The existing object materialization in the deoptimizer has the following problems:
- Objects do not necessarily verify during materialization (because during the
depth first walk we might have inconsistent objects).
- Stack can overflow (because we just materialize using recursive calls).
- We generalize object fields.
This CL re-implements the materialization algorithm to solve this problem. The
new implementation creates the objects in two steps:
1. We allocate space for all the objects. In general, we allocate ByteArrays
of the right size. For leaf objects that cannot participate in cycles,
we build and initialize the materialized objects completely.
For JS objects, we insert markers into the byte array at the positions
where unboxed doubles are expected.
2. We initialize all the objects with the proper field values and change the
map from the ByteArray map to the correct map. This requires some sync
with the concurrent marker (Heap::NotifyObjectLayoutChange).
When initializing the JS object fields, we make sure that we respect
the unboxed double marker.
Bug: chromium:770106, v8:3836
Change-Id: I1ec466a9d19db9538df4ba915516d4c3ca825632
Reviewed-on: https://chromium-review.googlesource.com/777559
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49821}
According to the style guide, we pass unique_ptr by value, or by
reference in rare cases, but never by rvalue reference.
R=ahaas@chromium.org
Bug: v8:7109
Change-Id: I6cfdb8b61fada532ce334e2da419598085a2b408
Reviewed-on: https://chromium-review.googlesource.com/803716
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49820}
Since we have this d8 directory now, we can also use it.
R=machenbach@chromium.org
Bug: v8:7109
Change-Id: I595ceb30e1c9350ad00d5cfaf998e40294602103
Reviewed-on: https://chromium-review.googlesource.com/803214
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49817}
R=adamk@chromium.org
Bug:
Change-Id: Ic5668ba70065c7315c354b9921b3c493080da2a7
Reviewed-on: https://chromium-review.googlesource.com/803254
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49812}
This patch normalizes the casing of hexadecimal digits in escape
sequences of the form `\xNN` and integer literals of the form
`0xNNNN`.
Previously, the V8 code base used an inconsistent mixture of uppercase
and lowercase.
Google’s C++ style guide uses uppercase in its examples:
https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters
Moreover, uppercase letters more clearly stand out from the lowercase
`x` (or `u`) characters at the start, as well as lowercase letters
elsewhere in strings.
BUG=v8:7109
TBR=marja@chromium.org,titzer@chromium.org,mtrofin@chromium.org,mstarzinger@chromium.org,rossberg@chromium.org,yangguo@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I790e21c25d96ad5d95c8229724eb45d2aa9e22d6
Reviewed-on: https://chromium-review.googlesource.com/804294
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49810}
The deleted lines are unnecessary, but somehow still managed
to make their way in.
Bug:
Change-Id: If86b7e773af3149e18de59caecbf03d4558a313c
Reviewed-on: https://chromium-review.googlesource.com/804822
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49809}
This reverts commit 3b06511052.
Reason for revert: Broke fuzzers:
https://build.chromium.org/p/client.v8.clusterfuzz/builders/V8%20Deopt%20Fuzzer/builds/384
Original change's description:
> Reland "[test] Creating command before execution phase."
>
> This is a reland of 98cc9e862f
> Original change's description:
> > [test] Creating command before execution phase.
> >
> > Immutable command class with shell, flags and
> > environment.
> >
> > Command creation moved from worker to the main
> > process. Because of that there is no need to send
> > test cases beyond process boundaries and load test
> > suites in worker processes.
> >
> > Bug: v8:6917
> > Change-Id: Ib6a44278095b4f7141eb9b96802fe3e8117678a6
> > Reviewed-on: https://chromium-review.googlesource.com/791710
> > Commit-Queue: Michał Majewski <majeski@google.com>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#49746}
>
> Bug: v8:6917
> Change-Id: I49c29a8db813c47909f2cc45070ac7721a447c7a
> Reviewed-on: https://chromium-review.googlesource.com/800370
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michał Majewski <majeski@google.com>
> Cr-Commit-Position: refs/heads/master@{#49756}
TBR=machenbach@chromium.org,sergiyb@chromium.org,majeski@google.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6917
Change-Id: I4938642c4396366be1e13daf6998c4b8538b688b
Reviewed-on: https://chromium-review.googlesource.com/804254
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49805}
Aligns console.count() behavior with spec, which says the default label
should be "default" when the label provided is not defined.
Bug: chromium:700624
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ie58af210d300ef3151082b23187dd18e356f5de8
Reviewed-on: https://chromium-review.googlesource.com/780620
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49804}
Similar to Firefox and Safari, calling console.time() repeatedly with
the same label will now produce a console warning indicating that the
label already exists. Similarly for console.timeEnd() as well.
Bug: chromium:727514
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Id644ee107b09e7f4686fff44c5f32d31c88371ad
Reviewed-on: https://chromium-review.googlesource.com/794345
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49803}
This CL adds support for f32 locals and parameters, and implements the
basic f32 binary operations.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: Ia2d792dd1a6f7e97eab52a4ac49543b128fe3041
Reviewed-on: https://chromium-review.googlesource.com/796854
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49802}
Flush the icache after JIT-ing using the WasmCodeManager. Also, re-enable
tests that were previously failing on Linux ARM.
Bug: v8:7138
Change-Id: I8e18b80dba58df173a2360f8ac365ee5daaf3239
Reviewed-on: https://chromium-review.googlesource.com/802961
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49800}
Hexadecimal escape sequences of the form `\xNN` are more readable
in the context of byte values, and are preferred per Google’s C++
style guide.
https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters
BUG=v8:7109
Change-Id: I6821ccb804388d99e5601e92fc392afdf496691e
Reviewed-on: https://chromium-review.googlesource.com/803057
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49799}
Some uses use uint64_t instead of int64_t to avoid compiler warnings
about illegal narrowing of values with the MSB set.
R=tebbi@chromium.org,mlippautz@chromium.org
Bug: v8:7109
Change-Id: I6e861f48828bd931c451ef336672a260c13ae042
Reviewed-on: https://chromium-review.googlesource.com/803275
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49797}
Adds new API function to request code cache. Earlier code cache was
produced along with compile requests. This new API allows us to request
code cache after executing. Also adds support in the code serializer to
serialize after executing the script.
Bug: chromium:783124,chromium:789694
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Id4e6a967e176e3e979dc4ccb9a37a353c70c3890
Reviewed-on: https://chromium-review.googlesource.com/797036
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49793}
V8_INT64_C will be cleaned up in a follow-up CL.
R=tebbi@chromium.org,mlippautz@chromium.org
Bug: v8:7109
Change-Id: I6af97e7266039eb443896b404b77b8e2b5de5adb
Reviewed-on: https://chromium-review.googlesource.com/803294
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49790}
These should've been moved earlier but were left behind.
BUG=v8:5402,v8:7109
Change-Id: I9736da35f1ef89628c987c33eed40a07aa266bea
Reviewed-on: https://chromium-review.googlesource.com/803375
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49789}
The Arm atomic operations used an input register as a temporary,
corrupting it for future uses. Fix this by adding another temporary,
the impact of which is partly reduced by removing the "unique"
requirement on the address base register.
Bug:
Change-Id: I99a7bc3c14100d64cb7478e2053cf83ab6dcea50
Reviewed-on: https://chromium-review.googlesource.com/795953
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49785}
These now pass even when forcing optimization.
TBR=jkummerow@chromium.org
Bug: v8:6791
Change-Id: I4d7c7d37b48e6e970d33474fa7fd637e34b0bda0
Reviewed-on: https://chromium-review.googlesource.com/803374
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49781}
LiftoffRegister is an abstraction over Register and DoubleRegister.
Many functions in Liftoff do not need to distinguish GP and FP
registers. LiftoffRegister allows to implement most functions
generically. Accessors allow to convert them back to Register or
DoubleRegister.
Both register types are represented in a unified index space, which
allows to extend this concept to more register types and implement
aliasing in a straight-forward manner.
Many functions currently only implement the GP case. FP will be added
later.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: I043b787bc09dd1a06506ad515eb325b8ea19746d
Reviewed-on: https://chromium-review.googlesource.com/793390
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49780}
In the special case of KeyedLoadIC, where the key is always undefined,
LowerCheckEqualsInternalizedString fails and triggers deoptimization
loops. It's because {exp}, which is undefined_string, does not match
{val}, which is undefined_value.
This patch drops the convertion from undefined_value to undefined_string
for undefined key in KeyedLoadIC. It makes undefined key be able to pass
LowerCheckEqualsInternalizedString and avoids the deoptimization loops.
Bug:
Change-Id: Ie15358e705490fb2e4907f4d37a3ef7921f74844
Reviewed-on: https://chromium-review.googlesource.com/789613
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49779}
This CL introduces a Context::kInvalidContext sentinel value to make clear that
no context is active. We silently accept smi 0 (= nullptr) as a non-set context
which usually was the default value making it hard to ensure whether this
happened on purpose or not.
Change-Id: I5c35616f26b0b64c1cd976563a6eeb0ce474927d
Reviewed-on: https://chromium-review.googlesource.com/790291
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49778}
It reflects the semantics of ToBoolean, so it must be adapted for
bigints.
Bug: v8:6791
Change-Id: I18931df21528463dacf5ad50fa8264b1c968c6b5
Reviewed-on: https://chromium-review.googlesource.com/799831
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49776}