- 16 Jan, 2020 1 commit
-
-
Pierre Langlois authored
We had a --log-instruction-stats option which would count executed instructions, splitting them into categories. We haven't used this for some years so we're proposing to just remove the code so it doesn't bitrot and allows further cleanups. Change-Id: If24d11608823e24689ea02f09f5e93b4a5acd636 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002819Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#65826}
-
- 13 Jan, 2020 1 commit
-
-
Pierre Langlois authored
Simulator-specific instructions are very useful, we can: - Place breakpoints that enable the simulator's interactive debugger, allowing us to see registers, the stack and print JS objects. - Enable and disable simulator tracing dynamically. - Call printf() directly, as the simulator cannot easily support its calling convention. However these tools are not available when generating builtins. The reason is that when cross-compiling, builtins are generated for real hardware but may still run inside the simulator on the host if we have a custom snapshot. Using the `v8_embed_script` GN option will do that for example but embedders may also do this with the V8 API. mksnapshot cannot tell the difference between generating code for a simulator build and a cross-build. If we change this, we can allow us to use simulator-specific features in builtins in simulator builds. So in this patch we: - Introduce a --target_is_simulator mksnapshot flag to drive the enable_simulator_code Assembler option. - Make sure the assembler respect the option instead of the USE_SIMULATOR macro. Change-Id: I7a7249f514427c1a2518a1af3679679596a72c7e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991497Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#65734}
-
- 10 Jan, 2020 1 commit
-
-
Seth Brenith authored
This change moves the definitions of the bitfield flags used by Symbol and Map to Torque. Symbol could directly follow the pattern established by SharedFunctionInfo, but Map required some other changes: - Until now, Torque bitfield definitions have required unsigned types. I thought that this would be the least-surprising behavior, since we never sign-extend when decoding bitfield values. However, I believe that the amount of churn involved in making ElementsKind be unsigned outweighs the benefit we were getting from this restriction (and similar difficulties are likely to arise in converting other bitfield structs to Torque), so this CL updates Torque to allow signed bitfield values. - If we try to make Map extend from all of the generated classes that define its flags, we end up with class sizing problems because some compilers only apply empty base class optimization to the first in a row of empty base classes. We could work around this issue by generating macros instead of classes, but I took this as an opportunity for a minor clean-up instead: rather than having bitfield definitions for several different bitfield structs all jumbled together in Map, they can be split up. I think this makes the code a little easier to follow, but if others disagree I'm happy to implement macro generation instead. Change-Id: Ibf339b0be97f72d740bf1daa8300b471912faeba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1988934Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#65701}
-
- 07 Jan, 2020 1 commit
-
-
Clemens Backes authored
Instead of having both a templatized and a parameter-based method, just have the parameter-based one, but make it constexpr. DCHECKs in these constexpr methods need to be guarded because GCC 5 does not support them yet. R=thibaudm@chromium.org Bug: v8:10021 Change-Id: If362de42f1a4c2cda4435fce63beb9244795d008 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986001Reviewed-by:
Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65611}
-
- 18 Dec, 2019 1 commit
-
-
Joey Gouly authored
This is similar to the change made to IsImmLSPair in 9f7ae50a. Change-Id: I17a7cc95661542efb5711df0639cc11ac7926702 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1971950 Commit-Queue: Joey Gouly <joey.gouly@arm.com> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#65501}
-
- 20 Nov, 2019 1 commit
-
-
Santiago Aboy Solanes authored
Since the old pipeline has been removed (https://chromium-review.googlesource.com/c/v8/v8/+/1903435), these opcodes and methods are unused. Bug: v8:7703 Change-Id: I626645a1405c79c6a202da6075fb64f0a2a41d25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921799 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#65066}
-
- 19 Nov, 2019 1 commit
-
-
Joey Gouly authored
For arm64 decompressing a TaggedSigned results in a 64-bit value, with the top 32 bits zeroed and the lower 32 bits being the SMI. This patch, with the --debug-code flag enabled, will corrupt the top 32 bits to try and catch places that are using 64-bit operations instead of 32-bit operations. Change-Id: I3d3048c4f4b87f3bce26d0c7eb41789ec6b99f5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917099Reviewed-by:
Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Joey Gouly <joey.gouly@arm.com> Cr-Commit-Position: refs/heads/master@{#65035}
-
- 14 Nov, 2019 4 commits
-
-
Clemens Backes authored
Subclasses can now access it via {code()}, even in constexpr contexts. R=tebbi@chromium.org Bug: v8:9810 Change-Id: I3cc6872f568f38db8cdbcda69ac0e203f839cda5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914216Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64962}
-
Clemens Backes authored
In Liftoff, we have a good estimate about how big the generated code might get. Also, we often compile hundreds of functions which each hold an assembler buffer alive until we finally add that code to the wasm module. In order to reduce memory consumption in Liftoff, this CL reduces {AssemblerBase::kMinimalBufferSize} from 4096 to 128, and adds {AssemblerBase::kDefaultBufferSize} to be used instead. R=jkummerow@chromium.org Change-Id: I7029bf501244770f4824a86b233d7f99c4b7910b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914559Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64958}
-
Clemens Backes authored
This removes {CPURegister::Is} and {CPURegister::is}, and just uses {CPURegister::operator==} instead. Drive-by: Use DCHECK_EQ and DCHECK_NE where possible. R=mstarzinger@chromium.org Bug: v8:9810 Change-Id: I03aad8b4223bd4ae37d468326a734f7a5c3c8061 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916202Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64956}
-
Clemens Backes authored
Just use the default {is_valid} method provided by RegisterBase. Drive-by: Also rename {CPURegList::IsValid} to {CPURegList::is_valid}. R=mstarzinger@chromium.org Bug: v8:9810 Change-Id: Ia3bc3c477e6329d63ffd00bca59762d9a6cf2fcc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916201 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#64952}
-
- 13 Nov, 2019 1 commit
-
-
Clemens Backes authored
The gap is chosen unneccessarily large, leading to too early growing of the assembler buffer. R=mstarzinger@chromium.org Change-Id: I9ddbe1d59929f2a76511cbc2d18c054fb8eafa74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914213Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64939}
-
- 08 Nov, 2019 1 commit
-
-
Michael Starzinger authored
This removes the support to emit runtime calls in Liftoff code and uses WebAssembly runtime stubs instead. Calls to such stubs are smaller and more efficient. They also use embedded builtins directly instead of the on-heap {Code} object trampolines. This also removes the last use of a runtime call that passes a dynamically loaded CEntry builtin from the macro assembler. R=clemensb@chromium.org Change-Id: I9fa9f3b7a2b66cb76a677b70ce3cee49cb340f0f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1903443 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64855}
-
- 04 Nov, 2019 1 commit
-
-
Dan Elphick authored
This is a reland of 855591a5 Fixes break in builds that verify ReadOnlyHeap by relaxing the requirement for Code objects to be in CODE_SPACE in PagedSpaceObjectIterator::FromCurrentPage. Original change's description: > Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE > > Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358. > > [builtins] Move non-JS linkage builtins code objects into RO_SPACE > > Creates an allow-list of builtins that can still go in code_space > including all TFJ builtins and a small manual list that should be pared > down in the future. > > For builtins that go in RO_SPACE a Code object is created that contains an > immediate trap instruction. Generally these Code objects are still no > smaller than CODE_SPACE Code objects because of the Code object alignment > requirements. This will hopefully be addressed in a follow-up CL either by > relaxing them or removing the instruction stream completely. > > In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and > increases by the same amount. > > Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336 > Commit-Queue: Dan Elphick <delphick@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64700} Change-Id: I4eeb7dab3027b42fa58c5dfb2bad9873e9fff250 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893192 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#64728}
-
- 31 Oct, 2019 2 commits
-
-
Bill Budge authored
This reverts commit 855591a5. Reason for revert: Breaks arm64 sim tests https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/17957 https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress/16585 Original change's description: > Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE > > Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358. > > [builtins] Move non-JS linkage builtins code objects into RO_SPACE > > Creates an allow-list of builtins that can still go in code_space > including all TFJ builtins and a small manual list that should be pared > down in the future. > > For builtins that go in RO_SPACE a Code object is created that contains an > immediate trap instruction. Generally these Code objects are still no > smaller than CODE_SPACE Code objects because of the Code object alignment > requirements. This will hopefully be addressed in a follow-up CL either by > relaxing them or removing the instruction stream completely. > > In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and > increases by the same amount. > > Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336 > Commit-Queue: Dan Elphick <delphick@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64700} TBR=ulan@chromium.org,jgruber@chromium.org,delphick@chromium.org Change-Id: I4211c3bb7fe4741e0ba3898f92ce382dfc93c4f3 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893636Reviewed-by:
Bill Budge <bbudge@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#64701}
-
Dan Elphick authored
Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358. [builtins] Move non-JS linkage builtins code objects into RO_SPACE Creates an allow-list of builtins that can still go in code_space including all TFJ builtins and a small manual list that should be pared down in the future. For builtins that go in RO_SPACE a Code object is created that contains an immediate trap instruction. Generally these Code objects are still no smaller than CODE_SPACE Code objects because of the Code object alignment requirements. This will hopefully be addressed in a follow-up CL either by relaxing them or removing the instruction stream completely. In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and increases by the same amount. Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#64700}
-
- 30 Oct, 2019 1 commit
-
-
Santiago Aboy Solanes authored
It was used only with Register inputs, so we can replace its uses with the Registers themselves. Change-Id: I1ea3ed88ee41177b696a7281cdf3b90fefdc5870 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1886916Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#64639}
-
- 29 Oct, 2019 1 commit
-
-
Santiago Aboy Solanes authored
CallDebugOnFunctionCall was always using Registers and not Immediates. Then ParameterCount is not really needed. Since updating that, we could update other functions, e.g InvokeFunction, to only use registers too. Also removed now irrelevant variables, e.g definitely_mismatches. Bug: v8:9771 Change-Id: I83382c146dd47ccb8bb329f5becb5e941e4c3968 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871605Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Dan Elphick <delphick@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#64616}
-
- 28 Oct, 2019 1 commit
-
-
Pierre Langlois authored
The `Printf()` macro-assembler method can be very useful as a debugging tool. However, it's only available to the MacroAssembler making it impossible to use in jitted code or builtins. Change-Id: I0c1e6b98d5c6b7fc34990e87d0eb4e37f6322627 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879287 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#64585}
-
- 22 Oct, 2019 2 commits
-
-
Jakob Gruber authored
This CL removes the V8_EMBEDDED_BUILTINS define, FLAG_embedded_builtins, and all code for supporting non-embedded-builtin builds. Bug: v8:6666,v8:8519 Change-Id: I2ad7bd6614c7cd404b83d3d2bf5ff91d7b55ff2a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1866569 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#64461}
-
lybvinci authored
When is_component_build is true, cctest will compile error, because the dependencies is not exported.these files will failed:test-utils -arm64.cc,test-strings.cc. Change-Id: I4bcdde08199f21454ec6d7e230d9d096c0315eac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1873447Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#64448}
-
- 21 Oct, 2019 1 commit
-
-
Seth Brenith authored
On Windows ARM64, it is insufficient to just follow the linked list of frame pointers in all cases. This is similar to logic added in https://crrev.com/c/v8/v8/+/1701133 except this affects the Unwinder methods rather than the function metadata for RtlVirtualUnwind. Together with https://crrev.com/c/chromium/src/+/1844276 , this allows the Chromium unit test V8UnwinderTest.UnwindThroughV8Frames to pass on Windows ARM64. Change-Id: I82d4d894be14d4a6ace75bba10c13b10342d0b12 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845189Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#64432}
-
- 18 Oct, 2019 2 commits
-
-
Sathya Gunasekaran authored
This reverts commit 83f8464f. Reason for revert: speculative revert for blink linux failure https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/1272 Original change's description: > [builtins] Move non-JS linkage builtins code objects into RO_SPACE > > Creates an allow-list of builtins that can still go in code_space > including all TFJ builtins and a small manual list that should be pared > down in the future. > > For builtins that go in RO_SPACE a Code object is created that contains > no code at all (shrinking its size from 96 bytes to 64 bytes on x64), > but is there to allow the runtime to continue to work since it expects > a Code object. > > This reduces code_space from ~152k to ~40k (-112k) and increases > read_only_space from 33k to 108k (+75k) in the snapshot. > > Bug: v8:7464, v8:9821, v8:9338, v8:8127 > Change-Id: Icc8bfc722bb267a2bcc17e2f1e27bef7f02f2376 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795358 > Commit-Queue: Dan Elphick <delphick@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64377} TBR=mstarzinger@chromium.org,jgruber@chromium.org,delphick@chromium.org Change-Id: I4cf38e9370280acdd2de718ca527776ebc509003 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7464, v8:9821, v8:9338, v8:8127 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1868621Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#64383}
-
Dan Elphick authored
Creates an allow-list of builtins that can still go in code_space including all TFJ builtins and a small manual list that should be pared down in the future. For builtins that go in RO_SPACE a Code object is created that contains no code at all (shrinking its size from 96 bytes to 64 bytes on x64), but is there to allow the runtime to continue to work since it expects a Code object. This reduces code_space from ~152k to ~40k (-112k) and increases read_only_space from 33k to 108k (+75k) in the snapshot. Bug: v8:7464, v8:9821, v8:9338, v8:8127 Change-Id: Icc8bfc722bb267a2bcc17e2f1e27bef7f02f2376 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795358 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#64377}
-
- 17 Oct, 2019 1 commit
-
-
Toon Verwaest authored
This is a reland of c7c47c68. This makes TSAN happy in addition to: Previously I presumed that the context read from a frame in the profiler was a valid context. Turns out that on non-intel we're not guaranteed that the frame is properly set up. In the case we looked at, the profiler took a sample right before writing the frame marker indicating a builtin frame, causing the "context" pointer from that frame to be a bytecode array. Since we'll read random garbage on the stack as a possible context pointer, I made the code reading the native context from it a little more defensive. Bug: v8:9860 Tbr: ulan@chromium.org, neis@chromium.org, ishell@chromium.org Original change's description: > [runtime] Move Context::native_context to the map > > Remove the native context slot from contexts by making context maps > native-context-specific. Now we require 2 loads to go from a context to the > native context, but we have 1 field fewer to store when creating contexts. > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64296} Change-Id: I4d0ab4cbbb23a9ae616407f17ef8f35a0b68ddb4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864654 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#64360}
-
- 16 Oct, 2019 2 commits
-
-
Sathya Gunasekaran authored
This reverts commit c7c47c68. Reason for revert: breaks TSAN https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738 Original change's description: > Reland "[runtime] Move Context::native_context to the map" > > This is a reland of f05bae1e > > Previously I presumed that the context read from a frame in the profiler was > a valid context. Turns out that on non-intel we're not guaranteed that the > frame is properly set up. In the case we looked at, the profiler took a > sample right before writing the frame marker indicating a builtin frame, > causing the "context" pointer from that frame to be a bytecode array. Since > we'll read random garbage on the stack as a possible context pointer, I made > the code reading the native context from it a little more defensive. > > Bug: v8:9860 > > Original change's description: > > [runtime] Move Context::native_context to the map > > > > Remove the native context slot from contexts by making context maps > > native-context-specific. Now we require 2 loads to go from a context to the > > native context, but we have 1 field fewer to store when creating contexts. > > > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > > Reviewed-by: Igor Sheludko <ishell@chromium.org> > > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > > Reviewed-by: Maya Lekova <mslekova@chromium.org> > > Reviewed-by: Georg Neis <neis@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#64296} > > Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Auto-Submit: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64314} TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9860 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#64316}
-
Toon Verwaest authored
This is a reland of f05bae1e Previously I presumed that the context read from a frame in the profiler was a valid context. Turns out that on non-intel we're not guaranteed that the frame is properly set up. In the case we looked at, the profiler took a sample right before writing the frame marker indicating a builtin frame, causing the "context" pointer from that frame to be a bytecode array. Since we'll read random garbage on the stack as a possible context pointer, I made the code reading the native context from it a little more defensive. Bug: v8:9860 Original change's description: > [runtime] Move Context::native_context to the map > > Remove the native context slot from contexts by making context maps > native-context-specific. Now we require 2 loads to go from a context to the > native context, but we have 1 field fewer to store when creating contexts. > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64296} Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#64314}
-
- 15 Oct, 2019 3 commits
-
-
Sathya Gunasekaran authored
This reverts commit f05bae1e. Reason for revert: broke arm sim debug https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/17714 https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8899519852984476944/+/steps/Check_-_trusted/0/logs/FunctionDetailsInlining/0 Original change's description: > [runtime] Move Context::native_context to the map > > Remove the native context slot from contexts by making context maps > native-context-specific. Now we require 2 loads to go from a context to the > native context, but we have 1 field fewer to store when creating contexts. > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64296} TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com Change-Id: Ie7b4086c3a9ab2627ecac599da36b20cf8d1f948 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1863200Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#64299}
-
Dan Elphick authored
Add overrides to port specific assemblers and delete redundant empty override. Bug: v8:9810 Change-Id: I17e4614e06783867ae50e87bba83d35ebc9d0b51 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1862567 Auto-Submit: Dan Elphick <delphick@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#64297}
-
Toon Verwaest authored
Remove the native context slot from contexts by making context maps native-context-specific. Now we require 2 loads to go from a context to the native context, but we have 1 field fewer to store when creating contexts. Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Maya Lekova <mslekova@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#64296}
-
- 09 Oct, 2019 1 commit
-
-
Santiago Aboy Solanes authored
If we do the check in InvokeFunctionCode instead of doing it in CheckDebugHook (now aptly named 'DebugHook'), we can defer the debug hook to the end of InvokeFunctionCode and is to make the common case stay in straight-line code. Bug: v8:9771 Change-Id: Icff84e8ced9d120ae2fe293a391aaadd53441644 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1829219 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Dan Elphick <delphick@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#64183}
-
- 07 Oct, 2019 1 commit
-
-
Igor Sheludko authored
With the smi-corrupting decompression approach we don't have to sign extend Smis anymore and therefore we can switch to zero extending approach by moving the isolate root to the beginning of the reserved 4Gb region. Bug: v8:9706 Change-Id: Icd6008fa87d0924519b574fdec445976f742e306 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835548 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#64144}
-
- 04 Oct, 2019 2 commits
-
-
Igor Sheludko authored
... in order to improve performance of decompression code on C++ side (because computation of isolate root from isolate pointer becomes a trivial reinterpret cast) and measure the impact separately from other ptr-compr changes. Bug: v8:9353 Change-Id: I36906cef2968355411ee944d97625ecd2652646b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835550Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#64115}
-
Igor Sheludko authored
... as the smi-corrupting decompression seems to be stable enough. Bug: v8:9706 Change-Id: I404924ec4a12b37d8bc3e521c5563aa7e6357dc6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835544Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#64107}
-
- 03 Oct, 2019 1 commit
-
-
Pierre Langlois authored
When comparing with zero, we can generate a CBZ instruction instead of a CMP+B. If we teach TurboAssembler::JumpIfEqual() to do it then we can do it in code generated for binary switches. Change-Id: I39a045ed666fd6569bf9c9f6be28c4efbeeb01a9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1836254Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#64094}
-
- 30 Sep, 2019 1 commit
-
-
Igor Sheludko authored
... in disabled state. It will be enabled in a follow-up CL. Bug: v8:9706 Change-Id: I43b482a4fd1bf9af0c6ba535b453e72463bee0f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826731Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Clemens Backes [né Hammacher] <clemensb@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#64039}
-
- 27 Sep, 2019 1 commit
-
-
Santiago Aboy Solanes authored
x64 code path is different and we can't do this optimization. Bug: v8:9771 Change-Id: I1639e53b4397873e70895ec2919ac2769b0bbc72 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826728Reviewed-by:
Dan Elphick <delphick@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#64022}
-
- 26 Sep, 2019 2 commits
-
-
Igor Sheludko authored
This CL fixes comparison operations that take into account full-word value instead of the lower 32 bits. Bug: v8:9706 Change-Id: I9176ea1ece7c0551b1fa6b9df58445ba49434234 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824474 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#64006}
-
Igor Sheludko authored
... in both CSA code and TurboFan. This is a prerequisite for smi-corrupting decompression. The decompression eliminator changes is a workaround to ensure that the result of comparisons of two constant Smis is still a constexpr (the failing test is cctest/test-torque/TestLoadEliminationFixed). Better optimizations will be landed in a follow-up CLs. Bug: v8:9706 Change-Id: Ie2d90f6a7714aa749439e3f457d90d663d0efe49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815133Reviewed-by:
Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63991}
-
- 20 Sep, 2019 1 commit
-
-
Pierre Langlois authored
The CPURegister class has an additional "type" field to represent an invalid register while the cross-platform RegisterBase class uses -1 as a register code. For consistency and to avoid potential bugs from confusing x0 and `CPURegister::no_reg()`, use -1 as a register code as well in CPURegister. Change-Id: I1a36230091433bc854a5966f36e3c25e33a406c1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813746Reviewed-by:
Andreas Haas <ahaas@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#63902}
-