- 09 Feb, 2021 28 commits
-
-
Nico Hartmann authored
This CL adds support for generating acquire/release accessors on class fields. Adds first use of this new feature (@acquireRead and @releaseWrite) on FunctionTemplateInfo::rare_data. Bug: v8:7790, v8:11122 Change-Id: I98f533807ab784d8667fd43564fe84686d27830c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679684Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Seth Brenith <seth.brenith@microsoft.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#72596}
-
Frank Emrich authored
This fixes a build problem in gcc, where the constexpr function SwissNameDictionary::SizeFor uses the non-constxpr function SwissNameDictionary::IsValidCapacity in a DCHECK. Bug: v8:11388 Change-Id: Iaeb2b80bb72da3a9c895aa33977c160533019c35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2684514Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Frank Emrich <emrich@google.com> Cr-Commit-Position: refs/heads/master@{#72595}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: Id84459c496f7e57b36c3acd13a91d39b7e9fb15f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676630Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#72594}
-
Shu-yu Guo authored
The is_awaiting bit on async generators distinguishes waiting on an await. When the async generator resumes from an await, the is_awaiting bit is cleared. It is possible through overriding Promise#constructor that `await` throws *after* setting is_awaiting. There is an implicit try-catch around the body of the async generator such that, usually, caught exceptions would clear the is_awaiting bit. However, the exception thrown from a monkeypatched Promise#constructor can be caught by script, and thus never clear the is_awaiting bit. This CL sets the is_awaiting bit *after* `await` completes, with the exception of the return resumption. It is not possible to have the exception thrown by the await in the return resumption be caught by script. Bug: chromium:1171667 Change-Id: I0b615617a5c949f03350ab0f06c42920d43b5488 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659508Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#72593}
-
Peter Wong authored
- No noticeable changes in runtime performance according to js-perf-test/RegExp/{base_search.js, base_match.js} benchmarks - Slight builtin code sizes reduction: BEFORE ====== TFJ Builtin, StringPrototypeSearch, 1592 TFJ Builtin, StringPrototypeMatch, 1592 AFTER ===== TFJ Builtin, StringPrototypeSearch, 1432 TFJ Builtin, StringPrototypeMatch, 1432 Bug: v8:8996 Change-Id: Ifeadac1c924a36003a41be3b805438522f8188be Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2670247Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Cr-Commit-Position: refs/heads/master@{#72592}
-
Georg Neis authored
In particular: remove PossiblyBackgroundSerializedHeapObject in favor of either SerializedHeapObject or BackgroundSerializedHeapObject, depending on the (existing) argument to the ObjectRef constructor. Bug: v8:7790 Change-Id: I0a67872c377107799233742cc7774bea62811d0f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681946 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#72591}
-
Mythri A authored
Turboprop doesn't use optimizations based on field constness to reduce the number of deoptimizations. While this is safe for loads, for stores if a different value is stored to a const field we should update the constness of the field. This is needed so we can safely deopt any other code that is relying on the constness of the field. Currently, turboprop doesn't do this. So for now treat stores to constant fields similar to TurboFan. In future, we may consider adding code to update the field constness if necessary to reduce the number of deoptimizations. Bug: chromium:1172797, v8:9684 Change-Id: I1d660457cb5d647e1283a495040a7e452fe1ac7e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673401 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#72590}
-
Clemens Backes authored
The only opcode which can pop the last control block is "end". There is already validation in place to check that no code is following the last "end". Thus all checks for a non-empty control stack in other opcodes are redundant and can be replaced by DCHECKs. Drive-by: Avoid the use of {PushControl} for pushing the very first block, to avoid another check for an empty control stack there. R=thibaudm@chromium.org Change-Id: I8f04b225a61f832bca2dd7b706e31d1faa173767 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2678162Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#72589}
-
Bill Budge authored
- Fixes a problem when constructing Wasm CallDescriptors, where the allocation tries to treat parameters and returns as if they are in the same frame. This doesn't work when slots may be aligned in their frame. Instead, allocate parameters and returns separately and offset return slots by the number of parameter slots. - Adds argument slot padding in the CallDescriptor lowering case, to prepare for when 32 bit targets align stack frames and require padding. - Adds a regression test. Bug: chromium:1174500 Change-Id: I60d96a94b171a0d27ff61cbab35623976b0c6da8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2683024 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#72588}
-
Georg Neis authored
Bug: v8:7790 Change-Id: Iabfbb36c18935b04ee4c67129accd3a9b4729b3a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681942 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#72587}
-
Georg Neis authored
Main changes: - Introduce a new broker data kind kBackgroundSerialized for objects that can be serialized in the background (when direct reads are on). (I'm planning to remove kPossiblyBackgroundSerialized in a followup, in favor of a dynamic choice of kSerialized or kBackgroundSerialized). - Make PropertyCell use that new kind. - Introduce a bottleneck in runtime code for changes to PropertyCells and make sure that a certain protocol is followed that allows concurrent reads from the background thread. - Improve interface of PropertyCell in various ways. Bug: v8:7790 Change-Id: If3d7926c3b894808811348b4b2bed153f5c06897 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661462Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#72586}
-
Clemens Backes authored
Those dynamic allocations are responsible for 5-10% of execution time in wasm code publishing, which again is the biggest contributor to deserialization time. The allocations are used for patching the jump table. This CL avoids dynamic memory allocation by having some thread-local space that is re-used for allocations of ExternalAssemblerBufferImpl. Since those objects are small, memory usage is not a concern here. R=jkummerow@chromium.org Bug: v8:11164 Cq-Include-Trybots: luci.v8.try:v8_linux64_asan_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng Change-Id: I44aad86fa821a1ccb59b539da861a346f62a9813 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667859 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#72585}
-
Milad Fa authored
WasmCompileLazy needs to save the content of vector parameter registers. If Simd is not enabled or the hardware does not support Simd operations then we need to saves the value of Double registers instead, therefore we need a way to retrieve the value of "CpuFeatures::SupportsWasmSimd128()" in builtins during runtime. Bug: v8:11377 Change-Id: I74a5f870d7077166548472adb25c3fb06d0ebdb9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679682Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Junliang Yan <junyan@redhat.com> Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#72584}
-
Jakob Gruber authored
This reverts commit da785659. Reason for revert: Investigating regressions https://chromeperf.appspot.com/group_report?rev=72572 Original change's description: > [compiler] Don't serialize JSTypedArray fields > > This CL removes serialization of JSTypedArray fields when direct heap > reads are enabled. Invariants we rely on: > > - Of the underlying interesting fields, > - base_pointer and external_pointer are set either during > initialization, or in a one-time on-to-off-heap transition in > GetBuffer. > - length and buffer are immutable after initialization. > - is_on_heap and DataPtr derive from base_pointer and > external_pointer s.t. is_on_heap == (base_pointer != 0) and > DataPtr == external_pointer in the off-heap case. > > In this CL we add one new invariant: > > - For all base_pointer and external_pointer mutations after > initialization, base_pointer is guaranteed to be release-stored > after external_pointer has been written. > > With these invariants, concurrent access to off-heap typed arrays is > trivial as long as is_on_heap (= base_pointer) is read before other > relevant fields. > > Note that JSTypedArray remains a kSerializedHeapObject due to the > serialized superclass JSObject. > > Drive-by: Remove unused Torque operators and empty TODOs. > > Bug: v8:7790 > Change-Id: I3c4327318f94e4e6083d4e87476069aad2649386 > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679689 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#72572} TBR=neis@chromium.org,jgruber@chromium.org Change-Id: I5a7e6bacb7b7a3e3510c778837679e6822f26339 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7790 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681948Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#72583}
-
Frank Emrich authored
This CL is part of a series that adds the C++ implementation of SwissNameDictionary, a deterministic property backing store based on Swiss Tables. This CL contains most of the boilerplate code for introducing a new instance type. Bug: v8:11388 Change-Id: Id263b8138a8ce4b465fb28d968223d2e1aaf05a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672030Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Frank Emrich <emrich@google.com> Cr-Commit-Position: refs/heads/master@{#72582}
-
Clemens Backes authored
The interpreter frame is only used for testing now (see linked issue). This CL removes some remnants in messages.{h,cc}. R=bmeurer@chromium.org Bug: v8:10389 Change-Id: I369057ed02dbb68ba40ef9b4aa9a84799d3db528 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681944 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Clemens Backes <clemensb@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#72581}
-
Paolo Severini authored
Bug: v8:11092 Change-Id: I62fe079a67a4643d2e42cbdeabf26b5c7d8bc148 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2677813Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Paolo Severini <paolosev@microsoft.com> Cr-Commit-Position: refs/heads/master@{#72580}
-
Michael Lippautz authored
The detached CppHeap allows for allocation without invoking garbage collections. Allocated bytes are reported on the first allocation after the CppHeap has been attached to an Isolate. States: - Detached: Allow only allocation; - Attached: Unified heap GCs; - Termination GC: Require detached state; Destruction: - Heap::TearDown: Detach if attached; - ~CppHeap: Detach if attached; Bug: chromium:1056170 Change-Id: I95ce029f36a7f10392257080b6e23e13cc0fc7b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672940 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#72579}
-
Ulan Degenbaev authored
This fixes a false positive TSAN report where an object transitions to a new map in StoreIC. The scenario: 1) Object a transitions from map1 to a newly created map2 in runtime. The map is installed with a release-store. 2) Object b transitions from map1 to map2 in StoreIC in generated code that is not visible to TSAN. 3) Concurrent marker visits object b and loads it map with an acquire load. Since TSAN does not see the store in step (2) it thinks that the map loaded in (3) is freshly allocated and is not guarded by a release store. Bug: v8:11353 Change-Id: Ifcace9edff987761a4098d3fdfb98c6190f1ee1e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682641Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#72578}
-
Shu-yu Guo authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/b2e9dff28..fd27d1f5d Bug: v8:7834 Change-Id: Ieb652612285d809a0a6dbfc610ff1ab36e79b763 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681314 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#72577}
-
Michael Achenbach authored
This reverts commit 72464122. Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/32046 Original change's description: > [regexp] Ship RegExp match indices > > I2S: > https://groups.google.com/a/chromium.org/g/blink-dev/c/RR_dw_ZXtT0/m/xtgu5jjyAQAJ > > Bug: v8:9548 > Change-Id: I8ccf2f4c38f9b9204ae47162303f21d2d44498e8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682508 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Auto-Submit: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#72571} TBR=jgruber@chromium.org,syg@chromium.org Change-Id: I1173389082928aa5c9895ca4fb360c7ab8ec073b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9548 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2681943Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#72576}
-
Santiago Aboy Solanes authored
Bug: v8:11384 Change-Id: I00754c295cd7b0de11f7ae039b423abfb9db5716 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682643 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#72575}
-
Gus Caplan authored
This adds support for kBool, kInt32, and kUint32 types. Bug: chromium:1052746 Change-Id: I54641eb036eea30113c44eab2c08626176ecc40a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2629463 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#72574}
-
Michael Lippautz authored
Embedders may use cppgc (or v8::CppHeap) earlier than V8's Isolate and platform are initialized. Require explicit initialization of cppgc to avoid recurring init calls with potentially conflicting parameters. Bug: chromium:1056170 Change-Id: I613452954b322c9a5bf074eefd25107b4579958c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682648Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#72573}
-
Jakob Gruber authored
This CL removes serialization of JSTypedArray fields when direct heap reads are enabled. Invariants we rely on: - Of the underlying interesting fields, - base_pointer and external_pointer are set either during initialization, or in a one-time on-to-off-heap transition in GetBuffer. - length and buffer are immutable after initialization. - is_on_heap and DataPtr derive from base_pointer and external_pointer s.t. is_on_heap == (base_pointer != 0) and DataPtr == external_pointer in the off-heap case. In this CL we add one new invariant: - For all base_pointer and external_pointer mutations after initialization, base_pointer is guaranteed to be release-stored after external_pointer has been written. With these invariants, concurrent access to off-heap typed arrays is trivial as long as is_on_heap (= base_pointer) is read before other relevant fields. Note that JSTypedArray remains a kSerializedHeapObject due to the serialized superclass JSObject. Drive-by: Remove unused Torque operators and empty TODOs. Bug: v8:7790 Change-Id: I3c4327318f94e4e6083d4e87476069aad2649386 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679689 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#72572}
-
Shu-yu Guo authored
I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/RR_dw_ZXtT0/m/xtgu5jjyAQAJ Bug: v8:9548 Change-Id: I8ccf2f4c38f9b9204ae47162303f21d2d44498e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682508 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#72571}
-
Benedikt Meurer authored
BREAKING CHANGE: The values of Wasm locals, stack, and globals are now represented as objects instead of holding the (primitive) values directly, and SIMD128 values are no longer represented as Uint8Arrays. The DWARF extension has been prepared for this breaking change. The new `WasmValue` comes with `type` and `value` properties that hold its contents. The motivation here is that this is a more extensible approach. In case of SIMD128, the `value` property holds the canonical string representation, which has the additional advantage that these values can be compared with `===` (and `==`). This partially reverts https://crrev.com/c/2614428, the main difference here being that WasmValue is now a proper JSObject that can be exposed on the DebugEvaluate proxy API. Screenshot: https://imgur.com/rcahNKM.png Bug: chromium:1170282, chromium:1071432, chromium:1159402 Change-Id: Iea304e3680775123c41deb4c3d172ac949da1b98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2643384Reviewed-by: Philip Pfaffe <pfaffe@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#72570}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a2a1340..6408b07 Rolling v8/third_party/aemu-linux-x64: wSpywIGELAWo-KIDF77NMsedbTxiUN7DZUJS-hXiT1UC..BJKsuvEy1d1R4k1qe_4WGn47cAA9BDUVDaMnfbyiH-cC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/ab8a40f..e6e7c93 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/ac34821..79f916a Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/fae3adc..5798a76 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I79b3255135b8ac21ba92bbd4d0b92818045390e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2683244Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#72569}
-
- 08 Feb, 2021 12 commits
-
-
Michael Lippautz authored
Those references would be passed over to Blink via buffer and dropped after a virtual call. Bug: chromium:1056170 Change-Id: Idd02acce7a2d5c927dd9dc2415fe507b00ff3e58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682646 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#72568}
-
Ng Zhi An authored
Prototype these 6 instructions on arm: - f64x2.convert_low_i32x4_s - f64x2.convert_low_i32x4_u - i32x4.trunc_sat_f64x2_s_zero - i32x4.trunc_sat_f64x2_u_zero - f32x4.demote_f64x2_zero - f64x2.promote_low_f32x4 For all these instructions we rely on having Q registers that map to S registers, which means we can only use q0 to q7. We fix the src/dst to q0 arbitrarily. Bug: v8:11265 Change-Id: Ied95f2dde9859a60fc216ed67615f80e9d795bb7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679842Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#72567}
-
Zhi An Ng authored
This reverts commit 00babf07. Reason for revert: Broke mac64 https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64/38510/overview Original change's description: > [wasm-simd][x64][liftoff] Implement i8x16.popcnt > > Extract i8x16.popcnt implementation into a macro-assembler function, and > reuse it in Liftoff. > > Bug: v8:11002 > Change-Id: I86b2f5322c799d44f584cac28c70e0e393bf114f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676280 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Zhi An Ng <zhin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#72565} TBR=gdeepti@chromium.org,clemensb@chromium.org,zhin@chromium.org Change-Id: I5795b71f65d59237db59907d40c34e4fa7779fe1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:11002 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2682505Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#72566}
-
Ng Zhi An authored
Extract i8x16.popcnt implementation into a macro-assembler function, and reuse it in Liftoff. Bug: v8:11002 Change-Id: I86b2f5322c799d44f584cac28c70e0e393bf114f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676280Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#72565}
-
Junliang Yan authored
Change-Id: Ic973b6342a6b91fe9068ee1ffe4e83a138fb2fa4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679269Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/master@{#72564}
-
Santiago Aboy Solanes authored
Change-Id: Icd1d9fa59fac714673a264839006e74fc4dfeac3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676147Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#72563}
-
Camillo Bruni authored
CSV Support: - Add import merged CSV from results.html - Aggregate multiple runs and calculate stddev on them Charts: - Defer rendering charts for responsive UI - Clean up chart rendering in general - Sort charts based on raw chart data for speedups - Show chart annotations - Add chart total, displaying the total value for the currently selected categories - Fix sorting by chart total - Add average row for all charts Change-Id: I1e542f319172ecf158dcb44f8da7ad6e81aafe41 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2675934Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#72562}
-
Clemens Backes authored
Update the wasm spec tests to include the memory64 proposal. Some tests are failing currently because of broken spec tests or missing v8 support. This will be addressed in follow-up CLs. R=ahaas@chromium.org CC=zhin@chromium.org Bug: v8:11401 Change-Id: I1a8f75e70f9d0828ad32c960c113f5e4c0d1a44b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679683 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#72561}
-
Michael Lippautz authored
This change avoid dispatching a write barrier during the atomic pause. The dispatch can generally be triggered through pre-finalizers. In future, further checks may be added to avoid mis-use of pre-finalizers. Bug: chromium:1056170, chromium:1175560 Change-Id: I119e18372633b2375f60e17b4c881f68bb20bf66 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679685Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#72560}
-
Jakob Kummerow authored
MacOS 11.2 refuses to set "no access" permissions on memory that we previously used for JIT-compiled code. It is still unclear whether this is WAI on the part of the kernel. In the meantime, as a workaround, we use madvise(..., MADV_FREE_REUSABLE) instead of mprotect(..., NONE) when discarding code pages. This is inspired by what Chromium's gin platform does. Fixed: v8:11389 Change-Id: I866586932573b4253002436ae5eee4e0411c45fc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2679688 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#72559}
-
Clemens Backes authored
For functions with a very large stack, the debug side table repeats a lot of information: Most values will be spilled to the stack, still every single entry in the debug side table repeats information about them (type, stack offset). This leads to the size of the debug side table to be quadratic in the size of the function. In the linked bug, the generation of the debug side table took ~400ms, whereas Liftoff compilation alone just took 16ms. This CL optimized the debug side table by delta-encoding the entries, i.e. only storing stack slots that changed. This reduces the size of the table significantly, at the cost of making lookup slower, since that now has to search the table backwards for the last entry that had information about a specific slot. For now, this seems like a good compromise. If it turns out to be a problem, we could speed up the lookup by either forcing a full dump of the stack state after N entries, or by dynamically inserting new entries during lookup, whenever we find that we had to search backwards more than N entries. That would speed up subsequent lookups then. On the reproducer in the linked bug, this change reduces the time to generate the debug side table from ~400ms to ~120ms. Before this CL, the debug side table has 13,314 entries with a total of 38,599,606 stack value entries. After this CL, it shrinks to 20,037 stack value entries in the 13,314 entries (average of ~1.5 instead of ~2,899). R=thibaudm@chromium.org Bug: chromium:1172299 Change-Id: Ie726bb82d4c6648cc9ebd130115ee7ab3d1d551b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2676636Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#72558}
-
Iain Ireland authored
Some of the DCHECK_LT assertions in GenerateBranches were generating signed-vs-unsigned comparisons in SM. While I was looking at this code, it seemed reasonable to just fix the whole thing to use uc32/uint32_t where appropriate. Bug: v8:11380 Change-Id: I7e27fb7e34ce962349d7204d6306217292746e33 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666986Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#72557}
-