- 26 Apr, 2022 15 commits
-
-
Jakob Kummerow authored
When passing anyref-typed things to Wasm, we cannot expect that all functions are WasmExternalFunctions. Instead of adding a relatively expensive type check to such calls, this patch disables function unwrapping for anyref-typed values. Fixed: v8:12789 Change-Id: Ied57187bac7fde0326634f7b4fc428ad21dc9c2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605231 Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80179}
-
Victor Gomes authored
- For simplicity we call a builtin when allocating a number. - Elision of boxing/unboxing nodes will be done in a followup CL. Bug: v8:7700 Change-Id: Iec4422d84c6597d3369ab512a1662adb0f077c98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602514Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80178}
-
Jakob Gruber authored
.. when deoptimization occurs after the outermost loop containing the loop that triggered OSR compilation. The reasoning is that the main benefit of OSR'd code is speeding up the OSR'd loop; the speedup of the OSR'd loop is assumed to be higher than deoptimization overhead. This is a slightly modified version of crrev.com/c/3521361, credit goes to tao.pan@intel.com for most of the investigation and implementation work. Bug: v8:12161 Change-Id: Ie729dd5d1df9c7f529a1cf1b9471bb60ce76c41a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607988Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80177}
-
Andreas Haas authored
Table.set has two arguments, the table index and the value. Therefore Table.set was defined with a length of 2. However, the value argument is optional, so the length should actually be 1. Change-Id: Ica2ea13a8e78c974cb011df2b5dc99f8e7eb4bcd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398496Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80176}
-
Anton Bikineev authored
When setting a range for a newly allocated lab, consider adjacent cards. If either is young, don't mark it as kMixed. Bug: chromium:1029379 Change-Id: If7d1d920dd5769679de68800eae61f3a8dc1eb17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3584116Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80175}
-
jameslahm authored
... unittests/objects/concurrent-transition-array-unittest. Bug: v8:12781 Change-Id: Ic6fbef71e1439c0a0056b122a4b42dcad674ca3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3604961Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80174}
-
Nico Hartmann authored
This reverts commit 5d235def. Reason for revert: Speculative revert because of https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/38153/overview Original change's description: > [heap] Store size with invalidated object > > When updating pointers during a full GC, a page might not be swept > already. In such cases there might be invalid objects and slots recorded > in free memory. Updating tagged slots in free memory is fine even though > it is superfluous work. > > However, the GC also needs to calculate the size of potentially dead > invalid objects in order to be able to check whether a slot is within > that object. But since that object is dead, its map might be dead as > well which makes size calculation impossible on such objects. The CL > changes this to cache the size of invalid objects. A follow-up CL will > also check the marking bit of invalid objects. > > Bug: v8:12578, chromium:1316289 > Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80169} Bug: v8:12578, chromium:1316289 Change-Id: I6949412c5d6e1aa15718d027043d9528137a60a0 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605812 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80173}
-
jameslahm authored
... /numbers/conversions-unittest. Bug: v8:12781 Change-Id: I81043f8bcebf5ce1292111211af1bea297c9eea4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3604962Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80172}
-
jameslahm authored
... /date/date-unittest. Bug: v8:12781 Change-Id: Id5c7fd1ec11a427849c01acf992c7e398c456a4c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599655Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80171}
-
Tobias Tebbi authored
It seems that GCC 7 doesn't support constructor calls with curly braces inside of expressions. Bug: v8:12827 Change-Id: I7b8ff792de1f67a45af6e2e2d82808f57d23b66c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606230 Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80170}
-
Dominik Inführ authored
When updating pointers during a full GC, a page might not be swept already. In such cases there might be invalid objects and slots recorded in free memory. Updating tagged slots in free memory is fine even though it is superfluous work. However, the GC also needs to calculate the size of potentially dead invalid objects in order to be able to check whether a slot is within that object. But since that object is dead, its map might be dead as well which makes size calculation impossible on such objects. The CL changes this to cache the size of invalid objects. A follow-up CL will also check the marking bit of invalid objects. Bug: v8:12578, chromium:1316289 Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80169}
-
jameslahm authored
... /objects/concurrent-prototype-unittest. Bug: v8:12781 Change-Id: Id283af4940a8cff19da78e0404022bc0faf2412e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599654Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80168}
-
Jakob Gruber authored
This is a reland of commit 91da3883 Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization on arm64. Original change's description: > [osr] Use the new OSR cache > > This CL switches over our OSR system to be based on the feedback > vector osr caches. > > - OSRing to Sparkplug is fully separated from OSR urgency. If > SP code exists, we simply jump to it, no need to maintain an > installation request. > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > If a valid target code object exists, we enter it *without* > calling into runtime to fetch the code object. > - Finally, OSR urgency still remains as the heuristic for > requesting Turbofan OSR compile jobs. Note it no longer has a > double purpose of being a generic untargeted installation > request. > > With the new system in place, we can remove now-unnecessary > hacks: > > - Early OSR tierup is replaced by the standard OSR system. Any > present OSR code is automatically entered. > - The synchronous OSR compilation fallback is removed. With > precise installation (= per-JumpLoop-bytecode) we no longer > have the problem of 'getting unlucky' with JumpLoop/cache entry > mismatches. Execution has moved on while compiling? Simply spawn > a new concurrent compile job. > - Remove the synchronous (non-OSR) Turbofan compile request now > that we always enter available OSR code as early as possible. > - Tiering into Sparkplug no longer messes with OSR state. > > Bug: v8:12161 > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80147} Bug: v8:12161 Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80167}
-
Frank Tang authored
Also add AOs: ToLargestTemporalUnit, ToISODayOfYear, RegulateISODate, AddISODate, DifferenceISODate Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dateuntil https://tc39.es/proposal-temporal/#sec-temporal-tolargesttemporalunit https://tc39.es/proposal-temporal/#sec-temporal-toisodayofyear https://tc39.es/proposal-temporal/#sec-temporal-regulateisodate https://tc39.es/proposal-temporal/#sec-temporal-addisodate https://tc39.es/proposal-temporal/#sec-temporal-differenceisodate Bug: v8:11544 Change-Id: I03a28bf07ddfae036491e49cb06278d050ddebf6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534620Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80166}
-
Liu Yu authored
The size of flag is now 16 bits. Bug: v8:12161 Change-Id: I5db5e05171281f27cce739c7b76e1d4b9ebf20b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602236Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Yu Liu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80165}
-
- 25 Apr, 2022 25 commits
-
-
Shu-yu Guo authored
Make the file names consistent on "shadow-realm" (i.e. singular, with a dash). Bug: v8:11989 Change-Id: Id0a6f417fd9b53b9f7ddf9677da7396fa2481af6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606392Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80164}
-
Shu-yu Guo authored
Currently the Isolate is gotten off of the object that the operation is being performed on. Shared objects return the shared Isolate, which is incorrect as it shouldn't be used to run JS, nor does it have HandleScopes open. Plumb the executing Isolate through. Bug: v8:12547 Change-Id: I3d960751c798ac657a6122598154e36d9d504c31 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606489Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80163}
-
Igor Sheludko authored
This CL extends BoundedPageAllocator with PageFreeingMode parameter which controls how pages should be freed: by setting permissions to kNoAccess (preferred) or by discarding pages (Apple Silicon specific behavior for RWX pages). The latter mode allows to ensure that once pages are configured with RWX permissions they are never reconfigured to anything else again. The new mode will be used in a follow-up CL. Bug: v8:12797 Change-Id: I3277f56ea6fee9c9b38b1682e68c22e66e9a02a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606228Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80162}
-
Michael Lippautz authored
Young GlobalHandle nodes were processed during post processing which required a logic to defend against recursive GCs. This was originally designed in a delayed way as the list itself was only treated as an optimization and could thus be lazily cleared. Since this still happens in the atomic pause and every node needs to be visited, there's no advantage over just keeping it correct at all times. Bug: chromium:1319213 Change-Id: I199fc0be5e4b6ed5cbb60cf3b1452e37108cd4f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605281Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80161}
-
Camillo Bruni authored
Bug: v8:10644 Change-Id: Iff48e762fd895df63d599cf4663f8b6f44373a00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605241Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80160}
-
Leszek Swirski authored
Make sure that Call nodes are only added to the graph after their arguments are processed. Previously we were already doing this for the undefined constant, but forgot to also do it for tagging nodes. Now rather than trying to add those nodes before creating the Call node, we create the Call node without adding it to the graph, then add it only after setting up its inputs. Bug: v8:7700 Change-Id: Id8c4c381f42fdd3c86d19d0fa2eb57163771060b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605248 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80159}
-
Leszek Swirski authored
Bug: v8:7700 Change-Id: If0ae8dce83d91b159c345bdeef74d902593cd185 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605247 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80158}
-
Leszek Swirski authored
Correct use the lazy deopt's deopt index in safepoints, instead of the index in the translation array. Bug: v8:7700 Change-Id: I4a99ceb8bb54f2fba5bee0e6ddd6629b44439ce1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605609 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80157}
-
Junliang Yan authored
Change-Id: I94f3f02e2214437d8320d31c8be24f41698f136c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3604752Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#80156}
-
legendecas authored
Invoking a JSBoundFunction is slightly slower than a normal JSFunction (since we don't have to first jump to the target_function). The closure steps in SourceTextModule ExecuteAsyncModule is controlled by the engine so it is better to create dedicated context slots for the captured values. Change-Id: I8163fc4b302d6d22906e578164470c9e28e768e0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3584601Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#80155}
-
Camillo Bruni authored
Drive-by-fix: - Wait for linux-perf to flush large profile files No-try: True Change-Id: I729aa897e3f55fc92a9412208322ee099029453f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605282Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80154}
-
Milad Fa authored
gcc version 8.4 is currently throwing the following compilation error: ``` error: variable 'first' set but not used ``` Change-Id: I25e1197b8deaa0089adee2e736448976705c7497 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602060Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80153}
-
Clemens Backes authored
Once we start protecting assembler buffers via PKU, the background compile threads need to enable write permissions during compilation in order to access them. This CL adds that, with a little trick to allow passing {nullptr} to the {CodeSpaceWriteScope} for configurations where we do not actually use the provided {NativeModule}. This is needed because the background compile threads do not keep the {NativeModule} alive during compilation, so they also should not pass the potentially dangling pointer to the {CodeSpaceWriteScope}. R=thibaudm@chromium.org Bug: v8:12809 Change-Id: I1a1d4d41239a6b4497f8a12fb252d7da76e72e1a Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593117Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80152}
-
Andreas Haas authored
Additionally this CL adds some #if V8_ENABLE_WEBASSEMBLY that were missing. Change-Id: I7c840ebfa800ad62f0b6f075c997bd1989a007e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596169Reviewed-by: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80151}
-
jameslahm authored
... /profiler/circular-queue-unittest. Bug: v8:12781 Change-Id: Ic74c49cf25462fccae63435ff09f70c09de2506e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599402Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80150}
-
Michael Lippautz authored
The bit is immutable and set during construction of the meta data. The main thread needs to query this bit while the concurrent marker may be running. Bug: chromium:1319210 Change-Id: I811d8048a61a3c682245b34302b6078d91f9662a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599489Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80149}
-
Nico Hartmann authored
This reverts commit 91da3883. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20arm64%20-%20sim%20-%20pointer%20compression%20-%20builder/21150/overview Original change's description: > [osr] Use the new OSR cache > > This CL switches over our OSR system to be based on the feedback > vector osr caches. > > - OSRing to Sparkplug is fully separated from OSR urgency. If > SP code exists, we simply jump to it, no need to maintain an > installation request. > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > If a valid target code object exists, we enter it *without* > calling into runtime to fetch the code object. > - Finally, OSR urgency still remains as the heuristic for > requesting Turbofan OSR compile jobs. Note it no longer has a > double purpose of being a generic untargeted installation > request. > > With the new system in place, we can remove now-unnecessary > hacks: > > - Early OSR tierup is replaced by the standard OSR system. Any > present OSR code is automatically entered. > - The synchronous OSR compilation fallback is removed. With > precise installation (= per-JumpLoop-bytecode) we no longer > have the problem of 'getting unlucky' with JumpLoop/cache entry > mismatches. Execution has moved on while compiling? Simply spawn > a new concurrent compile job. > - Remove the synchronous (non-OSR) Turbofan compile request now > that we always enter available OSR code as early as possible. > - Tiering into Sparkplug no longer messes with OSR state. > > Bug: v8:12161 > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80147} Bug: v8:12161 Change-Id: I4a6955f4f20b6f3b13e98d5600c7c6a5205915bc No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605608 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80148}
-
Jakob Gruber authored
This CL switches over our OSR system to be based on the feedback vector osr caches. - OSRing to Sparkplug is fully separated from OSR urgency. If SP code exists, we simply jump to it, no need to maintain an installation request. - Each JumpLoop checks its dedicated FeedbackVector cache slot. If a valid target code object exists, we enter it *without* calling into runtime to fetch the code object. - Finally, OSR urgency still remains as the heuristic for requesting Turbofan OSR compile jobs. Note it no longer has a double purpose of being a generic untargeted installation request. With the new system in place, we can remove now-unnecessary hacks: - Early OSR tierup is replaced by the standard OSR system. Any present OSR code is automatically entered. - The synchronous OSR compilation fallback is removed. With precise installation (= per-JumpLoop-bytecode) we no longer have the problem of 'getting unlucky' with JumpLoop/cache entry mismatches. Execution has moved on while compiling? Simply spawn a new concurrent compile job. - Remove the synchronous (non-OSR) Turbofan compile request now that we always enter available OSR code as early as possible. - Tiering into Sparkplug no longer messes with OSR state. Bug: v8:12161 Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80147}
-
jameslahm authored
... /codegen/code-layout-unittest. Bug: v8:12781 Change-Id: I39d2af33f38dc2f06668b6b390b15e607e2dbb73 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599403Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80146}
-
Clemens Backes authored
This introduces an AssemblerBufferCache class which will (later) cache the backing store of AssemblerBuffers. This is needed for PKU-protected assembler buffers, which are expensive to allocate and deallocate. For now, the AssemblerBufferCache does not do any caching, this will be added in a follow-up CL. R=thibaudm@chromium.org Bug: v8:12809 Change-Id: I4a7ccff49c9930584a9fcda8899cfe38cfc61419 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593136Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80145}
-
Victor Gomes authored
This assumes that Phi nodes never point to untagged values and TemporaryRegisters are always general registers. Bug: v8:7700 Change-Id: I74a6c43ff9f1ba87dd258e90a193f683d666b8ec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598883Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80144}
-
Pierre Langlois authored
The `set disable-randomization off` command may fail on some platforms, such as the `rr` debugger. We can just ignore the error and carry on. Change-Id: I9b8dae183a9852178a3d3411172bf3aef173c995 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602519 Auto-Submit: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80143}
-
Marja Hölttä authored
Bug: v8:11111 Change-Id: Ifb3776bce308d869064120d5e28a2ea7df943757 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578652Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80142}
-
jameslahm authored
This is a reland of commit 62632c08. Reason for previous revert: Performance regressions crbug.com/1315724. The reland only optimizes strict equal boolean literal like "a===true" or "a===false", and we generate TestReferenceEqual rather than TestStrictEqual for the comparasion. And also add typed optimization for ReferenceEqual when all inputs are boolean with boolean constant. Original change's description: > [interpreter] Optimize strict equal boolean > > For strict equal boolean literal like "a===true" > or "a===false", we could generate TestReferenceEqual > rather than TestStrictEqual. And in `execution_result()->IsTest()` > case, we could directly emit JumpIfTrue/JumpIfFalse. > > E.g. > ``` > a === true > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > ``` > To: > ``` > LdaGlobal > Star1 > LdaTrue > TestReferenceEqual > ``` > > E.g. > ``` > if (a === true) > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > JumpIfFalse > ``` > To > ``` > LdaGlobal > JumpIfTrue > Jump > ``` > > > Bug: v8:6403 > Change-Id: Ieaca147acd2d523ac0d2466e7861afb2d29a1310 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568923 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#79935} Bug: v8:6403 Change-Id: I2ae3ab57dce85313af200fa522e3632af5c3a554 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3592039Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80141}
-
Victor Gomes authored
We need to use MachineRepresentation to properly distinguish the types in compiler::UnallocatedOperand. Bug: v8:7700 Change-Id: I4273512a00290bb85b09aeb3788643e346be03f7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602515Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80140}
-