When leak sanitizer is active, an LsanVirtualAddressSpace is used and
takes care of marking the allocated pages as lsan root regions.
Bug: chromium:1276767
Change-Id: I3d8a61f7d3c59e4574e46707d2217031a32e3f0e
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314828
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78251}
Add APIs to surface VMState and new EmbedderState to CpuProfile samples.
EmbedderState:
* An EmbedderState is defined as a value uint8_t and a v8::context used
for filtering.
* EmbedderStates are stack allocated by the embedder, construction and
destruction set/unset the state to the isolate thread local top.
* A v8::context is used to filter states that are added to a CpuProfile,
if the CpuProfile do not have a ContextFilter set or if contexts do not
match, state defaults to Empty.
* v8:StateTag is already propagated all the way to a Sample, simply add
an API to surface it.
VMState:
Change-Id: I7eed08907360b99b0ad20ddcff59c95c7076c85e
Bug: chromium:1263871
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3188072
Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78250}
Like https://crrev.com/c/3283074; iterating the unordered set is not
deterministic, so sort compile deps before iterating if --predictable is
set.
Bug: v8:12465,v8:12397
Change-Id: Ia0cc299b197e9c84f4fd3fbc70d592656cf4bd43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310911
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78249}
--dump-counters and --dump-counters-nvp are only functional in d8, thus
they should be d8-only flags.
R=mlippautz@chromium.org
Bug: v8:12464
Change-Id: Ie3295990a1b4691ab95f8403ff6d9932543b03cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312275
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78247}
The same Code object can and does deopt multiple times when called
recursively and thus present on the stack in >1 activations.
Fixed: v8:12458
Change-Id: Ib34d6bae4aa0ea2e31731c5a6e8e85a878362621
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314824
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78246}
This CL reverts two diagnosing CLs that introduced same-thread CHECKS,
recovering all introduced performance regressions.
We will try to add less performance-sensitive checks again in a follow
up.
This reverts commit 0c2bbfd5bb.
This reverts commit 6643c05940.
Bug: chromium:1253650, chromium:1243257, chromium:1274201
Change-Id: I96c41c39c4f58b062574fa11c4a2d76ad030bcf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3315437
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78245}
This is a reland of f68242bcb0, with
fixes for UBSan (double-fixed, actually).
Original change's description:
> [codegen] Reduce size of safepoint table fields
>
> Code objects are often small and do not use the full integer range of PC
> offsets and deoptimization indexes. Reducing the size of these fields to
> the required size per table reduces the overall size of safepoint tables
> by roughly 25%.
>
> R=jkummerow@chromium.org
>
> Bug: v8:12401
> Change-Id: Ie6889a70782f5510436a1d05d31d17aac0bfec6e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306556
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78216}
Bug: v8:12401
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Change-Id: I2aa7f6448afd3350b0cc3d09a0f4ac18fcab0928
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310806
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78244}
This CL makes sure that the API reports an error if the embedder
attempts to create a fast API function which could be used as a
constructor. It also adds corresponding cctest.
Bug: chromium:1052746
Change-Id: I36e51b298889900131bd5c3894134df3d8d28e5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314856
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78243}
In particular
* use variadic templates in BodyDescriptorApply(),
* ensure all the relevant classes have BodyDescriptor definition,
* ensure "objects-body-descriptors[-inl].h" headers are included only
where necessary.
Bug: v8:12425
Change-Id: I7a95ed94bf62952e3d22d419d4a65ad2fe959d57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312273
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78242}
Use an atomic marking state in all builds - even builds with concurrent
marking disabled. This will allow us to simplify our code a bit.
This CL starts by always using MajorMarkingState for
MarkCompactCollector::MarkingState and removing V8_ATOMIC_MARKING_STATE.
Bug: v8:12470
Change-Id: I88a65647fb2142a63b2b51fc21391c8ef1baa82d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314864
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78241}
When performing a shared GC, we need to find references from the client
heaps into the shared heaps. For now we achieve this by simply
iterating all objects in client heaps.
We need to do this both for marking and when updating pointers after
evacuation.
Bug: v8:11708
Change-Id: Ic1dd94cc352be0404095e548979c37b1ef25682a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300142
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78240}
It points at an uint8_t array, not a single uint8_t.
Fixed: chromium:1276455
Change-Id: I221c911b7fc71803e2c79f7a755fe73928e6ffa0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3317418
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78239}
This interface is meant to eventually replace the existing
v8::PageAllocator interface. Beyond general refactoring of the
PageAllocator APIs, the new interface now supports the concept of
(contiguous) address space reservations, which previously had to be
implemented through page allocations. These reservations now make better
use of provided OS primitives on Fuchsia (VMARs) and Windows
(placeholder mappings) and can be used to back many of the cages and
virtual memory regions that V8 creates.
The new interface is not yet stable and may change at any time without
deprecating the old version first.
Bug: chromium:1218005
Change-Id: I295253c42e04cf311393c5dab9f8c06bd7451ce3
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3301475
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78235}
Rolling v8/build: 746224d..b0031ae
Rolling v8/buildtools/clang_format/script: 99876ca..e435ad7
Rolling v8/buildtools/linux64: git_revision:b79031308cc878488202beb99883ec1f2efd9a6d..git_revision:e0afadf7a743d5b14737bd454df45d5f1caf0d23
Rolling v8/buildtools/third_party/libunwind/trunk: 0f447a3..74c6eec
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/dbf8536..32ccf21
Rolling v8/third_party/depot_tools: 3e68015..203a644
Rolling v8/third_party/googletest/src: 1b26064..d61d4d8
Rolling v8/tools/luci-go: git_revision:d3f13de997dcae45d2af9210be74e7eb96a98268..git_revision:3de46a51120f37b29e3552d36ad2aa5882961a05
Rolling v8/tools/luci-go: git_revision:d3f13de997dcae45d2af9210be74e7eb96a98268..git_revision:3de46a51120f37b29e3552d36ad2aa5882961a05
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I14d594e8eb7322e8ea1a505df1ee7b834833fcb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314344
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78234}
When pntr compression is enabled, `Pointer()` reads 8 bytes
whereas `TaggedPointer()` reads 4 bytes and decompresses.
TaggedPointer() in this case was causing an incorrect read
on big endian as the desired value was located on the high side
of memory.
Similar patches were also applied in this CL:
https://crrev.com/c/2057355
Change-Id: I77c449256ae1f56f2f8664f687985221badf819f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314302
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78232}
This is in preparation for supporting concurrent access in
String::SlowEquals, which will need to compare character buffers with
relaxed ordering.
Bug: v8:12007
Change-Id: Ie8ac62c15df48ebd605985c35b843b510c7ad167
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3313467
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78231}
Previously, StoreStoreElimination handled allocations as
"can observe anything". This is pretty conservative and prohibits
elimination of repeated double stores to the same field.
With this CL allocations are changed to "observes initializing or
transitioning stores".
This way it is guaranteed that initializing stores to a freshly created
object or stores that are part of a map transition are not eliminated
before allocations (that can trigger GC), but allows elimination of
non-initializing, non-transitioning, unobservable stores in the
presence of allocations.
Bug: v8:12200
Change-Id: Ie1419696b9c8cb7c39aecf38d9f08102177b2c0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3295449
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78230}
Rather than creating a ParseInfo when creating a BackgroundCompileTask
(and passing ownership across to the BG thread which deallocates it),
create one when running it.
This allows the ParseInfo Zone to be both allocated and deallocated on
the same thread, which will improve its allocator friendliness.
As a side-effect, we now use the on-heap PreparseData from the
SharedFunctionInfo, rather than cloning the in-Zone PreparseData. This
means that we don't have to copy the PreparseData across Zones, but we
do need to Unpark the LocalHeap when accessing preparse data.
Change-Id: I16d976c1ad54c1090180f2936f40a23a6dbb5904
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312483
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78228}
Finalize other finalizable jobs in FinishNow, up to a time deadline.
This deadline is set to 1ms for now, because that seems like short
enough to not get in the way of user interaction but long enough to be
worth doing here rather than doing another runtime call for the
subsequent funtions.
Change-Id: I79f0780e9318e97efee03d2d25701009ca7069d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310801
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78227}
If multiple isolates are running concurrently and one of them calls
`quit`, we should not delete the counters map, because another isolate
might still access it.
R=mlippautz@chromium.orgCC=nikolaos@chromium.org
Bug: v8:12453
Change-Id: I6d41478f188f0043b7d6055b0872574c28fd3039
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310807
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78226}
Debug build needs more scratch registers, since s0 is not added to
allocatable registers, we could use it as a scratch register.
Change-Id: I1453d78b18cd3abff83a2f0c084ed4dd92e92884
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3313967
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#78225}
This CL forwards the information that we are breaking because
of a ScheduleBreak runtime call.
Bug: chromium:1229541, chromium:1133307
Change-Id: I5eb9462c9df135bc3b3080c354e61e301d24e1ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310804
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78223}
Rolling v8/build: 99a1dc1..746224d
Rolling v8/buildtools/third_party/libc++abi/trunk: 665b74f..89f2e82
Rolling v8/buildtools/third_party/libunwind/trunk: c936d73..0f447a3
Rolling v8/third_party/android_platform: 72e09e9..abc362f
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5695a84..dbf8536
Rolling v8/third_party/depot_tools: 5deb9c9..3e68015
Rolling v8/third_party/googletest/src: bb92160..1b26064
Rolling v8/third_party/zlib: e8c257c..efd9399
Rolling v8/tools/clang: 401e727..16279ec
Rolling v8/tools/luci-go: git_revision:e4c95e4e4cdc987f1860e4111589606bcd3a8f32..git_revision:d3f13de997dcae45d2af9210be74e7eb96a98268
Rolling v8/tools/luci-go: git_revision:e4c95e4e4cdc987f1860e4111589606bcd3a8f32..git_revision:d3f13de997dcae45d2af9210be74e7eb96a98268
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I24c2e7dac871c7d80b719e7887489c1dcdb114b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3311316
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78221}
Apparently std::make_unique is not a function under MSVC!
Change-Id: I2014e8779ae3434dc265e2a030181e78085beb57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3313349
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78219}
This CL turns references to ArrayBuffer backing stores from
JSArrayBuffers, JSTypedArrays, and JSDataViews into CagedPointers
when those are enabled.
CagedPointers cannot generally represent nullptr, as NULL usually lies
outside the cage. As such, nullptr backing stores are replaced with a
special empty backing store value, which, in the current implementation,
points to the end of the cage, right in front of the trailing guard
regions. Due to this, it is no longer correct to compare a backing store
pointer against nullptr.
Bug: chromium:1218005
Change-Id: I4a6c7a82aabb4debcb6bb2babe4035ba2da8e79f
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244419
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78218}
This reverts commit f68242bcb0.
Reason for revert: UBSan error: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8828943333104509889/+/u/build/compile/stdout
Original change's description:
> [codegen] Reduce size of safepoint table fields
>
> Code objects are often small and do not use the full integer range of PC
> offsets and deoptimization indexes. Reducing the size of these fields to
> the required size per table reduces the overall size of safepoint tables
> by roughly 25%.
>
> R=jkummerow@chromium.org
>
> Bug: v8:12401
> Change-Id: Ie6889a70782f5510436a1d05d31d17aac0bfec6e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306556
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78216}
Bug: v8:12401
Change-Id: I53b574558305ac25fa8f38a843c98f653af201ba
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312488
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78217}
Code objects are often small and do not use the full integer range of PC
offsets and deoptimization indexes. Reducing the size of these fields to
the required size per table reduces the overall size of safepoint tables
by roughly 25%.
R=jkummerow@chromium.org
Bug: v8:12401
Change-Id: Ie6889a70782f5510436a1d05d31d17aac0bfec6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306556
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78216}
The stack memory will be accessed through a global list later, so the
stack pointer should be accessible without the containing
WasmContinuationObject. This also saves some unnecessary allocations and
indirections already.
R=ahaas@chromium.org
Bug: v8:12191
Change-Id: Ic3d71ecadbb13b18f0440049527ba71d657589b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312486
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78215}
Add a flag for controlling the maximum number of threads usable by the
LazyCompileDispatcher.
Change-Id: I87fc39d337a00cff0c3d152392630f48da050fff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312482
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78214}
Set the JS limit at a 40KB offset from the actual limit, like on the
native stack. This is an estimate of the maximum stack space needed for
runtime calls.
R=ahaas@chromium.org
Bug: v8:12191
Change-Id: I709d5b25c5e47d2474cf4205ebcb8ee7fc8e794c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312485
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78212}
The call to SyncStackLimit is already inlined in the previous runtime
call (WasmAllocateContinuation).
R=ahaas@chromium.org
Bug: v8:12191
Change-Id: Ie602f8317bc9ed5b5b5f9a0eb545a57602aeed42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3312484
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78210}
This allows streamed sources to also trigger parallel compile tasks. The
chunk vectors are shared via std::shared_ptr.
Clone chunked streams are initialised with a null source, and are not
allowed to fetch any more data. Similarly, the original stream is not
allowed to fetch data if it has been cloned (since the vector is shared
and would mutate if we added more data to it).
This is ok for the purposes of cloning for parallel compile tasks, as we
fully parse before cloning for the task.
Change-Id: Ic268e4956e0894acb63111bf0aaf32eaad426066
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310917
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78209}
Baseline compiler generates calls to builtin Bitwise_Baseline for
bitwise bytecodes with Smi rhs. The builtin still performs type check
for rhs even though it is known to be Smi.
This CL implements new builtins for bitwise operations which does not do
speculation for rhs.
Bug: v8:12442
Change-Id: Ia6e1b25a74d00db8c39600b4f81f6e9aa5d59253
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310520
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Cr-Commit-Position: refs/heads/main@{#78206}
... as a prerequisite for adding InstructionStream heap object.
Bug: v8:11880
Change-Id: I22b4832cedd46bee4a4c5a0d7b5032eba10b2a7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310900
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78204}
