This CL enables the --wasm-generic-wrapper flag by default.
Bug: v8:10982
Change-Id: Iada906ce49810806c500ee3ca26e09e847b69a27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539915
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71374}
The total frame size returned by GetTotalFrameSize includes the frame
marker. However, the frame marker is pushed on the stack with a push
instruction. Therefore it is not needed to allocate memory for it again
on the stack. This CL therefore reduces the memory allocated on the
stack by the size of the frame marker.
R=clemensb@chromium.org
Bug: v8:11074
Change-Id: Ie04508a57a2c641a2ee5d89d72dd22ec0572b5e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557510
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71373}
Drive-by Torque changes:
- kSize can be non-aligned, use SizeFor() instead for map allocation.
- Factory functions use Torque-generated setters directly to work even
if they are shadowed.
- Allow class generation in the presence of custom weak fields, this
was supported already.
Bug: v8:7793
Change-Id: I7e2df45d550ff70973e5167459050fd84db03114
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547285
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71371}
This CL temporarily disables use of the generic js-to-wasm wrapper for
asm.js modules, since the generic js-to-wasm wrapper does not fully
support them yet.
Bug: v8:10982
Change-Id: I79a489075c689549b07bf1436c6115edb147cbe5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554602
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Vicky Kontoura <vkont@google.com>
Cr-Commit-Position: refs/heads/master@{#71370}
OpcodeLength in function-body-decoder was implemented in a way that did
not detect invalid non-prefixed opcodes, even when {validate} was on.
This CL brings its behavior in line with prefixed opcodes and validation
requirements.
Change-Id: I53fec32f13bd18a2ed0c7a7666d69fc09603db56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552516
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71368}
A simple fix to avoid an unneeded instruction.
R=ahaas@chromium.org
Bug: chromium:1152363
Change-Id: I7188156816ab24ed88fb1cd79859aa9f0b6c948b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557513
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71367}
SL's VisitSpeculativeIntegerAdditiveOp was setting Signed32 as
restriction type even when relying on a Word32 truncation in order to
skip the overflow check. This is not sound.
Bug: chromium:1150649
Change-Id: I3113a2102c62d6ecef342c98d25daf31431c01ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557498
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71364}
For pages that are already swept, it can happen that one thread
iterates old-to-new-slots while another thread promotes an object onto
the same page.
Accessing the slot_set in Scavenger::ScavengePage therefore needs to be
atomic.
Bug: v8:11077
Change-Id: I086db612ed4e861aa9bd1c18fdf5c0e17c519a4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555009
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71360}
The Code object returned by CompileOptimized runtime functions is
tail-called to continue execution. This Code object should not be the
CompileLazy builtin.
We ran into this case when the requested code kind was available, but
not attached - here we returned early from Compiler::CompileOptimized
without doing anything.
To satisfy the postcondition, this CL removes the early exit and lets
GetOptimizedCode handle the cached cases (both the FeedbackVector's
optimized code cache, and the isolate cache).
Bug: v8:8888
Change-Id: Ie60e6cf27b697ea6685441184b65f28f3583f75a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557500
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71358}
The CPPGC_BUILD_IN_V8 define (used for tracing) isn't propagated from
v8_base_without_compiler to cppgc_base, which breaks build with
perfetto. Instead use a gn args to specify standalone builds (defaulted
to false) and use that to choose the right tracing implementation.
Bug: chromium:1056170
Change-Id: I70bce819d45fb133b6f932a50a5d027e39f3e5b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555007
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71356}
Prototype 2 prefetch instructions (temporal and non-temporal) on arm64
and interpreter.
Add prfm to assembler, and use MiscField to encode the two versions.
Small tweak to simulator to handle these new instructions (no-op).
The implementation in the interpreter just pops the memory index and
does nothing.
Simple test cases added for these 2 new instructions, as well as a
prefetch with OOB index, which should not trap.
Bug: v8:11168
Change-Id: Ieced8081615d07f950d6d4c1128d1bc6a75839fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543167
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71353}
Now the ModS opcode and MacroAssembler::EmitFPUTruncate function
are useless, and should be removed.
Change-Id: I5ba7c2cd01084b322046c8267b7581ab9d1755c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554382
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#71352}
Drive-by cleanup for other bitmask instructions to
UseScratchRegisterScope instead of using temporary registers in
instruction-selector.
Bug: v8:10997
Change-Id: Id46d249fd20ceaeab8e867babec8b34d7995c17f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2548081
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71351}
Currently we only correctly disassemble encoding A4, with a list of 4
regs.
Also added tests for these encodings.
Change-Id: I38066186d19deb8c180129d7a92b49bc589315cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554258
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71350}
In our codegen, we are mixing SSE and AVX. This can potentially cause
transition delays. Ideally we should stick to one. We add some new AVX
versions of movss and movsd, then use the macro-assembler methods to
generate AVX instructions if supported.
Bug: v8:11190
Change-Id: Iff7c0fb892cea85731f880ac2895480621b3092f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554257
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71349}
This reverts commit 5557a63beb.
Reason for revert: Sheriff's mistake, failing test was previously flaking.
Original change's description:
> Revert "stack-trace-api: implement getEnclosingLine/Column"
>
> This reverts commit c48ae2d96c.
>
> Reason for revert: Breaks a profiling test:
> https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/30010
>
> Original change's description:
> > stack-trace-api: implement getEnclosingLine/Column
> >
> > Introduces getEnclosingColumn and getEnclosingLine on CallSite
> > so that the position can be used to lookup the original symbol
> > for function when source maps are used.
> >
> > BUG=v8:11157
> >
> > Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Commit-Queue: Benjamin Coe <bencoe@google.com>
> > Cr-Commit-Position: refs/heads/master@{#71343}
>
> TBR=jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com
>
> Change-Id: Iab5c250c1c4fbdab86971f4a7e40abc8f87cf79c
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: v8:11157
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555384
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71345}
TBR=bbudge@chromium.org,jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com
# Not skipping CQ checks because this is a reland.
Bug: v8:11157
Change-Id: I8dba19ceb29a24594469d2cf79626f741dc4cad3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555499
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71348}
This reverts commit c48ae2d96c.
Reason for revert: Breaks a profiling test:
https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/30010
Original change's description:
> stack-trace-api: implement getEnclosingLine/Column
>
> Introduces getEnclosingColumn and getEnclosingLine on CallSite
> so that the position can be used to lookup the original symbol
> for function when source maps are used.
>
> BUG=v8:11157
>
> Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Benjamin Coe <bencoe@google.com>
> Cr-Commit-Position: refs/heads/master@{#71343}
TBR=jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com
Change-Id: Iab5c250c1c4fbdab86971f4a7e40abc8f87cf79c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:11157
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555384
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71345}
Introduces getEnclosingColumn and getEnclosingLine on CallSite
so that the position can be used to lookup the original symbol
for function when source maps are used.
BUG=v8:11157
Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Benjamin Coe <bencoe@google.com>
Cr-Commit-Position: refs/heads/master@{#71343}
If we have a regular isolate (or none at all), we can skip acquiring
the lock check and DCHECK that we are calling from the main thread.
If we have a LocalIsolate, we acquire the string lock if needed.
Bug: v8:7790
Change-Id: Ie3562e8172a3e3eca8d194e8652cb881f765cdb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551102
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71340}
We use the same temporary mechanism as with eqref, in anticipation of
standardization of the wasm-gc JS API.
Bug: v8:7748
Change-Id: I224a043e5450ce489fc7f3b2f07f277a0444b8e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546695
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71339}
This changes a '<' to a '<=' and adds a comment to explain why it is
safe to use a jump table where the maximum distance is exactly
{kMaxCodeSpaceSize}.
R=jkummerow@chromium.org
Bug: chromium:1151364
Change-Id: Id4971a2e9095fa99df48367ab09af4adbfadffaf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552906
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71337}
For a very particular special case (long "chains" of bound
functions with an undefined @@hasInstance handler), evaluating
the `instanceof` operator could lead to a very deep recursion.
This patch adds a stack check to make sure we throw rather than
crash on stack overflow.
Bug: v8:11115
Change-Id: I6bf941b9e75e9fe3a52112ade27388ac4fbbda2f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545624
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71335}
Bug: v8:7790
Change-Id: Idee149b3d59064941473d5e17e2c56a253a5f49d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546691
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71334}
When comparing two-byte strings, the correct number of characters to
compare is length(), not byte_length().
The bug was introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/2533038
There's no regression test, since going beyond the AstRawString
boundary generally doesn't crash.
Bug: chromium:1151602
Change-Id: I32c297c2751835dd7574ff928d2d5b8346b4381a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551110
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71330}
Without the cast, gcc might throw the following error
during compilation:
error: enumeral mismatch in conditional expression:
'cppgc::internal::StatsCollector::ScopeId' vs
'cppgc::internal::StatsCollector::ConcurrentScopeId'
Change-Id: I95e230310a0cbdc775d63657b8c407a8392a57e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551104
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#71325}
Drive-by: Add alias for lzer on Assembler
Change-Id: Id0d705ef864899241f77d92c2cf8a144f753ef15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552928
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#71324}
With pointer compression, the size of a reference depends on whether it
is stored on the stack or on the heap. The size provided by
ValueType::element_size_bytes() is the size of a reference on the heap.
LiftoffAssembler::SlotSizeForType(...) however should return the size
on the stack. This CL fixes this inconsistency.
This issue would have been found by an existing test, but this test is
disabled at the moment because of missing safepoint maps for stack
checks.
R=thibaudm@chromium.org
Bug: v8:7581
Change-Id: Ia45944b265fa4ce0d560ff00a24b023d6c1ae10a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552515
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71320}
Because of LocalHeap safepoints, our existing assert scopes don't
necessarily maintain the same guarantees as desired. In particular,
DisallowHeapAllocation no longer guarantees that objects don't move.
This patch transitions DisallowHeapAllocation to
DisallowGarbageCollection, to ensure that code using this scope is
also protected against safepoints.
Change-Id: I0411425884f6849982611205fb17bb072881c722
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540547
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71319}
This retrieves script name directly from StackFrameBase, bypassing
building of StackFrameInfo if one hasn't already been initialized,
thus avoiding computation of expensive properties that are not required.
This matches current behavior of GetScriptNameOrSourceURL() and is a
workaround until a dedicated API is available.
This is necessary to switch AdTagging over from using
GetScriptNameOrSourceURL() to GetScriptName(), to ensure that scripts
with source urls are tagged appropriately. (See crrev.com/c/2551259.)
Bug: chromium:1127391
Change-Id: I6eb145b88c26deb1a088f038b0f8b377bc8fe3ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2550504
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Alex Turner <alexmt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71318}
Port 1da429fb8a
Original Commit Message:
This is a reland of 800307f6a5, with a
minimal fix for arm64 (uint64_t -> uintptr_t).
Original change's description:
> [wasm][memory64] Prepare Liftoff for ptrsize offsets
>
> This CL prepares the LiftoffAssembler interface for uintptr_t offsets.
> Many places can still only handle 32-bit values, but after this CL we can
> start storing the offsets as uintptr_t in the memory access immediates.
> Some TODOs are placed to extend code generation for 64-bit additions, if
> memory64 is enabled.
> All of this will be addressed in follow-up CLs.
>
> R=manoskouk@chromium.org
>
> Bug: v8:10949
> Change-Id: Id3b9b8aa555ab41f082ba012f4f8d80586c35b89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529452
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71236}
R=clemensb@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I87a421ab1fe6e4d0f2098c24ff34a3888631722e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552166
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#71317}
CalculateGlobalOffsets has to be called once after all globals got
defined but before global offsets get accessed, e.g. during code
generation. It is not clear though when exactly CalculateGlobalOffsets
should be called. The globals section may not exist, so at the end of
the globals section is not enough (globals can also be defined in the
import section). At the beginning of the code section is also not good
enough, because the code section may not exist. At the end of the module
may be too late.
With this CL, CalculateGlobalOffsets is called after the global section,
before the code section, and at the end of the module. Additionally the CL
checks if CalculateGlobalOffsets has already been called, so that it is
not executed a second time.
R=manoskouk@chromium.org
Bug: v8:11185
Change-Id: I922b9f60a4a17a09d2527fd9ab35cda71226030c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551100
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71314}
