This reverts commit 8f3047531d.
Reason for revert: CL collision:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20builder/63710/overview
Original change's description:
> [wasm] ref.call: Consume sig index immediate
>
> Follow-up to commit 6168782925
> With this change 0x14 now also consumes a sig index immediate.
> This will allow users to switch from 0x17 back to 0x14 without
> breaking changes. After another grace period, 0x17 can be removed.
>
> Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83890}
Change-Id: I65fe8b5bceb70323dd5e6450ec7bcc02696b15fa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976029
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83894}
This code looks like it was copied over of Abseil. However, parts of it
are not used anywhere, aside from their own unit tests, so delete them.
The unused functions are:
- MatchEmptyOrDeleted()
- CountLeadingEmptyOrDeleted()
- ConvertSpecialToEmptyAndFullToDeleted()
In turn, _mm_cmpgt_epi8_fixed() is also unused and can be deleted.
Bug: v8:11388
Change-Id: I35b84600690e6f044a1d5ab4bf41e7f67fb76d87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3965230
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83892}
... as an example of a simple builtin.
Bug: v8:7700
Change-Id: I4eb3479c04066cf4860d1fc28d5f7e9c758a6375
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974773
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83891}
Follow-up to commit 6168782925
With this change 0x14 now also consumes a sig index immediate.
This will allow users to switch from 0x17 back to 0x14 without
breaking changes. After another grace period, 0x17 can be removed.
Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83890}
The wasm decoder immediates are currently templatized by the {validate}
enum value. They do not need to be though; the only difference is in the
constructor, so the constructor should be templatized instead.
This CL implements that, and also changes the {validate} enum to be a
tag (a typename) instead. This is needed in order to enable template
parameter deduction for the constructor calls (C++ does not allow to
explicitly define the template parameter at constructor calls).
As a nice side effect, this produces nicer symbolized stack traces.
Before:
v8::internal::wasm::Decoder::read_u32v<(v8::internal::wasm::Decoder::ValidateFlag)1>
After:
v8::internal::wasm::Decoder::read_u32v<v8::internal::wasm::Decoder::BooleanValidationTag>
R=jkummerow@chromium.org
Change-Id: I013c909ebaf2c8c495f32b5ce598905f3eccc3ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973267
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83889}
This reverts commit bd590292b3.
Reason for revert:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/25069/overview
Original change's description:
> [turbofan] Optimize rab/gsab-backed TypedArrays and DataViews
>
> This CL adds TurboFan optimizations for length and element access
> of TypedArrays and DataViews that are rab/gsab-backed.
>
> To enable this optimization, this CL builds the necessary machinery
> required to allow machine operators at the front of the pipeline
> (before simplified lowering). Some key changes to allow this are:
> - Introduce Type::Machine() to allow the typer and the verifier to
> provide a type to those machine operators in parts of the pipeline
> that require nodes to be typed.
> - Add EnterMachineGraph and ExitMachineGraph operators that define
> the boundary between early machine graphs and the normal graph with
> JS semantics.
> - Give Branch operators a BranchSemantics parameter to distinguish
> between machine branches (condition is a machine level value) and
> JS branches (condition is a JS boolean value) and have phases that
> handle branches decide on the branch's semantics based on this
> parameter instead of the position in the pipeline.
> - Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
> machine graphs. In particular, constants required special handling,
> because they are cached in the graph but they may have uses in both
> a machine and the JS graph, which prevents consistent typing of
> them.
> - Moved lots of logic from JSCallReducerAssembler into
> [JS]GraphAssembler such that functionality can be shared between
> different phases (e.g. JSNativeContextSpecialization and
> JSCallReducer need to generate logic to compute a TypedArray's
> byte length). Extended assembler interface in general with
> additional TNode<> overloads.
>
>
> Bug: v8:11111, chromium:1358505
> Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83881}
Bug: v8:11111, chromium:1358505
Change-Id: Ifa7b81523237ebda941cab2feed42c176846b618
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976028
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83888}
We should not clobber the input registers in the codegen
of a Maglev IR.
We use a new temporary register instead.
Bug: v8:7700
Change-Id: Icacbee4e030f426001c224e25aed6ce86ad8b811
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973311
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83884}
This reverts commit 9dedaaf313.
Reason for revert: crashes have been fixed:
- https://crrev.com/c/v8/v8/+/3888198
- https://crrev.com/c/v8/v8/+/3965723
Original change's description:
> Revert "Enable background merging of deserialized scripts"
>
> This reverts commit f388f96fdb.
>
> Reason for revert: Crashes in canary (https://crbug.com/1360024)
>
> Original change's description:
> > Enable background merging of deserialized scripts
> >
> > This can save memory in cases where multiple frames in a process use the
> > same script, with sufficient time between loads that the script's
> > top-level SharedFunctionInfo is no longer present in the compilation
> > cache. Merging is relatively fast; it generally takes about one tenth as
> > long as deserialization.
> >
> > Bug: v8:12808
> > Change-Id: I7366a51f1d2ca6a9f551cdf2bdbe0441450cf1bb
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3868088
> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#82920}
>
> Bug: v8:12808
> Change-Id: If160173afaab351d995ddcf4b60d6efe656cf70b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3871208
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#82983}
Bug: v8:12808
Change-Id: I1d19a0e9ff4172435f4b2b9bbe3bf72a93e2411c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3972179
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83882}
This CL adds TurboFan optimizations for length and element access
of TypedArrays and DataViews that are rab/gsab-backed.
To enable this optimization, this CL builds the necessary machinery
required to allow machine operators at the front of the pipeline
(before simplified lowering). Some key changes to allow this are:
- Introduce Type::Machine() to allow the typer and the verifier to
provide a type to those machine operators in parts of the pipeline
that require nodes to be typed.
- Add EnterMachineGraph and ExitMachineGraph operators that define
the boundary between early machine graphs and the normal graph with
JS semantics.
- Give Branch operators a BranchSemantics parameter to distinguish
between machine branches (condition is a machine level value) and
JS branches (condition is a JS boolean value) and have phases that
handle branches decide on the branch's semantics based on this
parameter instead of the position in the pipeline.
- Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
machine graphs. In particular, constants required special handling,
because they are cached in the graph but they may have uses in both
a machine and the JS graph, which prevents consistent typing of
them.
- Moved lots of logic from JSCallReducerAssembler into
[JS]GraphAssembler such that functionality can be shared between
different phases (e.g. JSNativeContextSpecialization and
JSCallReducer need to generate logic to compute a TypedArray's
byte length). Extended assembler interface in general with
additional TNode<> overloads.
Bug: v8:11111, chromium:1358505
Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83881}
This removes the temporary option and sets its value to {true}
everywhere.
Bug: v8:7748
Change-Id: Icbc3071b531b130c0eb007758452d09b65491c04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974510
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83880}
Shared space is used concurrently and thus pages cannot shrink like
we do for old or code space.
Bug: v8:13267
Change-Id: I646120b1690d6fe628e524a4926e5648871b960e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974808
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83879}
Isolates need to be deserialized to run a GC. Similarly all client
isolates need to be deserialized for a shared GC.
This CL allows heap expansion during isolate deserialization.
Previously shared heap allocations could fail which would have led to a
CHECK failure in the subsequent GC.
Bug: v8:13267
Change-Id: Iae6934e9372063fcbe7de37128b7e783b09bb3c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974669
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83878}
Rolling v8/build: b8f0bc7..cb6dbd1
Rolling v8/buildtools: 10c7a0a..32851f2
Rolling v8/buildtools/third_party/libc++/trunk: 997e036..166132d
Rolling v8/third_party/depot_tools: 9879712..61ef3d8
Rolling v8/third_party/fuchsia-sdk/sdk: version:10.20221021.3.1..version:10.20221023.3.1
Rolling v8/tools/clang: 7b9e2e2..bc55ae7
Change-Id: Ie718d51122809672447c1d8e7fcb2ff46ce68c01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974078
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#83877}
We don't currently try the fast path if left side
is negative. See {if_lhs_negative} branch.
Change-Id: Ieea2977209902ad90c29ff3b305ca047fafbdd80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974511
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83873}
v8::TracedReference and their underlying traced handles are not
actually phantom references but have been historically represented as
such. This patch splits off their backing implementaton into
`TracedHandles`.
As a drive-by, re-organize the free list to rely on indices instead of
pointers, saving a full word for each node. In additon, the setup also
allows for freeing fully empty node blocks after GCs.
Allocation/free of nodes is also organized in a way that avoids
jumping between handles/blocks/nodes for accounting purposes.
Removing CRTP in GlobalHandle internals is left for a follow up.
Bug: v8:13372
Change-Id: Ib55aa9ba71202d5918b486c161fe6f747d31c719
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3966952
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83872}
Map space is gone now so we can use SnapshotSpace::kOld instead.
Bug: v8:12578
Change-Id: If7509ee6bea04fed263a6d8b15597fd051697e4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968480
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83869}
... and prepare for using PGO profiles for arm builds.
Bug: v8:10470
Change-Id: If71d363195c60277a59dc68d0c18e361e24209c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3970665
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83867}
The feature has been enabled since M106 so we can safely remove the
flag with M109.
R=bmeurer@chromium.org
Bug: chromium:1334585
Change-Id: Iefe0b10e3be59d6dde54d676b5f1e0cf938851ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3959659
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83865}
Fix by disabling the use of the trap handler in the "ARM64 simulator
running on x64" case. (Note that the ARM64-simulator-on-x64 case gets
built for mksnapshot as a host tool even if we didn't specifically
want the simulator case.)
Using the trap handler in that case currently uses some inline
assembly (the top-level asm() statements in
src/trap-handler/handler-outside-simulator.cc), but MSVC does not
support that type of asm() statement.
Disable using that asm() code by conditionalising it on "#if
V8_TRAP_HANDLER_SUPPORTED". Note that we're not putting this
condition into the GN build because it's complicated to keep the two
sets of conditions totally in sync.
Put the "#if V8_TRAP_HANDLER_SUPPORTED" into handler-inside-win.cc to
match the same #if in handler-inside.cc, otherwise we would get a link
error when the former refers to TryFindLandingPad(), which is defined
behind the #if in the latter.
Do the same in handler-inside-posix.cc for consistency.
Remove the earlier attempt at doing the fix by implementing
ProbeMemory in C++, which won't necessarily work. This reverts:
https://chromium-review.googlesource.com/c/v8/v8/+/3913036
Change-Id: If8e1720a90f89175d730cf32ee5ac42451b9b5be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3964232
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Mark Seaborn <mseaborn@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83864}
It's been enabled by default since Chrome 91.
Bug: v8:6020
Change-Id: Id26b7fb0b7dffe19a88a6f0071dd59203b06415a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3957636
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83862}
Port a02c56694f
Original Commit Message:
This is a reland of commit 4804c4de31.
There are major changes since the previous attempt:
- The WasmLiftoffFrameSetup (formerly WasmGetFeedbackVector) builtin
now performs as much of the frame setup work as possible, to reduce
generated code size for each function.
- The WasmLazyCompile builtin/runtime function no longer allocates,
hence gets frame type INTERNAL, and is un-handlified.
Original change's description:
> [wasm] Allocate feedback vectors on demand
>
> We previously allocated feedback vectors when instantiating the module,
> or when lazily compiling a function. That's not sufficient when there
> are multiple instances of the same NativeModule, or when we eagerly
> tier-down all code for debugging. This patch changes the "get vector from
> instance" sequence at the beginning of every Liftoff function to "get
> or allocate vector"; factored into a builtin call to avoid generating
> more code for every function.
>
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3939667
> Cr-Commit-Position: refs/heads/main@{#83610}
R=jkummerow@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I7d7e65a32e89285cb583216455ea1b9a490cb16b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968705
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83861}
We pass the *declared* function index on the stack now, so we must
convert it to a regular function index before using it to look up
the function's signature.
Change-Id: Ib98d71a02ba8ca885136c010cf7dbb6ef7f62950
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971365
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83860}
This enriches KnownNodeAspects to use a map from Node to a set of
Maps, instead of a single map. We update known maps with set
intersection. We recompute the set from scratch, since set removal
is expensive.
It also adapts CheckMaps and CheckMapsWithTransition to support
a set of maps.
Bug: v8:7700
Change-Id: I0c16a456a1a186aaedcbacf2491ec4f0cb8b0682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3966441
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83859}
Similar to how `time COMMAND` measures time, `rss.py COMMAND` measures
memory consumption, by sampling RSS (Resident Set Size) for the child
process in /proc at a configurable interval (default: every 1ms).
No-Try: true
Change-Id: I381cdd6325fae67944ee96e44ba09dd948d432cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971360
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83858}
Make maglev less aggressive, and TF a little more again. Maglev deopts
will ensure that we'll back off on TF as long as feedback changes.
Bug: v8:7700
Change-Id: I98b4c339de598d96329b79d7b6862605f9bfd87c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968703
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83856}
PagedSpaceIterator just bailed out on first optional space.
Bug: v8:13267
Change-Id: I6f8dba6c510a641930b364698dc91529b2db1146
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971361
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83855}
%OptimizeFunctionOnNextCall could be called while compilation (Maglev or
Turbofan) was still on-going -- this would make DCHECKs fail when
attempting to save the compiled code on the feedback vector. This is not
an issue normally when tests are carefully crafted, but can easily
happen during fuzzing.
Unify the two %Optimize*OnNextCall paths, and make sure that they check
for in-progress compilation.
Fixed: v8:13404
Change-Id: I021e1305bc2ba769b7484f9a122792aeb22060ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971122
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83854}
Code coverage tests invoke garbage collection, to test that coverage
data is not reclaimed by the garbage collector and that the native
%DebugTogglePreciseCoverage works as intended. One of them tests that
garbage collection indeed reclaims the coverage data, if the above
native is not used. When conservative stack scanning is used, this may
fail.
This CL fixes the tests, ensuring that a precise garbage collection
will be invoked, without scanning the stack. To achieve this, the
garbage collection is invoked not with %CollectGarbage but by using
--expose-gc and the asynchronous execution mode, which ensures that
it will be invoked from the event loop without a stack.
Bug: v8:13257
Change-Id: Id44ef0d442bfd0a8afda282c3345e5ebeb239356
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968708
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83851}
This reverts commit 6e4dea75e8.
Reason for revert: This is blocking HEAD import in Copybara.
Let's test this there first, then backport the change.
Original change's description:
> [bazel] Add hide symbols from release / fast builds
>
>
> Our gn build files hide non-exported symbols by default, which results
> in smaller binaries and can improve build times.
>
> This was not ported to the bazel build and causes binary size
> regressions in google 3.
>
> Change-Id: I285914b83e75bd3bf406e6401f52ddb53230219a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3925698
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83514}
Change-Id: I18561cfdd8a637c100be849c4d6a668c6f3b6080
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971120
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83850}
For memory64, we modified the {consume_resizable_limits} method to
support 64-bit LEBs. This method is not only used for memory limits
though, and other limits should be unaffected (they are always 32-bit
values, even in memory64).
This CL refactors decoding such that the {has_maximum} fields are
initialized earlier, and flags are only decoded once (in particular not
again inside {consume_resizable_limits}. Instead, the caller specifies
whether values should be decoded as 32-bit or 64-bit values.
R=jkummerow@chromium.org
Bug: v8:10949, v8:13401
Change-Id: I2fb76c3efcf153d1490d88c4456de1524fd508b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968482
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83849}
This CL makes the object keeping stack information thread-local, moving
it from Heap to ThreadLocalTop. In this way, stack scanning will work
correctly when switching between threads, e.g., using v8::Locker.
It also introduces a mechanism for setting a stack marker, to be used
for scanning only the part of stack between its start and the marker
(instead of the current stack top).
Bug: v8:13257
Change-Id: I01091f5f49d9a8143d50aeef53789a98bdb29048
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3960991
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83848}
For some reason we overlooked shared memory64 so far. Supporting it is
trivial, we just need to fix flag parsing.
To make parsing simpler, we replace the switch by a bit-decoding logic.
R=jkummerow@chromium.org
Bug: v8:10949, v8:13401
Change-Id: I1d884a174f901ed359c1d385055c9f2d24b0e2f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3967904
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83846}
