This is an attempt to fix a build failure in MSVC14.26.28801.
Bug: v8:10691
Change-Id: Ic4b994b14e1ac70ab95f3da53bd7be382e38a4b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300540
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68884}
... which gets the zone from its ZoneAllocationPolicy instance.
This recovers memory regression caused by adding an AllocationPolicy
instance into TemplateHashMapImpl and therefore to VariableMap.
Bug: v8:10572
Change-Id: I7962b49e5f2669307e58b3ed7b1f29bab1c42cad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2298002
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68879}
In this test we both search and insert a transition in the main thread,
while the background thread searches.
Bug: v8:7790
Change-Id: Ic899f6c36c9bf9f7f5364ea30eb1c875b7ef6535
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2243211
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68878}
... this will avoid the need to pass AllocationPolicy to every method
that can allocate/deallocate and allows to make deallocation method
implementation stateful.
The latter will also allow implementing accounting of deallocated zone
memory.
Adding one more field is generally fine because usually these hashmap
objects are allocated on the stack or inside other rarely-allocated
long-lived objects.
The only exception is Scope class. The Scope objects are created very
often during parsing and each of them has a VariableMap field.
The Scope object size issue will be addressed in a follow-up CL.
Bug: v8:10572
Change-Id: I63fbd41246cf2e568c8ba80c213d3e9caffc2c87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284992
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68877}
The cctests were wrong, since they access the first parameter using `Parameter(0)`. They should instead use `Parameter(1)`, since the index 0 is the receiver, and the receiver is set to be always the undefined object in `FunctionTester::Call`.
The reason it used to work is that the tests would set up an access to the stack with the wrong number of parameters, accessing only a stack suffix.
Change-Id: I02b7ee97c8759c7aecda0338863b7727762df1ba
Bug: v8:10201
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299364
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68876}
The snapshot code assumes that the entire snapshot's length fits into
an int, which implies that it doesn't support individual objects that
are bigger than that. That's okay, because it isn't reachable from
user code, and embedders would notice at compile time when they run
into this limit. So we can just continue to skip the few regression
tests we have for huge TypedArrays in the stress_snapshot variant.
Change-Id: Ib37c0582763d549a3d5c5ccc3a78d200b176f3b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299373
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68874}
This is a reland of 273f4e42e3
Original change's description:
> [heap] Avoid ParkedMutexGuard during allocation
>
> Since main thread allocation does not start incremental marking anymore
> while holding allocation_mutex_, background allocation does not need
> ParkedMutexGuard anymore to avoid deadlocks.
>
> This also means background thread allocation isn't paused anymore to
> perform a GC, which already resulted in subtle bugs (e.g. in
> ExpandBackground with incremental marking). We also do not
> stop-the-world anymore while holding allocation_mutex_.
>
> Bug: v8:10315
> Change-Id: Iadf00bc26434c765722b82a10497ab06151f15cc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2289771
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68754}
Bug: v8:10315
Change-Id: If5aec78370685369ad0f1d7a76002d45f149ddfb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297468
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68873}
Change names of global functions from
globalXYZEvent to handleXYZ format to increase
readability.
Bug: v8:10667
Change-Id: Ie5e7b6b7ab1c535f5c6beb65361d0a78cac96e46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299362
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68872}
This change adds a has_error parameter on the stack
which allows the fast callback to report an error. In case
this parameter is set to non-zero, the generated code calls
the slow (default) callback, which can throw the exception.
Bug: chromium:1052746
Change-Id: Ib11f6b0bef37d5eb1d04cd6d0a3ef59028dcc448
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2183929
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68871}
This CL attaches global functions of the panels
as instance variables of an app class.
Bug: v8:10667, v8:10644
Change-Id: Ib76730652f977ac81e3558ddb18165e938859512
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297476
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68867}
In addition to decoding them, we also have to evaluate the initializer
instructions when instantiating a module.
Drive-by fix: use "big-endian" encoding (prefix comes first) when
emitting initializers in the module builder.
Bug: v8:7748
Change-Id: Idfa0f5db298a8f6c6100fc09e1984e4a2e170e4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2298004
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68866}
mjsunit/regress/regress-896326.js failed on mips simulator, because mips
simulator has larger stack size and won't throw the expected RangeError
exception.
This CL set sim-stack-size to 100K in regress-896326 just like setting
the native machine's stack-size.
Change-Id: I51328b10a7b54addab2adb90401680c0581d7ee2
Bug: v8:10709
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299880
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68865}
This CL maps the colors being used in
the web app to variables to make it easier to
change color palette without having to track color
changes across files.
Bug: v8:10673
Change-Id: Icf1c53396b8a831367c4ed420931e6233d780a07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2298005
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68864}
When creating a new JSFunction (either through Factory::NewFunction or
the FastNewClosure builtin), install the cached Code object if one
exists. In the former, this happens explicitly; in the former implicitly
through %CompileLazy.
Drive-by: Clean up nci tracing methods.
Drive-by: Rename maybe_has_... to may_have_cached_code.
Bug: v8:8888
Change-Id: I98d87df10df496c45749b3fd76c072c36af45b68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2294662
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68863}
With CagedHeapLocalData, size of allocatable area in the caged heap has
reduced, but CL that introduced it didn't change the size passed to
BoundedPageAllocator.
Change-Id: I3720820589c88c3467af68cd7da1b305dc5a77b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297474
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68862}
This is a follow-up fix for
https://chromium-review.googlesource.com/c/v8/v8/+/2292230
In this CL fixes the case when the property cell is added to the
dictionary but the value is not actually stored which leaves
PropertyCell with the hole in the dictionary.
Now the logic for GlobalDictionary matches the logic for
NameDictionary - the property cell is added to the dictionary in
LookupIterator::ApplyTransitionToDataProperty().
Bug: chromium:1104711, chromium:1105383
Change-Id: I56da16d85d13288fbc41fd60dbce556fec5e7d18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297472
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68860}
This CL fixes the Map Panel colors. The getColor
function of Edge class was always falling to the
default color unable to show correct colors in
the timeline panel.
Change-Id: Ide13b35703a656251222f512b2b9282f9f34cc04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297473
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#68859}
Instead of storing a weak pointer per isolate, store exactly one weak
pointer to the native module per engine.
This is a small preparation for switching to the jobs API.
R=ahaas@chromium.org
Bug: chromium:1101340
Change-Id: I5f6590421c890998aa95a0a3b34596f59f2f2690
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297471
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68858}
Change-Id: I946c9f0db1dcb91ab9414be2de8285444741ca3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2293499
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68855}
Make locales and options required
and no default for type in options.
Bug: v8:10623
Change-Id: I5df065a95e82ecb3b8b036d1b4738f296aa7243f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2291617
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68854}
Adds basic framework to pipeline.cc to enable a seperate fast register
allocator for the TurboProp mid-tier. As part of this, common logic as
well as a base class for RegisterAllocationData is moved to a seperate
register-allocation.h header file. The current register allocator's
RegisterAllocationData is renamed to TopTierRegisterAllocationData, and
the former name is the new base class held in PipelineData.
BUG=v8:9684
Change-Id: I28285b7d6112505bf90e88ea3cda66d03dfabc74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295359
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68852}
Currently, when specifying '--help' with mksnapshot it will only
print the v8/d8 help message and options and then exit the process.
This means that the usage message from mksnapshot will never be
displayed.
This commit suggests adding an option to SetFlagsFromCommandLine that
can disable this printing and exiting. This allows mksnapshot to display
the usage and print the options after that.
While this works, it does seems a little strange that
SetFlagsFromCommandLine prints the help message and exits the process
but I'm probably missing some background details around this.
Change-Id: I28932adf3478b88b05eed4db70bf74946f8abf2d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2290852
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68851}
There is a sign-extension bug happening when packing 2 32-bit ints into
a 64-bit int. We are OR-ing int32_t with a uint64_t, so an integral
conversion converts int32_t to uint64_t, which is a sign extension, and
this gives unexpected results for a negative value:
0x80000000 | uint64_t{0} -> 0xffffffff80000000
What we want is 0x0000000080000000.
Created a helper function to do this work of combining two uint32_t
into one uint64_t. The use of this function will also ensure that
if callers passed a int32_t, it would first be converted to a
uint32_t, and will not have this sign extension bug.
Sneaked a small regression test into the existing v128.const cctest,
and also cleanup the loop to reset `expected` array to 0.
Bug: chromium:1104033
Change-Id: Icaca4c5ba42077dd4463697b9220cdbca9974b5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2293044
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68850}
This CL modifies the logging pipeline of V8 to track
timestamps of the IC events across the log file.
Modifies the current IC-explorer's code to make it
compatible with the IC event time processing.
Change-Id: I2a0f652e2657bdebe8cecd7862a7545f7b050cdb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2274613
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68849}
The host object may have an impossible markbit pattern if it is a
one-word filler followed by an already marked object.
Bug: v8:10698
Change-Id: I498e6f0768fbdb181fc893f98f224dd3cd0e37e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295600
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68848}
This CL identifies dependencies between modules
and convert existing javascript files to ES6
standard modules.
It cleans the unused code and remove duplicate
code throughout the app.
Bug: v8:10670
Change-Id: I787de8ca0d76c56aec5aeb3faa94a9e158a94c72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2292237
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68847}
This CL adds input fields to the IC Panel to filter
IC events based on the event creation time.
Filtered events across time reflected back to the IC-panel
statistics which helps to examine statistics about
the events in the selected time range.
Change-Id: Ib2d66caab25140b09daa4d6249758254f8c75ce8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295601
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#68845}
Before actually failing to allocate, let the background thread help to
sweep all pages of that space.
As a drive-by also rename allocation functions to make background and
main thread allocation more similar.
Bug: v8:10315
Change-Id: I26d4b622de949d4943e35071cee1df8b3d2889c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297383
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68843}
Help sweeper tasks complete sweeping sooner but do not refill free
lists on shutdown.
This races with allocating background threads. Background threads will
refill free lists themselves if more memory is required.
Bug: v8:10315
Change-Id: Ie615983229701e8c9434b4352bd055e9dbbb8671
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297466
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68842}
The named LoadIC code was missing a check for "names" that
convert to TypedArray indices. This was flushed out by the
recent bump of the max TypedArray size from 2^32-1 to 2^32.
Named StoreICs had the same bug; fixed here as well.
Bug: v8:4153
Fixed: chromium:1104608
Change-Id: I6bd2552d6ccc238104f92e7b95d19970d4a75dae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295606
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68840}
For the first test, we just test that we can search on two threads at
the same time. This CL sets the base for the future tests for more
complicated cases.
Bug: v8:7790
Change-Id: I1becf4493897b55e7ee0a7f37ab5bf1203bf14eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2241530
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68838}
... on Code objects.
Refactors: create a dedicated WasmCode constructor, hide the internal
constructor, constify members, and let SafepointTable handle
out-of-line tables.
Expose a new Code::SafepointTableAddress() helper as the source of
truth. Some safepoint tables may move out-of-line in the near future.
Bug: v8:7777,v8:10707
Change-Id: I4e2d954ed2d157235e9dfa3e7a5ca08800896683
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297459
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68837}
This CL adds functionality to read the source positions directly
from the JS heap rather than from serialized data.
In order to do this, we create a PersistentHandles container in the
OptimizedCompilationInfo which gets passed onto the JSHeapBroker. This
allows us to create the handles in the main thread and pass them safely
to the background thread.
In order to read safely from the background thread, we need a LocalHeap
which blocks the GC from running and potentially moving the handles.
This LocalHeap is created only when the JSHeapBroker has finalized
serializing and destroyed when retiring it.
Bug: v8:7790
Change-Id: I19f8b08d12e5be0a3df34d6af2043310c0c7b6fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2277802
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68836}
