1. 22 May, 2019 1 commit
  2. 21 May, 2019 1 commit
  3. 20 May, 2019 4 commits
  4. 17 May, 2019 2 commits
  5. 16 May, 2019 1 commit
  6. 15 May, 2019 2 commits
  7. 14 May, 2019 3 commits
  8. 10 May, 2019 1 commit
  9. 08 May, 2019 1 commit
    • Pierre Langlois's avatar
      [ic] Do not decode instructions to detect deoptimized code. · 0d8ec36b
      Pierre Langlois authored
      This fixes a crash when using --trace-ic on Arm64 debug. For a given return
      address, the assembler's `target_address_from_return_address()` method will
      displace it to give you the call-site address. However, this is fragile because
      it needs to decode the instruction stream to distinguish between different call
      sequences. So it triggered an assertion on Arm64 because we now use BL for
      builtin to buitin calls.
      
      We only use this when tracing IC states to detect if the caller is a deoptimized
      function. But to do this it doesn't matter if the address we have is the return
      or the call-site address. So we can just remove the need for the fragile
      Assembler method.
      
      As a drive-by, also remove `return_address_from_call_start()` which was doing
      the opposite and was unused.
      
      Change-Id: I5988d17eadd1652ed85d662e62bc4c579665dd31
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594566
      Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61337}
      0d8ec36b
  10. 02 May, 2019 2 commits
    • Seth Brenith's avatar
      Touch guard pages when allocating stack frames · df8548cd
      Seth Brenith authored
      On Windows, expanding the stack by more than 4 KB at a time can cause
      access violations. This change fixes a few known cases (and includes
      unit tests for those), and attempts to make stack expansion more
      consistent overall by using the AllocateStackSpace helper method
      everywhere we can, even when the offset is a small constant.
      
      On arm64, there was already a consistent method for stack pointer
      manipulation using the Claim and Drop methods, so Claim is updated to
      touch every page.
      
      Bug: v8:9017
      Change-Id: I2dbbceeebbdefaf45803e9b621fe83f52234a395
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570666
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61186}
      df8548cd
    • Pierre Langlois's avatar
      [arm][arm64] Do not allocate temp registers for the write barrier. · 3f1a59f4
      Pierre Langlois authored
      Improve code generation for stores with write barriers slightly by using the
      assembler's dedicated scratch registers (x16 and x17 on Arm64, ip on Arm)
      instead of allocating temporaries.
      
      To do this, we've done two things:
      
        - Use ip as a scratch register when loading page flags.
      
        - TurboAssembler::CallRecordWriteStub() now takes the offset of the slot
          that's written to rather than its address, removing the need to allocate a
          temporary register for it.
      
      In essence, we've gone from:
      
      ```
      ;; Do the store.
      stur x19, [x9, #15]
      ;; Check *destination* object page flags and jump out-of-line.
      and x4, x9, #0xfffffffffff80000
      ldr x4, [x4, #8]
      tbnz x4, #2, #+0x1e7c
      |     ;; Check *source* object page flags.
      | `-> and x4, x19, #0xfffffffffff80000
      |     ldr x4, [xM, #8]
      |,--- tbz x4, #1, #-0x1e80
      |     ;; Compute address of slot.
      |     add x5, x9, #0xf (15)
      |     ;; Setup arguments to RecordWrite
      |     stp x2, x3, [sp, #-32]!
      |     stp x4, lr, [sp, #16]
      |     stp x0, x1, [sp, #-16]!
      |     mov x0, x9 ;; Object address in x9
      |     mov x1, x5 ;; Slot address in x5
      |     movz x2, #0x0
      |     movz x3, #0x100000000
      |     ;; Call RecordWrite
      |     ldr x16, pc+2056
      |     blr x16
      ```
      
      Which allocates x4 and x5 as temporaries.
      
      To:
      
      ```
      stur x19, [x9, #15]
      and x16, x9, #0xfffffffffff80000 ;; Using x16 instead of allocating x4.
      ldr x16, [x16, #8]
      tbnz x16, #2, #+0x1e7c
      | `-> and x16, x19, #0xfffffffffff80000
      |     ldr x16, [xM, #8]
      |,--- tbz x16, #1, #-0x1e80
      |     stp x2, x3, [sp, #-32]!
      |     stp x4, lr, [sp, #16]
      |     stp x0, x1, [sp, #-16]!
      |     mov x0, x9            ;; Object address still in x9.
      |     add x1, x9, #0xf (15) ;; Compute the slot address directly.
      |     movz x2, #0x0
      |     movz x3, #0x100000000
      |     ldr x16, pc+2056
      |     blr x16
      ```
      
      Finally, `RecordWriteField()` does not need an extra scratch register anymore.
      
      Change-Id: Icb71310e7b8ab1ca83ced250851456166b337d00
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505793
      Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
      Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61153}
      3f1a59f4
  11. 30 Apr, 2019 2 commits
  12. 29 Apr, 2019 3 commits
    • Ross McIlroy's avatar
      Revert "[ptr-compr] New RelocInfo for compressed pointers." · 7e677b2e
      Ross McIlroy authored
      This reverts commit b5da9fcb.
      
      Reason for revert: Breaks pointer compression bot:
      https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20pointer%20compression/3098
      
      Original change's description:
      > [ptr-compr] New RelocInfo for compressed pointers.
      > 
      > New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
      > compressed pointers in generated code. Enum name EMBEDDED_OBJECT
      > changed to FULL_EMBEDDED_OBJECT.
      > 
      > RelocInfo::[set_]target_object() abstract away the difference between
      > FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.
      > 
      > Compressed embedded objects can only be created at this time on
      > x64 with pointer compression turned on. Arm64 constant pools don't
      > support compressed objects at this time.
      > 
      > Bug: v8:7703
      > Change-Id: I03bfd84effa33c65cf9bcefa5df680ab7eace9dd
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1547661
      > Commit-Queue: Michael Stanton <mvstanton@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61076}
      
      TBR=ulan@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,ishell@chromium.org
      
      Change-Id: I262b2b98315fa987c5a66b1050dc726563ccdb2d
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7703
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588135Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61087}
      7e677b2e
    • Clemens Hammacher's avatar
      [cleanup] Use Vector::begin instead of Vector::start · 4b0f9c85
      Clemens Hammacher authored
      Our {Vector} template provides both {start} and {begin} methods. They
      return exactly the same value. Since the {begin} method is needed for
      iteration, and is also what standard containers provide, this CL
      switches all uses of the {start} method to use {begin} instead.
      
      Patchset 1 was auto-generated by using this clang AST matcher:
          callExpr(
              callee(
                cxxMethodDecl(
                  hasName("start"),
                  ofClass(hasName("v8::internal::Vector")))
              ),
              argumentCountIs(0))
      
      Patchset 2 was created by running clang-format. Patchset 3 then
      removes the now unused {Vector::start} method.
      
      R=jkummerow@chromium.org
      TBR=mstarzinger@chromium.org,yangguo@chromium.org,verwaest@chromium.org
      
      Bug: v8:9183
      Change-Id: Id9f01c92870872556e2bb3f6d5667463b0e3e5c6
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587381Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61081}
      4b0f9c85
    • Mike Stanton's avatar
      [ptr-compr] New RelocInfo for compressed pointers. · b5da9fcb
      Mike Stanton authored
      New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
      compressed pointers in generated code. Enum name EMBEDDED_OBJECT
      changed to FULL_EMBEDDED_OBJECT.
      
      RelocInfo::[set_]target_object() abstract away the difference between
      FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.
      
      Compressed embedded objects can only be created at this time on
      x64 with pointer compression turned on. Arm64 constant pools don't
      support compressed objects at this time.
      
      Bug: v8:7703
      Change-Id: I03bfd84effa33c65cf9bcefa5df680ab7eace9dd
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1547661
      Commit-Queue: Michael Stanton <mvstanton@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61076}
      b5da9fcb
  13. 24 Apr, 2019 1 commit
  14. 09 Apr, 2019 1 commit
  15. 08 Apr, 2019 1 commit
  16. 01 Apr, 2019 1 commit
  17. 25 Mar, 2019 2 commits
  18. 22 Mar, 2019 1 commit
  19. 18 Mar, 2019 1 commit
  20. 15 Mar, 2019 1 commit
  21. 12 Mar, 2019 1 commit
  22. 08 Mar, 2019 2 commits
    • Pavel Medvedev's avatar
      Use inherited ctors for MacroAssembler and TurboAssembler · 03ce1d14
      Pavel Medvedev authored
      instead of forwarding template constructors for these classes introduced in
      edab9a20 commit.
      
      TurboAssemblerBase constructors were declared as public to make the inherited
      TurboAssembler, and MacroAssembler ctors also public.
      
      This fixes Visual C++ 2017 compile error, when the template ctor in
      TurboAssemblerBase class matches deleted copy ctor.
      
      Bug: v8:8935
      Change-Id: I1144a7025830c3a0ab86acaa8ea81def02d293b1
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1496977Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60114}
      03ce1d14
    • Bill Budge's avatar
      Reland "[wasm simd] Fix F32x4 Min and Max" · bd15e189
      Bill Budge authored
      This is a reland of 821bc649
      
      Original change's description:
      > [wasm simd] Fix F32x4 Min and Max
      > 
      > - Fix F32x4 tests to save results in globals, so they can be checked
      >   in C++ code. Perform correct checks in case of NaNs.
      > - Fix ia32, x64 implementations of F32x4Min, F32x4Max to correctly
      >   deal with NaNs.
      > - Enable tests for all float values on all platforms, except skip
      >   denormalized results on ARM, and skip extreme values for reciprocal,
      >   reciprocal square root approximation opcodes.
      > - Disable Min, Max test for interpreter (see v8:8425) since it doesn't
      >   handle NaNs correctly.
      > - Fix vmin, vmax implementations in ARM simulator.
      > 
      > Bug: v8:8639
      > Change-Id: I87e188e3cb078f09fdacfd9955f426c20a11bf64
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1495897
      > Commit-Queue: Bill Budge <bbudge@chromium.org>
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60021}
      
      Bug: v8:8639
      Change-Id: Ic557aa1d323693eabf5885ff5eddc15e3174079b
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1501279Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Bill Budge <bbudge@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60109}
      bd15e189
  23. 05 Mar, 2019 2 commits
  24. 04 Mar, 2019 1 commit
    • Bill Budge's avatar
      [wasm simd] Fix F32x4 Min and Max · 821bc649
      Bill Budge authored
      - Fix F32x4 tests to save results in globals, so they can be checked
        in C++ code. Perform correct checks in case of NaNs.
      - Fix ia32, x64 implementations of F32x4Min, F32x4Max to correctly
        deal with NaNs.
      - Enable tests for all float values on all platforms, except skip
        denormalized results on ARM, and skip extreme values for reciprocal,
        reciprocal square root approximation opcodes.
      - Disable Min, Max test for interpreter (see v8:8425) since it doesn't
        handle NaNs correctly.
      - Fix vmin, vmax implementations in ARM simulator.
      
      Bug: v8:8639
      Change-Id: I87e188e3cb078f09fdacfd9955f426c20a11bf64
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1495897
      Commit-Queue: Bill Budge <bbudge@chromium.org>
      Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60021}
      821bc649
  25. 26 Feb, 2019 1 commit
  26. 25 Feb, 2019 1 commit
    • Benedikt Meurer's avatar
      [objects] Free one bit in the SharedFunctionInfo::flags. · 591408cb
      Benedikt Meurer authored
      We'll need one bit in the SharedFunctionInfo::flags to record whether
      it's safe to skip arguments adaptor frames (for v8:8895), so this
      just removes the SharedFunctionInfo::IsDerivedConstructorBit which is
      redundant, since the same information is already available in the
      SharedFunctionInfo::FunctionKindBits, and most places in the code
      use that already, with the exception of the JSConstructStubGeneric
      builtin.
      
      This changes the JSConstructStubGeneric builtin to just check the
      function kind instead of testing the explicit bit, which also makes
      this more consistent. It seems like there's not much overhead to
      that, doing an additional bitmasking plus two comparisons instead
      of one. This shouldn't really matter since invocation and execution
      of the constructors is going to dominate and optimized code inlines
      all of this anyways. If this turns out to affect performance, we
      can still look into encoding the FunctionKindBits more cleverly.
      
      Drive-by-fix: Move the FunctionKindBits first in the flags to avoid
      the shift when accessing the function kind. This seems logic, since
      for the actual boolean bit fields it doesn't matter where they are
      in the flags, whereas for the function kind this saves one shift.
      
      Bug: v8:8834, v8:8895
      Change-Id: I184a8f5cc5c140bdc272cf9a5ad546093c457306
      Reviewed-on: https://chromium-review.googlesource.com/c/1482915Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59821}
      591408cb