- 21 Oct, 2020 18 commits
-
-
Seth Brenith authored
Liftoff can currently run out of registers when compiling an atomic compare-exchange instruction. In order to see this crash, the following conditions must be met: - The offset in the instruction doesn't fit in a 12-bit immediate - Either FLAG_untrusted_code_mitigations is false, or trap handlers are enabled, so that AddMemoryMasking decides to do nothing The fix proposed in this CL is just to defer allocation of a temporary register until after CalculateActualAddress has finished, because it might have also needed a temporary register. Change-Id: I28225614dcdbe2bcc9e52208f1e806baac89c5f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488840 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70687}
-
Clemens Backes authored
Using the GraphAssembler instead of creating nodes "manually" results in much smaller code. This allows us then to use ternary operators to make the implementation even more concise. R=ahaas@chromium.org Bug: v8:10123 Change-Id: I154ffb436f414da14e932138911f35d251363083 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489686Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#70686}
-
Santiago Aboy Solanes authored
There were some cleanups to be done after crrev.com/c/v8/v8/+/2472000/ was merged. Bug: v8:10799 Change-Id: I09bc2d123f89b88c74c3aecfa97c82d1925a1f2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488686Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70685}
-
Manos Koukoutos authored
Additional changes: - Add reproducing unit test. - Add parsed memory limit flag to error message. - Improve naming in memory API in wasm-module-builder.js. Change-Id: Id9ec5750cdc03560874e6c0219741127182e0c9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485227 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#70684}
-
Almothana Athamneh authored
NOTRY=true Bug: v8:11037 Change-Id: I8c97d9d83dc4e9ff935b8e70ff33002c4e5d19bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2489690 Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#70683}
-
Manos Koukoutos authored
This trap now used for all runtime type errors thrown when interfacing with JS. Its name and message have been changed to reflect this. Additional change: Remove the trap from the list of traps used exclusively for RuntimeError (as opposed to TypeError) in wasm-module-builder.js. Change-Id: I517766837a60d94b562d4c0de922d52db786b635 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488688Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#70682}
-
Milad Fa authored
Port d6c586f7 R=solanes@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I73098589bc2246e389432be18b11bcf3242df308 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488021Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#70681}
-
Michael Lippautz authored
Follow the marker pattern where actual logic is moved into a dedicated state class and the visitors merely forward to that class. Change-Id: Id3c6b7414343da82759bdba3dbb8286adee44cf4 Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480502 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70680}
-
Martin Bidlingmaier authored
Bug: chromium:1139782,v8:10765 Change-Id: I417cd037b2587599b925cce08d8652b2df1985ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488687Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Martin Bidlingmaier <mbid@google.com> Cr-Commit-Position: refs/heads/master@{#70679}
-
Liu Yu authored
R=thibaudm@chromium.org, ulan@chromium.org Bug: v8:7581 Change-Id: Id984082bf0219e8edc70945536d82d523411cf78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488845 Auto-Submit: Yu Liu <liuyu@loongson.cn> Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#70678}
-
Camillo Bruni authored
- Limit transition view to 200 maps - Avoid displaying parent maps multiple times - Fix timeline-track selection, slow dragging works now Bug: v8:10644 Change-Id: I2106ea8240977e0ea65083d296977ab0272304d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485851 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#70677}
-
Sathya Gunasekaran authored
Previously, we would append the deprecated maps and then append the new valid map causing minimorphic map checks to miss this new map in the case that we exceeded the FLAG_max_minimorphic_map_checks size. Bug: v8:10582 Change-Id: Ie3d7da73f7bdbdd822241fae7879817889a72b43 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2484513 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#70676}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I548f27d29250f0e5ca01c8ec30cc2a85eee92f52 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488681 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70675}
-
Marja Hölttä authored
Change-Id: I1b350c797093454b0b64dca81ed1d28c35d3ada1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488685 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#70674}
-
Martin Bidlingmaier authored
This commit increases the number of backtracks before we fall back to the experimental engine. The previous limit was reached just before irregexp finished in sunspider/string-tagcloud and web-tooling-benchmark/coffeescript. This meant that we aborted execution and started over with a slower (but asymptotically faster) engine just before we would've finished, causing a performance regression. Bug: chromium:1138975,v8:10765 Change-Id: I10a4b149300f88680084604310730ee91758bfa0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2479010 Commit-Queue: Martin Bidlingmaier <mbid@google.com> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70673}
-
Jakob Gruber authored
This is a reland of fbfa9bf4 The arm64 was missing proper codegen for CFI, thus sizes were off. Original change's description: > Reland "[deoptimizer] Change deopt entries into builtins" > > This is a reland of 7f58ced7 > > It fixes the different exit size emitted on x64/Atom CPUs due to > performance tuning in TurboAssembler::Call. Additionally, add > cctests to verify the fixed size exits. > > Original change's description: > > [deoptimizer] Change deopt entries into builtins > > > > While the overall goal of this commit is to change deoptimization > > entries into builtins, there are multiple related things happening: > > > > - Deoptimization entries, formerly stubs (i.e. Code objects generated > > at runtime, guaranteed to be immovable), have been converted into > > builtins. The major restriction is that we now need to preserve the > > kRootRegister, which was formerly used on most architectures to pass > > the deoptimization id. The solution differs based on platform. > > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING. > > - Removed heap/ support for immovable Code generation. > > - Removed the DeserializerData class (no longer needed). > > - arm64: to preserve 4-byte deopt exits, introduced a new optimization > > in which the final jump to the deoptimization entry is generated > > once per Code object, and deopt exits can continue to emit a > > near-call. > > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit > > sizes by 4/8, 5, and 5 bytes, respectively. > > > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes > > by using the same strategy as on arm64 (recalc deopt id from return > > address). Before: > > > > e300a002 movw r10, <id> > > e59fc024 ldr ip, [pc, <entry offset>] > > e12fff3c blx ip > > > > After: > > > > e59acb35 ldr ip, [r10, <entry offset>] > > e12fff3c blx ip > > > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases > > with CFI). Additionally, up to 4 builtin jumps are emitted per Code > > object (max 32 bytes added overhead per Code object). Before: > > > > 9401cdae bl <entry offset> > > > > After: > > > > # eager deoptimization entry jump. > > f95b1f50 ldr x16, [x26, <eager entry offset>] > > d61f0200 br x16 > > # lazy deoptimization entry jump. > > f95b2b50 ldr x16, [x26, <lazy entry offset>] > > d61f0200 br x16 > > # the deopt exit. > > 97fffffc bl <eager deoptimization entry jump offset> > > > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before: > > > > bb00000000 mov ebx,<id> > > e825f5372b call <entry> > > > > After: > > > > e8ea2256ba call <entry> > > > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before: > > > > 49c7c511000000 REX.W movq r13,<id> > > e8ea2f0700 call <entry> > > > > After: > > > > 41ff9560360000 call [r13+<entry offset>] > > > > Bug: v8:8661,v8:8768 > > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834 > > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#70597} > > Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org > Bug: v8:8661,v8:8768,chromium:1140165 > Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70655} Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org Bug: v8:8661 Bug: v8:8768 Bug: chromium:1140165 Change-Id: I471cc94fc085e527dc9bfb5a84b96bd907c2333f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488682Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70672}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/d68ca6a..c052192 Rolling v8/third_party/aemu-linux-x64: Dg0s5PKnfzzCVjDNe8EuKAnOGVVpKvB-dKqia-IpGkgC..exAX_yeKLNYEK0NGmhD6PCExVZm6XY2aCPioGGLAHlYC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d384f36..2fb0633 Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/84fb34e..715ec35 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/4135c06..3491655 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Icadb0aebf416c8e32a57ddd4108402848a22e046 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487976Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#70671}
-
Milad Fa authored
Change-Id: I8a9322ef3c7ebaa4f8827a65dca3215f16d70454 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488024Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#70670}
-
- 20 Oct, 2020 22 commits
-
-
Edward Lesmes authored
Generate DIR_METADATA files and remove metadata from OWNERS files for v8. R=jkummerow@chromium.org, ochang@chromium.org, yangguo@chromium.org Bug: chromium:1113033 Change-Id: I82cbb62e438d82dbbc408e87120af39fa9da0afa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2476680Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Edward Lesmes <ehmaldonado@chromium.org> Auto-Submit: Edward Lesmes <ehmaldonado@chromium.org> Cr-Commit-Position: refs/heads/master@{#70669}
-
Omer Katz authored
Bug: v8:10990 Change-Id: I5166d9ecd6d8d8c55ecb17015d99d88ed60effa2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488680 Commit-Queue: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70668}
-
Ng Zhi An authored
Bug: v8:10713 Change-Id: I7b123347e00f31d071d45e3b807354610b71ed2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2486238Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#70667}
-
Ng Zhi An authored
There is a typo getting the values of the lanes, only on big-endian systems. (On little-endian systems, the use of LANE macro hides the error). Bug: v8:11008 Change-Id: I99efde506dab443efd336346ec920fcd957daae2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2486614Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#70666}
-
Ng Zhi An authored
This is similar to https://crrev.com/c/2466377, for all other checks for numeric_limits found in the same file. The check for float/double to uint32/uint64 doesn't seem to be replaceable, due to this check: https://source.chromium.org/chromium/chromium/src/+/master:v8/src/base/safe_conversions_impl.h;l=361;drc=c10c83c31ba0b774c3c05c73bb4894ba2495394b We probably need something specific for converting to float/doubles. I'll leave those as they are first. Bug: v8:10933 Change-Id: I5ea95fd04caa7b5963bb3cb8e5870cd8e790fb19 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2477039 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#70665}
-
Pierre Langlois authored
Arm64 supports 16k and 64k OS pages, in which case the CPPGC doesn't use guard pages. Bug: v8:10808 Change-Id: I36efba687c50b348eda62e9f9094b57bd58b55b5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485494 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70664}
-
Victor Gomes authored
This is a reland of 403390ec Original change's description: > [ia32] Remove arguments adaptor frame > > Change-Id: Id66d2c57fc92c00b033bc53231313f477cceca75 > Bug: v8:10201 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2448463 > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70652} Bug: v8:10201 Change-Id: I2c50b22fbe565e8ad6a510c02bfbd79c145d284e Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485225 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#70663}
-
Victor Gomes authored
Change-Id: I8cb9f7860bb7b3cfc8ee291910c2f219309606dd Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485224 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#70662}
-
Almothana Athamneh authored
Bug: v8:11037 Change-Id: I39c790bc435ab2c9fde7f17c8c6fa42a920e16d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485509Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/master@{#70661}
-
Georg Neis authored
It is a little shorter and cheaper[1] than the equivalent "mov sp,bp; pop bp". Also remove support for the 'enter' instruction, since - it is unused, - it is neither shorter nor cheaper than the corresponding push and mov (in fact more expensive[1]), and - our disassembler doesn't support it. [1] See https://www.agner.org/optimize/instruction_tables.pdf Change-Id: I6c99c2f3e53081aea55445a54e18eaf45baa79c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2482822 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70660}
-
Shu-yu Guo authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/ad8a5e9940..0e7319c015 Bug: v8:7834 Change-Id: If9bb92b37e6dac0b1f14b5813e56a4ed478d9b06 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2486222Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#70659}
-
Maya Lekova authored
This reverts commit fbfa9bf4. Reason for revert: Seems to break arm64 sim CFI build (please see DeoptExitSizeIfFixed) - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20CFI/2808 Original change's description: > Reland "[deoptimizer] Change deopt entries into builtins" > > This is a reland of 7f58ced7 > > It fixes the different exit size emitted on x64/Atom CPUs due to > performance tuning in TurboAssembler::Call. Additionally, add > cctests to verify the fixed size exits. > > Original change's description: > > [deoptimizer] Change deopt entries into builtins > > > > While the overall goal of this commit is to change deoptimization > > entries into builtins, there are multiple related things happening: > > > > - Deoptimization entries, formerly stubs (i.e. Code objects generated > > at runtime, guaranteed to be immovable), have been converted into > > builtins. The major restriction is that we now need to preserve the > > kRootRegister, which was formerly used on most architectures to pass > > the deoptimization id. The solution differs based on platform. > > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING. > > - Removed heap/ support for immovable Code generation. > > - Removed the DeserializerData class (no longer needed). > > - arm64: to preserve 4-byte deopt exits, introduced a new optimization > > in which the final jump to the deoptimization entry is generated > > once per Code object, and deopt exits can continue to emit a > > near-call. > > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit > > sizes by 4/8, 5, and 5 bytes, respectively. > > > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes > > by using the same strategy as on arm64 (recalc deopt id from return > > address). Before: > > > > e300a002 movw r10, <id> > > e59fc024 ldr ip, [pc, <entry offset>] > > e12fff3c blx ip > > > > After: > > > > e59acb35 ldr ip, [r10, <entry offset>] > > e12fff3c blx ip > > > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases > > with CFI). Additionally, up to 4 builtin jumps are emitted per Code > > object (max 32 bytes added overhead per Code object). Before: > > > > 9401cdae bl <entry offset> > > > > After: > > > > # eager deoptimization entry jump. > > f95b1f50 ldr x16, [x26, <eager entry offset>] > > d61f0200 br x16 > > # lazy deoptimization entry jump. > > f95b2b50 ldr x16, [x26, <lazy entry offset>] > > d61f0200 br x16 > > # the deopt exit. > > 97fffffc bl <eager deoptimization entry jump offset> > > > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before: > > > > bb00000000 mov ebx,<id> > > e825f5372b call <entry> > > > > After: > > > > e8ea2256ba call <entry> > > > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before: > > > > 49c7c511000000 REX.W movq r13,<id> > > e8ea2f0700 call <entry> > > > > After: > > > > 41ff9560360000 call [r13+<entry offset>] > > > > Bug: v8:8661,v8:8768 > > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834 > > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#70597} > > Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org > Bug: v8:8661,v8:8768,chromium:1140165 > Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70655} TBR=ulan@chromium.org,rmcilroy@chromium.org,jgruber@chromium.org,tebbi@chromium.org Change-Id: I4739a3475bfd8ee0cfbe4b9a20382f91a6ef1bf0 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8661 Bug: v8:8768 Bug: chromium:1140165 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485223Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#70658}
-
Maya Lekova authored
This reverts commit 403390ec. Reason for revert: Seems to break noi18n build - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/34316 Original change's description: > [ia32] Remove arguments adaptor frame > > Change-Id: Id66d2c57fc92c00b033bc53231313f477cceca75 > Bug: v8:10201 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2448463 > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70652} TBR=neis@chromium.org,ishell@chromium.org,victorgomes@chromium.org Change-Id: Ia87c887260571e2c6461700eb10ca792bc83e254 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2487129Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#70657}
-
Santiago Aboy Solanes authored
Bug: v8:10799 Change-Id: Id912520b6a27e439e204bac47c0723a8f613be4b Fixed: v8:10799 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2472000 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#70656}
-
Jakob Gruber authored
This is a reland of 7f58ced7 It fixes the different exit size emitted on x64/Atom CPUs due to performance tuning in TurboAssembler::Call. Additionally, add cctests to verify the fixed size exits. Original change's description: > [deoptimizer] Change deopt entries into builtins > > While the overall goal of this commit is to change deoptimization > entries into builtins, there are multiple related things happening: > > - Deoptimization entries, formerly stubs (i.e. Code objects generated > at runtime, guaranteed to be immovable), have been converted into > builtins. The major restriction is that we now need to preserve the > kRootRegister, which was formerly used on most architectures to pass > the deoptimization id. The solution differs based on platform. > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING. > - Removed heap/ support for immovable Code generation. > - Removed the DeserializerData class (no longer needed). > - arm64: to preserve 4-byte deopt exits, introduced a new optimization > in which the final jump to the deoptimization entry is generated > once per Code object, and deopt exits can continue to emit a > near-call. > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit > sizes by 4/8, 5, and 5 bytes, respectively. > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes > by using the same strategy as on arm64 (recalc deopt id from return > address). Before: > > e300a002 movw r10, <id> > e59fc024 ldr ip, [pc, <entry offset>] > e12fff3c blx ip > > After: > > e59acb35 ldr ip, [r10, <entry offset>] > e12fff3c blx ip > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases > with CFI). Additionally, up to 4 builtin jumps are emitted per Code > object (max 32 bytes added overhead per Code object). Before: > > 9401cdae bl <entry offset> > > After: > > # eager deoptimization entry jump. > f95b1f50 ldr x16, [x26, <eager entry offset>] > d61f0200 br x16 > # lazy deoptimization entry jump. > f95b2b50 ldr x16, [x26, <lazy entry offset>] > d61f0200 br x16 > # the deopt exit. > 97fffffc bl <eager deoptimization entry jump offset> > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before: > > bb00000000 mov ebx,<id> > e825f5372b call <entry> > > After: > > e8ea2256ba call <entry> > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before: > > 49c7c511000000 REX.W movq r13,<id> > e8ea2f0700 call <entry> > > After: > > 41ff9560360000 call [r13+<entry offset>] > > Bug: v8:8661,v8:8768 > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70597} Tbr: ulan@chromium.org, tebbi@chromium.org, rmcilroy@chromium.org Bug: v8:8661,v8:8768,chromium:1140165 Change-Id: Ibcd5c39c58a70bf2b2ac221aa375fc68d495e144 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485506Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70655}
-
Georg Neis authored
Gracefully handle hugely nested JSBoundFunctions by checking against the local isolate's stack limit in relevant recursive functions. This is based on d734bb4c (which was reverted). In order to get access to the local isolate, the CL replaces the heap broker's LocalHeap pointer with a LocalIsolate pointer. Bug: chromium:1125145 Change-Id: I15d6265c7dfcd8a70af4ab4ce6f30149a886be00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480682 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70654}
-
Camillo Bruni authored
- Fix State timerange adjustment for multiple timelines - Fix grid layout for detail panels - Style panels consistently - Simplify file-reader html Bug: v8:10644 Change-Id: I277d88e2deb2bf71b0204034f6e63ea35f85a791 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485812 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#70653}
-
Victor Gomes authored
Change-Id: Id66d2c57fc92c00b033bc53231313f477cceca75 Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2448463Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#70652}
-
Dominik Inführ authored
This is a reland of 8358ab49 Original change's description: > [heap] Introduce new state in CollectionBarrier > > Introduce new state kCollectionStarted in CollectionBarrier. This state > is used during Heap::PerformGarbageCollection. It stops threads from > requesting GC when the GC was already started. This happens because a > background thread only requests the GC after it parked itself - the GC > could be started in-between those two events. > > Bug: v8:10315 > Change-Id: I59cf3d4ea41c7a2c37ffce89c5b057221a2499e0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2474858 > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70572} Bug: v8:10315 Change-Id: I9da463c847cb0badde58ce767a6e3a24be7672f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480564Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#70651}
-
Georg Neis authored
Eventually this should be used to prevent OS stack overflow on background threads. Drive-by change: make more things const. Bug: v8:10974 Change-Id: Ie659e53992f58c7c08920985d54175d61c5ee796 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2474117Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#70650}
-
Jakob Gruber authored
This reverts commit 7f58ced7. Reason for revert: Segfaults on Atom_x64 https://ci.chromium.org/p/v8-internal/builders/ci/v8_linux64_atom_perf/5686? Original change's description: > [deoptimizer] Change deopt entries into builtins > > While the overall goal of this commit is to change deoptimization > entries into builtins, there are multiple related things happening: > > - Deoptimization entries, formerly stubs (i.e. Code objects generated > at runtime, guaranteed to be immovable), have been converted into > builtins. The major restriction is that we now need to preserve the > kRootRegister, which was formerly used on most architectures to pass > the deoptimization id. The solution differs based on platform. > - Renamed DEOPT_ENTRIES_OR_FOR_TESTING code kind to FOR_TESTING. > - Removed heap/ support for immovable Code generation. > - Removed the DeserializerData class (no longer needed). > - arm64: to preserve 4-byte deopt exits, introduced a new optimization > in which the final jump to the deoptimization entry is generated > once per Code object, and deopt exits can continue to emit a > near-call. > - arm,ia32,x64: change to fixed-size deopt exits. This reduces exit > sizes by 4/8, 5, and 5 bytes, respectively. > > On arm the deopt exit size is reduced from 12 (or 16) bytes to 8 bytes > by using the same strategy as on arm64 (recalc deopt id from return > address). Before: > > e300a002 movw r10, <id> > e59fc024 ldr ip, [pc, <entry offset>] > e12fff3c blx ip > > After: > > e59acb35 ldr ip, [r10, <entry offset>] > e12fff3c blx ip > > On arm64 the deopt exit size remains 4 bytes (or 8 bytes in same cases > with CFI). Additionally, up to 4 builtin jumps are emitted per Code > object (max 32 bytes added overhead per Code object). Before: > > 9401cdae bl <entry offset> > > After: > > # eager deoptimization entry jump. > f95b1f50 ldr x16, [x26, <eager entry offset>] > d61f0200 br x16 > # lazy deoptimization entry jump. > f95b2b50 ldr x16, [x26, <lazy entry offset>] > d61f0200 br x16 > # the deopt exit. > 97fffffc bl <eager deoptimization entry jump offset> > > On ia32 the deopt exit size is reduced from 10 to 5 bytes. Before: > > bb00000000 mov ebx,<id> > e825f5372b call <entry> > > After: > > e8ea2256ba call <entry> > > On x64 the deopt exit size is reduced from 12 to 7 bytes. Before: > > 49c7c511000000 REX.W movq r13,<id> > e8ea2f0700 call <entry> > > After: > > 41ff9560360000 call [r13+<entry offset>] > > Bug: v8:8661,v8:8768 > Change-Id: I13e30aedc360474dc818fecc528ce87c3bfeed42 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465834 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70597} TBR=ulan@chromium.org,rmcilroy@chromium.org,jgruber@chromium.org,tebbi@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:8661,v8:8768,chromium:1140165 Change-Id: I3df02ab42f6e02233d9f6fb80e8bb18f76870d91 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2485504Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#70649}
-
gengjiawen authored
See: https://github.com/nodejs/node/pull/35415#issuecomment-707828213Co-authored-by: Richard Townsend <richard.townsend@arm.com> Change-Id: I440644f55dc8c8ec3108e5015ebbce2829dd8207 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2479602Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jiawen Geng <technicalcute@gmail.com> Cr-Commit-Position: refs/heads/master@{#70648}
-