Skip to content

V
V8
Switch branch/tag
  1. 07 Jul, 2021 2 commits
  3. 06 Jul, 2021 1 commit
  5. 01 Jul, 2021 1 commit
  7. 25 Jun, 2021 1 commit
  9. 24 Jun, 2021 3 commits
  11. 18 Jun, 2021 1 commit
  13. 17 Jun, 2021 2 commits
  15. 15 Jun, 2021 1 commit
  17. 10 Jun, 2021 1 commit
  19. 09 Jun, 2021 1 commit
    • Iain Ireland's avatar
      [regexp] Propagate eats_at_least for negative lookahead · 363ab5ae
      Iain Ireland authored 
      In issue 11290, we disabled the propagation of EAL data out of
lookarounds, because it was incorrect for lookahead nodes in
loops. This caused performance regressions: for example,
`/^\P{Letter}+$/u` (matching only characters that are not in Unicode's
Letter category) uses negative lookahead when matching lone
surrogates, and became about 2x slower. I spent some time looking into
fixes, and this is what I've settled on.

Some background: the implementation of lookarounds in irregexp is
split between positive and negative lookaheads. (Lookbehinds aren't
relevant here, because backwards matches always have EAL=0.)  Positive
lookaheads are wrapped in BEGIN_SUBMATCH and POSITIVE_SUBMATCH_SUCCESS
ActionNodes. BEGIN_SUBMATCH saves the current state.
POSITIVE_SUBMATCH_SUCCESS restores the necessary state (while leaving
any captures that occurred during the lookaround intact).

Negative lookaheads also begin with a BEGIN_SUBMATCH node, but follow
it with a NegativeLookaroundChoiceNode. This node has two successors:
a lookaround node, and a continue node. It only executes the continue
node if the lookaround node backtracks, which automatically restores
the previous state. Negative lookarounds also can't update captures.

This affects EAL calculations. It turns out that negative lookaheads
are already doing the right thing: EatsAtLeastPropagator only
propagates information from the continue node, ignoring the lookaround
node. The same is true for quick checks (see the comment in
RegExpLookaround:Builder::ForMatch). A BEGIN_SUBMATCH for a negative
lookahead can simply propagate the EAL data from its successor like
any other ActionNode, and everything works.

Positive lookaheads are harder. I tried saving a pointer to the
successor in BEGIN_SUBMATCH, but ran into problems in FillInBMInfo,
because the EAL value corresponded to the nodes after the lookahead,
but the analysis was still looking at the nodes inside. I fell back
to a more modest approach: split BEGIN_SUBMATCH in two, and propagate
EAL info for BEGIN_NEGATIVE_SUBMATCH while keeping the current
behaviour for BEGIN_POSITIVE_SUBMATCH. This fixes the performance
regression at hand.

Two potential approaches for fixing EAL for positive lookahead are:
 1. Handling positive lookahead with its own dedicated choice node,
    like NegativeLookaroundChoiceNode.
 2. Adding an eats_at_least_inside_loop field to EatsAtLeastInfo,
    which is <= eats_at_least_from_possibly_start, and using that
    value in EatsAtLeastFromLoopEntry.

Both of those approaches are more complex than I want to tackle
right now, though.

Bug: v8:11844
Change-Id: I2a43509c2c21194b8c18f0a587fa21c194db76c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2934858Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75031}
      363ab5ae
  21. 07 Jun, 2021 1 commit
  23. 28 May, 2021 1 commit
  25. 25 May, 2021 1 commit
  27. 20 May, 2021 1 commit
  29. 12 May, 2021 2 commits
  31. 11 May, 2021 1 commit
  33. 10 May, 2021 1 commit
  35. 30 Apr, 2021 1 commit
  37. 21 Apr, 2021 1 commit
  39. 08 Apr, 2021 3 commits
  41. 07 Apr, 2021 1 commit
    • Jakob Gruber's avatar
      [regexp] Add --trace-regexp-graph · 835f53e4
      Jakob Gruber authored 
      Until now we've only exposed trace output for the parse- and assembly
stages of regexp codegen. Debug tracing of the graph was missing. The
new --trace-regexp-graph flag fills that hole.

Available regexp codegen tracing flags are now:

--trace-regexp-parser
--trace-regexp-graph
--trace-regexp-assembler

The output of --trace-regexp-graph can be formatted with `dot`, for
example:

 $ d8 --trace-regexp-graph [...] | dot -Tjpg -o regexp-graph.jpg

Change-Id: Ice593c34f7818c94e42d98e98a31533178bb538b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2808945
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarPatrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73825}
      835f53e4
  43. 19 Mar, 2021 1 commit
    • Georgia Kouveli's avatar
      [cfi][arm64] Change InterpreterEnterBytecode use of LR for CFI. · ce85e66a
      Georgia Kouveli authored 
      This use of LR previously allowed overwriting it with arbitrary addresses
that aren't signed. Change this so we never return to an arbitrary LR.

Instead of loading the InterpreterTrampolineEntry address into LR directly,
use an ADR instruction to place into LR the address of a piece of code
that jumps to the InterpreterTrampolineEntry instead. This makes a difference
because BR is also constrained by BTI, whereas RET isn't.

An alternative would have been to `Call` instead of `Jump` to the target
bytecode and avoid the ADR instruction altogether, but I wanted to keep the
same behaviour with respect to the return stack that the existing code
exhibits.

Also add a comment to src/regexp/arm64/regexp-macro-assembler-arm64.cc for
a similar use of LR that should eventually be removed.

Bug: v8:10026
Change-Id: I24a13481f3fa416247dab8f9e5ae6f52f6b2ad42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2764761Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#73535}
      ce85e66a
  45. 17 Mar, 2021 3 commits
  47. 11 Mar, 2021 4 commits
    • Clemens Backes's avatar
      Reland "[no-wasm] Exclude src/wasm from compilation" · 3f9ff062
      Clemens Backes authored 
      This is a reland of 80f5dfda. A condition
in pipeline.cc was inverted, which lead to a CSA verifier error.

Original change's description:
> [no-wasm] Exclude src/wasm from compilation
>
> This is the biggest chunk, including
> - all of src/wasm,
> - torque file for wasm objects,
> - torque file for wasm builtins,
> - wasm builtins,
> - wasm runtime functions,
> - int64 lowering,
> - simd scala lowering,
> - WasmGraphBuilder (TF graph construction for wasm),
> - wasm frame types,
> - wasm interrupts,
> - the JSWasmCall opcode,
> - wasm backing store allocation.
>
> Those components are all recursively entangled, so I found no way to
> split this change up further.
>
> Some includes that were recursively included by wasm headers needed to
> be added explicitly now.
>
> backing-store-unittest.cc is renamed to wasm-backing-store-unittest.cc
> because it only tests wasm backing stores. This file is excluded from
> no-wasm builds then.
>
> R=jkummerow@chromium.org, jgruber@chromium.org, mlippautz@chromium.org, petermarshall@chromium.org
>
> Bug: v8:11238
> Change-Id: I7558f2d12d2dd6c65128c4de7b79173668c80b2b
> Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742955
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73344}

TBR=jgruber@chromium.org

Bug: v8:11238
Change-Id: I20bd2847a59c68738b5a336cd42582b7b1499585
Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
Cq-Include-Trybots: luci.v8.try:v8_linux_verify_csa_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_verify_csa_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2752867Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73348}
      3f9ff062
    • Clemens Backes's avatar
      Revert "[no-wasm] Exclude src/wasm from compilation" · 92bc3d38
      Clemens Backes authored 
      This reverts commit 80f5dfda.

Reason for revert: Fails CSA verification: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20verify%20csa/21766/overview

Original change's description:
> [no-wasm] Exclude src/wasm from compilation
>
> This is the biggest chunk, including
> - all of src/wasm,
> - torque file for wasm objects,
> - torque file for wasm builtins,
> - wasm builtins,
> - wasm runtime functions,
> - int64 lowering,
> - simd scala lowering,
> - WasmGraphBuilder (TF graph construction for wasm),
> - wasm frame types,
> - wasm interrupts,
> - the JSWasmCall opcode,
> - wasm backing store allocation.
>
> Those components are all recursively entangled, so I found no way to
> split this change up further.
>
> Some includes that were recursively included by wasm headers needed to
> be added explicitly now.
>
> backing-store-unittest.cc is renamed to wasm-backing-store-unittest.cc
> because it only tests wasm backing stores. This file is excluded from
> no-wasm builds then.
>
> R=​jkummerow@chromium.org, jgruber@chromium.org, mlippautz@chromium.org, petermarshall@chromium.org
>
> Bug: v8:11238
> Change-Id: I7558f2d12d2dd6c65128c4de7b79173668c80b2b
> Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742955
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73344}

Bug: v8:11238
Change-Id: I93672002c1faa36bb0bb5b4a9cc2032ee2ccd814
Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2752866
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73346}
      92bc3d38
    • Clemens Backes's avatar
      [no-wasm] Exclude src/wasm from compilation · 80f5dfda
      Clemens Backes authored 
      This is the biggest chunk, including
- all of src/wasm,
- torque file for wasm objects,
- torque file for wasm builtins,
- wasm builtins,
- wasm runtime functions,
- int64 lowering,
- simd scala lowering,
- WasmGraphBuilder (TF graph construction for wasm),
- wasm frame types,
- wasm interrupts,
- the JSWasmCall opcode,
- wasm backing store allocation.

Those components are all recursively entangled, so I found no way to
split this change up further.

Some includes that were recursively included by wasm headers needed to
be added explicitly now.

backing-store-unittest.cc is renamed to wasm-backing-store-unittest.cc
because it only tests wasm backing stores. This file is excluded from
no-wasm builds then.

R=jkummerow@chromium.org, jgruber@chromium.org, mlippautz@chromium.org, petermarshall@chromium.org

Bug: v8:11238
Change-Id: I7558f2d12d2dd6c65128c4de7b79173668c80b2b
Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742955
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73344}
      80f5dfda
    • Jakob Gruber's avatar
      [regexp] Don't allocate dynamic stacks when static stacks suffice · d18b37ce
      Jakob Gruber authored 
      In https://chromium-review.googlesource.com/c/v8/v8/+/1866771 we added
a static regexp stack area to ensure a stack always exists. We
apparently forgot to update EnsureCapacity s.t. we skip
dynamically-allocating a stack when the static stack suffices.

Found by lizeb@, thanks!

Bug: v8:11540
Change-Id: Ie63b0b5e5959fbf0768cc3597f63943b1775fbf2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749015
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73337}
      d18b37ce
  49. 08 Mar, 2021 1 commit
  51. 25 Feb, 2021 1 commit
  53. 11 Feb, 2021 1 commit
    • Jakob Gruber's avatar
      [regexp] Don't update last match info in @@split special case · 51fcfd58
      Jakob Gruber authored 
      V8 implements a fast-path for RegExp.prototype.split which diverges
from the spec: instead of creating a new sticky regexp instance
`splitter` and running it in a loop, we reuse the existing non-sticky
regexp without looping through each character.

This works fine in most cases, but we run into issues when matching at
the very end of the string. According to the spec, matches at the end
of the string are impossible in @@split, but in our fast-path
implementation they can happen.

The obvious fix would be to remove our fast-path but this comes with
high performance costs. The fix implemented in this CL adds a special
flag to `exec` s.t. matches at the end of the string can be treated as
failures. This is only relevant for @@split.

Bug: chromium:1075514
Change-Id: Ifb790ed116793998d7aeb37e307f3f3f764023d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681950
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72644}
      51fcfd58
  55. 09 Feb, 2021 1 commit