The LogAll test is flaky on windows build, disable one-shot optimization
to check if the issue is related to one-shot or not.
Change-Id: Ia963faf4158277d8d5e8bcbd3cf6ce99b69a4d39
Reviewed-on: https://chromium-review.googlesource.com/1234416
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#56053}
- Uses a temp register to hold esp so we can align it to a
8-byte boundary.
Bug: v8:8015
Change-Id: I487789250aca89c360a70614d7b0bd382705febf
Reviewed-on: https://chromium-review.googlesource.com/1229614
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56051}
This prevents the contents of these files showing up in the
output of `git grep`. This makes git grep much more useful as
these files are minified into a single line which is not human
readable.
Change-Id: I54047fe32d090570fa70935ce108455a47e4d888
Reviewed-on: https://chromium-review.googlesource.com/1232674
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Sam Clegg <sbc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56049}
Those two methods are spread over the code base, and their purpose is
often not clear. Historically, they were used to turn pointers into
integers in order to do computations on them. Today we have {Address}
which is uintptr_t, so we can compute directly on that.
This also makes the {RoundUp} and {RoundDown} macros only work on
integral values (including {Address}).
R=mlippautz@chromium.org
Bug: v8:8015
Change-Id: Ia98fb826793ee5d3a2a5b18c09c329d088443772
Reviewed-on: https://chromium-review.googlesource.com/1233914
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56048}
This CL ensures that the InterpreterEntryTrampoline, as well as
InterpreterPushArgsThenCall and InterpreterPushArgs preserve
the kRootRegister (ebx).
Bug: v8:6666
Change-Id: I1e5b63f1002ffbe4dac84f039f373b6b77e67d8a
Reviewed-on: https://chromium-review.googlesource.com/1233793
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56047}
This is a reland of 3bb5cb63da
Original change's description:
> [wasm] Introduce a soft limit on reserved memory
>
> Currently, wasm memory and wasm code use a shared limit for the total
> size of reservations. This can cause wasm code reservations to fail
> because wasm memories used all available reservation space.
> This CL introduces a soft limit which is used when allocating wasm
> memory with full guards. If this limit is reached and the respective
> flag is set, we fall back to allocation without full guards and check
> against the hard limit. Code reservations always check against the hard
> limit.
>
> R=ahaas@chromium.org
>
> Bug: v8:8196
> Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
> Reviewed-on: https://chromium-review.googlesource.com/1233614
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56028}
Bug: v8:8196
Change-Id: If8baf429b02e23b344346f7335bc911b99ae5579
Reviewed-on: https://chromium-review.googlesource.com/1233756
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56044}
Concurrently process objects and only read embedder fields on the main
thread.
Also prepares the concurrent marking infrastructure to plug this
processing into different types.
Bug: chromium:885125, chromium:843903
Change-Id: I23b7f778c16cff118dec93e11e2bbd02aaf11a78
Reviewed-on: https://chromium-review.googlesource.com/1231175
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56043}
This adds a new external_pointer field to every JSDataView instance
which points directly into the backing store at the given view's
byte_offset. This was the DataView performance is now almost on
par with the TypedArray performance for accessing aligned memory
(with appropriate endianess). This also serves as prepatory work
to enable full 64-bit addressing of DataView backing stores in
optimized code (soonish).
This change optimizes the bounds checking sequence in TurboFan in
such a way that it further improves the DataView set/get performance
by around 10%, almost closing the remaining gap between DataViews
and TypedArrays.
Drive-by-fix: Get rid of the code duplication around DataView inlining
in the JSCallReducer and have only a single bottleneck method now.
Bug: chromium:225811, v8:4153, v8:7881, v8:8171
Change-Id: I9118efd4d19e93f0e51c931a9bec1a56a0f4593e
Reviewed-on: https://chromium-review.googlesource.com/1231994
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56042}
As part of this, we also update all InvokeFunctionCode callers to pass
ecx as the expected-argc register.
Drive-by: Inline InvokeFunction overload into its single use.
Bug: v8:6666
Change-Id: I67590ecc3f4981d014642c9e18d3ed6db9831e54
Reviewed-on: https://chromium-review.googlesource.com/1233653
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56040}
Not much to do here. This CL bakes in incompatibility between
poisoning and embedded builtins, since we cannot unconditionally reset
the poison register (which we reused as kRootRegister) as we used to.
It also exposes a bug introduced in [0] where we set
Isolate::c_function to a garbage value.
[0] https://chromium-review.googlesource.com/1185011
Bug: v8:6666
Change-Id: Ia606f5d0e86c7ff68aa2af22acb89c2844519bf5
Reviewed-on: https://chromium-review.googlesource.com/1233255
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56038}
This also adds checks that ebx contains the root pointer during indirect load.
And we work around a few spots where we create an ebx Register but do not
actually reference it (e.g. when emitting xmm3, which has the same code as
ebx).
Bug: v8:6666
Change-Id: I7ec9e644c2e9c59d6395a71c6c5f479fac711d8d
Reviewed-on: https://chromium-review.googlesource.com/1231093
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56037}
This is behind the --concurrent-compiler-frontend flag, which is
disabled by default (but implied by --future).
Bug: v8:7790
Change-Id: Ic7934ecfea042be4897b00095b8afca66862a9d5
Reviewed-on: https://chromium-review.googlesource.com/1233735
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56034}
Make the RedundancyElimination handle all simplified operators that are
listed in the SIMPLIFIED_CHECKED_OP_LIST, and fix a couple of bugs and
oversights in the code. This also adds a lot of test coverage for all
the cases that we care about in RedundancyElimination (with respect to
Check/Checked simplified operators).
Bug: v8:8015
Change-Id: I57d29113389841b09abcd013313bf5dd1c67735f
Reviewed-on: https://chromium-review.googlesource.com/1233655
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56032}
This reverts commit 3bb5cb63da.
Reason for revert: Breaks Win64 bot https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64/26418
Original change's description:
> [wasm] Introduce a soft limit on reserved memory
>
> Currently, wasm memory and wasm code use a shared limit for the total
> size of reservations. This can cause wasm code reservations to fail
> because wasm memories used all available reservation space.
> This CL introduces a soft limit which is used when allocating wasm
> memory with full guards. If this limit is reached and the respective
> flag is set, we fall back to allocation without full guards and check
> against the hard limit. Code reservations always check against the hard
> limit.
>
> R=ahaas@chromium.org
>
> Bug: v8:8196
> Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
> Reviewed-on: https://chromium-review.googlesource.com/1233614
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56028}
TBR=ahaas@chromium.org,clemensh@chromium.org
Change-Id: If645e738b4a5800eceabd993738ac2285f4a63bc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8196
Reviewed-on: https://chromium-review.googlesource.com/1233834
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56031}
Unification: now BodyDescriptor deals with all weakness types.
This doesn't replace the weak list pointers with in-place weak references, since
it would cause extra work: we anyway recreate the lists after GC, so we
shouldn't track them at all during GC.
BUG=v8:7308
Change-Id: Ifb2f573d3e7ee311136b59e185cc659487c9cab3
Reviewed-on: https://chromium-review.googlesource.com/1229894
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56030}
Currently, wasm memory and wasm code use a shared limit for the total
size of reservations. This can cause wasm code reservations to fail
because wasm memories used all available reservation space.
This CL introduces a soft limit which is used when allocating wasm
memory with full guards. If this limit is reached and the respective
flag is set, we fall back to allocation without full guards and check
against the hard limit. Code reservations always check against the hard
limit.
R=ahaas@chromium.org
Bug: v8:8196
Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
Reviewed-on: https://chromium-review.googlesource.com/1233614
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56028}
When module instantiation fails, we need to throw an exception or raise
an error additionally to just returning an empty handle. This change
adds an extra DCHECK to make sure this is not forgotten.
Bug: v8:8015
Change-Id: Ib5d580ccfa2fb689e01c2bdabe856c8c4a47a853
Reviewed-on: https://chromium-review.googlesource.com/1233259
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56026}
This is a reland of 15d6d7b4ee.
Original change's description:
> [wasm] Increase code space limit to 1024 MB
>
> Liftoff increases code size, and people start deploying bigger modules.
> Increase the wasm code space limit from 512 MB to 1024 MB to account
> for this.
>
> R=titzer@chromium.org
>
> Bug: chromium:883639, chromium:872684
> Change-Id: I3a2ca29d456635f7f3aa1daef5fa2b0249dc1645
> Reviewed-on: https://chromium-review.googlesource.com/1226971
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56003}
TBR=titzer@chromium.org
Bug: chromium:883639, chromium:872684
Change-Id: I54461d2a5f32eeaf90c71768eb9f37223dd5ebb6
Reviewed-on: https://chromium-review.googlesource.com/1233256
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56025}
IIFE`s within a function are not guaranteed to be executed only once.
They can be called multiple times and compiler can inline them.
Do the one-shot optimizations only for IIFE`s from top-level code.
Bug: v8:8072, chromium:886580
Change-Id: I02370681cc3eab270edcc75ee120ca7ad768ed52
Reviewed-on: https://chromium-review.googlesource.com/1231174
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56024}
This CL is part of the effort to remove the usage of 'ebx' as it will
be the kRootRegister on ia32.
R=jgruber@chromium.org
Bug: v8:6666
Change-Id: Iad3d4718423a22790908d5028b2ec9e8b2253126
Reviewed-on: https://chromium-review.googlesource.com/1233258
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#56023}
Teach TurboFan about representation changes from Float64 to Word64 where
the input value is already known to be within the Int64 or Uint64 range.
While not all of these values have representations in Float64, those
that do can be converted to Word64 without loss of precision.
Same is true for Tagged to Word64 conversions, although here we don't
(currently) need the case for Uint64 ranges, so we can skip adding an
operator for that until it becomes necessary (there's a hard check in
the code so it'll not silently cause trouble).
Bug: v8:8178
Change-Id: Ie99b0bc9af096bd927f63b26b0a61e66454bc4ae
Reviewed-on: https://chromium-review.googlesource.com/1231593
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56022}
The JSTypedArray instance is created early on in the TypedArray
constructors, using EmitFastNewObject, which puts Undefined into
all slots. But the code might still produce an exception afterwards
leaving the JSTypedArray in a weird state. It's not a security issue
since the object doesn't escape, but it confuses the heap verifier.
Bug: chromium:885404, v8:4153, v8:7881, v8:8171
Change-Id: I5fb8131fcae69edf4a92602ed477dca305c3d6c7
Reviewed-on: https://chromium-review.googlesource.com/1233257
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56019}
The flag was not used anymore and any CollectGarbage call will finalize
marking.
Change-Id: I29ee60b187c9038acc4b42b8334546498f54f117
Reviewed-on: https://chromium-review.googlesource.com/1228013
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56018}
The test allocates a code object of maximum size. This was recently
increased to 1GB. This makes the test run OOM on some native arm and
mips devices.
TBR=ahaas@chromium.org
No-Try: true
Change-Id: Ie6cc50e92493c341c3205e9a6efa547d3d489275
Reviewed-on: https://chromium-review.googlesource.com/1233333
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56013}
This CL introduces the global default microtask queue as the replacement
of Heap::microtask_queue and Isolate::pending_microtask_count.
Bug: v8:8124
Change-Id: I0a6a7618a1a6ca7ceaf370dc15917a6b3690542c
Reviewed-on: https://chromium-review.googlesource.com/1226760
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56012}
V8 does not abort incremental marking anymore.
Bug: chromium:843903
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Id39e9cf8ef2afc388bab2bbad1d458ee2649f8e8
Reviewed-on: https://chromium-review.googlesource.com/1226889
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56009}
This is the next step to support large array buffers. On 64-bit archs
the full safe integer range is available (up to 2^53-1 bytes in theory).
On 32-bit platforms the full Unsigned31 range is allowed, so that we can
continue to use CheckBounds for typed arrays and data views in the
optimizing compiler (it's generally unlikely that the kernel will give
you more than 1GiB of contiguous memory anyways).
Drive-by-fix: This introduces proper chokepoints for the byte_offset
and byte_length accesses in the CSA code, and also does some renaming
for consistency.
Bug: v8:4153, v8:7881, v8:8171
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I92a767638532ca9f86084398ce72556c5180cc6e
Reviewed-on: https://chromium-review.googlesource.com/1228377
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56008}
This is a reland of bf5ea8138c
Original change's description:
> [tracing] allow dynamic control of tracing
>
> If the trace_buffer_ was null, we were returning a pointer to a static
> flag back that permanently disabled that particular trace point.
>
> This implied an assumption that tracing will be statically enabled at
> process startup, and once it is disabled, it will never be enabled
> again. On Node.js side we want to dynamically enable/disable tracing as per
> programmer intent.
>
> Change-Id: Ic7a7839b8450ab5c356d85e8e0826f42824907f4
> Reviewed-on: https://chromium-review.googlesource.com/1161518
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
> Cr-Commit-Position: refs/heads/master@{#54903}
Change-Id: Ie2a9ebbaf59d3be1918864cc3c192671fb5550c3
Reviewed-on: https://chromium-review.googlesource.com/1188529
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56007}
For 64-bit indices it's not safe to pass Truncation::Word32() for
indices, as operations will incorrectly truncate the outputs to
32-bit integers. There's also not really a point in not passing
Truncation::Any(), but it might have performance impact (since we
misuse IsUsedAsWord32 in various places).
Bug: v8:8178
Change-Id: Ie33b8e03a82e46e314dfb3f268c74c9356653aec
Reviewed-on: https://chromium-review.googlesource.com/1230653
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56006}
Handle the case when one or both of the output nodes of an I64Atomic op
are optimized, for code-gen instructions that use a set of fixed
registers, use temp registers to ensure the registers are not
clobbered.
BUG:v8:6532
Change-Id: I52763c48d615cdf3ae8d754402b11da2df31a4a1
Reviewed-on: https://chromium-review.googlesource.com/1195910
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56004}
