Changes:
- Move enhancement of locals_count by 1 inside AnalyzeLoopAssignment.
- Update documentation of AnalyzeLoopAssignment.
- Factor out invocation to OpcodeLength();
- Use uint32_t for locals count consistently in related testing
functions.
Change-Id: I5bb5a324c4f4ed1aafc37849f3762d7a9630da51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549966
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71312}
This CL adds partial support for objects whose slow mode dictionaries
are OrderedNameDictionaries. This is the case for all slow mode objects
if V8_DICT_MODE_PROTOTYPES is enabled.
Specifically, this CL contains bailouts to the runtime in places where
the subsequent CSA or Torque code may have to access property
dictionaries.
These bailouts only happen if V8_DICT_MODE_PROTOTYPES is set, in which
case the property dictionaries are of type OrderedNameDictionary, which
cannot be handled by most CSA/Torque code.
The idea is that these bailouts are temporary and will all be removed
once we've implemented the actuall dictionary accesses in CSA/Torque.
Bug: v8:7569, v8:11167
Change-Id: I8308b2f8ba2d4dbf7918da42f995ae270c825fff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545711
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71311}
Reset main_thread_local_isolate_ only after Heap::TearDown was executed.
main_thread_local_isolate_ is still needed in there for e.g.
HandleBase::IsDereferenceAllowed in MemoryMeasurement.
Bug: chromium:1150867, v8:10315
Change-Id: Ia1ebfd561b7a3ab2d346f0c17b239f75ad77471f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549969
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71310}
This is a reland of e26863df27
The test now works with the no-i18n case.
Original change's description:
> [foozzie] Suppress access to CurrentTimeValue
>
> This stubs out CurrentTimeValue for differential fuzzing as otherwise
> the non-deterministic value leaks from Intl.DateTimeFormat format and
> formatToParts.
>
> This also affects other date creations, like Date.now(), which is
> already stubbed out on the JS side. We keep that code for
> backwards-compatibility to keep bisection stable.
>
> Bug: chromium:1149050
> Change-Id: Ifd82844c9fb8ce7262b55da6cf9f88f544268942
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546685
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71294}
Cq-Include-Trybots: luci.v8.try.triggered:v8_linux_noi18n_rel_ng_triggered
Bug: chromium:1149050
Change-Id: I4a750b580495532ca0ffb125522f8f5958e4cad6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552401
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71309}
We had a test which first enabled the profiler, and then compiled wasm
code. In this case, all code objects were registered correctly and the
profile looked as expected.
This CL extends the test for also test another order: First compile the
wasm code, then enable the profiler. In that case, we were reporting a
wrong debug name of the exported wasm function. The name of that
function is spec'ed to be the string representation of the function
index. But for debugging, we want to see a more meaningful name,
identical to the name we show when reporting the code during
compilation.
This fix requires handlifying the {SharedFunctionInfo::DebugName}
method, because for exported wasm functions, it needs to allocate a new
name on the JS heap.
In order to avoid this allocation where possible, a second variant is
added which returns a unique_ptr directly. This can be used in all
places where the name is just being printed, which turned out to be the
majority of cases ({DebugName().ToCString()}).
R=petermarshall@chromium.org
Bug: chromium:1141787
Change-Id: I0343c2f06f0b852007535ff07459b712801ead01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543931
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71308}
This is a reland of 800307f6a5, with a
minimal fix for arm64 (uint64_t -> uintptr_t).
Original change's description:
> [wasm][memory64] Prepare Liftoff for ptrsize offsets
>
> This CL prepares the LiftoffAssembler interface for uintptr_t offsets.
> Many places can still only handle 32-bit values, but after this CL we can
> start storing the offsets as uintptr_t in the memory access immediates.
> Some TODOs are placed to extend code generation for 64-bit additions, if
> memory64 is enabled.
> All of this will be addressed in follow-up CLs.
>
> R=manoskouk@chromium.org
>
> Bug: v8:10949
> Change-Id: Id3b9b8aa555ab41f082ba012f4f8d80586c35b89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529452
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71236}
Bug: v8:10949
Tbr: manoskouk@chromium.org
Change-Id: I33a9676afbf84d2032b181de2afd745841575900
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2550663
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71307}
We added this to add elements kind to handlers so Turboprop could
use the elements kind information for inlining array builtins when using
dynamic map checks. This information isn't useful without other map
based optimizations like constant folding to inline array builtins.
So we don't need this information.
Bug: v8:10582
Change-Id: I846c037ca2d87158dd017e2e23c7d1a0dfc685b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549950
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71306}
This CL adds partial support for objects whose slow mode dictionaries
are OrderedNameDictionaries. This is the case for all slow mode objects
if V8_DICT_MODE_PROTOTYPES is enabled.
Specifically, this CL contains minor changes to CSA code, short of
actually performing ordered dictionary lookups using CSA
implementations of these lookups.
Bug: v8:7569
Change-Id: I0dab0f21000ca3b9b170ace58787ec639d587e64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540590
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71304}
LocaleBuilder validates better, it also fixes most cases in
transformed-ext-invalid except one.
Bug: v8:10447
Change-Id: I6fed6692ca3264198e42ccc3d9ca4bfb54fb0517
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549688
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71300}
This reverts commit e26863df27.
Reason for revert: Fails on noi18n bot, see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/34852/overview
Original change's description:
> [foozzie] Suppress access to CurrentTimeValue
>
> This stubs out CurrentTimeValue for differential fuzzing as otherwise
> the non-deterministic value leaks from Intl.DateTimeFormat format and
> formatToParts.
>
> This also affects other date creations, like Date.now(), which is
> already stubbed out on the JS side. We keep that code for
> backwards-compatibility to keep bisection stable.
>
> Bug: chromium:1149050
> Change-Id: Ifd82844c9fb8ce7262b55da6cf9f88f544268942
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546685
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71294}
TBR=machenbach@chromium.org,cbruni@chromium.org,clemensb@chromium.org
Change-Id: I958ca723de826ab427d27f5121f96618cf50c832
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1149050
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551314
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71298}
The basic block instrumentation currently uses 32-bit integers, which
could overflow during a long profiling session. I considered upgrading
them to 64-bit integers, but generating the correct instrumentation code
for various architectures would be rather non-trivial. Instead, this
change uses 64-bit floating-point values, which are simple and also have
the nice behavior that they saturate rather than overflowing.
Bug: v8:10470
Change-Id: I60f7456cb750091809803c03a85dd348dc614b58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545573
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71297}
This stubs out CurrentTimeValue for differential fuzzing as otherwise
the non-deterministic value leaks from Intl.DateTimeFormat format and
formatToParts.
This also affects other date creations, like Date.now(), which is
already stubbed out on the JS side. We keep that code for
backwards-compatibility to keep bisection stable.
Bug: chromium:1149050
Change-Id: Ifd82844c9fb8ce7262b55da6cf9f88f544268942
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546685
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71294}
This removes dead methods from wasm-compiler.h and wasm-compiler.cc.
Even though e.g. {BranchExpectTrue} could become useful again in the
future, we still have {BranchExpectFalse} as a template to easily add it
back, and for now it's just untested code which adds to the compile time
and maintenance cost.
R=manoskouk@chromium.org
Bug: v8:10949
Change-Id: Ia3918c4cdfedd2c56bfbfbe7173d11386b9f2499
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2544522
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71293}
Deserialization is currently split into three main steps:
1) Read code and allocate code buffer
2) Copy and relocate code
3) Publish
This moves step 2) to a background task so that it can concurrently
process work units added to the work queue by step 1).
Next, step 3) will also be moved to a background task to create a full
pipeline, such that we can start publishing the first units almost
immediately.
R=ahaas@chromium.org
CC=clemensb@chromium.org
Bug: v8:11164
Change-Id: I99919765400e03737a46bacf0dcd82cb7fe2aefc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543932
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71290}
This reverts commit 548fe20837.
Reason for revert: Issues on Mac64: https://ci.chromium.org/p/v8/builders/ci/V8%20Mac64%20-%20debug/31710
Original change's description:
> cppgc: Use tracing scopes
>
> The scopes themselves mostly have the same coverage as current scopes in
> blink. A few exception due to encapsulation exist and are highlighted as
> comments on the CL.
>
> Bug: chromium:1056170
> Change-Id: I48af2cfdfd53a8caa1ab5d805d377f6f13a825bc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540552
> Commit-Queue: Omer Katz <omerkatz@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71285}
TBR=ulan@chromium.org,mlippautz@chromium.org,omerkatz@chromium.org
Change-Id: I20dce9309dcaeff6ea61bdc51df3a2f62c2a103f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2550782
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71289}
Reorder deserialization steps: instead of processing functions one by
one, run each step individually on all functions (read & allocate, copy
& relocate, publish). This prepares for moving some steps to background
tasks.
R=ahaas@chromium.orgCC=clemensb@chromium.org
Bug: v8:11164
Change-Id: Ic6e1e387b6a60ab16efc91f8e0d45cb2acded2a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543929
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71288}
This uses the old trick from TypedArrays: a Smi-like all zero
pattern plus an offset that actually contains a raw address to access
off-heap data.
Bug: v8:7793
Change-Id: Ia44448d4ff7e2dcaa02a2c5653f622fb93c3dd09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534817
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71287}
The scopes themselves mostly have the same coverage as current scopes in
blink. A few exception due to encapsulation exist and are highlighted as
comments on the CL.
Bug: chromium:1056170
Change-Id: I48af2cfdfd53a8caa1ab5d805d377f6f13a825bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540552
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71285}
This CL adds tracing scopes for the various cppgc classes.
Scopes use TRACE_EVENT_BEGIN and TRACE_EVENT_END macros to report trace
events. To do so they need to include trace-event.h. For unified heap
builds, trace-event.h forwards to v8's src/tracing/trace-event.h. For
other builds, trace-event.h provides a subset of
src/tracing/trace-event.h that covers just the parts used by cppgc.
This CL covers what we need for traces and blink gc metrics (up to
renaming events from BlinkGC.* to CppGC.*). UMA and UKM are not yet
handled.
Bug: chromium:1056170
Change-Id: Id92e84b27259ff0aadae7692f3d79d30896fb8e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540548
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71284}
This is required for enabling scopes such that NotifySweepingCompleted
is not called from within a scope.
Bug: chromium:1056170
Change-Id: Ia66aa4de8c22bfa7dfe1e02ee1e0d3ad088f7bf6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549761
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71282}
When accessing a super property which is a getter, the receiver
is not restricted the same way as when doing normal property access.
In particular, the receiver can be null / undefined.
Bug: v8:9237, chromium:1148758, v8:11161
Change-Id: Ic6bc2053e5d046d4b19e868312aa9b50025256a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549941
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71281}
Unpark the thread for logging in TraceAbortedJob. With FLAG_trace_opt
enabled, this method is going to access the heap and therefore the
local isolate cannot be parked.
Bug: chromium:1149131, v8:10315
Change-Id: Ic08de3aebf000df6a4122602940d9f11112b430b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549946
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71280}
This CL adds partial support for objects whose slow mode dictionaries
are OrderedNameDictionaries. This is the case for all slow mode objects
if V8_DICT_MODE_PROTOTYPES is enabled.
In particular, this part contains the remaining fixes to runtime code,
except for the class templating logic, which follows in a later CL.
Bug: v8:7569
Change-Id: Ib4d08d7d352125709ca916dfc75018dabf71b0cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540549
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Frank Emrich <emrich@google.com>
Cr-Commit-Position: refs/heads/master@{#71275}
This is a reland of e95e1b6234
After landing https://crrev.com/c/2546682, this CL can be relanded
without changes.
Original change's description:
> [heap] Introduce LocalIsolate for main thread
>
> Add a LocalIsolate for the main thread to Isolate. This LocalIsolate is
> kept alive during the whole lifetime of the Isolate. The main thread
> LocalIsolate starts in the Running state in contrast to the background
> thread LocalIsolates (those start in Parked).
>
> Code paths in Turbofan that used to create a LocalIsolate on the main
> thread can now simply use the main thread LocalIsolate.
>
> LocalIsolate for the main thread will help in reducing differences
> between the main and background threads. The goal is that the main
> thread behaves more like a background thread.
>
> The main thread LocalIsolate should also make it simpler to share code
> between main thread and background threads by using LocalIsolate for
> both.
>
> Bug: v8:10315
> Change-Id: I7fd61d305a6fd7079e2319d75c291c1021e70018
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2509593
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71226}
Bug: v8:10315
Change-Id: I418b1217aeac4f3c44a0aa514dea9864f8a58656
TBR: szuend@chromium.org, yangguo@chromium.org, ulan@chromium.org, leszeks@chromium.org, neis@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543399
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71274}
Move the simd post mvp flag check into caller, instead of only checking
in the default case. This allows us to check *all* opcodes to see if
they are post-mvp or not. Before this change, we missed the check for
load and store lanes.
Bug: v8:10975,chromium:1149078
Change-Id: Id3cff8169ef5137f54a49d28291698139116e8a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543170
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71272}
Mac-arm64 devices always have support for it.
Found by thakis@chromium.org
Change-Id: Id2dd9d53b66715efe8b4f7f0019d1ba06289c359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547281
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71268}
AddToDictionaryTemplate in literal-objects.cc was missing several
cases when handling the overwriting between properties with statically
known and dynamically computed names. This led to wrong enumeration
orders in class prototypes created from class templates.
Bug: v8:11158
Change-Id: I7381b4680ec533bd307a6c32d75c8a66394869df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536464
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71266}
Megamorphic load builtins are a performance optimization when current
feedback is megamorphic. We can't make this assumption for shared NCI
code though, since feedback in other native contexts may *not* be
megamorphic, and we'd thus miss out on necessary feedback collection.
Bug: v8:8888
Change-Id: I2adc5ef9a6b021b35cf26f975c79228d556bf94f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546694
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71264}
... to --turbo-dynamic-map-checks. With the upcoming use in NCI code,
this feature is no longer used exclusively by Turboprop.
Bug: v8:8888
Change-Id: I61e01db086fd2e8566d2e2a09574be74b6e5a7bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546693
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71263}
There is a flag in the WebAssembly trap handler that is set whenever
WebAssembly code is entered, and that is reset when WebAssembly code is
left. In runtime functions we have DCHECKs in place that check the
value of this flag.
This flag is only needed when trap handlers are enabled though. When
trap handlers are disabled, the flag is not enabled and disabled
consistently. DCHECKs should therefore only check the flag value when
trap handlers are actually enabled.
R=manoskouk@chromium.orgCC=vkont@google.com
Bug: v8:10982
Change-Id: I3325f6057ff8d9c39d029ef04c55792162d927f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545708
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71261}
This has similar performance as the thread_id check. It removes the need
to get the isolate for this check though, so it's a net positive.
Bug: v8:7790
Change-Id: I329bb9d5fe695fb9ef4990ba3593703b1eedca0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546690
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71259}
Some tests explicitly set the --always-opt flag, but they are not
ignored when the testrunner is invoked with variant="jitless" or
variant="nooptimization".
This CL implies --opt from --always-opt and excludes
--always-opt when the testrunner is invoked with jitless or
nooptimization variants.
Change-Id: I49ebc3907666c462aa09a294a39a504a0c90de96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2544548
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71258}
Pointer compression is not supported in arm32 and we will not encounter
those MachineRepresentations.
Bug: v8:7703
Change-Id: I72c94d57b27710bdca54d649755a91e869b4947e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546686
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71256}
This CL fixes a spot (pointed out by Mythri) in which it was possible
to start running unoptimized bytecode even if cached NCI code was
present.
Previously, the CompileLazy builtin would skip the runtime and start
running bytecode immediately if the SharedFunctionInfo was already
compiled; any NCI code was ignored.
This CL changes the CompileLazy builtin to additionally check the
SFI::may_have_cached_code bit. If set, call into the (new) function
Runtime::kTryInstallNCICode to try and install NCI code.
Bug: v8:8888
Change-Id: Icbee9f0780f9b65e9339f1a958f5b28abe42c810
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546680
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71255}
This CL introduces a new fast_api_call_target field on the isolate,
which is set by Turbofan before making the fast call. It then uses
the field when creating a stack sample and stores it in the existing
external_callback_entry used for regular API callbacks. The CL also
adds a cctest with simple usage scenario and introduces a minor
refactoring in test-api.cc.
Design doc:
https://docs.google.com/document/d/1r32qlPzGz0P7nieisJ5h2qfSnWOs40Cigt0LXPipejE/edit
Bug: chromium:1052746
Change-Id: I2dab1bc395ccab0c14088f7c354fb52b08df8d32
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488683
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71254}
These are prototype instructions, and were missing validation checks for
lane immediates.
Bug: chromium:1149040
Change-Id: I22537061e26980a1aa0b3944839ab947e5351d9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543164
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71245}
In https://crrev.com/c/v8/v8/+/2536465 we added acquiring the lock in
WriteToFlat. Then, acquiring in TryStringToDouble not only is not
necessary but also has undefined behaviour.
This was causing timeouts and meant the tests were disabled in
https://crrev.com/c/v8/v8/+/2543398.
Bug: v8:7790, v8:11171
Change-Id: Iaab4e5079bac96786e536a2e4b766e93ea17e2c4
Fixes: v8:11171
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2544544
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71242}
Guard for extremely large and small values passed to
Isolate::AdjustAmountOfExternalAllocatedMemory from the embedder.
Bug: chromium:1147372
Change-Id: Ib1470bdf2dd16cbc6e61dd1bca97fa5a66f04c77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543925
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71241}
Use the recently added -mmark-bti-property Clang flag to add
GNU_PROPERTY_AARCH64_FEATURE_1_BTI to the ELF GNU program properties.
Bug: v8:10026
Change-Id: Id35a60c9f5a8b3019313d56a142ab8f481e095a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543934
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#71240}
This reverts commit 800307f6a5.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release%20builder/1258
Original change's description:
> [wasm][memory64] Prepare Liftoff for ptrsize offsets
>
> This CL prepares the LiftoffAssembler interface for uintptr_t offsets.
> Many places can still only handle 32-bit values, but after this CL we can
> start storing the offsets as uintptr_t in the memory access immediates.
> Some TODOs are placed to extend code generation for 64-bit additions, if
> memory64 is enabled.
> All of this will be addressed in follow-up CLs.
>
> R=manoskouk@chromium.org
>
> Bug: v8:10949
> Change-Id: Id3b9b8aa555ab41f082ba012f4f8d80586c35b89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529452
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71236}
TBR=clemensb@chromium.org,manoskouk@chromium.org
Change-Id: I6246d2f16bc44b328915c6a66e9933f516459038
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10949
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2544546
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71238}
Make the three map's bitfields use release/acquire semantics. This
ensures, for example, that when we set the number of own descriptors on
the map we will do so with a release store.
Also, start reading and writing said bitfields concurrently when
concurrent inlining is enabled. Note the BIMODAL_ACCESSOR_WITH_FLAG_B
macro which enables this.
Bug: v8:7790
Change-Id: I16561d8e065c50ce272b085d9606b98e37922633
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536640
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71237}
This CL prepares the LiftoffAssembler interface for uintptr_t offsets.
Many places can still only handle 32-bit values, but after this CL we can
start storing the offsets as uintptr_t in the memory access immediates.
Some TODOs are placed to extend code generation for 64-bit additions, if
memory64 is enabled.
All of this will be addressed in follow-up CLs.
R=manoskouk@chromium.org
Bug: v8:10949
Change-Id: Id3b9b8aa555ab41f082ba012f4f8d80586c35b89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529452
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71236}
This CL increases the budget for the tiering strategy of the js-to-wasm
wrappers from 6 (which was initially picked at random, as the feature
was experimental) to 1000 calls (which is picked based on benchmarking).
The high-level rationale behind such a choice can be summarized in the
following:
- The generic wrapper is not that much slower than the specific
wrappers, so it can handle up to some thousands of calls quite well.
- After that, the generic wrapper starts lacking compared to the
specific wrappers, even if compiling a specific wrapper means blocking
the main thread.
- Real-life applications do call exported functions thousands of times,
so this is not an unrealistic choice.
Bug: v8:10982
Change-Id: I143dd11e535101fd24810f63ed8b987cd03c4326
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539913
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71232}
Add a "combination" assert scope class, which combines multiple existing
assert scopes. This will allow scopes with functional overlap, e.g.
DisallowGarbageCollection and DisallowHeapAllocation, to share an assert
type rather than rather than requiring users to remember to set both. To
demonstrate this, this redefines DisallowGarbageCollection to a
combination of DisallowHeapAllocation and a new DisallowSafepoints, and
some of the DCHECKs checking both are simplified to only check one or
the other, as appropriate.
The combination classes become subclasses of the existing assert scopes,
so that they can be used in their place as e.g. a function parameter,
e.g. DisallowGarbageCollection can be passed to a function expecting
const DisallowHeapAllocation&.
As a drive-by, this also changes the per-thread assert scopes to use a
bitmask, rather than a bool array, to store their per-thread data. The
per-isolate scopes already used a bitmask, so this unifies the
behaviour between the two.
Change-Id: I209e0a56f45e124c0ccadbd9fb77f39e070612fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534814
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71231}
Port the fix from https://crrev.com/c/1414858 to ia32. TL;DR, _xgetbv is
a reserved name.
Change-Id: I97cb90ea7d244c02326432cfbfd55419a0a9854a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543933
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71229}
This reverts commit e95e1b6234.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/23064
Original change's description:
> [heap] Introduce LocalIsolate for main thread
>
> Add a LocalIsolate for the main thread to Isolate. This LocalIsolate is
> kept alive during the whole lifetime of the Isolate. The main thread
> LocalIsolate starts in the Running state in contrast to the background
> thread LocalIsolates (those start in Parked).
>
> Code paths in Turbofan that used to create a LocalIsolate on the main
> thread can now simply use the main thread LocalIsolate.
>
> LocalIsolate for the main thread will help in reducing differences
> between the main and background threads. The goal is that the main
> thread behaves more like a background thread.
>
> The main thread LocalIsolate should also make it simpler to share code
> between main thread and background threads by using LocalIsolate for
> both.
>
> Bug: v8:10315
> Change-Id: I7fd61d305a6fd7079e2319d75c291c1021e70018
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2509593
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71226}
TBR=ulan@chromium.org,yangguo@chromium.org,neis@chromium.org,leszeks@chromium.org,szuend@chromium.org,dinfuehr@chromium.org
Change-Id: Ia70b4bfe3b8fa26bf8d6a7dc612a310b0ed54073
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10315
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543937
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71228}
Add a LocalIsolate for the main thread to Isolate. This LocalIsolate is
kept alive during the whole lifetime of the Isolate. The main thread
LocalIsolate starts in the Running state in contrast to the background
thread LocalIsolates (those start in Parked).
Code paths in Turbofan that used to create a LocalIsolate on the main
thread can now simply use the main thread LocalIsolate.
LocalIsolate for the main thread will help in reducing differences
between the main and background threads. The goal is that the main
thread behaves more like a background thread.
The main thread LocalIsolate should also make it simpler to share code
between main thread and background threads by using LocalIsolate for
both.
Bug: v8:10315
Change-Id: I7fd61d305a6fd7079e2319d75c291c1021e70018
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2509593
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71226}
This CL enables a first batch of feedback-based optimizations in NCI
code. Specifically, optimizations based on unary, binary, compare,
for-in-next, and for-in-prepare feedback are now enabled.
This has two main implications:
1. NCI code can now deopt. Deoptimized code is currently thrown away
permanently and cannot be reused. Now that shared/cached NCI code can
deopt, this leads to an interesting question of what should happen
with deoptimized NCI code. The answer in this CL is to remove the
cache entry (it may later be re-added).
2. Tiering up from NCI to TF still requires feedback; since NCI code,
starting with this CL, no longer collects full feedback, feedback must
be created in some other way. This is solved by sharing a
context-independent encoding of feedback across native contexts.
Feedback is shared through a new SerializedFeedback object type,
essentially a byte array of serialized feedback. Currently, only
smi-based feedback is shared, but map-based feedback will be added in
the future.
SerializedFeedback is kept in the NCI cache alongside NCI Code
objects. It is created on NCI cache insertion, and deserialized upon
NCI cache hits.
Bug: v8:8888
Change-Id: Ic0d5fbea3aa4d3b0a165624dab9d0283b07dcee7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531775
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71224}
When a thread gets archived, we still need to scan and update debug
roots on GCs for it. Otherwise we restore stale references when the
thread becomes active again.
Bug: v8:11145
Change-Id: I88f4c1534e826aed222e7fb67bd82bb0a4758fab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2537691
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71221}
all_true, any_true, bitmask, and extract_lane all replace a simd type
with single scalar, so we don't need to set nullptr for the extraneous
lane, and can set num_lanes to 1.
So for a call node with any of the above nodes as one of its value, we
were incorrectly replacing the extract lane node with 4 nodes - it
should only be 1 scalar node.
Drive by fix for LowerShift, it needs to check if the shift value node
has replacement (e.g. if it is an extract lane node).
Also we weren't setting the lowered type of a kPhi node. This can be a
problem if the output of a Phi node is used by a F32x4ExtractLane and
I32x4ExtractLane, which is possible (and type correct since both take
v128). This will require that the output be both a float and a int,
which is impossible. So fix it to Int32x4, and the uses of the phi nodes
will convert appropriately.
Added a test for the call node. Also tested this code by running one of
our benchmarks, which exercises the Phi logic.
Bug: v8:10507
Change-Id: I01a76b349ba9d0e157b64e737bdb4c70f96aa954
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536952
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71218}
The current name for the operator (for printing) is "Extract lane",
without an indication of the shape. Add the shape (I32x4) and sign (for
I8x16 and I16x8, s or u) to the name so that it is clearer what
operation it is.
Change-Id: I1ab30dee5ae820c378cdef8233de1c365dd126c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534630
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71217}
S128Select and S128AndNot relies on the inputs being lowered to I32x4,
since they use Word32Xor, but it wasn't correctly specified. This means
that by default, their lowered type was set to be the output's lowered
type. If the result of these operations were used by F32x4ExtractLane,
then their lowered type will be set to Float32x4, so the inputs will be
lowered to Float32x4, and we get incorrect type of registers allocated.
Bug: v8:10507
Change-Id: I16dc7f2dcdaf2188997ff345a6b0fd22e10b7b36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536953
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71214}
It is becoming difficult to continue supporting the compiler dispatcher
and background compile task unittests alongside the off-thread
finalization work, so disable those tests when that flag is enabled.
Bug: chromium:1011762
Change-Id: Iba9aaa29b08723afb90edc127609fef1d63ceed5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539908
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71211}
Just as OS::Abort, OS::ExitProcess never returns. This is a minor
cleanup which is not expected to reduce binary size considerably, since
we do not call this function often. It is just nice to annotate it
correctly.
On windows, the {TerminateProcess} call is known to not return if
called on the current process. Add an {UNREACHABLE} to enforce this.
R=mlippautz@chromium.org
Bug: v8:11074
Change-Id: I5c079fc459685c65f932404ce536ea28ad188073
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536634
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71210}
- allow arrays to be allocated in LargeObjectSpace
- check requested array allocation length against maximum
- fix array element offsets for pointer-typed elements
- fix GC handling of arrays when there are forwarding pointers
- module builder: fix rtt.sub global initializer expressions
- debug printing: print "UNIMPLEMENTED" instead of crashing
- WasmGCTester: make some exceptions easier to diagnose
Bug: v8:7748, chromium:1141376
Change-Id: Ie0281658748f3dd5e5d90d85bab78f0ea2fc3865
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534815
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71208}
Constant-time subtype checks are only valid for struct/array
objects. Previously, the code checked for JS_FUNCTION_TYPE to
specifically catch funcrefs. With this patch, anything except
struct/array objects is excluded, in preparation for anyref
support. Additionally, this dynamic check is now only emitted
when static type information is not enough.
Bug: v8:7748
Change-Id: Ia2920902ee1d9e9714a4b8297a963ba3d6d3312a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536290
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71206}
This CL adds partial support for objects whose slow mode dictionaries
are OrderedNameDictionaries. This is the case for all slow mode objects
if V8_DICT_MODE_PROTOTYPES is enabled.
In particular, this part deals with those runtime functions called by
the DefineClass builtin, located in literal-objects.cc and
runtime-classes.cc.
Bug: v8:7569
Change-Id: Ie4c479fd6f8872eea9f190590408a4aafd1c77e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523321
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71205}
Ports updates to weak container handling in blink performed in [1].
These changes were needed to resolve timeouts for android.
See [1] for more details.
[1] https://chromium-review.googlesource.com/c/chromium/src/+/2516363
Bug: chromium:1056170
Change-Id: I2b2c451d494438a37886a3c2bc73481bc9228664
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2538211
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71202}
As Wasm code increasingly needs to deal with various HeapObject
subtypes, the WasmGraphAssembler is a good place to consolidate
common helper methods like LoadMap or LoadFixedArrayElement.
This is clearly inspired by the CodeStubAssembler, and there is
clearly room for much more refactoring in this direction.
This CL does not intend to change any functionality.
Bug: v8:11074
Change-Id: I1b768c5791bde7041bc9f41a3069afb1844cdb46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532083
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71201}
... and use Name::hash() where the hash is expected to be computed.
In particular, when we are dealing with internalized strings or symbols.
Bug: v8:11074
Change-Id: Ida22f134fee0ddf2c9b962d1bcca6aa0b632af5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529451
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71200}
Main changes:
- Remove the kUninitialized and kInvalidated cell type aliases. They
were confusing because their meaning depended on the current value in
the cell. I think kUninitialized was obsolete anyways.
- Remove a DCHECK from the compiler. The property that was asserted,
while true, is irrelevant.
- Remove the obsolete function GetConstantType. The only left use was
in the object printer, but it's pointless there because we already
print the value anyways.
Change-Id: Ic718c8ba39aeb5bf18f588535dfb755a023cb144
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536647
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71198}
Add a requirement to String::GetChars that we either have a string
access lock, or a string access lock is not needed. This prevents us
from reading strings during internalization that may be in the middle
of being made external.
To avoid taking the lock too often when known to be unnecessary (e.g.
for strings that were only just created), there's now a static
SharedStringAccessGuardIfNeeded::NotNeeded(). This is hopefully ugly
enough that it's used sparingly.
One fix required for this is to enter the Isolate when tearing down
IsolateData in inspector tests -- this is so that the V8Inspector
instance being torn down will see the current Isolate and be able to
verify its thread id against the current thread.
Bug: chromium:1011762, chromium:1148680
Change-Id: Ic5d29c1b066ebae5a351c7b4bb116b9b1bf61889
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536465
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71197}
This is the 2nd step in series of CLs to move the SharedFunctionInfo
class to kNeverSerialized and make it concurrently accessible from
the background thread. This CL:
* Changes optimization of GetTemplateObject in JSCreateLowering to
only perform the optimization of a template object exists in the
SharedFunctionInfo[Ref], but skips the optimization if one is
missing instead of allocating a new one on demand.
Bug: v8:7790
Change-Id: Ic37d8333676e54b3f8d69416480df12bd90723ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2463229
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71189}
Instead of caching only the default formatter, cache the last used
formatter if possible.
This is better because it's a common use case to create a formatter
in a different language and reuse it a lot, rather than create
several formatters in various languages.
Running the following benchmark:
```
let i = 0;
function toLocaleString() {
i++;
return i.toLocaleString();
}
i = 0;
function toLocaleStringWithLocale() {
i++;
return i.toLocaleString('en-US');
}
const functions = [toLocaleString, toLocaleStringWithLocale];
for (const f of functions) {
let start = performance.now();
for (let i = 0; i < 10e5; i++) {
f();
}
let end = performance.now();
print(`${f.name}: ${end - start}`);
}
```
sees the following improvements:
With this patch:
toLocaleString: 384.292
toLocaleStringWithLocale: 450.48900000000003
Without this patch:
toLocaleString: 341.952
toLocaleStringWithLocale: 23439.694
This a little over 50x improvement.
Bug: chromium:926075
Change-Id: I0e316e959c90243e175df985854832a7abddbf54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536461
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71188}
The new platform can be used in combination with --single-threaded.
It disables background threads and thus avoids waiting on mutexes
and condition variables completely, which is useful for V8 embedders
that fork the V8 process after initialization.
As a bonus the new platform allows use to test --single-threaded and
has already uncovered an existing bug in parallel pointer updating code.
Change-Id: I3446fa027d2a077641cdaac0cd08062a1acae176
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2416501
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71187}
It is only used during initialization.
Bug: v8:7790
Change-Id: I2105ad01413e3b398b3252d14e83c930c0dd3e74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536637
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71186}
Don't deopt when a PropertyCell changes from readonly to writable.
Turbofan doesn't depend on readonly-ness unless the property is
also non-configurable, in which case such a change can't happen.
Change-Id: I3d1078a8adf1ec1b16d973dd71c4295d71003a8d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531791
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71184}
Change-Id: I2c9f3ac81710b89543b392819a6cce03eaba6cae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536639
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71181}
This is a reland of 04cdcd5a88
Got reverted in https://crrev.com/c/v8/v8/+/2534294 due to
TSAN issues. Those are solved in https://crrev.com/c/v8/v8/+/2537693.
Original change's description:
> [compiler] Move InternalizedString to kNeverSerialized
>
> Bug: v8:7790
> Change-Id: I8311b1f4b8239d0688a4b9b9057d6082942bbc00
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534471
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71159}
Bug: v8:7790
Change-Id: I95d68e23e4bc81399bcdcf7ce2fdcf49ddfb66c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536641
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71180}
Isolate::thread_id() may be invoked on a background thread to perform
a check if the thread is the main thread.
This also removes the copy constructor of ThreadLocalTop and clears
its fields explicitly.
Change-Id: I2207bf1ebd655805841fce9f23d23cff7be8f13b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2537693
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71177}
