Change-Id: I6df71e7bbbcd726816826693b43d4acf30af21d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667186
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72543}
This requires a small fix in {Push,Pop}CalleeSavedRegisters, where
the return address was signed/authenticated at the wrong point,
which meant the stack pointer used as modifier was different from
the one the StackFrameIterator expected.
Bug: v8:10026
Change-Id: Idebd2ee8f07312b5e99dd2ea5181fc7a7e4a87bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667861
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72542}
This is a reland of 6ada6a90ee
- Fixed a GC issue
https://bugs.chromium.org/p/v8/issues/detail?id=11335:
GC expected all arguments on the stack from code with
CodeKind::TURBOFAN to be tagged objects. This is not the case now with
inlined Wasm calls, and this information can be passed in
SafepointEntry for each call site.
- Disabled JS-to-Wasm inlining for calls inside try/catch.
For more details, see updated doc:
https://docs.google.com/document/d/1mXxYnYN77tK-R1JOVo6tFG3jNpMzfueQN1Zp5h3r9aM/edit#
Bug: v8:11092
Original change's description:
> Reland "Faster JS-to-Wasm calls"
>
> This is a reland of 860fcb1bd2
>
> - Disabled the tests for this feature in V8-lite mode (the original
> change broke V8-lite tests).
> - Also modified test console-profile-wasm.js that was brittle with this
> change because it assumed that there was always a JS-to-Wasm wrapper
> but this is not the case when the TurboFan compilation completes before
> the Liftoff-compiled code starts to run.
>
> More changes in Patchset 8:
>
> - Moved inlining of the "JSToWasm Wrapper" away from simplified-lowering,
> into a new phase, wasm-inlining that reuses the JSInliner reducer.
> The doc
> https://docs.google.com/document/d/1mXxYnYN77tK-R1JOVo6tFG3jNpMzfueQN1Zp5h3r9aM/edit#
> describes the new logic.
>
> - Fixed a couple of small issues in wasm_compiler.cc to make sure that
> the graph "JSToWasm Wrapper" subgraph has a valid Control chain;
> this should solve the problem we had inlining the calls in functions
> that can throw exception.
Original change's description:
> Faster JS-to-Wasm calls
>
> This replaces https://chromium-review.googlesource.com/c/v8/v8/+/2376165/.
>
> Currently JS-to-Wasm calls go through a wrapper/trampoline, built on
> the basis of the signature of a Wasm function to call, and whose task
> is to:
> - set "thread_in_wasm_flag" to true
> - convert the arguments from tagged types into Wasm native types
> - calculate the address of the Wasm function to call and call it
> - convert back the result from Wasm native types into tagged types
> - reset "thread_in_wasm_flag" to false.
>
> This CL tries to improve the performance of JS-to-Wasm calls by
> inlining the code of the JS-to-Wasm wrappers in the call site.
>
> It introduces a new IR operand, JSWasmCall, which replaces JSCall for
> this kind of calls. A 'JSWasmCall' node is associated to
> WasmCallParameters, which contain information about the signature of
> the Wasm function to call.
>
> WasmWrapperGraphBuilder::BuildJSToWasmWrapper is modified to avoid
> generating code to convert the types for the arguments
> of the Wasm function, when the conversion is not necessary.
> The actual inlining of the graph generated for this wrapper happens in
> the simplified-lowering phase.
>
> A new builtin, JSToWasmLazyDeoptContinuation, is introduced to manage
> lazy deoptimizations that can happen if the Wasm function callee calls
> back some JS code that invalidates the compiled JS caller function.
>
Bug: v8:11092
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Change-Id: Ie052634598754feab4ff36d10fd04e008b5227a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2649777
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72541}
The constructor_or_backpointer accessor of Map was not consistent with
the torque-defined field constructor_or_back_pointer_or_native_context,
leading to confusion. This CL brings them in sync, choosing the latter
spelling.
Change-Id: I3375c5f060bfd5e1e7cab195e3cca3d508c88154
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674011
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72540}
This prototypes i32x4.widen_i8x16_s and i32x4.widen_i8x16_u for arm64.
Bug: v8:11297
Change-Id: Ib9be5086c8ea98340c9bb1980c319626d7072c1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664994
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72537}
The previous instruction selection was too loose, it only required
registers for the inputs. The codegen also used Unpcklps(dst, mask), and
failed to use src at all. The test case was accidentally passing
because dst == src (xmm0) by chance.
We fix this bug requiring that for AVX, any register is fine, but for
SSE, require dst == src. Also redefine Unpcklps to check dst == src in
the no AVX case.
Bug: v8:11265
Change-Id: I1988b2d2da8263512bf6e675e6297c50f55663f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668918
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72536}
Implement these 6 instructions:
- f64x2.convert_low_i32x4_s
- f64x2.convert_low_i32x4_u
- i32x4.trunc_sat_f64x2_s_zero
- i32x4.trunc_sat_f64x2_u_zero
- f32x4.demote_f64x2_zero
- f64x2.promote_low_f32x4
The code sequences are exactly the same as on x64.
Needed to add some more instructions, and we don't have macro lists for
these instructions yet, so individually define them for now. We can
factor them into lists in a future change.
Bug: v8:11265
Change-Id: I606e1226201e3c5ecdc7e3f611315437e917d77c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668913
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72535}
TranslationArrays (TA) are large and rarely used, thus could benefit
from compression. This CL adds a --turbo-compress-translation-arrays
flag (off by default) to experiment with that.
Each optimized Code object has an associated translation array
(Code->DeoptimizationData->TranslationArray). These translation arrays
have roughly the same size as the Code object itself. They are
used only rarely: when deoptimizing, and when traversing the stack and
looking into optimized frames. Neither of these code paths are
especially performance critical. TA's contain only immutable, untagged
data. They are thus good candidates for compression.
The trade-off is between TA memory consumption and time spent
in decompression/compression. This CL keeps everything on the main
thread, but it would also be possible to move compression (the more
expensive operation by a factor of 5 to 10) to a worker thread.
Numbers from a local Octane2 run:
Sum of Code instructions sizes: 4.6MB
Sum of uncompressed TA sizes: 4.1MB
Sum of compressed TA sizes: 0.6MB
Compression times depend on the selected compression quality, but
roughly:
Compression: 50ms (40us avg per compilation)
Decompression: 7us avg per compilation
Drive-by: Translation arrays currently use run-length encoding;
I disabled this for when --turbo-compress-translation-arrays is
enabled (no need to compress twice).
Bug: v8:11354
Change-Id: I7828d7d91eb074816b383b02f883c5d7b7e318b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2652497
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72533}
We want to remove the gpu:none default as we want to switch to
Mac Minis in the Mac pool that have gpus.
This starts a 3-way change:
1. This CL: Add the gpu dimension for Mac source side.
2. Remove setting it as default for Mac in infra.
3. Flip the value for gpu source side.
This requires merging to beta/stable.
No-Try: true
Bug: chromium:1174040
Change-Id: I81f2f5863593aa93fa668b4534d1116a11768f31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673402
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72532}
In the latest spec, catch_all is encoded as 0x05. This is the same
opcode as "else", but they do not conflict because "else" is not valid
in the context of a try block.
The 0x0a opcode now corresponds to the "unwind" instruction, which
currently has the same semantics as "catch_all".
R=clemensb@chromium.org
Bug: v8:11392
Change-Id: Ie9cd06c9a2001a02d8bea5be7a3c016e3a58ee3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674007
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72531}
Change Isolate::code_coverage_mode to an atomic such that access from
the background thread is safe.
Bug: v8:11378
Change-Id: I26d6915b1662ba022ea6a173a87d184d3ac7cd3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666691
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72530}
This CL adds PropertyDetails::ToByte and ::FromByte. These are not
applicable to all PropertDetails, but only those for dictionary-backed
properties with an (unused) enumeration index with value 0.
The motivation for this is that those dictionare backing stores that
don't store the enumeration order in the PropertyDetails but store it
in the table itself (like OrderedNameDictionary and the upcoming
SwissNameDictionary), can store PropertyDetails in an array of bytes.
Bug: v8:11388
Change-Id: Id346b924cd7c67b2f33cbc7a7807eec31cefbeec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672029
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72528}
Platform::GetForegroundTaskRunner() can only be used after attaching
an Isolate in V8. Work around that problem by getting the runner only
when needed.
Bug: chromium:1056170
Change-Id: If15ec691e7f5cf11be8b7a3bc18827246ac083d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674009
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72527}
Instead of passing a bunch of objects and pointers to
{GenerateLiftoffDebugSideTable}, just pass the WasmCode pointer for
which the debug sidetable should be created.
This requires changing the corresponding cctests to actually compile
code, such that we can get a WasmCode pointer.
R=thibaudm@chromium.org
Bug: chromium:1172299
Change-Id: If42f06a545feb590f9c2377ce95e6214bbc6f566
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674006
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72526}
For dictionary mode objects, whether or not a property is constant was
not tracked before. This CL makes the required non-Turbofan changes,
guarded behind the new flag V8_DICT_PROPERTY_CONST_TRACKING.
In addition, prototypes are not converted to fast mode objects if this
flags is enabled.
Bug: v8:11247
Change-Id: Ia5942733239a97560b6efc015f0e25a35fea3d7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2566757
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72524}
Creating a PatchingAssembler has significant overhead, including a
dynamic allocation for the assembler buffer implementation. In the case
of {Assembler::bind} we just need it to overwrite a machine word. Hence
avoid creating the PatchingAssembler for this trivial work and just use
Memcpy directly.
R=jkummerow@chromium.org
Change-Id: I83510cfd7ebdb0d0c378df548b442eabf3727aeb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668827
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72523}
... and mark it as never-serialized wrt turbofan serialization.
Until this CL, the JSRegExp type was used as both for plain
user-visible regexp objects, and for internal regexp boilerplate
descriptions. Boilerplates are special: they are never exposed to the
user, they are only referenced from the feedback vector, they are
immutable.
To clarify this distinction, this CL introduces a dedicated struct
type RegExpBoilerplateDescription to hold the regexp boilerplate
description.
This makes Turbofan serialization simpler: boilerplates can be
accessed through direct reads since they are immutable. TF has no
special requirements on JSRegExp objects (it never reads into these
objects) and thus serializing only the references as a JSObjectRef is
fine.
Bug: v8:7790
Change-Id: I33b337fcfcf861a02bc6be6d0c6311d07cf05718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656257
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72522}
Rolling v8/base/trace_event/common: 9b27757..71cb2ac
Rolling v8/build: dc9dc45..10e5511
Rolling v8/third_party/aemu-linux-x64: _nJMIPzu-ykpL-XPjf14IZ3CAFT3iQRtsbzyiSm9u7QC..daCtImfwROvNf-7jcpyqZ6KMCGlIQv9BROkyXnulGioC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4920147..5c5a297
Rolling v8/third_party/depot_tools: 8c95595..6dc9cc3
Rolling v8/third_party/icu: f4147b2..70dd9a6
Rolling v8/third_party/instrumented_libraries: 4d38670..0964a78
Rolling v8/tools/clang: ec98581..4ee065aTBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I0ae82b75d2cf91fbbde2cb242fd49fa3493bbede
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674325
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#72519}
Load lane instructions also need a v128 input.
Bug: chromium:1173488
Change-Id: I45e4c4f8fc93a5b3246ac4d1b07925b41cbe3e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673275
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72517}
Port 8798b3ef4e
Port 1d3c80d303
Original Commit Message:
- Fixes some incorrect assumptions about padding in the
code generation. Slots may have apparent extra padding
when allocation fragments go unused.
- Reworks 32 bit push code to simplify skipping slot gaps
when 'push' instructions are used.
- Adds a ElementSizeInPointers function on machine
representations.
R=bbudge@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I076ae8396434610c52fed040ace5e0f49ea3ef88
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673142
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72516}
- Stack adjustment was in slots, when it should be in bytes.
Bug: v8:11391
Change-Id: Ia791f2b637337279be62d66377f9b5be35f31839
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674062
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72515}
These didn't have the right suffix (i32 instead of i32x4).
Also, names are longer now, so when tracing them, give the names column
more space.
Bug: v8:11384
Change-Id: Id11e0d23b344310121ae4e2e5910528cab2d6f73
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673264
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72514}
This reverts commit 64471ba93d.
Reason for revert: Fails on nosse3/nosse4 https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/40643/overview
Original change's description:
> [wasm-simd] Update spec tests
>
> We can also unmark some SIMD tests as failed since we are now inline
> with spec.
>
> Bug: v8:11331
> Change-Id: I4b98ae068008c55535dbbbf0312a55aa03e7e83d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668060
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72507}
TBR=ahaas@chromium.org,zhin@chromium.org
Change-Id: I11a6670e42956bdcc66c371d2d852623030948b4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:11331
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673265
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72512}
There is a bug in the top-level await spec draft such that async
strongly connected components are not always evaluated before their
depending modules.
See https://github.com/tc39/proposal-top-level-await/pull/161 for full
discussion and spec fix.
Bug: v8:11376
Change-Id: I88bf06afb2e9a5d8d0b757de8276f1d1242a875e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667772
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72508}
We can also unmark some SIMD tests as failed since we are now inline
with spec.
Bug: v8:11331
Change-Id: I4b98ae068008c55535dbbbf0312a55aa03e7e83d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668060
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72507}
This is a reland of 352b9ecbdb
The test/fix CL has been merged in, as the fixes to return slot
accounting are needed to fix Arm64 issues turned up by the fuzzers:
https://chromium-review.googlesource.com/c/v8/v8/+/2644139
Original change's description:
> Reland "Reland "[compiler][wasm] Align Frame slots to value size""
>
> This is a reland of 1694925c72
>
> Minor fix to linkage for constexpr.
>
> TBR=ahaas@chromium.org,neis@chromium.org
>
> Original change's description:
> > Reland "[compiler][wasm] Align Frame slots to value size"
> >
> > This is a reland of cddaf66c37
> >
> > Original change's description:
> > > [compiler][wasm] Align Frame slots to value size
> > >
> > > - Adds an AlignedSlotAllocator class and tests, to unify slot
> > > allocation. This attempts to use alignment holes for smaller
> > > values.
> > > - Reworks Frame to use the new allocator for stack slots.
> > > - Reworks LinkageAllocator to use the new allocator for stack
> > > slots and for ARMv7 FP register aliasing.
> > > - Fixes the RegisterAllocator to align spill slots.
> > > - Fixes InstructionSelector to align spill slots.
> > >
> > > Bug: v8:9198
> > >
> > > Change-Id: Ida148db428be89ef95de748ec5fc0e7b0358f523
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2512840
> > > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > > Reviewed-by: Georg Neis <neis@chromium.org>
> > > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#71644}
> >
> > Bug: v8:9198
> > Change-Id: Ib91fa6746370c38496706341e12d05c7bf999389
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2633390
> > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#72195}
>
> Bug: v8:9198
> Change-Id: I91e02b823af8ec925dacf075388fb22e3eeb3384
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2640890
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72209}
Bug: v8:9198
Change-Id: I8258f87463f66417c7028b9a1fed4b9b6d82a3be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2669892
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72506}
OSR compilations happen on main thread and the functions that are called
from would have been already optimized. Also this code is only used for
this invocation. So to limit the amount of time spent on main thread
we could do a quick Turboprop compilation instead of a highly optimized
TurboFan compilaiton.
Change-Id: Ifcdcb5c855d8a9a56b13c1940b4ee0ed3bfb4d67
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659257
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72505}
Adds testing API that can only be used after enabling it on a heap.
The call that enables testing is only provided via v8_for_testing or
cppgc_for_testing build targets which protects against misusing from
production code.
Change-Id: I24a8f5543a2bb479481384e2c555d231383e5d12
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667513
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72503}
- Fixes some incorrect assumptions about padding in the
code generation. Slots may have apparent extra padding
when allocation fragments go unused.
- Reworks 32 bit push code to simplify skipping slot gaps
when 'push' instructions are used.
- Adds a ElementSizeInPointers function on machine
representations.
Bug: chromium:1171759,v8:9198
Change-Id: I029e300fa9c306d7e35344576fd1c68857cf2bca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660379
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72502}
IsAnyInitialArrayPrototype doesn't need an handlified input argument
as it doesn't cause GC.
This improves performance of MapData::MapData as canonical handle scope
creation is expensive.
Change-Id: I2e1a46354276857b64867ea3e994356faef8950e
Bug: v8:9684
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2671659
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72500}
When generating getters, Torque needs to decide whether to perform a
normal or relaxed load. Thus far, it has used the somewhat non-obvious
logic that any indexed field with tagged non-smi data gets relaxed
loads. This change adds a new annotation @relaxedRead to be consistent
with the existing @relaxedWrite annotation. I added @relaxedRead
annotations on any field that previously had this automatic behavior and
whose getter is called, except for those in ScopeInfo because I'm
relatively confident that it doesn't need relaxed access.
Bug: v8:7793
Change-Id: I9987eea13760b967f1b8a3189b69742e55140c30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2600113
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72499}
Also access the DescriptorArray through GetPropertyKey concurrently if
the FLAG_turbo_direct_heap_access is on.
Bug: v8:7790
Change-Id: I29e5895fefc3653f954ba56aa85218121402e7ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653232
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72497}
Port 45b99aaa58
Original Commit Message:
In https://crrev.com/c/2645694 we push the full q registers before lazy
compile, but we did not change the fixed frame size to account for the
wider registers being pushed.
This manifested in the frame having data like:
(gdb) x/10xg start.ptr_
0x7f5576ff3eb0: 0x0000000000000000 0x0000336b08202759
0x7f5576ff3ec0: 0x7ff000007f801000 0x0000000000000000
0x7f5576ff3ed0: 0x7ff000007f801001 0x0000000000000000
0x7f5576ff3ee0: 0x7ff000007f801002 0x0000000000000000
0x7f5576ff3ef0: 0x7ff000007f801003 0x0000000000000000
The GC then walks part of this frame, thinking that 0x7ff000007f801003
is a heap object, and then crashes.
Add some static_asserts (similar to builtins-x64) to remind ourselves
that the pushed registers have to match the size in frame constants.
R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I994f1b7fecbb24ea97d846b1eed98201bc3b08ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2669308
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72496}
Code sequence from https://github.com/WebAssembly/simd/pull/379, and
exactly the same as x64, with minor tweaks for
ExternalReferenceAsOperand.
Bug: v8:11002
Change-Id: Icbfdac62b21c2734ad4886b3d48f34e29f7a8222
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664860
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72495}
