Commit Graph

75537 Commits

Author SHA1 Message Date
Jakob Kummerow
11a1ac4bc2 Faster TypedArray.fill(0) and .fill(-1)
Calling memset directly is faster than std::fill for multi-byte element
types.

Change-Id: I83b997740146688f87b86901825e31d6644bc25b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687700
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80945}
2022-06-03 14:01:49 +00:00
Milad Fa
90804935b9 PPC/s390: [wasm-simd] Prototype relaxed integer Dot product instructions
Port a52b44f093

Original Commit Message:

    Prototype the instruction on the interpreter, and Arm64. Details of
    instruction lowerings on all relevant architectures can be found at:
    https://github.com/WebAssembly/relaxed-simd/issues/52

R=irezvov@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: Ia42e3f7fcb77d5515ee20bb428902cc3ff033f69
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688290
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80944}
2022-06-03 13:38:40 +00:00
Clemens Backes
bfe36a2eac [liftoff] Pre-reserve some space for OOL code
The {AddOutOfLineTrap} method shows up with several percent of runtime
in performance profiles. The majority of that was spent copying entries
when growing the underlying vector.
Pre-reserving space in that vector removes most of that overhead.

R=thibaudm@chromium.org

Change-Id: I1befb75b070d4f803770c2afcc5c82ffb9bfb522
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688511
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80943}
2022-06-03 13:35:19 +00:00
Milad Fa
e51b03a08a [wasm-gc] Fix LOAD_VERIFY/STORE_VERIFY on big endian
Applying the set of unittest changes from
https://crrev.com/c/3678208 to BE.

Change-Id: I02d0f2f388720e3acc35660042d5c2c76fa589e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687474
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80942}
2022-06-03 12:03:20 +00:00
Jakob Kummerow
bfd0ccf2dd [wasm] EquivalentTypes() should be symmetric
Fixed: v8:12935
Change-Id: Ib4dfdc276e6a9f465666b068bdbe31776429f359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687699
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80941}
2022-06-03 11:16:59 +00:00
Clemens Backes
83feb80465 [wasm] Release compilation time callback earlier
As the {CompilationTimeCallback} does not react to
{kFinishedCompilationChunk}, it does not need to stay alive after a
"final" compilation event.

Drive-by: Make the enum a boolean enum.

R=jkummerow@chromium.org

Bug: v8:12899
Change-Id: Iffacd6e3d9a0f2474a51f07cf01419b2badf98c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667083
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80940}
2022-06-03 10:52:30 +00:00
Clemens Backes
2d5c7a1517 [wasm][c-api] Avoid flag updates after initialization
There are two flag updates from the Wasm C-API. Both are unnecessary:
FLAG_expose_gc is not needed because we call the internal API for
garbage collection; this is always allowed.
FLAG_experimental_wasm_eh is enabled by default, so does not need to be
set to true in that test.

R=jkummerow@chromium.org

Bug: v8:12887
Change-Id: If56506228cd89d5452e71376e4c2f6a4ec636979
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687690
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80939}
2022-06-03 10:25:45 +00:00
Clemens Backes
f149912f33 [flags] Protect individual flag updates
Extend the effect of --freeze-flags-after-init to also protect updates
of individual flags instead of only the API.
For this, we wrap each flag in a {FlagValue} class which implicitly
converts to the value of the flag. Some cases still require the explicit
{value()} accessor though. That accessor is {constexpr}, in contrast to
the implicit conversion, because otherwise clang emits a lot of warnings
about dead code within "if (FLAG...)" scopes.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I87d3457e49ceb317d34d6a21cf09c520d4171eb5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683321
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80938}
2022-06-03 10:24:40 +00:00
Igor Sheludko
7b4721f8b8 [ext-code-space] Introduce CodeLookupResult
... as a pair of Code and CodeDataContainer.

In order to stop creating and using trampoline Code objects for
builtins we need a different way to represent an "embedded builtin"
code lookup result of builtin trampoline Code objects.
We can't switch to CodeT for this purpose because GC still needs to
be able to locate not yet evacuated Code objects in order to update
old code pointers on the stack once Code objects are moved.

Bug: v8:11880
Change-Id: I296636a6728a11c8e3220b3fee43fd12ff633c1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3684813
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80937}
2022-06-03 10:04:50 +00:00
Nico Hartmann
574b56110e [turboshaft] Blocks store graph generation for debug checks
Bug: v8:12783
Change-Id: Icf9e5b29863a1d4bfc8924ea34476d2a9998c391
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683322
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80936}
2022-06-03 09:53:59 +00:00
Marja Hölttä
efadd2d0a2 [rab/gsab] RAB/GSAB support for A.p.concat
It mostly worked out of the box. Only the dictionary mode prototype
chain walk code paths had to be updated.

Bug: v8:11111
Change-Id: Ia8336964d29304916a34e305f32bb33bb06e211a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683340
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80935}
2022-06-03 09:40:09 +00:00
Clemens Backes
40738e6c45 [wasm] Be more strict about allowed SIMD opcodes
This makes some checks a bit stricter to avoid accepting illegal relaxed
SIMD opcodes.

1) The default case in the Liftoff compiler should be UNREACHABLE,
   such that the switch case is required to cover all defined opcodes.
2) The {WasmOpcodes::IsRelaxedSimdOpcode} wrongly also returned {true}
   for opcodes like 0xfd300. We should really check nibbles 3-5 for the
   exact value 0xfd1.
3) {WasmOpcodes::Signature} was returning a non-null signatures for
   illegal opcodes like 0xfd200, because {IsRelaxedSimdOpcode} returned
   false, and then we would just use the lower bytes for the lookup in
   the SIMD signature table.

R=thibaudm@chromium.org
CC=gdeepti@chromium.org

Bug: chromium:1324081
Change-Id: Idbfde570ccd782e59b47b96e7ca8cc28fa7fae98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687309
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80934}
2022-06-03 09:24:30 +00:00
Marja Hölttä
9dcdfaec7d Revert 3 OSR-related commits
Reason: https://bugs.chromium.org/p/chromium/issues/detail?id=1331309

Reverted commits:

"[compiler] Remove the optimized OSR code if deoptimizing at inside of loop"

https://chromium-review.googlesource.com/c/v8/v8/+/3648219

"[compiler] Add condition use_ic to the removing the optimized OSR code logic"

https://chromium-review.googlesource.com/c/v8/v8/+/3679846

"[compiler] Add out of bytecode array to break condition of removing OSR"

https://chromium-review.googlesource.com/c/v8/v8/+/3686589


Bug: v8:12927, chromium:1330405, chromium:1330452, chromium:1330454, chromium:1330486, chromium:1330545
Change-Id: Idc335e1f6d236a7398b14b64c87da234106bee69
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687695
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80933}
2022-06-03 09:18:00 +00:00
Leszek Swirski
15d117ef7c [maglev] Fix dead fallthrough after unconditional deopt
We need to make sure that a fallthrough merge state immediately after an
unconditional deopt is also marked dead. This means rotating the loop so
that we do a first MergeDeadIntoFrameState pass on the current bytecode,
before advancing.

Bug: v8:7700
Change-Id: Ib00294a8ab7645427f1c120d4938b38719391586
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672414
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80932}
2022-06-03 08:59:50 +00:00
Clemens Backes
f220ccbcb2 [wasm] Remove counter for outstanding top-tier units
The value of the counter is never used, so remove it. This not only
cleans up code, but also makes triggering tier-up a little bit faster
because we do not need to take a mutex any more.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I09f7df4d49b0d94567cd84ccb2aaa6fd86b96c37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667645
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80931}
2022-06-03 08:43:40 +00:00
Clemens Backes
13567f5f3a [wasm] Remove kFinishedTopTierCompilation event
This fully removes the kFinishedTopTierCompilation event, and any
handling of it. In a dynamic tiering world, that event has no meaning
any more.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I36484e36f7c36f2ac4fcb111e67a14509c2eefef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667081
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80930}
2022-06-03 07:49:39 +00:00
Manos Koukoutos
51d662f712 [wasm-gc] Introduce typed-based optimizations
We introduce a Turbofan pass which optimizes wasm-gc nodes based on
the types of their inputs.

Bug: v8:7748
Change-Id: I281eb0785e9e4201ef925ec201d76dc3d274ad05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679198
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80929}
2022-06-03 07:29:19 +00:00
v8-ci-autoroll-builder
80c0e707ae Update V8 DEPS.
Rolling v8/build: 234a35b..a568526

Rolling v8/buildtools/third_party/libunwind/trunk: 5e737be..86ab9dd

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1cac3de..3a2e446

Rolling v8/third_party/depot_tools: f3d894f..13c50b4

Rolling v8/tools/clang: 393c871..4e79fda

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I65224d5895760ea6db806a71a3bff944f673ac26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688471
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80928}
2022-06-03 03:51:39 +00:00
jameslahm
b425a0e94f [web snapshot] Support properties in Class.
This CL adds the serialization and deserialization for
properties in class.

TODO: we could use serialized start_position and length
in function to add ClassPositions property to class.

Bug: v8:11525
Change-Id: I065039932b3c10c6b757b331aba0ced36eba84e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682878
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80927}
2022-06-03 02:43:29 +00:00
Milad Fa
1dae3f2ba4 PPC/S390: skip JSAtomicsMutexTest.Contention test
This test requires shared cage implemented. More details
under https://crrev.com/c/3673354 .

Change-Id: Ib1d39dcc2fd6c8abb4f79bf6b845132c34d2ec8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687475
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80926}
2022-06-02 20:44:28 +00:00
Igor Sheludko
493bc1bb0f [ext-code-space][wasm] Remove Code <-> CodeT roundtrips
Drive-by: don't record builtins into wasm generated code sizes.

Bug: v8:11880
Change-Id: I02085c36e1831b26d7537c16be047345a0d4bca3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3684410
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80925}
2022-06-02 19:01:48 +00:00
Ilya Rezvov
a52b44f093 [wasm-simd] Prototype relaxed integer Dot product instructions
Prototype the instruction on the interpreter, and Arm64. Details of
instruction lowerings on all relevant architectures can be found at:
https://github.com/WebAssembly/relaxed-simd/issues/52

Bug: v8:12908
Change-Id: If8ffb82c38042191c67c9b5c23a231877d4f2159
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679848
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80924}
2022-06-02 18:30:58 +00:00
Toon Verwaest
90c80f7a4b [ic] Support smi receivers in megamorphic loads
Smis are represented in feedback by the heap number map. Turns out the
megamorphic load IC always just missed instead of using the map. Fixing this
improves a microbenchmark by ~6x.

Change-Id: I4c6d0ec1abb88ae34b212cfc69cc6b020060753b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683318
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80923}
2022-06-02 17:39:52 +00:00
Deepti Gandluri
a13598ae0c Revert "Allow lookup of matching scripts in Isolate compilation cache"
This reverts commit c443858fa9.

Reason for revert: Several UBSan failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21547/overview

Original change's description:
> Allow lookup of matching scripts in Isolate compilation cache
>
> Currently, if the same script text is compiled multiple times with
> differing details (such as name, line number, or host-defined options),
> then multiple copies of that script are added to the Isolate's
> compilation cache. However, any attempt to look up those scripts can
> find only the first instance. This change makes the script compilation
> cache behave more consistently by checking the details while searching
> the hash table for a match, rather than after a potential match has been
> found.
>
> Bug: v8:12808
> Change-Id: Ic9da0bf74f359d4f1c88af89d585404f173056ee
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671615
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80919}

Bug: v8:12808
Change-Id: I6d007374fb607a2670ca260c6bd0d6774d7f51d7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687311
Auto-Submit: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80922}
2022-06-02 17:32:33 +00:00
Liviu Rau
b5a7ca848c [test] Refactor testrunner (2)
- moved test data closer to tests
- removed the coverage related code
- refactored to remove boilerplate from test code

Bug: v8:12785
Change-Id: I1013d29d8ff2c3ecb786c294ae3b3ab6decdca20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683610
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80921}
2022-06-02 16:49:28 +00:00
Toon Verwaest
02e355469d [code-cache] Keep code alive for a little longer
Code ageing too early can have a bad impact on performance. Let's
evaluate keeping code alive a little longer. Later we can look at more
elaborate heuristics.

Change-Id: Ib220c4dcd24165d6b6e5020cb1829c669ed3e736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686416
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80920}
2022-06-02 16:40:41 +00:00
Seth Brenith
c443858fa9 Allow lookup of matching scripts in Isolate compilation cache
Currently, if the same script text is compiled multiple times with
differing details (such as name, line number, or host-defined options),
then multiple copies of that script are added to the Isolate's
compilation cache. However, any attempt to look up those scripts can
find only the first instance. This change makes the script compilation
cache behave more consistently by checking the details while searching
the hash table for a match, rather than after a potential match has been
found.

Bug: v8:12808
Change-Id: Ic9da0bf74f359d4f1c88af89d585404f173056ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671615
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80919}
2022-06-02 16:39:39 +00:00
Junliang Yan
fd9f6499a5 ppc64: [baseline] fix register conflict
Change-Id: I65bf086579c51e7c73c25317952aa53919b07fa9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687471
Commit-Queue: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80918}
2022-06-02 16:28:10 +00:00
Leszek Swirski
403dc1e019 Revert "[maglev] Fix dead fallthrough merging"
This reverts commit c7aef55208.

Reason for revert: Merged the wrong CL for the fix.

Original change's description:
> [maglev] Fix dead fallthrough merging
>
> Add a method which optionally merges dead fallthrough paths, in case the
> iteration in EmitUnconditionalDeopt reaches a merge point that is live
> from another jump but dead on the fallthrough.
>
> Bug: v8:7700
> Change-Id: Ie505cd5356fcf70208f2f6d3e52b805956485f74
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663086
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80878}

Bug: v8:7700
Change-Id: I75a21777aecfa08138fcc25a882ae109f3409159
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687649
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80917}
2022-06-02 16:06:59 +00:00
Liu Yu
56dd286445 [test][loong64] Fix error when moving test-disasm-loong64
commit ce9d6d49bd

Bug: v8:12781
Change-Id: I2010281c04a26cd93fefabae98cf9a6585210013
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687069
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#80916}
2022-06-02 13:22:43 +00:00
Clemens Backes
22b4ab86ef [flags] Refactor MaybeBoolFlag to use base::Optional
Use the existing {base::Optional} instead of the extra {MaybeBoolFlag}
struct. This makes writing to a maybe-flag simpler because you just
write a boolean value and that automatically initializes the optional.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I940d20286d65ba4355dc04b4b6068a306706f295
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686412
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80915}
2022-06-02 12:55:38 +00:00
Clemens Backes
f363be9c66 [flags] Add flag to freeze flags after initialization
This adds a new flag to freeze all flag values after initializing V8.
For now, the only effect is that future calls to {SetFlagsFromString},
{SetFlagsFromCommandLine} or {EnforceFlagImplications} will fail.
In the future (once tests and embedders are fixed to not change flags
after initialization) we plan to actually protect flag values via memory
protection.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I7974bb9b86715694122f788e08952f7dcc3acdbd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679099
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80914}
2022-06-02 12:41:29 +00:00
Clemens Backes
f745216990 [wasm] Add kRelaxedSimd bailout reason
We should not use kSimd, which has already shipped. Instead, use a new
kRelaxedSimd bailout reason.

R=thibaudm@chromium.org

Bug: chromium:1324081
Change-Id: I394e288014245ed9ae69e20f811f8cf7555e6149
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686413
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80913}
2022-06-02 12:26:38 +00:00
Manos Koukoutos
aee0ec979a [wasm-gc][turbofan] Implement typing phase
We introduce a typing phase into the Turbofan compilation pipeline for
wasm-gc. It has two functionalities: (1) to type nodes that were not
typed during code generation (mainly phi nodes) and (2) to narrow types
as much as possible.
The following nodes are handled, which should be enough for our
purposes: TypeGuard, WasmTypeCast, AssertNotNull, Phi, LoadFromObject,
and LoadImmutableFromObject.
Loop phi types are computed by first assigning the type of the
non-recursive input, and updating once we have the type of the recursive
inputs, and repeating this process to a fixed point.

Drive-by: Remove the narrowing of function signatures during wasm
inlining, as it created some issues and should not be needed after this
series of changes.

Bug: v8:7748
Change-Id: I8a72488d5c221c4ae8257fc5abf6f0368cf10e96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678208
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80912}
2022-06-02 11:08:21 +00:00
Igor Sheludko
97a3d69d47 [ext-code-space] Cache is_off_heap_trampoline and is_turbofanned in CDC
Bug: v8:11880
Change-Id: Iadeac98dd0a4c0814a6d6a38a96a366369c2c536
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3684814
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80911}
2022-06-02 10:52:28 +00:00
Liu Yu
2b6cbda0b4 [loong64][regalloc] Improve gap resolver algorithm
Port commit a77dd89e4c

Bug: v8:5210, chromium:1269989, chromium:1313647
Change-Id: Id6ac5031aff1a63ff4bac916a4f3ab6d9d6b97ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686210
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#80910}
2022-06-02 10:30:08 +00:00
Pan, Tao
d173de8953 [compiler] Add out of bytecode array to break condition of removing OSR
code cache logic

Previous break condition is meeting JumpLoop to loop nesting level 0,
this is probably a JumpLoop getting removed if it's dead code. Add out
of bytecode array to break condition for avoiding dead loop in the case
of the JumpLoop to loop nesting level 0 getting removed.

Bug: v8:12927
Change-Id: I854187a6e226c4537981ffbbb7e88f1584cf70e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686589
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Tao Pan <tao.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#80909}
2022-06-02 09:59:08 +00:00
Toon Verwaest
01fa999dbc [code-cache] Remove SFI from the compilation cache when flushed
Previously if we had no bytecode the SFI wasn't removed. This was a bug
introduced after replacing Fullcodegen ageing (where we checked the code
object, which could have been the lazycompilestub).

Change-Id: I13add56a2c62fffddb11abdc35019272abc72c30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686409
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80908}
2022-06-02 09:53:18 +00:00
Liu Yu
76c8db9278 [loong64][mips][wasm-relaxed-simd] Add relaxed trunc opcodes in Liftoff
Port commit 3ac478475c

Bug: v8:12284
Change-Id: I231e189514b5ed143b9299155938026f94ab3840
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3685484
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#80907}
2022-06-02 08:06:19 +00:00
Marja Hölttä
084356297d [rab/gsab] Add missing tests for TA.p.copyWithin
Bug: v8:11111
Change-Id: I8190bc8cfd1e8e5b9d498e29bc2d0a25eae2e03a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683363
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80906}
2022-06-02 07:31:49 +00:00
Darius M
bac5fdf3d5 Fix compilation error because of SSE3 macro redefinition
Change-Id: I9ff5bf1434a9bf3273b8152c05f3acc0e7776e5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683037
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Darius Mercadier <dmercadier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80905}
2022-06-02 07:03:00 +00:00
v8-ci-autoroll-builder
0bc6d6b379 Update V8 DEPS.
Rolling v8/build: fb6ee35..234a35b

Rolling v8/third_party/android_sdk/public: 7EcXjyZWkTu3sCA8d8eRXg_aCBCYt8ihXgxp29VXLs8C..qfTSF99e29-w3eIVPpfcif0Em5etyvxuicTDTntWHQMC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/fba169d..1cac3de

Rolling v8/third_party/depot_tools: e1197f0..f3d894f

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I445f74511f25ff170db7d309aebb1122d191b30e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3685634
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80904}
2022-06-02 03:44:58 +00:00
Lu Yahan
0aef4bc7f2 [riscv64] Port Improve gap resolver algorithm
Port a77dd89e4c

Bug: v8:5210, chromium:1269989, chromium:1313647
Change-Id: I11d223d93d98b22b95324efd2c5a8ebee7fb1e21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677327
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#80903}
2022-06-02 03:14:59 +00:00
Camillo Bruni
f1c4fd3923 [profiling] Create process-unique CPU profile ids
In https://crrev.com/c/3522896 we changed the last_id_ to be a member
variable. This subtly changed how profile id's were generated.

This CL changes this part back to a static variable that guarantees
process-wide unique profile ids.

Bug: chromium:1330726, chromium:1297283
Change-Id: I5f3dddcbbc156d0dee7d1eedde8a731c53d080dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3684289
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80902}
2022-06-01 22:36:48 +00:00
Milad Fa
c553b02cec Fix compilation with gcc
Currently getting the following error with gcc 8.4,
including on x64 linux:
```
error: ':InterpreterState::scratch_' is used uninitialized in this function
```

Change-Id: I95ae848bf2503f6a0dac30254b19b08047b73cce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683104
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80901}
2022-06-01 18:17:22 +00:00
Clemens Backes
85cf4be909 [wasm][fuzzer] Refactor second instantiation
The fuzzer instantiates the module twice: Once for reference
interpretation / execution, and once for the actual execution of
Liftoff/TurboFan code.
For some reason, the two code paths for interpretation and Liftoff
reference execution used different patterns: Interpretation was using
the first instance, and then creating a second instance for actual
execution, whereas the Liftoff path used a second instance for the
reference execution and used the first one for the actual execution.

This CL refactors this to always create a "reference instance" first,
use that for either the interpreter or Liftoff, and then create a second
instance for the actual execution.

R=thibaudm@chromium.org

Bug: v8:12425
Change-Id: I19754264240d8570f00161abb7aecba1cc2b2ae0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683323
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80900}
2022-06-01 16:46:28 +00:00
Seth Brenith
4b1b7e29ba Change key format for script cache
This is a partial reland of https://crrev.com/c/3597106 including fixes
from https://crrev.com/c/3654413

Before this change, a script cache key is the same format as an eval
cache key, which is a FixedArray containing:
- The SharedFunctionInfo of the containing function
- The source text
- The language mode in which the code was parsed
- The position in the source where eval was called

After this change, a script cache key is a WeakFixedArray containing:
- A weak pointer to the Script
- The hash value of the source text

This sets up for a subsequent change which can cause these keys to
outlive their corresponding values (top-level SharedFunctionInfos)
without leaking any memory beyond the key itself.

Bug: v8:12808
Change-Id: Ibdfe5d10eafe5b7392e554c500af47975baf45c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3668304
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80899}
2022-06-01 16:16:48 +00:00
Marja Hölttä
bfa18f9e57 [rab/gsab] Move OOB check to ValidateIntegerTypedArray
The OOB check belongs in ValidateIntegerTypedArray according to the
spec.

This also fixes the error types for OOB TypedArrays when doing Atomics:
OOB TypedArrays should get a TypeError, not RangeError.

Bug: v8:11111
Change-Id: Ice2e5695d69d84b2c20a4cf8f06880673d901a91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676859
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80898}
2022-06-01 16:12:16 +00:00
Maya Lekova
8721f45bc7 [fastcall] Don't generate a branch in no options case
This CL addresses a TODO left from implementing Wasm entry to fast C
calls in https://chromium-review.googlesource.com/c/v8/v8/+/3440694/
and avoids generating a branch in case it's not needed (either because
the embedder isn't providing an options object, which is the case
for Wasm, or because we're not generating overloads).

Bug: chromium:1052746
Change-Id: I7323f85801c034f0c47877ea15f677a53d3acea3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650923
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80897}
2022-06-01 14:43:38 +00:00
Shu-yu Guo
dc4cbcb9ca Retain current code in EnsureBytecodeArrayAvailable if not compiled
IsCompiledScope retains code to protect against code flushing. The
current API is easily misused by forgetting to initialize
IsCompiledScope with a SFI's current state.

Change-Id: Ie8ab60acc4fb85c4b8b76c52040976e2e34f9d5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3674117
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80896}
2022-06-01 14:31:58 +00:00