No functional change, just a cleanup I forgot to integrate in the
reland: https://crrev.com/c/1146100R=mstarzinger@chromium.org
Bug: v8:7977
Change-Id: Ifbb437d6a1ec9ec1b8623859bdf183dab1a1c0f6
Reviewed-on: https://chromium-review.googlesource.com/1148721
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54685}
When going to PREMONOMORPHIC state we previously stored the
premonomorphic sentinel into the first IC slot and then the
second slot was storing the uninitialized sentinel. So when
TurboFan kicked in and optimized the function we'd just put
a LOAD_IC in there and hoped for the best that this is either
not in hot code or will reoptimize for another reason later
to fixup the LOAD_IC.
This is a quite annoying footgun for developers because the
performance inevitably depends on timing of when the optimizing
compiler kicks in.
To fix this issue we now keep a weak reference to the receiver
map in the second slot of the IC in PREMONOMORPHIC state and
use that to speculatively optimize when we go to TurboFan. This
improves the performance on the reported bug from
spread: 2342 ms.
spread: 2352 ms.
spread: 2339 ms.
to
spread: 1490 ms.
spread: 1451 ms.
spread: 1445 ms.
which corresponds to a 36% improvement in this particular case.
In general you'll get more predictable performance with this
change.
We might want to also use the map when going to MONOMORPHIC
state at a later point to maybe skip the additional transition
to POLYMORPHIC in some cases, but that's independent of this
bug.
Bug: v8:5267, v8:7973
Change-Id: Ia4eef7651e219a40927531cdffe320ade1dd19a4
Reviewed-on: https://chromium-review.googlesource.com/1148205
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54682}
Avoid copying the last character to a local variable, by checking the parsing
state in a different order.
BUG=v8:7926
Change-Id: Ifb722dd3864737dc66d8e0885adbeba1376a059e
Reviewed-on: https://chromium-review.googlesource.com/1148569
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#54680}
Put all loads on the effect chain. This removes freedom of the
scheduler, which might regress performance of the generated code
(probably negligible) and might improve performance of code generation.
It also prevents hard to diagnose bugs where the scheduler might
schedule loads too early such that we miss an update during a function
call or gc.
In order to make all updates and uses of the "current control" and
"current effect" more visible, this CL also introduces {SetEffect} and
{SetControl} methods, and uses {Effect} and {Control} more rigorously.
R=mstarzinger@chromium.org
Change-Id: I917ce1775345a1fadf6166022c8848e36e195c56
Reviewed-on: https://chromium-review.googlesource.com/1129235
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54679}
This flag allows to share a single WasmEngine among all Isolates within
the same process. It will ultimately allow to share the WasmCode objects
associated with modules that are transferred via structured cloning.
R=clemensh@chromium.org
TEST=mjsunit/wasm/worker-module
BUG=v8:7424
Change-Id: I70d852d319b2a80bd02e0a2a838dcdfa071df6e1
Reviewed-on: https://chromium-review.googlesource.com/1138213
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54678}
Mark/IsIndependent is marked V8_DEPRECATE_SOON, but is still needed in some
places. In order to allow us to warn on V8_DEPRECATE_SOON within V8, explicity
disable deprecation warnings on these calls temporarily.
BUG=v8:7754
Change-Id: I0a7f3aedc04412c120217ba83d2cf91aafff568d
Reviewed-on: https://chromium-review.googlesource.com/1147751
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54670}
- Eliminates less general forms of vmov between core and scalar
FP registers.
Bug: v8:7754
Change-Id: I3224c57e03dfd64ea6552b215017dacc357dda26
Reviewed-on: https://chromium-review.googlesource.com/1144126
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54663}
This reverts commit 9c4200b2e9.
Reason for revert: breaks arm64 msan: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/22108
Original change's description:
> [scanner] Faster SkipMultiLineComment by avoiding a copy.
>
> Avoid coping the last character to a local variable, by checking the parsing
> state in a different order.
>
> BUG=v8:7926
>
> Change-Id: I0b62f711674beac8c81a25dd566a5ed0d681948b
> Reviewed-on: https://chromium-review.googlesource.com/1148456
> Commit-Queue: Florian Sattler <sattlerf@google.com>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54657}
TBR=marja@chromium.org,sattlerf@google.com
Change-Id: I665bce8214e6d0b8f8a619820ff13f37bc722332
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7926
Reviewed-on: https://chromium-review.googlesource.com/1148620
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54658}
Avoid coping the last character to a local variable, by checking the parsing
state in a different order.
BUG=v8:7926
Change-Id: I0b62f711674beac8c81a25dd566a5ed0d681948b
Reviewed-on: https://chromium-review.googlesource.com/1148456
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54657}
This is a reland of a462a7854a
Original change's description:
> [turboassembler] Introduce hard-abort mode
>
> For checks and assertions (mostly for debug code, like stack alignment
> or zero extension), we had two modes: Emit a call to the {Abort}
> runtime function (the default), and emit a debug break (used for
> testing, enabled via --trap-on-abort).
> In wasm, where we cannot just call a runtime function because code must
> be isolate independent, we always used the trap-on-abort behaviour.
> This causes problems for our fuzzers, which do not catch SIGTRAP, and
> hence do not detect debug code failures.
>
> This CL introduces a third mode ("hard abort"), which calls a C
> function via {ExternalReference}. The C function still outputs the
> abort reason, but does not print the stack trace. It then aborts via
> "OS::Abort", just like the runtime function.
> This will allow fuzzers to detect the crash and even find a nice error
> message.
>
> Even though this looks like a lot of code churn, it is actually not.
> Most added lines are new tests, and other changes are minimal.
>
> R=mstarzinger@chromium.org
>
> Bug: chromium:863799
> Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b
> Reviewed-on: https://chromium-review.googlesource.com/1142163
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54592}
Bug: chromium:863799
Change-Id: I7729a47b4823a982a8e201df36520aa2b6ef5326
Reviewed-on: https://chromium-review.googlesource.com/1146100
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54656}
This is a part of larger cl https://chromium-review.googlesource.com/c/v8/v8/+/1144524
"Port canonicalizeLanguageTag and isStructuallyValidLanguageTag from JS to C++."
This is being separated out because:
1) this will unblock ftang's work
2) there is an increased memory usage issue report I'd like to understand before
connecting IsStructurallyValidLanguageTag for widespread usage
The memory concern will be dealt with in a follow-up cl.
Also in this cl:
Fix to ignore the first tag when checking for duplicate subtags.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I76f4f6861490d8f9ccb36d6a0f7a7d5fa32ff995
Reviewed-on: https://chromium-review.googlesource.com/1147561
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Brian Stell <bstell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54653}
This CL simplifies the implementation of inlined DataView
methods in TurboFan. It removes the explicit exception handling,
and just deopts and relies on the baseline code to handle
exceptions instead.
It also adapts the DataView test files in mjsunit/compiler/
accordingly.
Change-Id: I013c76970e1480df2b755d17d397bd0f9f26f0ec
Reviewed-on: https://chromium-review.googlesource.com/1148207
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54648}
TestHeapRootsNotReadOnly was mistakenly checking for exceptions to the
rule by comparing the value of the root rather than the address. Since
several roots point to UndefinedValue, this meant that only one of the
matching roots had to be in the list.
This fixes it by instead getting a Handle from Factory and using the
address() method to check whether the roots match the exception list.
Also adds detached_contexts, feedback_vectors_for_profiling_tools,
microtask_queue, serialized_global_proxy_sizes and serialized_objects to
the exception list now that the test is working properly.
Change-Id: I599d584f94797a256d1c8c24c0fa2848ca1ca1df
Reviewed-on: https://chromium-review.googlesource.com/1148331
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54647}
This is a preparatory CL that refactors the WASM memory allocation path,
the WasmGraphBuilder, and several points of contact for ArrayBuffers to
allow them to eventually be up to 4GiB.
1.) Refactor definition of constants to prepare for memories of size 2^32
2.) Refactor WasmInstanceObject fields memory_size and memory_mask to
be stored as uintptr_t
3.) Refactor WasmGraphBuilder to use 64-bit comparisons for bounds checks
4.) Refactor JSArrayBuffer accessor methods to use size_t properly.
5.) Add empirical maximum memory and array buffer size tests
R=mstarzinger@chromium.org
BUG=v8:7881
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I78a49069cfa89757cc93f0a30b1c1a99c4b2edba
Reviewed-on: https://chromium-review.googlesource.com/1112003
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54646}
Compiling import and export wrappers currently takes a big chunk of the
instantiation time. Add events to show this in the trace.
R=ahaas@chromium.org
Change-Id: Iffcabf18497cdb2d8caac7f939e4b1bc452d316f
Reviewed-on: https://chromium-review.googlesource.com/1148219
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54644}
