Expose interrupt budget as a runtime flag.

This is particularly useful to fuzzers that seek to provoke optimization. Bug: v8:9119 Change-Id: I729f72a0e22686fbd56793875175c230e0230823 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564196 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#60794}
2019-04-11 22:00:59 +02:00 · 2019-04-11 22:00:59 +02:00 · b47449d5d6
commit b47449d5d6
parent 9dfb6a3582
4 changed files with 23 additions and 11 deletions
--- a/src/flag-definitions.h
+++ b/src/flag-definitions.h
@ -358,17 +358,8 @@ DEFINE_BOOL(enable_one_shot_optimization, true,
 DEFINE_BOOL(unbox_double_arrays, true, "automatically unbox arrays of doubles")
 DEFINE_BOOL_READONLY(string_slices, true, "use string slices")

-// Flags for Ignition for no-snapshot builds.
-#undef FLAG
-#ifndef V8_USE_SNAPSHOT
-#define FLAG FLAG_FULL
-#else
-#define FLAG FLAG_READONLY
-#endif
 DEFINE_INT(interrupt_budget, 144 * KB,
           "interrupt budget which should be used for the profiler counter")
-#undef FLAG
-#define FLAG FLAG_FULL

 DEFINE_INT(budget_for_feedback_vector_allocation, 1 * KB,
           "The budget in amount of bytecode executed by a function before we "
--- a/src/interpreter/interpreter-assembler.cc
+++ b/src/interpreter/interpreter-assembler.cc
@ -1268,6 +1268,7 @@ void InterpreterAssembler::UpdateInterruptBudget(Node* weight, bool backward) {
  TNode<Int32T> budget_after_bytecode =
      Signed(Int32Sub(old_budget, Int32Constant(CurrentBytecodeSize())));

+  Label done(this);
  TVARIABLE(Int32T, new_budget);
  if (backward) {
    // Update budget by |weight| and check if it reaches zero.
@ -1279,8 +1280,7 @@ void InterpreterAssembler::UpdateInterruptBudget(Node* weight, bool backward) {

    BIND(&interrupt_check);
    CallRuntime(Runtime::kBytecodeBudgetInterrupt, GetContext(), function);
-    new_budget = Int32Constant(Interpreter::InterruptBudget());
-    Goto(&ok);
+    Goto(&done);

    BIND(&ok);
  } else {
@ -1293,6 +1293,8 @@ void InterpreterAssembler::UpdateInterruptBudget(Node* weight, bool backward) {
  StoreObjectFieldNoWriteBarrier(
      feedback_cell, FeedbackCell::kInterruptBudgetOffset, new_budget.value(),
      MachineRepresentation::kWord32);
+  Goto(&done);
+  BIND(&done);
  Comment("] UpdateInterruptBudget");
 }

--- a/src/runtime/runtime-internal.cc
+++ b/src/runtime/runtime-internal.cc
@ -276,6 +276,7 @@ RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterrupt) {
  HandleScope scope(isolate);
  DCHECK_EQ(1, args.length());
  CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0);
+  function->raw_feedback_cell()->set_interrupt_budget(FLAG_interrupt_budget);
  if (!function->has_feedback_vector()) {
    JSFunction::EnsureFeedbackVector(function);
    // Also initialize the invocation count here. This is only really needed for
--- a/test/mjsunit/interrupt-budget-override.js
+++ b/test/mjsunit/interrupt-budget-override.js
@ -0,0 +1,18 @@
+// Copyright 2019 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --opt --interrupt-budget=100 --allow-natives-syntax
+
+function f() {
+  let s = 0;
+  for (let i = 0; i < 10; i++) {
+    s += i;
+  }
+  return s;
+}
+
+%PrepareFunctionForOptimization(f);
+f();
+f();
+assertOptimized(f);