This code must move into builtins since --jitless disallows executable
memory allocation at runtime. Removing CPU-dependent code will make that
step easier.
The hope is that processors have gotten better in the last couple of
years and this code is unnecessary by now.
Bug: v8:8675
Change-Id: I1f2f104befc5f65f1dd69e9643cc51290d2465b8
Reviewed-on: https://chromium-review.googlesource.com/c/1407061
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58770}
This is a reland of 2d2c137492 without
changes. Offending chromium tests have been modified.
Original change's description:
> Reland^2 "[turbofan] Use feedback when reducing global loads/stores."
>
> This reverts commit ac85ab0a3d. A
> chromium test caused trouble and was taken care of in
> https://chromium-review.googlesource.com/c/1384064.
>
> Original change's description:
> > [turbofan] Use feedback when reducing global loads/stores.
> >
> > We already record the script context location or the property cell
> > as feedback of the global load/store IC, so Turbofan doesn't need
> > to do the lookups again.
>
> TBR=sigurds@chromium.org
>
> Change-Id: I58bcd9bceec2f9cf401f7b0fc4460a6da6cd0abc
> Reviewed-on: https://chromium-review.googlesource.com/c/1386404
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58393}
Change-Id: Ic6734201a6c45f2752488ab44b16859776802f51
Reviewed-on: https://chromium-review.googlesource.com/c/1408252
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58769}
Failure to make snapshot in debug mode on MIPS was caused by bad
floating point register allocation for function parameters. According to
MIPS convention, floating point parameters cannot be stored on odd
numbered floating point register. Which was the case (f7 was allocated).
This patch ensures that f12 and f14 are used for storing fp parameters.
To be able to determine types of parameters in InitializePlatformSpecific
method, InitializePlatformIndependent has to be executed first.
InitializePlatformIndependent requires number of parameters in arguments.
That is the reason for changing definitions of CompareDescriptor and
BinaryDescriptor classes.
Change-Id: I7d723e03385f756114df60e33798400e97d99d8f
Reviewed-on: https://chromium-review.googlesource.com/c/1400415
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58768}
It removes the assertion that caused the bug report by introducing a new
trampoline (WasmBigIntToI64) for the conversion code stub between a Bigint
object and a Wasm i64 BigIntToI64).
The tests were updated to cover calling the stub from a Wasm callsite.
Bug: v8:8625
Change-Id: I55891001cfa72f6f2849792293b43bbb54147f1a
Reviewed-on: https://chromium-review.googlesource.com/c/1405028
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58767}
This reverts commit 4a9f186bde.
Reason for revert: Regresses microbenchmarks. https://crbug.com/v8/8675#c5
Original change's description:
> [ia32] Remove custom MemMove function
>
> It isn't clear whether our custom generated MemMove function provides
> any benefits over std::memmove. This is an attempt to remove it. If
> bots seem unhappy we can revert.
>
> Bug: v8:7777,v8:8675
> Change-Id: I7f1a6e3050b6e635618593c04f7d51e448426ee2
> Reviewed-on: https://chromium-review.googlesource.com/c/1405854
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58748}
TBR=jkummerow@chromium.org,jgruber@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:7777, v8:8675
Change-Id: Ia4ad37070f433f76b1158e90835162aefe38abdd
Reviewed-on: https://chromium-review.googlesource.com/c/1407063
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58766}
.rdata is the default section which hosts read-only data for COFF. Use this
default section name avoids creating a new .rodata section with explicit
read-only property.
Bug: chromium:919180
Change-Id: I7325cbcfdb142b3ee15de93b7881f755c365d6e6
Reviewed-on: https://chromium-review.googlesource.com/c/1407240
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58764}
- 'let' instead of 'var', and prefer 'const'
- Prefer for-of over indexed interation
- Variable names should be 'camel-case' or
all-caps snake-case.
- Only one variable declaration per line
Change-Id: I645dd2333d6d9a993f24c29121f5f156249f1b71
Notry: true
Bug: v8:7327
Reviewed-on: https://chromium-review.googlesource.com/c/1405320
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58761}
Bug: chromium:917215
Change-Id: Ie2127953a8ce3d6da4feb3478039ba318774e21d
Reviewed-on: https://chromium-review.googlesource.com/c/1404176
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58755}
This reverts commit e2d44ede95.
Reason for revert: Breaks GC stress tests - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/23527
Original change's description:
> [parser] Inline byte scope data into PreparseData object
>
> Each PreparseData object had at least one pointer to a PodArray for its
> serialized scope data. These objects usually have only tens of bytes of
> payload. By inlining the byte data we save 3 words per PreparseData object.
> This optimization saves 140KB of data on cnn.com.
>
>
> - Store data_length and inner_length as int32 saving a words on 64bit
> - Inline store byte data into PreparseData
> - OnHeapConsumedPreparseData directly uses the PreparseData object
> - get_inner, set_inner no longer allow Null sentinels
>
> Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
> Reviewed-on: https://chromium-review.googlesource.com/c/1406673
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58751}
TBR=ulan@chromium.org,cbruni@chromium.org,leszeks@chromium.org
Change-Id: I39d92ee7bd2864e1b0c3a8fed4a11b68b3e14d58
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1407073
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58753}
Port 4ab96a9a81
Original Commit Message:
Remove the use of a jump table in the prologue of the deopt entries
and instead pass the bailout id explicitly in a register when calling
the deopt entry routine from optimized code. This unifies the logic
with the way the Arm64 code works. It saves the following amount of
memory in code stubs:
- arm: 384KB
- ia32: 480KB
- x64: 240KB
This could be offset by a slight increase in the size of optimized code
for loading the immediate, however this impact should be minimal and
will scale with the maximum number of bailout ids (e.g., the size of
code will increase by one instruction per bailout id on Arm, therefore
~98,000 bailouts will be needed before the overhead is greater than
the current fixed table size).
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Id5762334b21e6a91e5ce44b7db1e38ace9147372
Reviewed-on: https://chromium-review.googlesource.com/c/1406026
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58752}
Each PreparseData object had at least one pointer to a PodArray for its
serialized scope data. These objects usually have only tens of bytes of
payload. By inlining the byte data we save 3 words per PreparseData object.
This optimization saves 140KB of data on cnn.com.
- Store data_length and inner_length as int32 saving a words on 64bit
- Inline store byte data into PreparseData
- OnHeapConsumedPreparseData directly uses the PreparseData object
- get_inner, set_inner no longer allow Null sentinels
Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
Reviewed-on: https://chromium-review.googlesource.com/c/1406673
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58751}
The fuzzers were already removed on the chrome side and therefore
inactive, see https://crrev.com/c/1194228.
R=machenbach@chromium.org
Bug: v8:8562
Change-Id: I0cf5ec6d07e07452c5168ea952f45028bcea1c85
Reviewed-on: https://chromium-review.googlesource.com/c/1406678
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58750}
Forced GCs are performed during memory benchmarking to record memory usage,
and as such, should not age the bytecode and cause it to be prematurely flushed.
BUG=v8:8395
Change-Id: I75c16d8fec29963e49d70738c6a399fd826f6e8b
Reviewed-on: https://chromium-review.googlesource.com/c/1393298
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58749}
It isn't clear whether our custom generated MemMove function provides
any benefits over std::memmove. This is an attempt to remove it. If
bots seem unhappy we can revert.
Bug: v8:7777,v8:8675
Change-Id: I7f1a6e3050b6e635618593c04f7d51e448426ee2
Reviewed-on: https://chromium-review.googlesource.com/c/1405854
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58748}
When logging with --logfile-per-isolate, we use isolate addresses
to disambiguate. However, it often happens that the isolate addresses
are identical for different renderers, so we corrupt the log files.
This CL adds pid to the log filename when --logfile-per-isolate is on.
Bug: v8:8674
Change-Id: Id664b17d4dbaad2d805379dbe17ecbe08e4ae1f4
Reviewed-on: https://chromium-review.googlesource.com/c/1405853
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58746}
Drive-by-fix:
- Add several iterator instance types to user objects
- Add JSProxy instance type to user objects
- Rename *PRE_PARSED_SCOPE* to *PREPARSE_DATA*
Change-Id: Ia1304871c91bb4e7e46ae0aef6084ded985b9a9f
Reviewed-on: https://chromium-review.googlesource.com/c/1405040
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58745}
TestSuite has a static method LoadTestSuite that should properly configure the
TestSuite instance (i.e. loaded status files and tests), however the method
leaves some configuration logic to the caller.
The leaky abstraction causes the caller to do a bunch of loading operations (see
the removed methods in base_runner.py).
This CL isolates the TestSuite loading logic to the static method only.
This is a refactoring only change without any intended logical changes.
R=machenbach@chromium.org
CC=yangguo@chromium.org,sergiyb@chromium.org
Bug: v8:8174
Change-Id: I105059c9c9e050f03bb584174e2bd7ceeae2b228
Reviewed-on: https://chromium-review.googlesource.com/c/1396417
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58744}
It is not legal for destructuring patterns and identifiers in declarations
to be in parentheses. This includes nested patterns/identifiers inside
another pattern.
We were checking sub-patterns for parentheses when parsing possible
sub-patterns, but this check missed sub-patterns with a default
initialiser (e.g. [({x:y})=1] = {}), as the AssignmentExpression hid
the pattern.
So, we now additionally record declaration/pattern errors of an assignment
LHS when parsing the assignment cover grammar.
Bug: v8:8630
Change-Id: Ia5a97003671fc1da7f68d7fb15943928ce9496e3
Reviewed-on: https://chromium-review.googlesource.com/c/1404452
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58743}
This fixes two places that used the marking write barrier for elements
instead of the new marking write barrier for descriptor array.
This also ensures that revisited objects are marked black.
Bug: v8:8651,chromium:917794
Change-Id: Ifc17ff89686f32ccf61d4b3f764b0ab536c42912
Reviewed-on: https://chromium-review.googlesource.com/c/1406670
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58742}
The JSRegExp's data fixed array is variable size depending on the
regexp kind.
Bug: v8:8572
Change-Id: I8f07b8e8d2a9a81e0905563fb701e1e3687cafb5
Reviewed-on: https://chromium-review.googlesource.com/c/1405034
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58741}
As far as I can tell these were unused; their only callers were arm
and ppc simulators, but codegen explicitly returned nullptr if in a
simulator build, falling back to std::sqrt.
There's more potential cleanup to be done here for other functions
defined in codegen-*.cc files.
Tbr: clemensh@chromium.org
Bug: v8:7777, v8:8675
Change-Id: I4b9d6062c6724a810ab094d09e3cd04a0b733d9b
Reviewed-on: https://chromium-review.googlesource.com/c/1405851
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58740}
This reverts commit fd49c8bb43.
Reason for revert: Speculative revert for:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/24672
Original change's description:
> [heap] Optimize MemoryChunk::FromAnyPointerAddress
>
> Currently this function requires the caller to hold a mutex for the
> large page chunk hashtable and performs a hashtable lookup.
>
> This patch adds a header sentinel field in each MemoryChunk. The field
> is then used to distinguish large object slots from ordinary slots.
>
> Bug: chromium:915233
> Change-Id: I9fbeeb4f07f49573d0a21f9a2cc934370e417d68
> Reviewed-on: https://chromium-review.googlesource.com/c/1391752
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58732}
TBR=ulan@chromium.org,mlippautz@chromium.org
Change-Id: I232729fdfd55baef7de99ea2fd14fbc0a2f71d27
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:915233
Reviewed-on: https://chromium-review.googlesource.com/c/1406671
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58738}
This unifies the code between parser and preparser, and removes more code from
the pattern rewriter.
This makes "var x" without assignment and initializer in a loop pessimistically
marked as assigned, but that seems pretty unlikely since the variable will just
always be undefined. It is also still strictly better than what we had until
very recently since any var outside of the function scope used to be marked as
assigned. Now we only mark such variables as assigned.
Change-Id: Icb37ab249b2a79c2d57a5769bdb964b435cebf62
Reviewed-on: https://chromium-review.googlesource.com/c/1405228
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58736}
Dynamically process the arguments instead of hardcoding them,
which is brittle when they change.
Change-Id: I08f603dc6df6e3ed34518326b67da15f6a6d6102
Reviewed-on: https://chromium-review.googlesource.com/c/1405312
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58733}
Currently this function requires the caller to hold a mutex for the
large page chunk hashtable and performs a hashtable lookup.
This patch adds a header sentinel field in each MemoryChunk. The field
is then used to distinguish large object slots from ordinary slots.
Bug: chromium:915233
Change-Id: I9fbeeb4f07f49573d0a21f9a2cc934370e417d68
Reviewed-on: https://chromium-review.googlesource.com/c/1391752
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58732}
In the degenerate case where we wanted to emit {x = x - x} (where {x}
is any register), ia32 and x64 generated wrong code (producing {-x + -x}
instead). Fix this by special casing this case.
R=ahaas@chromium.org
Bug: chromium:919308
Change-Id: I9cd9818d2a678450ac6530107e7a5cbb625ddb8d
Reviewed-on: https://chromium-review.googlesource.com/c/1405029
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58731}
Found by mjsunit/numops-fuzz-part* tests in stress mode.
Bug: v8:3770
Change-Id: I598885b37624660dabb90f55529615b872d10d93
Reviewed-on: https://chromium-review.googlesource.com/c/1405313
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58729}
Also fix an issue with naming in Array.prototype.filter that
wasn't addressed before.
Change-Id: I7465eda12e6981f46f6efa2efc81183cbdffea01
Reviewed-on: https://chromium-review.googlesource.com/c/1400847
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58728}
This change makes it less likely to pick one of the registers that
are not byte addressable on ia32. This is not a correctness issue but
fixes some code size and runtime regressions.
After the change to prefer registers that are not used in hinting, it
was very likely that one of the registers that are not byte addressable
was chosen, leading to extra code in cases where the carry flags was
materialized as a real boolean value. With this change, we pick the first
register that is not used in hinting, thereby mostly using byte
addressable registers on ia32.
Change-Id: I42968cf3fd7b7db949d275c40d0afeb74b5e48c3
Reviewed-on: https://chromium-review.googlesource.com/c/1404450
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58726}
This avoids having to update either the source code or the generated
test cases each year.
R=ahaas@chromium.org
Change-Id: I33fb85dc4ae7d45f8d05d982e0285d6fd3008a26
Reviewed-on: https://chromium-review.googlesource.com/c/1405032
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58725}
i64 values can be up to 20 characters long (19 + sign), plus we need
one character for the terminating null character. Thus the previous 18
needs to be increased to 21.
Also extend the test to check the longest possible i64 values.
R=ahaas@chromium.orgCC=kozyatinskiy@chromium.org
Bug: v8:8644
Change-Id: Ia9458db162a55dd57b5e8bc7cf7db73c3bab4734
Reviewed-on: https://chromium-review.googlesource.com/c/1404443
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58724}
In {Assembler::and_} we might need to use the scratch register. Thus use
a free LiftoffRegister instead to emit i32 popcnt.
R=ahaas@chromium.orgCC=george.wort@arm.com
Bug: chromium:918284
Change-Id: Ia814899bf6e33dd4989fd09329542b4bc09b48df
Reviewed-on: https://chromium-review.googlesource.com/c/1405036
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58723}
As a follow-up of https://crrev.com/c/1372857 that repordered
the parameters of JSEntry, this CL updates JSEntry for MIPS64 for new
ordering.
Bug: v8:8124
Change-Id: Ia7efab0e22e48cfe36420654bd2b724986202027
Reviewed-on: https://chromium-review.googlesource.com/c/1406528
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58722}
As a follow-up of https://crrev.com/c/1372857 that repordered
the parameters of JSEntry, this CL updates JSEntry for MIPS for new
ordering.
Bug: v8:8124
Change-Id: Ic7f22a4f59b1c15a959a3249b4f13cd8f3f1c331
Reviewed-on: https://chromium-review.googlesource.com/c/1405166
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58721}
