Currently, IsolateRoot is both the address of the Isolate root and the
base address of the pointer compression reservation. This CL teases the
two uses apart by renaming IsolateRoot to PtrComprCageBase.
- In addition to V8_COMPRESS_POINTERS, add a
V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE (vs SHARED_CAGE).
- Rename GetIsolate* helpers to GetPtrComprCageBase. When
V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE is true, the helpers remain as
aliases to GetPtrComprCageBase.
- Rename kPtrComprIsolateRootAlignment to kPtrComprCageBaseAlignment.
Bug: v8:11460
Change-Id: I1d715f678ce9a0b5731895612ca14f56579b1c48
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783672
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73790}
Rolling v8/build: 78cec98..5ed00b7
Rolling v8/third_party/aemu-linux-x64: mAkAmWQOG_3Yi-STt7JV1kfCSro_GtZ3D7vtsV21J6sC..3rPTIlJKMg1Z5vCo_OfxOVIQD_pJ1XvXE7OcYDYNk8cC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a6cbca9..6412f1c
Rolling v8/third_party/depot_tools: 9a94a95..da76875
Rolling v8/third_party/requests: bfb93d4..2c2138e
Rolling v8/tools/clang: f7cbd24..afd983d
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
Rolling v8/tools/luci-go: git_revision:34ae8f13bb2156451655ec53b360942a502469df..git_revision:d6d24b11ecded4d89f3dfd1b2e5a0072a3d4ab15
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I188881fdaddf911704ff3a8a94faf85fa7134ff3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2803911
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73787}
Feedback from Microsoft partners indicates that it would be beneficial
to enable ETW stack-walking events by default.
This is difficult, because the --interpreted-frames-native-stack flag
comes with a significant perf degradation. Ideally, we would turn
this flag on dynamically, only when a ETW recorder is actively
triggering the provider. Unfortunately, the flag in its current state
cannot be enabled dynamically.
In light of this, we have decided to only flip the build flag.
Bug: v8:11043
Change-Id: Id883b9bcd635b41139450ab2d5c92511422525a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2773792
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sara Tang <sartang@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#73784}
- v8.runtime category should be disabled by default (duplicate entry)
- V8.HandleInterrupts is not a trace category name. It's only used as
a trace name with v8.execute (unused entry)
Change-Id: I2528f575d00dd92b3a029e07f46f3ab3e36e1674
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2791563
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73783}
This includes the simulator, PPC64 Linux (little endian)
and PPC64 AIX (Big endian) running on P9.
Also enable the related simd tests for PPC64.
Qfma opcodes are added to the selector as part of the enablement.
Change-Id: Idf2bf2eaa9cee489e7315031976bc412358b9868
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799942
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73782}
We are overwriting rhs when dst == rhs && dst != lhs. This is not a
problem on TurboFan because we specify unique registers and dst == lhs
in the instruction-selector.
The fix is to use the helper EmitSimdCommutativeBinOp, which will check
for dst == rhs (pmuludq is commutative).
Bug: v8:11612
Change-Id: I38c3a2b7f3c7bcf2d7e8faec1a67f0814d44ed20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798527
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73780}
This is a reland of 9a6567b482
The fix is to specialize float/double compare ops to fix msvc build.
On msvc builds, we were selecting the overloaded Equal/NotEqual (etc)
functions that takes float/double as arguments, but we intended to
refer to the function templates.
Original change's description:
> [wasm-simd] Move test helpers into wasm-simd-utils
>
> Move many test helpers into wasm-simd-utils. These helper functions can
> potentially be useful for relaxed-simd test in the future. I left behind
> simd specific test helpers, like load extend helpers, because those are
> for simd instructions.
>
> Bug: v8:11583,v8:11384
> Change-Id: Id9ed452b06eaf5c97a5dda174b53a37aede2a937
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2783295
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73675}
Bug: v8:11583
Bug: v8:11384
Change-Id: Id8895900af2688aee8c67eb937acca12c2d65944
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2792668
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73779}
Mostly a port of changes from chromium to support building from
directories other than out/Release or out/Debug.
Also moved tools/ninja/ninja_output.py to tools/vim/ninja_output.py to
be more consistent with chromium's layout.
Change-Id: I73199f10e48b6d9a229bef6af14b84b1ae6be1c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797536
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73777}
It's locked exclusively in the MapUpdater API methods, and locked
shared in ComputePropertyAccessInfo (CPAI).
This lock is a step towards running CPAI on background threads. The
simple lock portion is landed separately in this CL to get an early
signal on potential lock overhead perf impact.
The lock is implemented and used very conservatively at the moment:
- it's a single global lock (and not e.g. per-map).
- it's locked for the entire method call duration (instead of only in
relevant parts).
Both points can potentially be improved in the future.
Bug: v8:7790
Change-Id: I073423497e01b4901101973387a19962f953a576
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797286
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73773}
This fixes a bug introduced in crrev.com/c/2660995.
String.prototype.indexOf must clamp the `position` argument as per
step:
7. Let start be the result of clamping pos between 0 and len.
Source: tc39.es/ecma262/#sec-string.prototype.indexof
Previously, this was done in the StringIndexOf builtin, but the recent
refactor changed builtin implementations to match the spec more
closely (i.e. to clamp in String.prototype.indexOf, not
StringIndexOf). This means we now have to clamp in
JSCallReducer::ReduceStringPrototypeIndexOf.
Tbr: neis@chromium.org
Bug: chromium:1194869
Change-Id: I5af8d41b50f4905453f03079e3ee6d46186536db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799359
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73772}
Main change: Remove CALL_INTERFACE macro. Use
CALL_INTERFACE_IF_REACHABLE or invoke interface directly instead.
Reasoning: Interfaces assume the Decoder is in a non-error state,
therefore CALL_INTERFACE invoked DCHECK(this->ok()). However,
CALL_INTERFACE (1) was sometimes erroneously called with an error in the
decoder, especially in cases where the error occurred inside immediate
argument parsing, (2) was always called in contexts where the current
control was guaranteed to be reachable. Due to (1) and (2),
CALL_INTERFACE is equivalent to CALL_INTERFACE_IF_REACHABLE (there are
a few exceptions where we can call the interface directly).
Additional change:
- Rename current_code_reachable_ to current_code_reachable_and_ok_
to make its name reflect its meaning better.
Bug: chromium:1194784
Change-Id: I52055161a802e6981506b2a8dc8bb8233198aa2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799351
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73771}
.. and enable it on fyi bots. Skip one test in this variant due to
incompatible flags.
Bug: v8:7790
Change-Id: I5b8fdd8572435c6f4474c505464ff1a22c830757
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797287
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73770}
... for primitive receivers. We should use initial map taken from
constructor function as a prototype chain lookup root instead of the
receiver map.
Bug: v8:11248
Change-Id: I91fde2f1102029654c7fdd8890d265ae8bad2791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797281
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73769}
It printed the pointer instead of the block and when run from gdb the
output was swallowed because there was no newline.
Change-Id: I55cdd3c791ff639d5b81e480aef77ac211490f77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799357
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73768}
Bug: v8:11604
Change-Id: Ic4aa3ae64aa9c9a60aceade9072a5ead1c894b7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2799356
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73767}
That test is already slow on non-tsan bots, and we do not need TSan
coverage here. Thus keep it skipped, but update the comment.
R=mslekova@chromium.org
Fixed: v8:11610
No-Try: true
Change-Id: I1dedcc7b4d5736aca7c4cc0dc0526e4df7502440
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797290
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73766}
Introduce two machine nodes for FABD and fold Float32/64 Abs,Sub
during instruction selection.
This gives ~1% speed improvement of the Bullet physics engine
compiled as wasm.
Change-Id: Ifd985538e6ebb280bc0eaf11b0ebfc687891cf91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2786854
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#73765}
Check directly whether there is runtime support for traps instead of
encoding this in the trap ID. For OOB traps we always use the actual
trap ID, so we always emitted the code that assumes runtime support,
which is not true in some cctests.
R=ahaas@chromium.org
Bug: v8:11587
Change-Id: I29df463561bcfb3452e75b209a70c4f4d9941044
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797289
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73764}
This is a reland of e70cbb83da
Moved the ConsString comparison logic out-of-line, both to make gcc
happy, and to reduce the size of the fast-path in IsEqualToImpl.
Original change's description:
> [string] Fix non-SeqStrings in IsEqualTo
>
> Bug: chromium:1193903
> Change-Id: I80704dd3cba5754779432356b20bd3ea99630291
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2794426
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73746}
Bug: chromium:1193903
Change-Id: Iae6f078853438427e86d3ac68bcfed0712a85bf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797288
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73763}
Assembler::EmitVeneers has potential quadratic behavior, which appears
as hangs on chromecrash (see the linked bug). We iterate a list of
branches (unresolved_branches_), and for each branch iterate yet another
list of branches (the label link list in
RemoveBranchFromLabelLinkChain).
Ordering decisions increase the problem, by iterating in the outer loop
in ascending pc offset order, and in the inner loop (which removes the
branch from the linked list) in descending order.
This CL mostly refactors the outer loop:
- Instead of iterating over the whole unresolved_branches_ list, iterate
only the relevant part.
- Call RemoveBranchFromLabelLinkChain in descending pc offset order.
- Keep veneer emission in ascending pc offset order.
Bug: chromium:1162080
Change-Id: I77bb3d961c1b19ef1c31e777b640b213869bc1d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2794435
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73762}
Rolling v8/build: d01f8cf..b962cf8
Rolling v8/third_party/aemu-linux-x64: 2zvSiyDoNIOA05-NfIzaaqrW2-5iI24Lkw3TJ8uGtFAC..WdwDIQC1_Ug_YFwjZ39W0oe0J4kXmVVQJba0vkkqNmsC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1178627..da171bf
Rolling v8/third_party/depot_tools: f2cfd3d..053a717
Rolling v8/tools/clang: ddfad9c..15a4172
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
Rolling v8/tools/luci-go: git_revision:84c2e8c00bcf3bcea776a4b4a62134921d8a177a..git_revision:34ae8f13bb2156451655ec53b360942a502469df
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I8d229d890ade0268e5e37fd2b61635d8dcad3a46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798974
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73761}
This is a reland of de5f8614a7
Original change's description:
> [atomics] Fix critical section for Atomics.waitAsync
>
> Loading the value at the index for the futex wait should be protected by
> the waiterlist mutex for both sync and async waits.
>
TBR=marja@chromium.org
Bug: chromium:1194026
Change-Id: Id495a7778adf23a7d9dcd80f58179fe8d22fde2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2798511
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73759}
Loading the value at the index for the futex wait should be protected by
the waiterlist mutex for both sync and async waits.
Bug: chromium:1194026
Change-Id: Ie9896cab6828763ebb963f5ad96f264d57c9377f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2796159
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73753}
Move the helper class and some function definitions into
SharedTurboAssembler. We leave most of the other function definitions
inside of macro-assembler-x64, and will move them later.
Also move i16x8.ext_mul high as a check that this code movement works.
Bug: v8:11589
Change-Id: I8ec1fa24cb93b4c4c8bd936a9df06cbf5328374f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2792080
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73750}
The trace_event_common.h header file isn't used with Perfetto any
longer, so avoid adding a dependency to it from cppgc. Additionally
v8_tracing should be a public dependency so that any public headers
exposed from the target can also include tracing-related headers.
Bug: chromium:1006541
Change-Id: Ia3d48a8dad83df2ff3ea1ce36344dbb70ea83709
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2797278
Commit-Queue: Sami Kyöstilä <skyostil@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Sami Kyöstilä <skyostil@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73748}
This CL is part of a series that implements Turbofan support for
property accesses satisfying the following conditions:
1. The holder is a dictionary mode object.
2. The holder is a prototype.
3. The access is a load.
This feature will only be enabled if the build flag
v8_dict_property_const_tracking is set.
This particular CL modifies existing mjsunit tests whose assumptions
don't hold if v8_dict_property_const_tracking is enabled. This is
done by adding special handling for the case that
%IsDictPropertyConstTrackingEnabled() holds.
Bug: v8:11248
Change-Id: Ia36be73e4659a988b2471f0c8151b0442f3a98f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2780292
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73745}
Due to immutable loads being placed earlier during scheduling and
subsequently being spilled, the safepoint table of a function may grow
significantly. Until we implement an optimization to avoid spilling in
such cases, we disable immutable loads for tagged values.
Bug: chromium:1191540, v8:11510
Change-Id: Ia5c5d274e6d4b9145cd028828f9a328a65bed17f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2796953
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73743}
We need to exit before FallThruTo invokes DCHECK(this->ok()).
Bug: chromium:1194316
Change-Id: I77eb58cbe232277cc8fc3cc0d1c327d7eba8bfb3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2796954
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73742}
