There is no real difference between MacroAssembler and TurboAssembler
anymore. Initially the idea was to differentiate thread-safe
operations, but it got out of hand. With LocalHeaps we could ensure
differently by passing a local_isolate.
In this CL:
TurboAssemblerBase was renamed to MacroAssemblerBase
The file containing it also renamed from turbo-assembler to macro-assembler-base.
TurboAssembler and MacroAssembler were merged into MacroAssembler
in each of the architectures.
turbo-assembler-unittests-arch were included in
macro-assembler-unittests-arch
tasm renamed to masm
Bug: v8:13707
Change-Id: I716bbfc51b33ac890c72e8541e01af0af41b6770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4212396
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85610}
This is a follow-up to https://crrev.com/c/4204032 which allowed
wrapper inlining for the nullable externref type.
Bug: v8:7748
Change-Id: I5a82c37b7cf0cfcbcacbe399f8b3119176c3bba4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4212394
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85598}
- Remove camel-case Code accessors like InstructionStream since
they only make sense on Code (where we have to distinguish between
embedded builtins and other Code).
- Remove the prefix from 'raw_'-prefixed accessors since it was
intended to clearly disambiguate from the camel-case accessors and
is now no longer needed.
- Remove various dead functions.
- Update comments.
Bug: v8:13654
Change-Id: Ife51e4aef502fc30ab1526c205a49e5620be96f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4205925
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85580}
Port commit 76a817e03a
Also, rename the enum variable in FFlagsMask from kOverflow to kFPUOverflow to avoid redefinition due to the commit 949bd4467d.
Change-Id: I83e42d4cb0cf48d678719572adb008ef101b23e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4204830
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji.odyssey@gmail.com>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#85577}
.. and replace it by base::Optional<Code>. It's no longer needed, now
that Code and InstructionStream cases are merged.
This was trickier than it sounds at first, because:
- CodeLookupResult (CLR) was used during the MARK_COMPACT GC phase and
thus had to observe subtle semantics in the presence of
forwarding pointers.
- CLR implicitly contained a Code object for off_heap_trampolines
and an InstructionStream object for everything else. These implicit
behaviors threaded through elsewhere, e.g. in the
inner-pointer-to-code cache which relies on the fact that the
underlying object pointer does not move until GC completes and
the cache is flushed.
- Semantics of the dual-object {Code,InstructionStream} are generally
very subtle during GC.
This CL attempts to make all this more explicit by introducing a
GcSafeCode wrapper type which must be used in code that is affected
by semantics described above. The GcSafeCode type exposes only methods
that are safe to call during MARK_COMPACT.
Drive-by:
- Rename the Heap::GcSafeFoo function family s.t. a 'GcSafe' prefix
means that the function can be used during GC and returns
GcSafeCode objects; and 'TryFind' vs. 'Find' returns a
base::Optional<Foo> vs. just Foo.
Bug: v8:13654
Change-Id: I410b5539ea1b584b823bce2dafd8d1328eedc039
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4203385
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85562}
The invariants in this method are fairly strict since it is called
during object evacution and thus a) objects may be in transitory states
and b) multiple threads are working on evacuation objects concurrently.
Previously, this method ensured valid object accesses because only the
object currently being observed by ProfilingMigrationObserver was
accessed. This changed with crrev.com/c/4178821, where we (incorrectly)
also accessed another object (InstructionStream::code), leading to data
races and incorrect behavior.
This CL fixes that problem by changing LogEventListener API as follows:
void CodeMoveEvent(InstructionStream from, InstructionStream to);
void BytecodeMoveEvent(BytecodeArray from, BytecodeArray to);
With this change we again correctly observe invariants, and also remove
one use of AbstractCode.
Bug: v8:13654
Change-Id: Ida022e8c7f14d821e1139f025edc71c20fa386c0
Fixed: chromium:1409786
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4194192
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85474}
Stack information is thread-specific and, until now, it was stored in a
field in ThreadLocalTop. This CL moves stack information to the isolate
and makes sure to update the stack start whenever a main thread enters
the isolate. At the same time, the Stack object is refactored and
simplified.
As a side effect, after removing the Stack object, ThreadLocalTop
satisfies the std::standard_layout trait; this fixes some issues
observed with different C++ compilers.
Bug: v8:13630
Bug: v8:13257
Change-Id: I026a35af3bc6999a09b21f277756d4454c086343
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152476
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85445}
This CL hides the ctor of the MemoryReducer::State class and only
provides factory methods for creating states. This simplifies creation
of states and makes it impossible to misuse the API.
Direct field accesses are also replaced with invocations of their
corresponding getter methods. The getter method will check whether
the current state is allowed to access that field.
Bug: v8:13653
Change-Id: I252a6d75d0ddb4813b16a706061ad1951cfa35ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4181026
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85426}
If the phi moves are the same for all predecessors, the move optimizer
will merge them by picking an arbitrary move among them,
moving it to the phi's block, and eliminating the moves in the
predecessor blocks.
However, phi inputs may have different width, and this can result in a
mismatch between the source and destination representation.
Always emit gap moves based on the destination operand's
representation, to ensure that in this case the wider phi inputs are not
truncated.
R=tebbi@chromium.orgCC=dmercadier@chromium.org
Bug: chromium:1407571
Change-Id: I0263cd5024e8e1340fb971267b133a2a91090f8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4178824
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85403}
In the end we managed to have static root builds without a two stage
isolate setup. Thus, the mode for creating isolates with an existing
read only page is unused. Also, no other usecase for this mode emerged.
Bug: v8:13598
Bug: v8:13466
Change-Id: I0a8174ba9383db7364b6e4545702aafc6f48170c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4178814
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Auto-Submit: Olivier Flückiger <olivf@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85396}
This CL reinstates the trampoline for pushing the values of
callee-saved registers on the stack, which is used for stack scanning.
It reintroduces the set of architecture-specific functions
PushAllRegistersAndIterateStack, removed in crrev.com/c/3989143.
The reason for this change is that the simpler architecture-specific
functions SaveCalleeSavedRegisters failed to correctly save the
values of the registers, in the presence of C++ compiler optimizations.
It also removes the stack context, introduced in crrev.com/c/4017512,
and uses again the trampoline for iterating through the stack.
Bug: v8:13257
Change-Id: I9e656a9b3ba6616168602300f2180b4f340593f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4171639
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85394}
A first stab at using some static maps to have faster instance type
checks in C++ code. This adds an instance type check variant which
uses the map without loading the instance_type field, when the
instance type corresponds to a single static map.
Changes the format of the static roots table to be more in line with
other code and orders the names by address.
Bug: v8:13466
Change-Id: I5417071efd24ee52d51146ef0887d32cb9b62fcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4177102
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85392}
This test sets a value to zero to simulate not knowing where read-only
space starts, since v8::debug_helper code often must work with only
partial information. However, the zero value persisted to another part
of the test which expected a precise result, and could cause a test
failure if an object happened to be allocated at the same offset from
its containing chunk as a known read-only object. This CL fixes the
test to only use the zero value during the steps that need it.
Bug: v8:13646
Change-Id: I90f1593bf9b5bb36177ee904a910a183384a4e64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4178630
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85385}
Port c0367102a3
Original Commit Message:
The biggest chunk of this CL is related to the CodeBuilder now
returning a Code object instead of an InstructionStream. Most
codegen-related parts of the codebase had to be updated, including
compiler.cc, pipeline.cc, and many tests. The good news is,
we now have 400 fewer references to InstructionStream.
Smaller changes:
- Remove ToAbstractCode
- Remove dead code
- Update comments
- Update method and variable names
R=jgruber@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: Ib81459f65b474acb2f4f4e9bc547139e54877615
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4177048
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#85378}
The biggest chunk of this CL is related to the CodeBuilder now
returning a Code object instead of an InstructionStream. Most
codegen-related parts of the codebase had to be updated, including
compiler.cc, pipeline.cc, and many tests. The good news is,
we now have 400 fewer references to InstructionStream.
Smaller changes:
- Remove ToAbstractCode
- Remove dead code
- Update comments
- Update method and variable names
Bug: v8:13654
Change-Id: Ieb12bc698af576e07016e4c5c8c9d494e5addb0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4174091
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85372}
This completes the big Code/CodeDataContainer name shuffle.
Bug: v8:13654
Change-Id: If033e9153e751ab0d2a38572da2ce2f7029bc359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4173569
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85354}
Liftoff will only be called on valid functions, but does not validate
itself. So we should not set the function to "validated" after executing
Liftoff compilation. Instead, we can DCHECK that the function was
validated before.
This requires a few changes to tests and fuzzers to correctly set the
{function_was_validated} bit.
R=ahaas@chromium.org
Change-Id: I669fca77724189c83d78bdfda9f08df9f7fd63f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4168411
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85349}
.. as part of the big Code/CodeDataContainer name shuffle. In the
next step, CodeDataContainer will be renamed to Code.
Bug: v8:13654
Change-Id: Ia80ac984d46dd6c2a108098055a5cd60e22a837c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4171628
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85337}
.. now that it unconditionally refers to CodeDataContainer. All
previous references to 'CodeT' (the type and as part of names) are
now updated to 'CodeDataContainer', including 'codet', 'CODET', etc.
Bug: v8:13654
Change-Id: I7abbba040091eddf3ef09028a891aed460363929
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4165619
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85325}
The tests deal with recording OLD_TO_SHARED slots during page promotion
(in MinorMC) on a client heap, and retaining the corresponding shared
objects.
These tests cover issues fixed by crrev.com/c/4152485 and
crrev.com/c/4094755 (in the reland, compared to the previously submitted
version).
Bug: v8:12612
Change-Id: I7ba399d56ad75646092e6955f347a210c3dcac6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156473
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85308}
This is a reland of commit c74c9e63e1.
Types have been fixed to make MSVC happy.
Original change's description:
> [wasm][test] Remove useless macro
>
> Remove the BUILD macro, call a function with an initializer list
> instead. This makes the code slightly shorter, but most importantly it
> avoids an unnecessary macro, which improves maintainability and
> debuggability.
>
> R=jkummerow@chromium.org
>
> Bug: v8:13312
> Change-Id: I904ccf8e5b98c4d2f487c0cedc865db1386321c6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152482
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85259}
Bug: v8:13312
Cq-Include-Trybots: luci.v8.try:v8_win64_msvc_rel
Change-Id: Ie3ca8dcd295ec22385b5d40262c2cb03bfcfeda4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4162932
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85278}
This reverts commit 77de44e1c4.
Reason for revert: Seems fuchsia doesn't like this improvement: https://ci.chromium.org/ui/p/chromium/builders/try/fuchsia-arm64-rel/68601/overview
Original change's description:
> [ptr-compr] Improve ptr compression/decompresion in C++
>
> Optimizations introduced in
> https://chromium-review.googlesource.com/c/v8/v8/+/1776079
> are currently defeated since Address is not a pointer type.
> Clang does not seem to carry over alignment information as range
> information when casting to ints.
>
> Using __builtin_assume we can restore the same effect. Additionally
> we can help the compiler remember that when compressing the removed
> bits are actually the cage base. This helps e.g. with
> `decompress(compress(..))`.
>
> See https://godbolt.org/z/5r68G5qa6 for details.
>
> Bug: v8:9353
> Change-Id: Ief016fce0788f2bef6b684a18b104ada6e6d3856
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156060
> Commit-Queue: Olivier Flückiger <olivf@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85246}
Bug: v8:9353
Change-Id: I1fd6f36667302490f12d19c1fc8f64ca181c006b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4162933
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#85266}
We have been manually disallowing subtypes of anyref, as well as null
types, at the JS boundary, although the infrastructure to handle them
was basically in place. This CL removes this restriction.
Drive-by: Handle null correctly for typed functions in {ToJS}.
Bug: v8:7748
Change-Id: I51df2159ff4e6eea5a1ba401fa87920db9c4f2aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4154413
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85260}
Remove the BUILD macro, call a function with an initializer list
instead. This makes the code slightly shorter, but most importantly it
avoids an unnecessary macro, which improves maintainability and
debuggability.
R=jkummerow@chromium.org
Bug: v8:13312
Change-Id: I904ccf8e5b98c4d2f487c0cedc865db1386321c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152482
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85259}
There is no reason to keep the CodeT dispatch (which switches
between `CodeT = CodeDataContainer` and `CodeT = Code`) around. Using
CodeDataContainer doesn't actually depend on anything from v8_enable_external_code_space, so let's use it unconditionally and
simplify our codebase.
In this first step, update the
`v8_enable_external_code_space = false` configuration to use
`CodeT = CodeDataContainer` as well and remove all support for
`CodeT = Code`.
Upcoming CLs will remove the CodeT alias type, and rename
the Code/CodeDataContainer pair to something more intuitive.
Bug: v8:13654
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_no_pointer_compression_dbg,v8_linux64_no_pointer_compression_rel,v8_linux64_arm64_no_pointer_compression_rel;luci.node-ci.try:node_ci_linux64_rel
Change-Id: I58e4d510924f685ef0f2403220a2c33651c3c864
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4138254
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85257}
We introduce high-level typed load elimination for wasm. It is based
on CSALoadElimination. It operates on wasm struct.set/get and
array.length operators (with array operations pending). Wasm types are
used to refine the may-alias analysis ran for stores.
Drive-by:
- Type more nodes in wasm-compiler and wasm-gc-operator-reducer.
- Remove an unsafe-cast test which now hits an Unreachable Turbofan
node.
Bug: v8:7748
Change-Id: I309e4af4d9f9c584e27ff79804a776666b5dc3c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4146430
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85255}
Turbofan uses the feedback vectors created by liftoff during
compilation. It is assumed that for any given function liftoff and
turbofan use same-sized feedback vectors.
Calls in unreachable code don't allocate entries in the feedback vector.
Therefore it is required that turbofan and liftoff have the same
understanding of which parts of the code are treated as unreachable.
This is achieved by moving the unreachable handling from liftoff
into the decoder that is also used for the turbofan compilation.
Bug: chromium:1403398
Change-Id: I113726c1a0d773ea9483c80d8e3c3084be423ca2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152477
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85248}
Optimizations introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/1776079
are currently defeated since Address is not a pointer type.
Clang does not seem to carry over alignment information as range
information when casting to ints.
Using __builtin_assume we can restore the same effect. Additionally
we can help the compiler remember that when compressing the removed
bits are actually the cage base. This helps e.g. with
`decompress(compress(..))`.
See https://godbolt.org/z/5r68G5qa6 for details.
Bug: v8:9353
Change-Id: Ief016fce0788f2bef6b684a18b104ada6e6d3856
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156060
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85246}
Add an alternative to any_ic_changed_, where instead of a global flag
that is updated on ICs changed (which prevents small function
optimisation), the interrupt budget of the particular function whose IC
was updated is reset to a default value.
This should have a similar effect, allowing small functions to tier up
quickly but still only once they have been stable enough for some time,
but should prevent cross-contamination of different functions'
stabilities due to the global nature of the flag.
It does, however, require a back pointer from the feedback vector to its
parent feedback cell (which holds the interrupt budget).
Drive-by, use any_ic_changed_ for Maglev tierup, to match small
function behaviour.
Change-Id: I7109cf3aff536af7ab36d3564ec8005ee7aa44f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156472
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85240}
This mode was used for an experiment and isn't used anymore.
IsolateInBackgroundNotification() can be used to achieve the same
memory savings mode.
Bug: v8:13653
Change-Id: I4bc0b0bd7ceac43f22e16b234b9482af9fe03152
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4156054
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85239}
Rmove the deprecated array.len 0xfb17 variant which takes a type
immediate.
This has been superseded by 0xfb19 which does not need the type.
Bug: v8:7748
Change-Id: I7d4620423c786462444512abe40ee006aab99cf2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4110831
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85225}
The feature shipped with M109 so we'll remove the flag with M111.
R=jarin@chromium.org
Bug: chromium:1363561
Change-Id: Ia9b276f6c56fb3f57c57f5da1abe02dda8dc36e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4154418
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85213}
When disabled, Turbofan is fully excluded from the compilation result.
This is expected to reduce V8's contribution to chromium's binary size
by roughly 20%.
If Turbofan is disabled, Maglev and Webassembly must also be disabled
(since both depend on TF).
Note this new configuration (v8_enable_turbofan=false) is not yet
used anywhere - we'll probably enable it for lite_mode bots in an
upcoming CL for test coverage.
Changes in detail:
- Split out all src/compiler files from the main source sets. This
was mostly done already, here we only clean up the few files that
were left.
- Define a new main TF entry point in turbofan.h. `NewCompilationJob`
replaces `Pipeline::NewCompilationJob`.
- When TF is enabled, turbofan-enabled.cc implements the above.
- When disabled, turbofan-disabled stubs out the above with a runtime
FATAL message.
- The build process is modified s.t. mksnapshot always has TF
available since it's needed to generate builtins. When disabled,
TF is removed from other components, in particular it is no longer
included in v8_compiler and transitively in v8_base.
- When disabled, v8_for_testing no longer has v8_initializers
available. These were only needed for test-serialize.cc, which
is now excluded from this build mode.
- When disabled, remove all related cctest/ und unittest/ files from
the build.
Bug: v8:13629
Change-Id: I63ab7632f03d0ee4a787cfc01574b5fdb08fd80b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128529
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85210}
The caller was rewritten but the ignore scope was left behind.
Bug: v8:12819
Change-Id: I76c297f43587bb5bd74c62cf39e0e979271a3b7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4110939
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85146}
This CL handles 2 issues with disposing of external string resources in
the string forwarding table:
1) Resources of unmarked strings during GCs with stack are correctly
disposed (these were previously leaking).
2) Resources of unmarked strings during GCs without stack are disposed
at most once. Previously resources could be disposed multiple times if
the same resource had multiple entries in the string forwarding table.
Bug: v8:12957, chromium:1403564
Change-Id: I809ec1ada1ee813d7277e85ade9aa1e3e95a80f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4136725
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85144}
This CL is exactly the same as the original CL, without changes. The
issue was a missing Isolate::Scope, and it existed already before this
CL. I fixed the issue separately in https://crrev.com/c/4136720.
Original message:
Original change's description:
> [wasm][capi] Optimize all functions before serialization
>
> The existing implementation of `serialize` in the C-API is to produce
> a snapshot of the current state of the `NativeModule`. However, so
> far all users of `serialize` did not care about the runtime of
> `serialize`, but cared about `deserialize` starting up fast.
>
> With this CL all functions of a module get tiered up to TurboFan
> before serializing the module.
R=clemensb@chromium.org
Change-Id: Ib8ed33c63c137e167fb50ccf721184b2b16cf4d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4131635
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85120}
We add a {canonical_type_index} field to tag objects and use it to
check for canonical subtyping between tags when needed.
Bug: v8:7748
Change-Id: I60723d8f72a9487af03f223c8f8a33ef8fa56461
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4135885
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85119}
After a call to {StreamingDecoder::NotifyCompilationEnded}, no method on
the {StreamingProcessor} should be called any more. We were still
calling the {OnAbort} method later.
To make the semantics a bit more clear, we rename
{NotifyCompilationEnded} to {NotifyCompilationDiscarded}.
We also remove the {stream_finished_} field and reset the processor
instead, which will result in a nullptr access if we try to illegally
call any further methods.
R=ahaas@chromium.org
Bug: chromium:1403531, chromium:1399790, chromium:1400066
Change-Id: I4caef3801dfe9d653125efbd7bc9b5d13ce30dc7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4132966
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85114}
This CL fixes a bug where we wouldn't pause (or even crash) when trying
to interrupt an infinite loop.
When we pause via stack check (i.e. a scheduled break) we currently do
one additional step-in. We do so to enter functions properly in case
we are paused in the middle of setting up the stack frame.
Loops also do a stack check, to support pausing infinite loops. In
that case we can skip the additional step-in as we are already
in a valid pause position (as implemented by this CL).
This CL also removes two bogus DCHECKs. We assumed that
a scheduled break never happens after a step. This is wrong, e.g.
a user can click the pause button after stepping over a long running
function.
Note that we duplicate the various loop interruption cctests to
also interrupt the loops with the "scheduled" break reason. Without
the changes in debug.cc, those won't pass.
The CL https://crrev.com/c/4136058 adds a regression test on the
blink side.
R=jarin@chromium.org
Fixed: chromium:1401674
Change-Id: I42b44744b17d24351f01b83c0446908c24e6c5fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4134246
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85106}
The expected behavior of the optimized code is deoptimizing when using a BigInt
as an index and throwing an error (from CheckedTaggedToInt64).
The representation changer tries to insert conversions for this case where
- The output node is represented in Word64 (SignedBigInt64)
- The use info is CheckedSigned64AsWord64
The representation changer first rematerializes the output node to
TaggedPointer because the type check is not BigInt. Then it falls wrongly to
the branch where the output representation is TaggedPointer, the output type is
SignedBigInt64 in GetWord64RepresentationFor.
Bug: v8:9407, chromium:1403574, chromium:1404607
Change-Id: I9d7ef4c94c1dc0aa3b4f49871ec35ef0877efc24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4135876
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Qifan Pan <panq@google.com>
Cr-Commit-Position: refs/heads/main@{#85094}
Increase length of strings in the test to ensure they are cachable
external strings even when the sandbox is disabled.
Change-Id: I1228e1abb1d88c0bb70edaeb718e1bf2f4cdd53d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4127228
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Patrick Thier <pthier@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85081}
