}. Instead, we should update the existing one with the new
code.
R=mstarzinger@chromium.orgCC=eholk@chromium.org
Bug: v8:7143, v8:7758
Change-Id: If2f395d462752b9084ed1e5f0a81f71d400ccfca
Reviewed-on: https://chromium-review.googlesource.com/1095262
Reviewed-by: Eric Holk <eholk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53645}
This switches Liftoff code to use WebAssembly runtime stubs instead of
builtin calls for handling traps, similar to what we use in TurboFan
generated code as well.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: If2554067b3e294220306c67861bb1fb14db7b492
Reviewed-on: https://chromium-review.googlesource.com/1087275
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53644}
Now that V8 uses EphemeronHashTable as backing store for
JSWeakCollections one pass over the heap is enough. In the old
implementation a second pass was necessary to find the owner
of the FixedArray to determine if its entries are strong or weak
references.
Bug: chromium:844008
Change-Id: I04bdf7d480c9be301831698571be5b226d20ac20
Reviewed-on: https://chromium-review.googlesource.com/1090910
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@google.com>
Cr-Commit-Position: refs/heads/master@{#53643}
Fix afd6351dcd
After `[csa][builtins] Port CompileLazy* to CSA` landed,
there is an implicit expectation that the address of the JS code
is stored in the target register. Due to optimizations on MIPSR6,
this address was not properly loaded.
We fix this by loading target address explicitly before performing
the jump.
TEST=mjsunit/json2,mjsunit/packed-elements
Change-Id: Ida9cb062910415bf15aa40dd20a17fc42fdba719
Reviewed-on: https://chromium-review.googlesource.com/1095155
Reviewed-by: Sreten Kovacevic <sreten.kovacevic@mips.com>
Commit-Queue: Sreten Kovacevic <sreten.kovacevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#53642}
This adds a new gn arg v8_custom_deps to add a dependency that's dynamically
added under v8/custom_deps. E.g. for depending on a target in
v8/custom_deps/test_root/BUILD.gn set
v8_custom_deps = "custom_deps/test_root:target_name".
Bug: chromium:846711
Change-Id: If03d48dba07cb36dc1b981602e5dc267deec086b
Reviewed-on: https://chromium-review.googlesource.com/1095218
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53640}
The graph_zone_ field in PipelineData was initialized to nullptr
instead of the correct zone when running the wasm compilation pipeline.
Now it is set to the actual zone of the graph that is being compiled.
Bug: chromium:844591
Change-Id: I8d9a688a292471a45dedcd01b03244baed60e378
Reviewed-on: https://chromium-review.googlesource.com/1095254
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53638}
This CL allows selection/highlighting of wasm source when a graph node
is clicked.
Bug: v8:7327
Change-Id: I4a3347a83c8a38804feabffefaefd761596005c3
Reviewed-on: https://chromium-review.googlesource.com/1092712
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53636}
This new scope allows to avoid emitting calls to {Builtin::kAbort} in
debug code when requested, but still trap when the debug code fails. It
can be used to keep generated code independent of builtins.
R=jgruber@chromium.org
Change-Id: I77864a1a10ec5b52bccfd76981ab5f4ff33bc727
Reviewed-on: https://chromium-review.googlesource.com/1095179
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53635}
D3.v5 needs a merge before applying combined update and
enter actions.
Bug: v8:7327
Change-Id: If5a044c18e4229c5eadb18c18aea191bcbacef32
Reviewed-on: https://chromium-review.googlesource.com/1095188
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53632}
- Improve typing by introducing PhaseView interface.
- Recalculate scale extent after resizing.
- Fix null sentinel which should have been undefined.
Bug: v8:7327
Change-Id: I06881ac3f5681cb419b5da9c6b8aa3a6b2652088
Reviewed-on: https://chromium-review.googlesource.com/1090914
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53631}
This CL adds a TFS stub for RegExp#test and moves several checks to
the JSCallReducer. In particular, the JSCallReducer checks that
- property {exec} on the regexp is still the original exec
- property {lastIndex} on the regexp is a non-negative smi
The stub does not repeat these checks in release mode.
This effectively means that if the regexp is known, we can perform these
checks at compile time, and get away with a map dependency.
Bug: v8:7779, v8:7200
Change-Id: I0c6d711d4f1d2f6f325a1c02855b0e1b62e014c8
Reviewed-on: https://chromium-review.googlesource.com/1074654
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53630}
Whenever an Isolate is available on a variable, field, or method
parameter, use that instead of GetIsolate(). Also convert simple
cases of the one-argument handle constructor to either use an
available Isolate, or use GetIsolate() if their first parameter
is a variable.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I52805905a9ca8729615ead78859f43d5e8f605f1
Reviewed-on: https://chromium-review.googlesource.com/1092853
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53629}
For errors, it just printed "Failure: expected <Error()> found
<Error()>" and completely omitted the specific error type and the
message.
The new output is:
Failure:
expected:
Error(Error: my explicit error)
found:
Error(ReferenceError: ffi is not defined)
R=mstarzinger@chromium.org
Change-Id: Ie17a97e4413c4585b9560fd1c408018ee8c06701
Reviewed-on: https://chromium-review.googlesource.com/1092746
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53625}
ExistingCodeLogger was behaving incorrectly when the CodeEventHandler
API was used in combination with --interpreted-frames-native-stack.
Instead of collecting copied trampolines as InterpretedFunction:functionName,
they were being collected as Builtin:IntepreterEntryTrampolines.
This patch adds special handling for copied trampolines when
using ExistingCodeLogger.
R=yangguo@google.com
Change-Id: I3ee4be03800122d28d53b51b20c60dcf6263e4c1
Reviewed-on: https://chromium-review.googlesource.com/1087813
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53624}
Internal references create absolute pointers within the code and must
therefore be disallowed for embedded builtins to remain
position-independent.
Drive-by: remove related cctest. This test used to be relevant before
embedding was fully implemented, but by now it is useless and rather
misleading since it gives a false sense of safety.
Bug: v8:6666
Change-Id: I57a62274b57c3ef1303d5114c68e2a9b1f92bda4
Reviewed-on: https://chromium-review.googlesource.com/1092732
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53623}
