This is a reland of d6121fd1a3
Original change's description:
> [Interpreter] Ensure Test*Handler don't allocate a frame for fast-path.
>
> Avoids allocating a frame for the fast-path in TestEqual, TestEqualStrict and
> TestLess/GreaterThan bytecode handlers. Also changes how feedback is tracked
> to try and avoid needing to keep feedback to "combine" with if it's unecessary
> which reduces the liveranges of the registers holding this data.
>
> This reduces the time needed for a tight loop in Ignition (e.g.,
> while (i < 1000000000) ++i;) from 12.8s to 10.8s.
>
> BUG=v8:9133
>
> Change-Id: I686b9da89541d15d233635db3276de3dad2fa282
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570020
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60906}
TBR=jgruber@chromium.org
Bug: v8:9133
Change-Id: Ie9940d029d412986e6713438630565a98fe3c51c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1582401
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60989}
Use `padreg` instead of x18 to maintain alignment in the CPURegList.
Also clean up some comments and tidy up RequiredStackSizeForCallerSaved
and PushCallerSaved.
Change-Id: I80a780e5649e69a1746c43f37c2d1d875120c7a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581609
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#60987}
The order of the typeswitch branches causes repeated Smi-checks.
This CL fixes this by putting the Number case first.
However, the generated code is still worse due to repeated Map and
InstanceType loads. This will be fixed by a future load elimination for
Torque/CSA.
Bug: chromium:955976
Change-Id: I0f59ef795878f65b3cb11246626738bc33f8aff5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581644
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60986}
Add suport for large object space allocations in Turbofan and use it
from CSA when young large objects are enabled. This maintains the
Turbofan invariant that the generation is statically predictable.
In principle, this enables write barrier elimination for large objects
allocated from Torque/CSA. But it doesn't seem to trigger much yet,
probably we have to improve the MemoryOptimizer.
Bug: v8:7793
Change-Id: I7ea7d0cb549573db65fafe5df5edf67e0ce90893
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1565905
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60984}
This CL changes lint errors to not be printed directly to stderr.
Instead, they are collected in a list that gets surfaced via
the TorqueCompilerResult. This is done so they can be presented
to language server clients.
This change also removes the "abort_on_lint_errors" option.
API users can now decide for themselves what to do, depending on
the presence of lint errors in the returned list.
R=sigurds@chromium.org, tebbi@chromium.org
Bug: v8:8880
Change-Id: I44601010491aafcf4c8609fd8c115219317506a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581608
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60983}
When collecting JS block coverage, we track block execution counts on
so-called CoverageInfo objects. Generated bytecode and native code
contains inlined snippets of code to increment the appropriate
counters.
These used to be implemented as calls to the IncBlockCounter runtime
function. Each call incurred the entire CEntry overhead.
This CL reduces that overhead by moving logic over into a new
IncBlockCounter TFS builtin. The builtin is called directly from
bytecode, and lowered to the same builtin call for optimized code.
Drive-by: Tweak CoverageInfo layout to generate faster code.
Tbr: jarin@chromium.org
Bug: v8:9149, v8:6000
Change-Id: I2d7cb0db649edf7c56b5ef5a4683d27b1c34605c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571420
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60981}
The --run-count-multiplier flag was used to run an experiment and is not needed
anymore. It will be superceeded by another parameter that will run benchmarks as
many times as needed until needed confidence is achieved.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:880724
Change-Id: Iedd3d0f900a838f97cfa3339f582f6d02cce3e93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578504
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60980}
Bug: v8:8976
Change-Id: Idc896770fd0f448c37d8d83b7970e3f8e16f5f2e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1572682
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60979}
This fixes the bounds check for the 'in' operator to handle the negative
index case properly (by using the same machinery as the potentially
out-of-bounds loads/stores use).
Bug: chromium:952586
Change-Id: I2225acae8be7dcedbcde745e8ef202e789085041
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581179
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60978}
This extends the existing test coverage of interactions between the
exception handling and the reference type proposal. Now "any-func" and
"except-ref" can both be encoded as an exception value. Missing switch
cases have been added.
R=clemensh@chromium.org
TEST=mjsunit/wasm/exceptions-anyref[-interpreter]
BUG=v8:8091,v8:7581
Change-Id: Ie2e9819fe66b4daab623390f27bb19007131f619
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581600
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60977}
On Arm/64 the last return address is stored in a link register instead of
being pushed to the top-of-stack like on x64/ia32. Extend the support in the
tick sampler to check for samples in a frameless bytecode handler with support
for checking the link register if it exists instead of top-of-stack. In addition,
make the x64/ia32 check more robust by ensuring we only apply the change if the
pc is a bytecode handler and the top frame isn't a bytecode handler (stub) frame.
BUG=v8:9162
Change-Id: I89d2e80ea8a0b84ff6a265d0e0e73f9fdd1daca8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578464
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60976}
Use the existing {ArrayVector} method for this, which reads nicer. In
some places, I replaced a stack-allocated array by {EmbeddedVector} to
avoid the {ArrayVector} call.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: I5560c07f2775338fefd11acf67a540e003428e74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578899
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60975}
This is one step towards removing the {StrLength} helper and using
{size_t} consistently instead.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: Ibcdfd579531a259d490c39a8e8c96d469a5a4aac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578901
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60974}
This reverts commit fa6ec3cb08.
Reason for revert: v8:9169, v8:9170
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/31457https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64/31417https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20debug/19919
Original change's description:
> [cpu-profiler] Split out debug mode for CPU profiler naming
>
> Adds a new flag to CpuProfiler to control whether or not "debug" names
> (potentially inferred from scope) are used for captured frames
> associated with a SharedFunctionInfo instance.
>
> Bug: v8:9135
> Change-Id: I104f3246431dc6336de4e4688c0d98c86e0bb776
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566169
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60972}
TBR=ulan@chromium.org,alph@chromium.org,yangguo@chromium.org,petermarshall@chromium.org,acomminos@fb.com
Change-Id: I573194b5affd31fd0748b9ef3c45052e8ab420f5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9135
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581639
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60973}
Adds a new flag to CpuProfiler to control whether or not "debug" names
(potentially inferred from scope) are used for captured frames
associated with a SharedFunctionInfo instance.
Bug: v8:9135
Change-Id: I104f3246431dc6336de4e4688c0d98c86e0bb776
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566169
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60972}
The current logic sometimes skips the request for a code logging stack
guard request, even though no such request is pending. This happens if
the previous stack guard already executed, but a foreground task is
still pending.
This CL fixes this by re-requesting a stack guard interrupt when the
first code is added to the vector of outstanding code to be logged.
Plus minor drive-by fix.
R=mstarzinger@chromium.org
Bug: v8:9163
Change-Id: I4937f3983f15e7122141b04ddb1432cd1f78828b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578461
Auto-Submit: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60970}
This prepares removing the special timeout of 200 on the bots. First
we temporarily set 200 on v8 side to remove the flag on the infra side.
Afterwards we'll remove the v8-side code, tested in CQ.
TBR=tmrts@chromium.org
Bug: v8:9145
Change-Id: I61578da02ab8c101d0d6c916106ad5a8bc6841cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581259
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60962}
In the PerformPromise{All, Race, AllSettled} operations, the resolve
property of the constructor is looked up only once.
In the implementation, for the fast path, where the constructor's
resolve property is untainted, the resolve function is set to undefined.
Since undefined can't be a valid value for the resolve function,
we can switch on it (in CallResolve) to directly call the PromiseResolve
builtin. If the resolve property is tainted, we do an observable property
lookup, save this value, and call this property later (in CallResolve).
I ran this CL against the test262 tests locally and they all pass:
https://github.com/tc39/test262/pull/2131
Spec:
- https://github.com/tc39/ecma262/pull/1506
- https://github.com/tc39/proposal-promise-allSettled/pull/40
Bug: v8:9152
Change-Id: Icb36a90b5a244a67a729611c7b3315d2c29de6e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574705
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60957}
As a preparation of trusty -> xenial migration, let me specify os
dimension explicitly here.
I added os dimension for the linux builders having tests property.
I will change this dimension gradually with gradual swarming test bots
trusty -> xenial migration.
Currently this should not change ubuntu's version of bots running tests
because v8 recipe module has default Ubuntu-14.04 dimension for linux.
https://cs.chromium.org/chromium/build/scripts/slave/recipe_modules/v8/api.py?l=428&rcl=927948978a7a101fca66f07a784aeb3ddb6650c9
Bug: chromium:954890
Change-Id: Ib2404c5aaa54d6e8e47341394d6a757a9d99874a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578659
Commit-Queue: Takuto Ikuta <tikuta@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60951}
The {Vector} class stores the size in a {size_t} since a while, but
many accessors and constructors still accept an {int}. This CL removes
all {int} uses except for the explicit {length()} accessor. It also
adds a comment to avoid this accessor if possible.
The {StrLength} function still has several users outside of vector.h,
which I plan to remove in a follow-up CL.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: I33c5b0e8b8b2cb3531716c1d99e4516a13d6ba1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578480
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60950}
This CL fixes some issues with GC.
1) It removes dead code from the set of potentially dead code to avoid
considering the same code for GC again and again.
2) It resets the {new_potentially_dead_code_size_} counter to avoid
triggering too many GCs.
3) When code becomes dead after GC, do not unconditionally free it; just
decrement its ref count (there might still be {WasmCodeRefScope}s
holding the code alive).
4) Update the comment of the ref count to be more accurate.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: I28e5a1fed74411b8473bb66ddbad3ffe7643f266
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574518
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60949}
This adds two counters for collecting the absolute size of freed code,
and the percent of total generated code per module.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: Ia065081104fbff6459791c919e0b18677ba45cc3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1573698
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60948}
This is dead code as no benchmarks seem to be using it and removing this
additional logic will reduce maintenance cost for the perf infrastructure.
R=machenbach@chromium.org, tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Change-Id: I952af069d4d18d63624510b4c461fa1891703db9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570008
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60947}
This is part of the refactoring to allow exporting more information about test
execution to the recipes and upload this information to ChromePerf.
This fixes running secondary even after primary run fails, which will allow us
to differentiate between test and infra failures as latter ones will also affect
refbuilds and re-runs without patch.
R=machenbach@chromium.org, tmrts@chromium.org
Bug: chromium:841700
Change-Id: I29ce49d2f8c5e73158f1d41a73c51f2b35929f36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570006
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60946}
This is the next step to test the GC better: We zap the code region of
{WasmCode} objects which are detected to be unused. This is tested in
the future variant, so ClusterFuzz has a chance to catch missing
references.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: I75a63384a2a8e2ed68b9447e6ee4faa24037da93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571622
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60945}
