This introduces {DisassembleWasmFunction} to replace the above method,
since disassembling a function is independent of the concrete module
object and hence can be done for shared decoded modules.
R=clemensh@chromium.org
BUG=v8:6847
Change-Id: I5abea2a1381a9b8d3717a55d0b2b937dfbbafefd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809359
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63860}
This is a first step towards being able to share the same script for
multiple {WasmModuleObject} objects. In general it should be possible
for the inspector to debug (i.e. disassemble, set breakpoints) multiple
modules if they all have the same URL (and the same wire bytes). These
are the same conditions under which we can canonicalize the modules to
be based on the same underlying {NativeModule} as well. Hence it makes
sense to establish a link from {Script} to {NativeModule} in this CL.
Subsequent CLs will eventually deprecate the {wasm_module_object} field.
R=clemensh@chromium.org
BUG=v8:6847
Change-Id: I5cfb617e18d9b06682e6437b2a2146ea5665c1c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807371
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63859}
This hopefully fix the regression test from c693e005a7
Bug: v8:1004766
Change-Id: If3c554070af6b795e4b3f99cd592a62453028874
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809363
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@google.com>
Cr-Commit-Position: refs/heads/master@{#63858}
This is an unmodified reland of
9febc505bd. Nosnap bots do not block
LKGR any more: https://crbug.com/v8/9737#c10.
Original change's description:
> Reland "Remove all custom CopyCharsUnsigned implementations"
>
> This is a reland of 5d8c489000
>
> Original change's description:
> > Remove all custom CopyCharsUnsigned implementations
> >
> > It's unclear whether the custom implementation have any advantage over
> > the standard library one's.
> > Since we update our toolchain and standard library regularly, it might
> > well be the case that the custom implementations are slower by now.
> >
> > Thus this CL removes all {CopyCharsUnsigned} implementations and
> > implements {CopyChars} generically using {std::copy_n}.
> >
> > Note that this does not touch the {MemMove} and {MemCopy} functions
> > yet, as we have seen regressions when trying to remove them before
> > (https://crbug.com/v8/8675#c5).
> >
> > R=leszeks@chromium.org
> >
> > Bug: v8:9396
> > Change-Id: I97a183afebcccd2fbb567bdba02e827331475608
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800577
> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#63808}
>
> Bug: v8:9396
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
> Change-Id: I9cd754ebe6b802bb4aabd6d2a448de41da040874
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807357
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63823}
TBR=leszeks@chromium.org
Bug: v8:9396
Change-Id: I793524d76b8b9c93d2a98c73e8d72967880fe1cf
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809362
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63857}
ArrayBuffer tracking has landed, turning on GrowMemory for Shared
WebAssembly.memory on by default. Enable all variants of tests based
on the new implementation.
Bug: v8:8564, v8:9221, v8:8832
Change-Id: I0ff8688636303896450b788b2ff5a7268d386050
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1808106
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63855}
This reverts commits 9febc505bd
(along with followup commit 60624b5692).
Reason for revert: Breaks win32 nosnap shared, blocking lkgr & roll:
https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20nosnap%20-%20shared/35145
nosnap bots may be deprecated, but as long as they're in LKGR
we need to mind them.
Original change's description:
> Reland "Remove all custom CopyCharsUnsigned implementations"
>
> This is a reland of 5d8c489000
>
> Original change's description:
> > Remove all custom CopyCharsUnsigned implementations
> >
> > It's unclear whether the custom implementation have any advantage over
> > the standard library one's.
> > Since we update our toolchain and standard library regularly, it might
> > well be the case that the custom implementations are slower by now.
> >
> > Thus this CL removes all {CopyCharsUnsigned} implementations and
> > implements {CopyChars} generically using {std::copy_n}.
> >
> > Note that this does not touch the {MemMove} and {MemCopy} functions
> > yet, as we have seen regressions when trying to remove them before
> > (https://crbug.com/v8/8675#c5).
> >
> > R=leszeks@chromium.org
> >
> > Bug: v8:9396
> > Change-Id: I97a183afebcccd2fbb567bdba02e827331475608
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800577
> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#63808}
>
> Bug: v8:9396
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
> Change-Id: I9cd754ebe6b802bb4aabd6d2a448de41da040874
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807357
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63823}
TBR=leszeks@chromium.org,clemensh@chromium.org
Change-Id: Ic53ab2293d5dc7722a1121d1aa1159328a6ed8f5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9396
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1808035
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63854}
Runtime_CreateRegExpLiteral pretends to handle the case where we
already have a boilerplate but the code just passes an empty handle
to JSRegExp::Copy. This CL replaces the code with a CHECK that the
boilerplate doesn't exist.
A few mostly cosmetic changes along the way.
Change-Id: I856c77c1cdf58f09e920b773b66b037c5178edc7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809357
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63852}
Fix m(ax|in)imumFractionDigits of Intl.NumberFormat
resolvedOptions are set to 0. For example, currency
instance for CPY or KRW.
Bug: chromium:1003748
Change-Id: Ia1963d8d070b066bd5afa61f8c4716a21450af05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807742
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63850}
The promise file is too big so I am splitting it in several CLs.
This is the first one.
TNodified:
* AllocateAndInitJSPromise (three versions)
* PerformPromiseThen
* AllocateJSPromise
Bug: v8:6949
Change-Id: I57ae8de3f929c00a9127ea4be51ffe7703b44959
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807370
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63849}
This moves PointerToSeqStringData from CSA to IntlBuiltinsAssembler
since that the only place it's used and converts a few Node*s to TNodes.
Bug: v8:6949, v8:9396
Change-Id: I2511c9f807fa0bc3101dd531f6724a170fed6bd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807372
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63847}
One Node* remains since it is crashing when TNodified since it
has the empty Context. When this happens, it means the Context
might not be needed. In this case it's hard to see if that's the
case since it is propagated all over the place. Created a TODO
so we can solve it later, when TNodification is more complete.
Bug: v8:6949
Change-Id: I7db8c507689e30779f102a8272e1b13ecdc3e5e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807274
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63846}
Port 1dd791fca2
Original Commit Message:
Uses templates to dispath the allocation flag statically.
Change-Id: I1d6a0f2c6ca04ac0f03afe392584e9f1e8dcfb9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1806680
Auto-Submit: Mu Tao <pamilty@gmail.com>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63842}
- Makes accessor and iteration methods on Arguments and derived
classes const.
Bug: v8:9429,v8:9396
Change-Id: I47b3d95ab72e689327a0d7b6a36a08b4e63f6d95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803336
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63841}
This allows to remove special casing for the {count == 0} case, which
was needed because {memmove} does not accept {nullptr} arguments even
if the {count} is zero.
R=leszeks@chromium.org
Bug: v8:9396
Change-Id: Iaef3cdbbffa74c2ba1c4e4501dafd943282cbcd9
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807366
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63838}
The new indicator behaves like verbose without
printing the names of tests that passed. Also
a new option (--ci-test-completion=/path) was
added to represent a file where we can collect
test completion messages.
Bug: v8:9146
Change-Id: I0f1bbef4036a3019b60b094687b734d3d33a5915
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1806916
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63837}
The element segment encoding in the bulk memory proposal changed
recently. With this CL the V8 implementation gets up to date again.
R=thibaudm@chromium.org
Bug: v8:9658
Change-Id: I4f45d04369400356a6f3aaed9570c7870f5f97bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1778022
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63836}
For unknown reasons, WasmInterpreterInternals was a zone object. However
WasmInterpreterInternals indirectly owns a global handle and a
unique_ptr, both for the interpreter stack. As a zone object,
WasmInterpreterInternals is never destructed, and therefore never frees
the unique_ptr. With this CL I make WasmInterpreterInternals a normal
object and allocate it into a unique_ptr, so that it gets destructed
properly.
R=mstarzinger@chromium.org
Bug: chromium:1000610
Change-Id: Ie08c5627393a434521f5c32702bf9945db2c7811
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807361
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63835}
This will give us much more test coverage and fuzzer coverage.
R=mstarzinger@chromium.org
Bug: v8:9477
Change-Id: Iad76c2b5b8c7a29b4168bbefa38bac7d92a30599
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807367
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63832}
The {CountTrailingZeros} function is at least on one hot code path,
and there it causes significant overhead. With this CL I just call the
base::bit:: version of {CountTrailingZeros} directly. This allows the
compiler to compile it to a single hardware instruction.
R=v8-arm-ports@googlegroups.com
Bug: v8:9396
Change-Id: I81eccc5fce9b9856d41c503bd1e4a07287eb6e1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803648
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63831}
TNodifies most of ic-accessor-assember. Most of the remaining Node* are
because of the Parameters.
Bug: v8:6949, v8:9396
Change-Id: Ife9fd96c5e46dee02fdc60e5825562d7ae89f8f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803634
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63830}
Adding a %SimulateNewspaceFull runtime function speeds up this test
from 7m21s to 0.3s (on arm.optdebug with --jitless).
Bonus content:
- speed up mjsunit/md5 by 23x (5m25s -> 7.5s)
- speed up mjsunit/string-replace-gc by 8x (1m37s -> 12s)
Bug: v8:9700, v8:9396
Change-Id: Id00d0b83b51192edf1d5493b49b79b5d76e78087
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807355
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63829}
- There was no use of DisallowDeferredHandleDereference, so remove the
corresponding assertion scope and related code.
- Make DeferredHandleScope::Detach return a unique_ptr rather than a
raw pointer for clarity.
- Store DeferredHandles in compilation info as unique_ptr rather than
shared_ptr, as it's never shared.
- Remove some unused methods.
Change-Id: I8327399fd291eba782820dd7a62c3bbdffedac4d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1805645
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63828}
By providing a custom implementation of __mulodi4(). This function
usually comes from libcompiler_rt, but our build system doesn't
provide that.
Bug: v8:9665
Change-Id: Ia72f0c23e83724f73ec72b404706c9a40ed861ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1806682
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63826}
This is a reland of 5d8c489000
Original change's description:
> Remove all custom CopyCharsUnsigned implementations
>
> It's unclear whether the custom implementation have any advantage over
> the standard library one's.
> Since we update our toolchain and standard library regularly, it might
> well be the case that the custom implementations are slower by now.
>
> Thus this CL removes all {CopyCharsUnsigned} implementations and
> implements {CopyChars} generically using {std::copy_n}.
>
> Note that this does not touch the {MemMove} and {MemCopy} functions
> yet, as we have seen regressions when trying to remove them before
> (https://crbug.com/v8/8675#c5).
>
> R=leszeks@chromium.org
>
> Bug: v8:9396
> Change-Id: I97a183afebcccd2fbb567bdba02e827331475608
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800577
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63808}
Bug: v8:9396
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Change-Id: I9cd754ebe6b802bb4aabd6d2a448de41da040874
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807357
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63823}
Remove a redundant default destructor definition and add final to
another which is overriding a virtual constructor.
Bug: v8:9396
Change-Id: I917f3c6058bfae8cbcd3c4ffb0817f78e8214552
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807360
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63822}
The function CPURegList::PopLowestIndex is called many times in the
arm64 simulator. However, the simulator does not need a full CPURegister
but only its register code. This CL creates a second PopLowestIndexAsCode
method which only returns the register code, and also marks the function
as inline. This speeds up the mjsunit/wasm/asm-wasm-f32 test from
1:45min to 1:35min in the optdebug build on my machine.
R=v8-arm-ports@googlegroups.com
Bug: v8:9396
Change-Id: I8cdcb2e0916dbb40e4a30ad5cd8f620b0358d08e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803647
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63821}
Store-store elimination can potentially allocate many temporary data
structures, all of which are contained in its so-called temporary
zone. The zone is 'temporary' in the sense of only existing for the
lifetime of the StoreStoreEliminationPhase; but all allocated memory
remains alive until the phase terminates.
Investigation of a pathological case (see the linked bug) showed this
zone reaching a size of 4GB. The cause in this specific case was the
UnobservableSet data structure, conceptually an immutable set (i.e.
each operation creates a full copy). This CL changes the
UnobservableSet to use a PersistentMap backing store rather than a
ZoneSet. PersistentMap is intended for exactly this use-case, since
copies are basically free and updates only change small parts of the
data structure.
Memory consumption for the linked pathological case drops from 4GB to
70MB and execution speeds up from 20s to 17s.
Bug: v8:9574
Change-Id: I902b27f1aa42b88ddd905ee941df24028a68a9bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795351
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63819}
The new Smi handler created to handle StoreIC_Slow and
KeyedStoreIC_Slow can get incorrectly assigned to global Objects.
Added an extra Check to avoid that.
Bug: chromium:1002628
Change-Id: I370e617e791792c98fa7b0cbf89ee7458f4e4c68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803659
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Suraj Sharma <surshar@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#63813}
