- 22 Oct, 2020 18 commits
-
-
Simon Zünd authored
R=petermarshall@chromium.org, yangguo@chromium.org Change-Id: I3d1cb354f6aeae10fda56f4c51bcb43c9fa5462c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491028Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#70710}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I697a33f51618c0b7b3b60a9a2abcb7bf4ab1d033 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491032 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70709}
-
Omer Katz authored
This CL adds TraceWeakContainer and VisitWeakContainer to the Visitor api. It also introduces the weak_container_worklist_ used to force re-tracing of weak containers that are reachable from stack. Bug: chromium:1056170 Change-Id: I4ba75bd64939b8df9ece7422828a5ac647b03fd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491022 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70708}
-
Dominik Inführ authored
Measure time from requesting GC on background thread until the main thread starts the collection. Also add trace event for the GC on the background thread. Bug: v8:10315 Change-Id: I765ce0df8a1c31e4f64661ea8dc0b6a4685a3132 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489681Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#70707}
-
Maya Lekova authored
Refactor the {options} output parameter of the fast callback to a reference, since it can never be nullptr for functions created with MakeWithFallbackSupport. This allows embedders to spare the nullptr check. Bug: chromium:1052746 Change-Id: I3e22f07af4740ebe8522691da51b6addbc980f24 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491026Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#70706}
-
Santiago Aboy Solanes authored
From `FIELD_ADDR(*this, abc)`, to `field_address(abc)`; Bug: v8:10933 Change-Id: I49c3b19db3ca05947fbe7113642a85ba59da6cef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491029Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70705}
-
Victor Gomes authored
Since JS arguments are always reversed now (https://crrev.com/c/2466116), the logic for skipping the arguments adapter is dead. It has been subsumed by the complete removal of the adaptor frame (https://crrev.com/c/2440098). Doc: bit.ly/v8-faster-calls-with-arguments-mismatch Change-Id: Ia02e0807b7d23a9de371650fa6357113e409d338 Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489684Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70704}
-
Sathya Gunasekaran authored
This is a reland of 517a3069 Original change's description: > [ic] Append deprecated maps after appending new map > > Previously, we would append the deprecated maps and then append the > new valid map causing minimorphic map checks to miss this new map in > the case that we exceeded the FLAG_max_minimorphic_map_checks size. > > Bug: v8:10582 > Change-Id: Ie3d7da73f7bdbdd822241fae7879817889a72b43 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2484513 > Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Mythri Alle <mythria@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70676} Bug: v8:10582 Change-Id: Ie951f364406063becb659a0151093e6c9f69e0f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491283Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#70703}
-
johnx authored
The Cobalt project has its own Starboard equivalent of libc APIs like `malloc` and `free`. This CL introduces the wrappers for some libc functions. In followup CLs, for example occurences of malloc will all be replaced by base::Malloc in V8. See b/156155426 for more information. Bug: v8:10927 Change-Id: Ida3d161a1da56755b681e18b4827e277e6cb4c4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2416150 Commit-Queue: John Xu <johnx@google.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: John Xu <johnx@google.com> Cr-Commit-Position: refs/heads/master@{#70702}
-
Jakob Gruber authored
No major functional changes in this CL, mostly it moves code around to make follow-up CLs less messy. - Document Code layout. - New concepts: 'body' and 'metadata' areas of Code objects. The metadata area contains metadata tables, the body area includes both instructions and metadata (this is currently the 'instructions' area). Add accessors for these new areas. - An interesting detail: embedded builtins will have non-adjacent instruction and metadata areas, thus a concept of 'body' doesn't make sense there. - Also add raw_instruction_X_future accessors; these are used where we are actually interested in the instructions range, not the entire body. In a follow-up, current raw_instruction_X accessors will be replaced by raw_body_X, and raw_instruction_X_future by raw_instruction_X. Bug: v8:11036 Change-Id: I1d85146b652e0c097c3602d4db1862d5d3898a7e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491023 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#70701}
-
Clemens Backes authored
The offset (also called "address") passed to the atomic builtins was 32-bit until now. With memory64, we will have to also accept 64-bit values there, or at least values within the allocatable memory range. This CL thus changes the builtins to receive uintptr values instead of uint32, and pass them on to the runtime functions as double (as before). The runtime then casts them back to uintptr_t instead of uint32_t. Liftoff is extended to zero-extend the uint32 value if needed. TurboFan already passed a machine-word sized integer before. Drive-by: Rename some "address" to "offset" to make the semantics more clear. R=ahaas@chromium.org CC=manoskouk@chromium.org Bug: v8:10949 Change-Id: I66968cc99a908775156c952da46d2f26219ffb58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489685 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70700}
-
Zhao Jiazhong authored
Port d6c586f7 https://chromium-review.googlesource.com/c/v8/v8/+/2472000 Change-Id: I1dce1dcdcc80897371c122aa73ef8fc290e923ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491600Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#70699}
-
Seth Brenith authored
Originally, the Torque-generated verifier for a field with type Undefined|Zero|NonNullForeign would check `f.IsUndefined() || f.IsZero() || f.IsNonNullForeign()`. At some point, we changed Torque so that it now generates the much weaker `f.IsOddball() || f.IsSmi() || f.IsForeign()`. This change returns the verifiers to their initial precision. Mostly we can use the names of abstract types to build up the correct type check expression, but a few abstract types like PodArrayOfWasmValueType have no way that we can tell them apart from their parent type at runtime. It would be confusing to have a function Object::IsPodArrayOfWasmValueType which actually just checks whether the object is a ByteArray, so this change introduces a new annotation which allows abstract type declarations to state that they should use their parent type during verification. This change also adds new test cases to help avoid future regressions of this logic. Bug: v8:7793 Change-Id: Ie5046d742fd45e0e0f6c2ba387d909e9f2ac6df1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2469960Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#70698}
-
Sathya Gunasekaran authored
This reverts commit 517a3069. Reason for revert: regresses perf Original change's description: > [ic] Append deprecated maps after appending new map > > Previously, we would append the deprecated maps and then append the > new valid map causing minimorphic map checks to miss this new map in > the case that we exceeded the FLAG_max_minimorphic_map_checks size. > > Bug: v8:10582 > Change-Id: Ie3d7da73f7bdbdd822241fae7879817889a72b43 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2484513 > Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Mythri Alle <mythria@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70676} TBR=mythria@chromium.org,gsathya@chromium.org Change-Id: Ifcb45e2cca16929f9f43f0116994f913bfb34730 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10582 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491281Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#70697}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/c052192..27ce505 Rolling v8/third_party/aemu-linux-x64: exAX_yeKLNYEK0NGmhD6PCExVZm6XY2aCPioGGLAHlYC..dfMpR8E7Ie1gS4Mf_DWloGOmZIegnZWNA0kcMr7jPlkC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2fb0633..982bf51 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/792630c..b3a1dba Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/3491655..df55bc4 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I50db9e4abf83b5b27e8caa31c8c02be6e4f6c485 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2490826Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#70696}
-
Zhao Jiazhong authored
Port 0403beb4 https://chromium-review.googlesource.com/c/v8/v8/+/2479009 Bug: v8:9684 Change-Id: I26762154dd24bd50f6277bad842352ca83b64cb5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489339Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#70695}
-
Bill Budge authored
This reverts commit 61b56d16. Reason for revert: Breaks tests on MSVC bot: https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/15485 Original change's description: > [wasm-simd] Add more tests for v128 load zero > > Add tests for all valid alignments, and using memarg immediate offset > instead of i32 index. > > Also randomize the memory to help catch cases where we are loading more > than we should, and accidentally get correct values with zero-ed memory. > > Bug: v8:10713 > Change-Id: I443c2799ba0d539bf23c63760c08e18c4d36607f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487880 > Reviewed-by: Bill Budge <bbudge@chromium.org> > Commit-Queue: Zhi An Ng <zhin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70693} TBR=bbudge@chromium.org,zhin@chromium.org Change-Id: I9391c5e948c528f00dc966bbf33f709da30d1b17 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10713 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2490479Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#70694}
-
Ng Zhi An authored
Add tests for all valid alignments, and using memarg immediate offset instead of i32 index. Also randomize the memory to help catch cases where we are loading more than we should, and accidentally get correct values with zero-ed memory. Bug: v8:10713 Change-Id: I443c2799ba0d539bf23c63760c08e18c4d36607f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487880Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#70693}
-
- 21 Oct, 2020 22 commits
-
-
Shu-yu Guo authored
Implements https://github.com/tc39/ecma262/pull/2154, which allows module export names to be string literals. Semantics highlights: - It is a SyntaxError for string literal export names to have unpaired UTF16 surrogates. - It is a SyntaxError for string literal export names to be used as the local name without being followed by a 'from' clause. For example, `export { "foo" }` and `export { "foo" as "bar" }` are errors, but `export { "foo" } from "./module.js"` is allowed. The remaining failing test262 test is wrong: https://github.com/tc39/test262/issues/2866 Bug: v8:10964 Change-Id: Ib3e06e1ee6b3f1b60ed7f24e21902e17ddfc0351 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2482335 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#70692}
-
Andreas Haas authored
This CL enables basic optimizations in TurboFan for WebAssembly code, like dead code elimination (DeadCodeElimination), constant folding (MachineOperatorReducer), and control flow optimizations (CommonOperatorReducer). These optimizations were disabled originally to improve startup time, at the expense of slower generated code. However, with Liftoff as the baseline compiler, startup time is not so important anymore for TurboFan. R=clemensb@chromium.org CC=manoskouk@chromium.org Change-Id: I2a81f66929c43fbbdfc3625359772c8ea0f2235f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488684Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70691}
-
Ng Zhi An authored
XMM registers/operands can be mixed with normal operands. We introduce 4 new enums to handle this case: - xmmreg, oper - oper, xmmreg - xmmreg, xmmoper - xmmoper, xmmreg The different between op and xmmop is what type of register to print if the modrm byte ends up decoding into a register. The only difference between the output of the DisasmX64 test is pinsrd, pinsrq, and pshuflw which had extras spaces. This is fixed with this patch. Test: cctest test-disasm-x64/DisasmX64 --random-seed=-1547905187 Bug: v8:10933 Change-Id: I2904c0fe83579e8df83ff2f304409278f1874c2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480619Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#70690}
-
Milad Fa authored
cmpi only takes in a 16 bit signed integer. For larger inputs we must use cmp with a register input. Change-Id: I318d714930553fbad4c34097c7530055308f331a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2490460Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#70689}
-
Milad Fa authored
Bug: v8:10713 Change-Id: I8d909ae13aecf113e1082a0f29392c169eee8aaf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487480Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#70688}
-
Seth Brenith authored
Liftoff can currently run out of registers when compiling an atomic compare-exchange instruction. In order to see this crash, the following conditions must be met: - The offset in the instruction doesn't fit in a 12-bit immediate - Either FLAG_untrusted_code_mitigations is false, or trap handlers are enabled, so that AddMemoryMasking decides to do nothing The fix proposed in this CL is just to defer allocation of a temporary register until after CalculateActualAddress has finished, because it might have also needed a temporary register. Change-Id: I28225614dcdbe2bcc9e52208f1e806baac89c5f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488840 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70687}
-
Clemens Backes authored
Using the GraphAssembler instead of creating nodes "manually" results in much smaller code. This allows us then to use ternary operators to make the implementation even more concise. R=ahaas@chromium.org Bug: v8:10123 Change-Id: I154ffb436f414da14e932138911f35d251363083 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489686Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#70686}
-
Santiago Aboy Solanes authored
There were some cleanups to be done after crrev.com/c/v8/v8/+/2472000/ was merged. Bug: v8:10799 Change-Id: I09bc2d123f89b88c74c3aecfa97c82d1925a1f2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488686Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70685}
-
Manos Koukoutos authored
Additional changes: - Add reproducing unit test. - Add parsed memory limit flag to error message. - Improve naming in memory API in wasm-module-builder.js. Change-Id: Id9ec5750cdc03560874e6c0219741127182e0c9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485227 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#70684}
-
Almothana Athamneh authored
NOTRY=true Bug: v8:11037 Change-Id: I8c97d9d83dc4e9ff935b8e70ff33002c4e5d19bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489690 Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#70683}
-
Manos Koukoutos authored
This trap now used for all runtime type errors thrown when interfacing with JS. Its name and message have been changed to reflect this. Additional change: Remove the trap from the list of traps used exclusively for RuntimeError (as opposed to TypeError) in wasm-module-builder.js. Change-Id: I517766837a60d94b562d4c0de922d52db786b635 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488688Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#70682}
-
Milad Fa authored
Port d6c586f7 R=solanes@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I73098589bc2246e389432be18b11bcf3242df308 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488021Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#70681}
-
Michael Lippautz authored
Follow the marker pattern where actual logic is moved into a dedicated state class and the visitors merely forward to that class. Change-Id: Id3c6b7414343da82759bdba3dbb8286adee44cf4 Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480502 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70680}
-
Martin Bidlingmaier authored
Bug: chromium:1139782,v8:10765 Change-Id: I417cd037b2587599b925cce08d8652b2df1985ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488687Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Martin Bidlingmaier <mbid@google.com> Cr-Commit-Position: refs/heads/master@{#70679}
-
Liu Yu authored
R=thibaudm@chromium.org, ulan@chromium.org Bug: v8:7581 Change-Id: Id984082bf0219e8edc70945536d82d523411cf78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488845 Auto-Submit: Yu Liu <liuyu@loongson.cn> Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70678}
-
Camillo Bruni authored
- Limit transition view to 200 maps - Avoid displaying parent maps multiple times - Fix timeline-track selection, slow dragging works now Bug: v8:10644 Change-Id: I2106ea8240977e0ea65083d296977ab0272304d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485851 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#70677}
-
Sathya Gunasekaran authored
Previously, we would append the deprecated maps and then append the new valid map causing minimorphic map checks to miss this new map in the case that we exceeded the FLAG_max_minimorphic_map_checks size. Bug: v8:10582 Change-Id: Ie3d7da73f7bdbdd822241fae7879817889a72b43 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2484513 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#70676}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I548f27d29250f0e5ca01c8ec30cc2a85eee92f52 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488681 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70675}
-
Marja Hölttä authored
Change-Id: I1b350c797093454b0b64dca81ed1d28c35d3ada1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488685 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#70674}
-
Martin Bidlingmaier authored
This commit increases the number of backtracks before we fall back to the experimental engine. The previous limit was reached just before irregexp finished in sunspider/string-tagcloud and web-tooling-benchmark/coffeescript. This meant that we aborted execution and started over with a slower (but asymptotically faster) engine just before we would've finished, causing a performance regression. Bug: chromium:1138975,v8:10765 Change-Id: I10a4b149300f88680084604310730ee91758bfa0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2479010 Commit-Queue: Martin Bidlingmaier <mbid@google.com> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70673}
-
Jakob Gruber authored
This is a reland of fbfa9bf4 The arm64 was missing proper codegen for CFI, thus sizes were off. Original change's description: > Reland "[deoptimizer] Change deopt entries into builtins" > > This is a reland of 7f58ced7 > > It fixes the different exit size emitted on x64/Atom CPUs due to > performance tuning in TurboAssembler::Call. Additionally, add > cctests to verify the fixed size exits. > > Original change's description: > > [deoptimizer] Change deopt entries into builtins > > > > While the overall goal of this commit is to change deoptimization > > entries into builtins, there are multiple related things happening: > > > > - Deoptimization entries, formerly stubs (i.e. Code objects generated > > at runtime, guaranteed to be immovable), have been converted into > > builtins. The major restriction is that we now need to preserve the > > kRootRegister, which was formerly used on most architectures to pass > > the deoptimization id. The solution differs based on platform. > > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING. > > - Removed heap/ support for immovable Code generation. > > - Removed the DeserializerData class (no longer needed). > > - arm64: to preserve 4-byte deopt exits, introduced a new optimization > > in which the final jump to the deoptimization entry is generated > > once per Code object, and deopt exits can continue to emit a > > near-call. > > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit > > sizes by 4/8, 5, and 5 bytes, respectively. > > > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes > > by using the same strategy as on arm64 (recalc deopt id from return > > address). Before: > > > > e300a002 movw r10, <id> > > e59fc024 ldr ip, [pc, <entry offset>] > > e12fff3c blx ip > > > > After: > > > > e59acb35 ldr ip, [r10, <entry offset>] > > e12fff3c blx ip > > > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases > > with CFI). Additionally, up to 4 builtin jumps are emitted per Code > > object (max 32 bytes added overhead per Code object). Before: > > > > 9401cdae bl <entry offset> > > > > After: > > > > # eager deoptimization entry jump. > > f95b1f50 ldr x16, [x26, <eager entry offset>] > > d61f0200 br x16 > > # lazy deoptimization entry jump. > > f95b2b50 ldr x16, [x26, <lazy entry offset>] > > d61f0200 br x16 > > # the deopt exit. > > 97fffffc bl <eager deoptimization entry jump offset> > > > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before: > > > > bb00000000 mov ebx,<id> > > e825f5372b call <entry> > > > > After: > > > > e8ea2256ba call <entry> > > > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before: > > > > 49c7c511000000 REX.W movq r13,<id> > > e8ea2f0700 call <entry> > > > > After: > > > > 41ff9560360000 call [r13+<entry offset>] > > > > Bug: v8:8661,v8:8768 > > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834 > > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#70597} > > Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org > Bug: v8:8661,v8:8768,chromium:1140165 > Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70655} Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org Bug: v8:8661 Bug: v8:8768 Bug: chromium:1140165 Change-Id: I471cc94fc085e527dc9bfb5a84b96bd907c2333f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488682Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70672}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/d68ca6a..c052192 Rolling v8/third_party/aemu-linux-x64: Dg0s5PKnfzzCVjDNe8EuKAnOGVVpKvB-dKqia-IpGkgC..exAX_yeKLNYEK0NGmhD6PCExVZm6XY2aCPioGGLAHlYC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d384f36..2fb0633 Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/84fb34e..715ec35 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/4135c06..3491655 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Icadb0aebf416c8e32a57ddd4108402848a22e046 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487976Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#70671}
-