In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I67420b74440c7620b0eb3aa7980b08c0e43a1e75
Reviewed-on: https://chromium-review.googlesource.com/1125729
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54211}
The JSCallReducer could in theory inline the default resolve and reject
functions passed to the executor in the Promise constructor. But that
inlining is almost never triggered because we don't have SFI based feedback
in the CallIC. Also the use of the Promise constructor is discouraged,
so we shouldn't really need to squeeze the last bit of performance out
of this even in the future.
Getting rid of this optimization will make significantly easier to
implement the Swallowed Rejection Hook, as there's less churn on the
TurboFan side then.
Bug: v8:7919
Change-Id: If0c54f1c6c7ce95686cd74232be6b8693ac688c9
Reviewed-on: https://chromium-review.googlesource.com/1125926
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54210}
Recent changes in SerializerReferences (see https://crrev.com/c/1113930)
opened up these minor improvements to the builtin serializer allocator,
since we now have dedicated BuiltinReferences.
R=yangguo@chromium.org
Bug: v8:7887
Change-Id: Ie76a52a88ef4075c63c5eb2eaa81382c52325688
Reviewed-on: https://chromium-review.googlesource.com/1125844
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54207}
No need to iterate over imported functions just to skip them in the
loop body anyway.
R=mstarzinger@chromium.org
Bug: v8:7754
Change-Id: I8dabf8d6ee7d0cc029b6236cef319cf8e70e4a5b
Reviewed-on: https://chromium-review.googlesource.com/1125802
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54206}
This reverts commit e438d5d4de.
Reason for revert: TSAN failures - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/21357
Original change's description:
> [heap] Make objects allocated in new_lo_space look like young generation objects.
>
> The scavenger still does not handle young generation large objects correctly.
> This will be added in a follow-up CL.
>
> Bug: chromium:852420
> Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
> Reviewed-on: https://chromium-review.googlesource.com/1124477
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54197}
TBR=ulan@chromium.org,hpayer@chromium.org
Change-Id: Ief44cfd841278f2d53d51f3a21c03b70b8025a7a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:852420
Reviewed-on: https://chromium-review.googlesource.com/1125979
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54205}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2f2c031c03d56d360ef940fc925e0583e6ae31dc
Reviewed-on: https://chromium-review.googlesource.com/1125720
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54202}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Splits HEAP_CONSTANT_LIST into HEAP_MUTABLE_IMMOVABLE_OBJECT_LIST and
HEAP_IMMUTABLE_IMMOVABLE_OBJECT_LIST. The CSA accessors then use the
appropiate ReadOnlyRoots or Heap accessor to get hold of the object.
Bug: v8:7786
Change-Id: I3bdf868b5e224f8794c85307e1b4569480cebd1c
Reviewed-on: https://chromium-review.googlesource.com/1125725
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54199}
This change may slow down deserialization of the snapshot but may result in less fragmentation.
Bug: v8:7887
Change-Id: Id8bb9f1a561b08b7ae0f10b80aa77bc00eb23172
Reviewed-on: https://chromium-review.googlesource.com/1125722
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54198}
The scavenger still does not handle young generation large objects correctly.
This will be added in a follow-up CL.
Bug: chromium:852420
Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
Reviewed-on: https://chromium-review.googlesource.com/1124477
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54197}
This is a preliminary step before changing the way we store zone pointers in the zones.
Bug: v8:7903, v8:7754
Change-Id: I1e1af1823766c888ee0f8fe190f205f5b7e21973
Reviewed-on: https://chromium-review.googlesource.com/1118887
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54193}
This is a reland of 8e0f67be3f
Previously landed as: 3c4d0316e4 / 1065818
Previously landed as: 8e0f67be3f / 1088890
Original change's description:
> [async] Expose async hooks to d8
>
> This implementation follows the Node.js API as a guideline.
Bug: chromium:850530
Change-Id: I8ba22b11c80328108b197d687826ce0198420c9c
Reviewed-on: https://chromium-review.googlesource.com/1125679
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54191}
This is a reland of 3dfaf8264f
Original change's description:
> [debug] liveedit in native
>
> Liveedit step-by-step:
> 1. calculate diff between old source and new source,
> 2. map function literals from old source to new source,
> 3. create new script for new_source,
> 4. mark literals with changed code as changed, all others as unchanged,
> 5. check that for changed literals there are no:
> - running generators in the heap,
> - non droppable frames (e.g. running generator) above them on stack.
> 6. mark the bottom most frame with changed function as scheduled for
> restart if any.
> 7. for unchanged functions:
> - deoptimize,
> - remove from cache,
> - update source positions,
> - move to new script,
> - reset feedback information and preparsed scope information if any,
> - replace any sfi in constant pool with changed one if any.
> 8. for changed functions:
> - deoptimize
> - remove from cache,
> - reset feedback information,
> - update all links from js functions to old shared with new one.
> 9. swap scripts.
>
> TBR=ulan@chromium.org
>
> Bug: v8:7862,v8:5713
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
> Reviewed-on: https://chromium-review.googlesource.com/1105493
> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54146}
TBR=dgozman@chromium.org
Bug: v8:7862, v8:5713
Change-Id: I163ed2fd2ca3115ba0de74cb35a6fac9e40fdd94
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1124879
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54187}
This is an optimization to avoid an unneeded "mov <reg>, #0"
instruction. Instead, we can just directly use the zero register.
R=ahaas@chromium.org
Bug: chromium:854011, v8:6600
Change-Id: I187d7a659c42d7d4a6d5798eddff8b7ee0983bbc
Reviewed-on: https://chromium-review.googlesource.com/1124684
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54186}
We need to push the sign-extended constant instead of just the lower 32
bits. Otherwise, the callee might read stale data from the stack.
Bug: chromium:854011, v8:6600
R=ahaas@chromium.orgCC=rodolph.perfetta@arm.com
Change-Id: Iafcfd6ba9532771615b41215fb4d1a2b85ce5623
Reviewed-on: https://chromium-review.googlesource.com/1124683
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54185}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ifd2f75298bacd2f6a89c551f689d269a59d87e97
Reviewed-on: https://chromium-review.googlesource.com/1124470
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54183}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ia24803003f1e6ce0782dffe448c662695620f026
Reviewed-on: https://chromium-review.googlesource.com/1124326
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54182}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2cc63ffc5b6df537fa7772356acd9e8b3cf59352
Reviewed-on: https://chromium-review.googlesource.com/1124322
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54181}
Using CpuProfile pointer is not safe for id as the profile objects
can be recreated on the same memory address.
Use sequential numbers instead.
Change-Id: I7253605819055bc3396b797f9ce27669e8c2584d
Reviewed-on: https://chromium-review.googlesource.com/1123325
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54180}
Also move some helpers there.
Bug: v8:7902
Change-Id: I1ef3d1e8317102afae2861382e9ba60b0ef6bba4
Reviewed-on: https://chromium-review.googlesource.com/1121461
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54179}
Moves STRUCT_LIST AND ALLOCATION_SITE_LIST into roots.h and adds access
to their associated maps using ReadOnlyRoots.
Also corrects the location of external_map, message_object_map,
empty_script, many_closures_cell, invalid_prototype_validity_cell and
builtins_constants_table which are not in RO_SPACE.
Finally this adds a convenience ReadOnlyRoots(Isolate*) constructor.
Bug: v8:7786
Change-Id: I4982dd0cbea2062a124605678599ba48831f020f
Reviewed-on: https://chromium-review.googlesource.com/1124319
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54178}
Tests cctest/test-run-wasm-simd/RunWasm_I16x8ConvertI32x4_turbofan
and cctest/test-run-wasm-simd/RunWasm_I8x16ConvertI16x8_simd_lowered
will be skipped for big endian until implementation for big endian is
done correctly.
Change-Id: Ia6253070ede207f437e4b710a656bce8d65e412e
Reviewed-on: https://chromium-review.googlesource.com/1113307
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54176}
An i64 to i32 conversion within the same register is a noop on arm64,
since i32 operations just use the "W" part of the register anyway.
R=ahaas@chromium.orgCC=rodolph.perfetta@arm.com
Bug: v8:6600
Change-Id: Ia7cb49673c4997dc095736a054d052ffd91bb957
Reviewed-on: https://chromium-review.googlesource.com/1124449
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54175}
This CL adds a regression test that will check that the elements
pointer is properly reloaded after the JavaScript comparison
function is called during Array.p.sort.
R=jgruber@chromium.org
Bug: chromium:859809
Change-Id: I15f55fcc1906bd8d0751596e5457367a643b92da
Reviewed-on: https://chromium-review.googlesource.com/1124475
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54174}
Most scanner logic doesn't need to care about surrogate pairs, so we can just
push it down to identifier scanning.
This CL additionally drops some explicit kEndOfInput checks that are subsumed
by predicates seemlessly returning false for kEndOfInput (-1).
Change-Id: If031a9355ab5fbca0c3b647045e3034f42923979
Reviewed-on: https://chromium-review.googlesource.com/1124447
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54172}
It turns out we can just remove kReturnVariable from the normal change
tracking, since it's always set when jumping to the final label anyway.
Bug: v8:7793
Change-Id: I6d0a777016047aa31b0edddd19c661e2631e1078
Reviewed-on: https://chromium-review.googlesource.com/1124471
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54171}
Instead of installing code dependencies during graph reduction,
install them after code generation.
Bug: v8:7902, v8:7790
Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
Reviewed-on: https://chromium-review.googlesource.com/1119913
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54170}
Variables/return values with constexpr type cannot have multiple
assignments. We check this now.
For conditionals, it is important to always infer a non-constexpr type.
This CL adds the ability to map any type (including union types) to be
mapped to their non-constexpr variant. Conditionals infer their type as
the non-constexpr version of a combination of the two branch types.
In addition, this improves subtyping for constexpr types:
If A extends B, then constexpr A extends constexpr B.
This makes it necessary to clean up "constexpr String", which has nothing
to do with tagged values.
Bug: v8:7793
Change-Id: Ia4d3cd5dc98f45b0ec89adf05c5c6111a0e51cc6
Reviewed-on: https://chromium-review.googlesource.com/1122864
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54167}
This CL is a manual revert of the Array.p.sort Torque QuickSort
implementation.
The plan is to ship TimSort in either Chromium 69 or 70 and not ship
Torque-QuickSort at all (to keep disruption to a minimum). For this
reason we revert back to the implementation in array.js.
R=jgruber@chromium.org
Bug: chromium:859809, v8:7382
Change-Id: I92eb70408883f51d98311e78642f554316bc1e76
Reviewed-on: https://chromium-review.googlesource.com/1124334
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54166}
When calling a builtin via a function pointer, torque tries to find any
builtin with the same parameter types for a descriptor. If no such
builtin exist, we currently crash.
Example:
type DoesNotExistFn = builtin(Context, Smi, Smi, Smi) => Smi;
macro TestMacro(c: Context, fn: DoesNotExistFn) {
let result: Smi = fn(c, 1, 2, 3);
}
R=tebbi@chromium.org
Bug: v8:7793
Change-Id: Ia7436dc6541aca5de2e8dcb6b2a09978a1af9d39
Reviewed-on: https://chromium-review.googlesource.com/1123821
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54165}
The current output of release builds is not very helpful, as it does
not contain the line number, nor the values of {expect_exception} or
{i_isolate->has_pending_exception()}.
R=ahaas@chromium.org
Bug: chromium:854011
Change-Id: I0bc1b8be6151d5420310eb67b2ebd0dc866fc9a6
Reviewed-on: https://chromium-review.googlesource.com/1122869
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54164}
