Since the inspector/debugger/wasm-scope-info* tests need simd128,
but not all mips cpus support it, we skip the tests on mips
platforms without simd support.
Change-Id: Iebefa5d6b33d80d707ad0077be7d4f25e3e52b4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2439769
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70216}
Changes:
- Implement WasmExportedFunction::MatchesSignature.
- Use it over comparison with == in ResolveWasmImportCall.
- Add a test which exposes the existing bug.
- Add a few reminder TODOs.
Bug: v8:9495
Change-Id: Ibbe31dbf550be212dbf2170ab8cdab9b4b6de734
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2438060
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70215}
Float32/64 abs operation should only clear the sign bit, but abs.s
and abs.d instructions of mips64r2 would convert nan to canonical
nan.
Change-Id: Ibbd05cdb3a73acfe0e532030d1815d262c3ac433
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2439768
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70214}
Turboprop-generated Code objects will now have the dedicated
TURBOPROP code kind instead of OPTIMIZED_FUNCTION. When possible,
the code kind is used as the source of truth instead of
FLAG_turboprop. This is the initial step towards implementing
tier-up from Turboprop to Turbofan.
Future work: Rename OPTIMIZED_FUNCTION to TURBOFAN, rename STUB to
DEOPT_ENTRIES_OR_FOR_TESTING, implement TP tier-up.
No-Try: true
Bug: v8:9684
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
Change-Id: I3c9308718d7e9a2b7e6796e7ea94f17e5ff84c0a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2424140
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70213}
Rolling v8/build: 38a49c1..3ede101
Rolling v8/buildtools: 3ff4f50..4be464e
Rolling v8/third_party/aemu-linux-x64: FfxmX7LQ9OID3pVAmcemr6u9lK3xjXzAXxvqzEcclMwC..oJeWXQJJ1lVY6P7l39pBV-mrbeWlw0swPZQuNmcix5AC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/18d69fb..0f6ed71
Rolling v8/third_party/depot_tools: 1099c11..991ead1
Rolling v8/third_party/instrumented_libraries: 3c52ccd..6ba978c
Rolling v8/third_party/zlib: 4668fea..26211a5
Rolling v8/tools/clang: 3017eda..bd8e096TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: Icb156ce2fe693cd4838c7e11b31cb96282125c92
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2439341
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#70212}
For replacing lanes (i8x16 and i16x8) the replacement value is stored in
a word32. Simply storing it will cause us to have the wrong value, we
need to mask (for overflow) and extend appropriately.
Same for extracting, the values are stored in sign-extended form,
unsigned extracts should zero the top bits.
Bug: v8:10507
Change-Id: If5ed79f5b6bdb64f900a54b9e148b2d96a74f312
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2436612
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70210}
A break may cause the session disconnect (and therefore agents destruction)
on a nested message loop. The runtime agent code is generally prepared to
handle this during evaluate, but the code outside of it may be not. Besides,
having a break before the console API installed is generally not what
user wants or expects, so just disable all breaks while installing the API.
Bug: chromium:1122487
Change-Id: I1d40f5007f2e1e4ec07a50ef57988513d0309b7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2437383
Commit-Queue: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70209}
Delegate kept task id around for longer than the worker is considered
active, thus breaking the task_id < num_worker garantee. The fix is to
adjust the delegate lifetime.
Change-Id: I9aabb1286d507c09bfe9be4fd4f810f232d6e6b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2437005
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70207}
Perform the renames for all arch-dependent opcodes too.
This is a follow-up of https://crrev.com/c/2422357.
Bug: v8:10946,v8:10933
Change-Id: I02f048b64dd4d75f06d6b7919660ffebd0e78b50
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2431798
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70206}
LoadTransform operators contain a LoadKind, which can be unaligned,
protected, poisoned, normal.
If it is protected, we cannot eliminiate that load,
since we rely on the segv signal handling. So, we use partial template
specialization on LoadKind::kProtected, and don't set the operator to
not be eliminatable.
Bug: chromium:1132461
Change-Id: If45fc6562348ffd4dbaa27058e6c5d4242f79abb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2436081
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70205}
This change moves external pointers into a separate table and turns
external pointers in heap objects into indices into that table.
This CL implements one of two possible ownership models for the table
entries. With this one, every heap object owns its table entries, and
they are allocated when the owning object is allocated. As such, setting
external pointer fields does not require allocation of table entries. On
the other hand, table indices cannot be shared between multiple objects.
This CL does not yet implement freeing of external pointer table
entires. This will later happen by a table garbage collector.
Bug: v8:10391
Change-Id: I4d37785295c25a7d1dcbc9871dd5887b9d788a4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235700
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Samuel Groß <saelo@google.com>
Cr-Commit-Position: refs/heads/master@{#70204}
We used to have a loop that it was used for JSReceivers. However, this
was not used as a proper loop since at most it would have two loop
iterations. Then, it could be changed to a Branch case.
Since I was refactoring the method, I also de-duplicated code by using
the common code from PlainPrimitiveNonNumberToNumber. In order to do so,
said method was renamed to TryPlain... and was reworked as well.
Bug: v8:6949, v8:10933
Change-Id: I860601a3b9e8bdeed052dcd237a767ac7ed80c92
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2435110
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70202}
Instead of always inlining the polymorphic map checks, this CL
introduces a builtin to perform these polymorphic map checks
when the IC is monomorphic at compile time.
This reduces the time we spend compiling and code bloat while trading it
for performance.
Bug: v8:10582, v8:9684
Change-Id: I7aea698988f8ead3cbf3f4a836218f53223f0f98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2398525
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70200}
There were two problems:
1. v8_builtins_profiling_log_file was not declared in "sources" or
"inputs", so Ninja wouldn't re-run mksnapshot if it changed.
2. v8_builtins_profiling_log_file was passed directly to mksnapshot
without rebasing the path, which makes it awkward and inconsistent
with how most other gn arguments work.
Bug: v8:10470
Change-Id: Id8edba325b867e8d9561d3c76f28e121641d0dd4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2434103
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#70199}
This is the first step to support debug evaluate on wasm call frames.
This CL enables calling evaluateOnCallFrame when a wasm frame is
selected, which before always returned undefined. The CL mirrors global
evaluation, and actually enabling inspecting the wasm frame will be part
of a second change.
Bug: chromium:1127914
Change-Id: If0ad0be7c402d85ab2a8e95376398f4f4ef94948
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2436338
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70198}
There's no builtin implementation code here, the two functions should
live in builtins.cc.
Change-Id: Ie3cff4f1a22c86984a99a3b5d1b82c0f9f9a1f5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2436458
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70196}
Removes the arguments adaptor frame during optimization (for x64) and deoptimization.
Change-Id: Ica78ebbb9216555dd3f1adf05d6b293e8add0050
Bug: v8:10201
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410195
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70194}
Here is an alternate fix for chromium:1123379, which addresses a
TODO. A callback is provided to the GraphAssembler when it's working
on an unscheduled graph. In such cases, changed nodes in the main
graph need to be revisited after change. The callback ensures that
the GraphAssembler kicks that process off when necessary.
Bug: chromium:1123379
Change-Id: I9d864c3390fbe670ee450152a67555dcbfa8f581
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2433924
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70192}
V8 can no longer produce the data this script used to consume.
Bug: v8:10933
Change-Id: Ia78f24b34ce84e19a1a0bf98c75f1ca5de36618e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2435228
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70189}
Reverted:
* FixedDoubleArray
* BigInt
* HeapNumber
* Partial work of JSDataView
Bug: v8:7790
Change-Id: I075e1d6d50129771f6208f198911797c6db3b7cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2431944
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70187}
Functions with Simd128 in their signature will be lowered to 4 Word32.
Later for Int64 lowering, it needs to use the lowered signature.
Otherwise we will have weird parameter and signature mismatch, since it
expects Parameter[1] to be == signature()->GetParam(0).
Bug: v8:10507
Change-Id: Ia9417ecd46c1768344ed1fb3ebfe4e8dd9c3e397
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2432626
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70185}
If return's input counts did not change, there is no need to change the
node at all.
Bug: chromium:1127620
Change-Id: I16d14a273d44b9fcd0b5a8af74b7a5a2eda569ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2434998
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70183}
Changes:
- Add current global index argument to consume_init_expr.
- Inline DecodeGlobalInModule. Move the check for undefined global
indexes into into consume_init_expr. Note: This fixes a bug where the
index wasn't checked for nested global.get.
- Under --experimental-wasm-gc, allow global initializers to reference
already defined globals in the same module.
- Rename ModuleDecoderImpl::DecodeInitExpr -> DecodeInitExprForTesting.
Remove redundant "start" argument.
- Add tests for global initializers. Remove a redundant test.
Bug: v8:7748
Change-Id: Ieb4a768f8cfdd423e5f439bb3467700068f240b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2428596
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70181}
This additionally combines --future with all other standard testing
variants.
This also enables using concurrent_marking in status files to skip
tests in this variant.
This also marks a slow test that times out in the new config.
Bug: v8:10875
Change-Id: Id904f6a2c51b814eecfccb523a897de2f5d96f56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2423719
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70180}
These are either resolved (in which case I've removed them),
or never will be done (in which case I've reworded them in non-TODO terms).
Bug: v8:10933
Change-Id: I2e36df770cf2109974a790916172b6e1bace06fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2432069
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70179}
This test likely did something in 2013 when we still had legacy const,
but now it seems like it's mostly a poor unittest of when
optimization/deoptimization happens.
Bug: v8:10933
Change-Id: Ib816e0eddf9224a4ad37096591da9032740d5e7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2432313
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70178}
The vast majority of operations increases the stack size by at most one.
Many opcode (e.g. all unary and binary operations) never grow the stack
at all. Still, for every "push" operation, they check whether the
storage for the vector that holds the stack values needs to grow.
This CL avoids those redundant checks by ensuring that there is space
for at least one more stack element before decoding each instruction.
By centralizing this check, we not only improve performance, but also
reduce code size significantly (~49 kB on x64 release).
R=thibaudm@chromium.org
Bug: chromium:1096565, v8:10933
Change-Id: I986dcac734b986d1ce953b7ec3bde8ad31b4f2b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2431525
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70177}
A Wasm module's start function might be imported from JavaScript, and
as such might contain calls to Blink. For such a case, we must make
sure that an "incumbent context" is available. Usually, having any
JavaScript function on the stack is enough to ensure that; but in the
special case of async compilation, the "success" task is executed
directly from the event loop, so we have to manually enter a context.
Additionally, we need to ensure that such a start function's own context
is properly entered: in addition to setting it as the current context
on the isolate (as the function call sequence is doing), we have to
register it in the list of entered contexts, as if v8::Context::Enter
had been used.
Bug: chromium:1096558
Change-Id: I12679ab49ee764572e3742da24889dcd55c29160
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2292248
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70175}
Control-flow aware allocation has been enabled by default for a long
time now. This removes the unused code paths related to splintering.
R=neis@chromium.org
Bug: v8:10933
Change-Id: I19d9eb448c3912b24a1ad16030e7dd556b13accc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2434328
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70172}
For loads like Array.prototype.push, using dynamic map checks for
loading loading "push" from array prototype would prevent constant
folding of the push builtin. This would prevent inlining of these
builtins in the later phases. So, disable dynamic map checks when
loading fields from array prototype.
Bug: v8:10582
Change-Id: I8b44392a81194a3a5bd9b5ced6b1175658cec1f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2435367
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70171}
Rolling v8/build: c8dc0f5..693ed52
Rolling v8/third_party/aemu-linux-x64: laU2vAii09mMfCaTLtA8O6UYjPdUXy0B-0zzOR0OPekC..H7hrpKGUlOVzq9skYXcIJ0DSDdaFuCLaA8hiD5ii0fEC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/0de9874..3cd3b4e
Rolling v8/third_party/depot_tools: d1580d5..77397c4
Rolling v8/third_party/icu: 83b2ac6..aef20f0
Rolling v8/third_party/jsoncpp/source: 645250b..9059f5c
Rolling v8/third_party/zlib: f8517bd..4668feaTBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I30380df349519ea77ede52e51ec902af386992f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2435601
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#70170}
This CL also adds some unit tests, locally tested under x64.
The double support is based on this original CL by Gus Caplan
(snek@chromium.org):
https://chromium-review.googlesource.com/c/v8/v8/+/2264612
Bug: chromium:1052746
Change-Id: Ibdf631689b01ab619a72005226bfc015b4737dde
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2416028
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70168}
