- 17 Dec, 2020 24 commits
-
-
Nico Hartmann authored
This CL changes SharedFunctionInfo::GetBytecodeArray to a function template, which is specialized for Isolate and LocalIsolate arguments. This allows main thread only uses to avoid taking a lock. Bug: v8:7790, chromium:1154603 Change-Id: I3462c4e36b66073e09393c01c765dd8a018a98f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595307 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#71833}
-
Tobias Tebbi authored
Change-Id: I31d2a19153fa17e6e78d3da93352da886addf089 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581960 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#71832}
-
Seth Brenith authored
This change adds two simple lint rules to prevent including 'generates' or 'constexpr' clauses in cases where they have no impact on behavior. Bug: v8:7793 Change-Id: Ib1d8fde39ca26735ff9cb7892f01e464619c2090 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2590515Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#71831}
-
Andreas Haas authored
The TurboFan events, like time in register allocation, are only interesting in special cases, but create lots of events. Therefore it is good to put these events into their own tracing category. Bug: chromium:1084929 Change-Id: I971badc1ff58f99bd57b2ddfc93b625b356d6a2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595436Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#71830}
-
Mike Stanton authored
Bug: chromium:1158124 Change-Id: Ic23f4b2ffb9436771afcc0090f2179b48851c39d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2596336Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#71829}
-
Clemens Backes authored
The class disallows copy construction, but still allows copy assignment. This is fixed in this CL. Drive-by: Fix punctuation. Drive-by 2: Fix indentation in code example. R=etiennep@chromium.org Bug: v8:11074 Change-Id: I09e993a69d72e262d7b220200ef94b36d346548e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2584246Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71828}
-
Patrick Thier authored
When we know a value passed to BytecodeArrayBuilder::LoadLiteral(double) can be encoded as a Smi, we create LdaSmi instead of LdaConstant. Driven by a forgotten Smi::FromInt() in BytecodeGenerator, also fixed in this CL. Bug: v8:11278 Change-Id: I4a1ad48e2c9aff8391113812e34dae838a1a38d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595437Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#71827}
-
Sathya Gunasekaran authored
This allows the JSFunctionOrBoundFunction instance type range to no longer be stuck at the last of the JSObject instance type range. This will be useful in the future where we extend the function instance types and include them in fast protector cell checks. Bug: v8:11256 Change-Id: I955991576b3cca76b10f76c87748016fe527e3d0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595275Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#71826}
-
Nico Hartmann authored
This reverts commit 860fcb1b. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20lite/13831/overview Original change's description: > Faster JS-to-Wasm calls > > This replaces https://chromium-review.googlesource.com/c/v8/v8/+/2376165/. > > Currently JS-to-Wasm calls go through a wrapper/trampoline, built on > the basis of the signature of a Wasm function to call, and whose task > is to: > - set "thread_in_wasm_flag" to true > - convert the arguments from tagged types into Wasm native types > - calculate the address of the Wasm function to call and call it > - convert back the result from Wasm native types into tagged types > - reset "thread_in_wasm_flag" to false. > > This CL tries to improve the performance of JS-to-Wasm calls by > inlining the code of the JS-to-Wasm wrappers in the call site. > > It introduces a new IR operand, JSWasmCall, which replaces JSCall for > this kind of calls. A 'JSWasmCall' node is associated to > WasmCallParameters, which contain information about the signature of > the Wasm function to call. > > WasmWrapperGraphBuilder::BuildJSToWasmWrapper is modified to avoid generating code to convert the types for the arguments > of the Wasm function, when the conversion is not necessary. > The actual inlining of the graph generated for this wrapper happens in > the simplified-lowering phase. > > A new builtin, JSToWasmLazyDeoptContinuation, is introduced to manage > lazy deoptimizations that can happen if the Wasm function callee calls > back some JS code that invalidates the compiled JS caller function. > > Bug: v8:11092 > Change-Id: I3174c1c1f59b39107b333d1929ecc0584486b8ad > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557538 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Georg Neis (ooo until January 5) <neis@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Commit-Queue: Paolo Severini <paolosev@microsoft.com> > Cr-Commit-Position: refs/heads/master@{#71824} TBR=neis@chromium.org,ahaas@chromium.org,jgruber@chromium.org,tebbi@chromium.org,ishell@chromium.org,mslekova@chromium.org,nicohartmann@chromium.org,paolosev@microsoft.com Change-Id: I214cbdee74c1a2aaad907ffc84662ed25631983e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:11092 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595438Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#71825}
-
Paolo Severini authored
This replaces https://chromium-review.googlesource.com/c/v8/v8/+/2376165/. Currently JS-to-Wasm calls go through a wrapper/trampoline, built on the basis of the signature of a Wasm function to call, and whose task is to: - set "thread_in_wasm_flag" to true - convert the arguments from tagged types into Wasm native types - calculate the address of the Wasm function to call and call it - convert back the result from Wasm native types into tagged types - reset "thread_in_wasm_flag" to false. This CL tries to improve the performance of JS-to-Wasm calls by inlining the code of the JS-to-Wasm wrappers in the call site. It introduces a new IR operand, JSWasmCall, which replaces JSCall for this kind of calls. A 'JSWasmCall' node is associated to WasmCallParameters, which contain information about the signature of the Wasm function to call. WasmWrapperGraphBuilder::BuildJSToWasmWrapper is modified to avoid generating code to convert the types for the arguments of the Wasm function, when the conversion is not necessary. The actual inlining of the graph generated for this wrapper happens in the simplified-lowering phase. A new builtin, JSToWasmLazyDeoptContinuation, is introduced to manage lazy deoptimizations that can happen if the Wasm function callee calls back some JS code that invalidates the compiled JS caller function. Bug: v8:11092 Change-Id: I3174c1c1f59b39107b333d1929ecc0584486b8ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557538Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Georg Neis (ooo until January 5) <neis@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Paolo Severini <paolosev@microsoft.com> Cr-Commit-Position: refs/heads/master@{#71824}
-
Jakob Kummerow authored
This is a reland of dc369749 Changes: relaxed --liftoff-only mode to still allow bailing out due to missing CPU support. Original change's description: > [wasm-gc] Liftoff support part 4: subtyping > > This adds support for the following instructions: > struct.new_default, rtt.sub, ref.test, ref.cast > > Bug: v8:7748 > Change-Id: I7423ddd7a83c80cb1e82c620780c27bec59ec762 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593341 > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71805} Bug: v8:7748 Change-Id: If31fcee5e7e173d7c2a6e1c624f4ff04cec7fe9c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2596338 Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71823}
-
Clemens Backes authored
For bounds checking, we have a special path which avoids one conditional branch. This path can actually be one value wider, which will avoid some unneeded code if that case it hit. This will in particular be the case for single-byte loads at offset 0 with a minimum memory size of 0. R=jkummerow@chromium.org Bug: v8:10949 Change-Id: Id16af8debc38c56c520183aec81a48249979ec96 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595290Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71822}
-
Zhi An Ng authored
- Add the appropriate cpuid checks to detect AVX2 in base/cpu - Add FLAG_enable_avx2 AVX2 depends on AVX support, + a cpuid check with eax=7. This is similar to chromium/src/base/cpu.cc check for AVX2. Bug: v8:11258 Change-Id: Ia547c22e51b03fec823f5e48ebb055139632c942 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589050Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71821}
-
Zhi An Ng authored
AVX has 3-operands shuffle/unpack operations. We currently always require that dst == src0 in all cases, which is not required if we have AVX. For the arch shuffles that map to a single native instruction, add support to check for AVX in the instruction-selector, to not require same as first, and in the code-gen to support generating AVX. The other arch shuffles are slightly more complicated, and can be optimized in a future change. Bug: v8:11270 Change-Id: I25b271aeff71fbe860d5bcc8abb17c36bcdab32c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2591858Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71820}
-
Zhi An Ng authored
These instructions have been accepted into the proposal. Bug: v8:11262 Change-Id: Iec0bb9b9b1b0f8ed76ed78e254c64b96981a5f2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589433Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71819}
-
Zhi An Ng authored
An improvement to generic shuffle improvement (https://crrev.com/c/2152853) required a temporary SIMD register to hold the mask, rather than pushing it onto a stack. The temporary register requires that we UseUniqueRegister on the inputs, to prevent aliasing, as we will write to the temp. However, we only need this for the generic shuffle. We accidentally over-constraint all other pattern matched shuffles, since they don't use any temps. On a ~2000 line function containing ~150 shuffles (not all of which are generic shuffles), we get 16 less instruction in the native code, and actually see a very small improvement in the overall benchmarks. Bug: v8:11270 Change-Id: I09974f7615e4b8f5e2416ed17ca47cc7613fd6b1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2591857Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71818}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/bd6da36..d50897f Rolling v8/third_party/aemu-linux-x64: ijHjc7kfgeuh7rvjQtk93a5SuvO23dABp_CeotpPcMAC..j06MN21Z7_ISpAwWL3mLbbrGDGsSKnxGaEYTCDtE-RIC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f22b977..92c7710 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/867d99d..67e1228 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I17ecc3f2e992a530c1d6cc61d0233836dd081179 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2596389Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#71817}
-
Zhi An Ng authored
Same pattern matching and implementation as x64 here: https://crrev.com/c/2589062. Change-Id: I11f8df79ab9910af9c7a97e2382144703be5916d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2591851Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71816}
-
LiuYu authored
Port: 5e18ab50 Bug: v8:7748 Change-Id: I1ac349cf80b6689971bd6c686c6795daf85c5637 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2594536 Auto-Submit: Liu yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#71815}
-
Zhi An Ng authored
Bug: v8:11262 Change-Id: Ic83cf2752ebaffb589ac72206c25005145b0b8c4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589067Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71814}
-
Zhi An Ng authored
We can have more optimizations for this instruction, they leave some junk in the top lanes of dst, but that doesn't matter: - when lane is 1: we use movshdup, this is 4 bytes long - when lane is 2: use movhlps, this is 3 bytes long - otherwise use shufps (4 bytes) or pshufd (5 bytes) All of which are better than insertps (6 bytes). Change-Id: I0e524431d1832e297e8c8bb418d42382d93fa691 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2591850 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#71813}
-
Zhi An Ng authored
Bug: v8:11262 Change-Id: Iefe32dbf20e4c511a3f1d56ce7dc53c2bc2da112 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589066Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71812}
-
Zhi An Ng authored
Use Movaps so that when AVX is supported we get vmovaps, this avoids mixing SSE and AVX code. Change-Id: Icbcefa42bd368bed1a30f5f790ea6c5cea564e26 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2591856Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71811}
-
Jakob Kummerow authored
This reverts commit a3ce2f6d. Reason for revert: speculative revert due to waterfall unhappiness (looks like bot weirdness though?) Original change's description: > [wasm-gc] Liftoff support part 5: i31 > > This implements support for i31.get_s and i31.get_u. > > Bug: v8:7748 > Change-Id: Icbfddbc2ff46b4eb6bf3edf7b3a794f9797361d4 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595309 > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71808} TBR=jkummerow@chromium.org,clemensb@chromium.org Change-Id: I5050f16fdaf355d178935f523a9bec516302d2a1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7748 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2596337Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#71810}
-
- 16 Dec, 2020 16 commits
-
-
Milad Fa authored
Port 7bdb0fbb Original Commit Message: This is a reland of b2a611d8 Original change's description: > [Turboprop] Move dynamic check maps immediate args to deopt exit. > > Rather than loading the immediate arguments required by the > dynamic check maps builtin into registers in the fast-path, > instead insert them into the instruction stream in the deopt > exit and have the builtin load them into registers itself. > > BUG=v8:10582 > > Change-Id: I66716570b408501374eed8f5e6432df64c6deb7c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589736 > Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71790} R=rmcilroy@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I83fc0f3e3ebcf19ca4303e50aae94d7b353cd0ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595708Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71809}
-
Jakob Kummerow authored
This implements support for i31.get_s and i31.get_u. Bug: v8:7748 Change-Id: Icbfddbc2ff46b4eb6bf3edf7b3a794f9797361d4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595309 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71808}
-
Milad Fa authored
Port 3dffdf03 Original Commit Message: This adds support for the following instructions: ref.eq, array.new_with_rtt, array.new_default_with_rtt, array.get, array.set, array.len. R=jkummerow@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I5e517967648251f9babbabe4dc9148a5432aa58e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595927Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71807}
-
Shu-yu Guo authored
This reverts commit dc369749. Reason for revert: nosse variant failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/33279/overview Original change's description: > [wasm-gc] Liftoff support part 4: subtyping > > This adds support for the following instructions: > struct.new_default, rtt.sub, ref.test, ref.cast > > Bug: v8:7748 > Change-Id: I7423ddd7a83c80cb1e82c620780c27bec59ec762 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593341 > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71805} TBR=jkummerow@chromium.org,clemensb@chromium.org Change-Id: I06bb493852223aecf221c9149bc7b034b1fb13ad No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7748 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2596497Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#71806}
-
Jakob Kummerow authored
This adds support for the following instructions: struct.new_default, rtt.sub, ref.test, ref.cast Bug: v8:7748 Change-Id: I7423ddd7a83c80cb1e82c620780c27bec59ec762 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593341 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71805}
-
Ross McIlroy authored
Concurrent inlining is enabled for TurboProp compiles, but we don't enable the --concurrent-inlining flag so don't also set the implied turbo_direct_heap_access flag. This CL fixes this. BUG=v8:9684 Change-Id: I298febdf7c466385047f420d4c33ca0162778210 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593344 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#71804}
-
Ross McIlroy authored
This is a reland of b2a611d8 Original change's description: > [Turboprop] Move dynamic check maps immediate args to deopt exit. > > Rather than loading the immediate arguments required by the > dynamic check maps builtin into registers in the fast-path, > instead insert them into the instruction stream in the deopt > exit and have the builtin load them into registers itself. > > BUG=v8:10582 > > Change-Id: I66716570b408501374eed8f5e6432df64c6deb7c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2589736 > Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71790} TBR=tebbi@chromium.org,gsathya@chromium.org Bug: v8:10582 Change-Id: Ieda0295ee135bff983c67c3f04bb47115f0a2739 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595311Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#71803}
-
Sathya Gunasekaran authored
Instead of looking up the specific maps in every native context, just check against the instance type. Bug: v8:11256 Change-Id: Ib50d599c014c95b03ba3260014dfcbd9ec82982c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593337Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#71802}
-
Milad Fa authored
Port 6b3994e8 Original Commit Message: CallRecordWriteStub is used in a background compile thread for JS-to-Wasm wrapper compilation, so it should avoid accessing the isolate. Call the builtin using CallBuiltin which does not require a Handle<Code> object and instead gets the call target directly from the embedded data. R=thibaudm@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ibf3cb676b15d3ab946c673e38c454c8050ff1435 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595292Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71801}
-
Victor Gomes authored
Change-Id: I49fad3cef572a1f5b3d01d8245335622cbb4be0b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2594778 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#71800}
-
Sathya Gunasekaran authored
Previously, we were looking up the prototype of the receiver and checking that against %TypedArrayPrototype% before invalidating the protector cell. This is incorrect as it's possible to patch the prototype and then change the constructor property, bypassing this check. This CL adds a new instance type to prototype of all TypedArray constructors and checks the receiver against this instance type. TBR: tebbi@chromium.org Bug: v8:11274, v8:11256 Change-Id: I2ff6280e4cf820b06c5593fe4addd36f7ac656c4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2594776 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#71799}
-
Manos Koukoutos authored
LoopExitValue nodes can be used as inputs to Phis in loop optimizations. To do this, we need to know the machine representation that needs to be passed to the new Phi node. This CL adds a MachineRepresentation argument to LoopExitValue nodes, as well as a helper to extract it. Since the MachineRepresentation is not used by JS compilation, nodes generated during JS compilation are passed kTagged as a default value. Change-Id: I925f382d5e6988d8fad3de7a6db231e871d6ed36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578983 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Georg Neis (ooo until January 5) <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#71798}
-
Peter Marshall authored
There is a race in the way we handle deopts that made this test flaky. The race is not hugely important to fix, and is difficult without breaking something else. The best thing to do here is update the test to reflect reality so we can get the test coverage back. This updates the test so that the deopt reason can be found either on the first or second level function. The test assumed it would always be available on the second level function in the profile, but if we get a regular profile tick at the exact wrong time, we could end up with the deopt info getting attached to the first level function. So we accept either. Bug: v8:5193 Change-Id: Ia43880ebafd1341a514b3143dc215514b5dccf15 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2594775Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71797}
-
Jakob Kummerow authored
This adds support for the following instructions: ref.eq, array.new_with_rtt, array.new_default_with_rtt, array.get, array.set, array.len. Bug: v8:7748 Change-Id: I93c4a6676acc8b0ac035dd50762be6a1cc545a57 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593340 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71796}
-
Pierre Langlois authored
JS script names in debug info entries need to be null-terminated, the terminator included in the length. However, SeqOneByteString's GetChars returns raw pointer that's not null terminated. Bug: chromium:1159164 Change-Id: Id00f72dc831fa1ae48a458a1d4476ada4730be54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2593345Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#71795}
-
Dominik Inführ authored
This CL completes sweeping in Heap::PerformGarbageCollection before invoking the actual collection. Collection code can now assume that sweeping was already finished. This helps with emitting the right epoch for sweeping and avoids a data-race when updating the epoch while sweeping tasks are still running. Bug: chromium:1154636 Change-Id: Ic9c4ac49568199d0ea48f17eea132079defe74a5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2573478 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#71794}
-