Previously, the parameter count for CSA-generated array builtins needed to be
specified both in the TFJ list of builtins as well as in the bootstrapper when
installing each builtin. This patch adds a utility function that returns the
arity of builtins, including CSA-generated array builtins, given the builtin's
name. This function is now used by the bootstrapper and thus removes the need
for the explicit duplication.
R=ishell@chromium.org
BUG=v8:1956
LOG=N
Review-Url: https://codereview.chromium.org/2852833002
Cr-Commit-Position: refs/heads/master@{#45033}
This introduces MarkingDeque::Update function that accepts a callback
and updates marking deque elements using the callback.
BUG=chromium:694255
Review-Url: https://codereview.chromium.org/2854063002
Cr-Commit-Position: refs/heads/master@{#45032}
Add a new flag --min-inlining-frequency, defaulting to 0.15, which
serves as a minimum threshold for callsites to be considered by the
TurboFan inlining heuristic. Call sites with a frequency below this
(i.e. a call site that is only hit every 10th invocation of the caller)
are not considered for inlining.
BUG=v8:4493,v8:5267
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2859433002
Cr-Commit-Position: refs/heads/master@{#45031}
This reverts commit c5ad9c6d8e.
Reason for revert: Fails on gc stress:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/12661
Original change's description:
> [TypeFeedbackVector] Store optimized code in the vector
>
> Since the feedback vector is itself a native context structure, why
> not store optimized code for a function in there rather than in
> a map from native context to code? This allows us to get rid of
> the optimized code map in the SharedFunctionInfo, saving a pointer,
> and making lookup of any optimized code quicker.
>
> Original patch by Michael Stanton <mvstanton@chromium.org>
>
> BUG=v8:6246
>
> Change-Id: I60ff8c408c3001bc272b4b198c9cbaea2872a9e5
> Reviewed-on: https://chromium-review.googlesource.com/476891
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45022}
TBR=ulan@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org,mvstanton@chromium.org,jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6246
Change-Id: I9cd5735b03898cae6ae7adea0f19d32fceb31619
Reviewed-on: https://chromium-review.googlesource.com/493287
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45027}
Remains to port these fixes over to gyp.
R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org
BUG=v8:6325
Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb
Reviewed-on: https://chromium-review.googlesource.com/490108
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45026}
The test and associated bug have been fixed a while ago.
BUG=chromium:336820,v8:6325
Review-Url: https://codereview.chromium.org/2851343002
Cr-Commit-Position: refs/heads/master@{#45023}
Since the feedback vector is itself a native context structure, why
not store optimized code for a function in there rather than in
a map from native context to code? This allows us to get rid of
the optimized code map in the SharedFunctionInfo, saving a pointer,
and making lookup of any optimized code quicker.
Original patch by Michael Stanton <mvstanton@chromium.org>
BUG=v8:6246
Change-Id: I60ff8c408c3001bc272b4b198c9cbaea2872a9e5
Reviewed-on: https://chromium-review.googlesource.com/476891
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45022}
Currently used for observing moves for profiling. In the future this
will be used to transfer colors for the minor MC too.
BUG=chromium:651354
Review-Url: https://codereview.chromium.org/2846043003
Cr-Commit-Position: refs/heads/master@{#45021}
Give the IC one more chance to get itself into a state that's in
line with Turbofan's capabilities and the following assertOptimized
expectation.
BUG=v8:6101,v8:6325
Review-Url: https://codereview.chromium.org/2848193003
Cr-Commit-Position: refs/heads/master@{#45020}
This ensures exceptions thrown during parsing are properly propagated
into the surrounding {v8::TryCatch} block. Otherwise running more than
one test input in the same Isolate can fail due to pending exceptions.
R=jochen@chromium.org
BUG=chromium:715037
Change-Id: Iaa5735515dc097d8cb12dcf8672451f3c9503440
Reviewed-on: https://chromium-review.googlesource.com/490047
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45019}
This commit adds a getter for the private is_verbose_ member.
The use case for this comes from Node.js where the ability to avoid
calling FatalException if the TryCatch is verbose would be nice to have.
BUG=
Review-Url: https://codereview.chromium.org/2840803002
Cr-Commit-Position: refs/heads/master@{#45018}
As jobs are picked up in the same order by background tasks as they are
when FinishAll is called it may happen that the main thread just waits
for background threads without doing any work. So first run jobs, that
are not running in background, to completion and then wait for remaining
jobs to finish.
BUG=v8:6093
Change-Id: Ica83db2a504771b633cfdfc4e95e1ac8e43111d6
Reviewed-on: https://chromium-review.googlesource.com/488244
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#45017}
While parsing top-level code eager functions are skipped just like lazy
ones, but also a parse task is created for each.
The parse tasks are run by the compiler dispatcher and can be executed
either on background thread or in idle time.
After parsing of top-level code finishes it waits for all unfinished
parser tasks - possibly picking up and executing them on current thread.
Afterwards parse task results are stitched together with top-level AST,
in case of failures eager functions are treated just like lazy -
parsing/compilation is retriggered for them in the runtime and proper
errors are generated (performance is not optimized for error case at
all).
BUG=v8:6093
Change-Id: Ie6508211a04b90becfe44139cce1c8ecec386b6e
Reviewed-on: https://chromium-review.googlesource.com/486725
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#45016}
ErrorThrower is not concurrency safe, thus we should not use it from
background tasks. Instead, allocate an ErrorThrower whenever we
actually want (or might) throw.
Pass the ErrorThrower from step 4 to step 5 explicitly.
R=ahaas@chromium.org, mtrofin@chromium.org
Change-Id: Ifb6b16cab7939ec9c81e4f2db59ee42d5ddd7f85
Reviewed-on: https://chromium-review.googlesource.com/489501
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45015}
In the simulators, the ExternalReference constructor rewrites external
addresses, which involves mutating a linked list rooted in the isolate.
We already construct external references concurrently (at least in Turbofan),
but the list mutation was not thread-safe (though no crashes are known). This
CL adds the necessary locking.
BUG=v8:6048
Review-Url: https://codereview.chromium.org/2852983002
Cr-Commit-Position: refs/heads/master@{#45014}
As required by #sec-built-in-function-objects.
They were strict functions before (see
e2f1c26982), but that got lost when they
were ported to ASM builtins.
This makes optimized and non-optimized code agree on the same behavior
in regress-105.js.
BUG=v8:105,v8:5778,v8:6325
Review-Url: https://codereview.chromium.org/2848313004
Cr-Commit-Position: refs/heads/master@{#45012}
getPossibleBreakpoints implementation can enforce function compilation which potentially can produce syntax error, we need to have a context to correctly report this error.
BUG=chromium:715334
R=dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2851853002
Cr-Commit-Position: refs/heads/master@{#45003}
This makes the size of the class smaller by 8 bytes on 64-bit. I looked at the usage
pattern. Even though it seems the number of instances doesn't get higher
than a few thousand, this class is still very hot because it is constructed and
passed by value a lot. So perhaps reducing the size would make passing this
class by value or growing arrays more optimal and might save some cycles.
Before:
class v8::internal::compiler::Constant [sizeof = 24] {
[sizeof=4] v8::internal::compiler::Constant::Type type_
<padding> (4 bytes)
[sizeof=8] __int64 value_
[sizeof=4] v8::internal::RelocInfo::Mode rmode_
<padding> (4 bytes)
}
After:
class v8::internal::compiler::Constant [sizeof = 16] {
[sizeof=4] v8::internal::compiler::Constant::Type type_
[sizeof=4] v8::internal::RelocInfo::Mode rmode_
[sizeof=8] __int64 value_
}
BUG=chromium:710933
Review-Url: https://codereview.chromium.org/2841343002
Cr-Commit-Position: refs/heads/master@{#45001}
The error thrower did allocate the exception at the moment the error was
detected. For async compilation, this meant in another step than when
it was actually thrown. Since the HandleScope of the exception already
died at that point, this would have lead to memory errors.
With this refactoring, we only store the information needed to generate
the exception in the ErrorThrower, and only generate the exception
object once it is actually needed.
With regression test.
R=ahaas@chromium.org, mtrofin@chromium.org
Also-by: ahaas@chromium.org
Change-Id: Iffcab1f8d1cf5925e3643fcf0729ba9a84c7d277
Reviewed-on: https://chromium-review.googlesource.com/490085
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45000}
This CL changes certain frequently-called Array builtins to use CodeStubArguments
rather than peek at the stack frames above array builtins to determine if options
arguments have been passed into them.
Previous failure likely due to unfortunate/unluckily timed GC that moved due to
changed timing/allocation from this CL. Test mitigation for allocation-site-info.js
included.
BUG=v8:1956
LOG=N
Review-Url: https://codereview.chromium.org/2829093004
Cr-Commit-Position: refs/heads/master@{#44998}
Reason for revert:
Still fails. Likely has to do with gc heap size for allocation site tests, mitigation pending...
Original issue's description:
> [turbofan] Reland: Avoid going through ArgumentsAdaptorTrampoline for select CSA array builtins
>
> This CL changes certain frequently-called Array builtins to use CodeStubArguments
> rather than peek at the stack frames above array builtins to determine if options
> arguments have been passed into them.
>
> Previous failure cannot be reproed with failing config. Flake?
>
> BUG=v8:1956
> LOG=N
>
> Review-Url: https://codereview.chromium.org/2829093004
> Cr-Commit-Position: refs/heads/master@{#44996}
> Committed: 7ca381e847TBR=mvstanton@chromium.org,ishell@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1956
Review-Url: https://codereview.chromium.org/2851063002
Cr-Commit-Position: refs/heads/master@{#44997}
This CL changes certain frequently-called Array builtins to use CodeStubArguments
rather than peek at the stack frames above array builtins to determine if options
arguments have been passed into them.
Previous failure cannot be reproed with failing config. Flake?
BUG=v8:1956
LOG=N
Review-Url: https://codereview.chromium.org/2829093004
Cr-Commit-Position: refs/heads/master@{#44996}
Reason for revert:
Nosnap failure
Original issue's description:
> [turbofan] Avoid going through ArgumentsAdaptorTrampoline for select CSA/C++ builtins
>
> This CL changes certain frequently-called Array builtins to use CodeStubArguments
> rather than peek at the stack frames above array builtins to determine if options
> arguments have been passed into them.
>
> BUG=v8:1956
> LOG=N
>
> Review-Url: https://codereview.chromium.org/2829093004
> Cr-Commit-Position: refs/heads/master@{#44994}
> Committed: 680356278dTBR=mvstanton@chromium.org,ishell@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1956
Review-Url: https://codereview.chromium.org/2851703005
Cr-Commit-Position: refs/heads/master@{#44995}
This CL changes certain frequently-called Array builtins to use CodeStubArguments
rather than peek at the stack frames above array builtins to determine if options
arguments have been passed into them.
BUG=v8:1956
LOG=N
Review-Url: https://codereview.chromium.org/2829093004
Cr-Commit-Position: refs/heads/master@{#44994}
This reverts commit 4968b2c4d1.
Reason for revert: Speculative revert for severe perf regression
https://bugs.chromium.org/p/chromium/issues/detail?id=716468#c3
Original change's description:
> [intl] Switch to using declared accessors
>
> This patch cleans up the Intl code by switching to using declared
> accessors, rather than embedder fields, for holding references to
> ICU objects. Additionally:
> - Rename classes to be more similar to how other classes are named
> - Make some unreachable paths into check-fails, rather than throwing
> JS exceptions
> - Move some macros from objects-inl.h into object-macros.h, to allow
> the implementation here to not touch objects.h
> - Some setup logic is moved from runtime-i18n.cc to i18n.cc.
>
> This patch leaves type tags as they are; a future patch should move
> from a special Intl type tagging system to object types as other system
> objects use. Future patches should also move more logic to i18n.cc
>
> BUG=v8:5402,v8:5751,v8:6057
> CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
>
> Change-Id: Ia9cbb25cf8f52662e3deb15e64179d792c10842c
> Reviewed-on: https://chromium-review.googlesource.com/479651
> Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44804}
TBR=adamk@chromium.org,marja@chromium.org,mstarzinger@chromium.org,littledan@chromium.org,jwolfe@igalia.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:5402,v8:5751,v8:6057
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I7a45d7def1f1de0f21e3efb7de9b31f6bcfea46d
Reviewed-on: https://chromium-review.googlesource.com/490328
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44992}
The current test/fuzzer/wasm directory is used for two things:
1) as the corpus directory for clusterfuzz
2) to test in v8 that the fuzzer runs correctly.
With the newly added files from the wasm spec tests this directory grew
quite big and adds unnecessary load on the trybots. Therefore I want to
do the following steps:
1) In this CL for V8: create a new directory for the clusterfuzz corpus
2) In chromium: use the new corpus directory
3) In v8: clean up the old directory to use it on the trybots.
R=bradnelson@chromium.orgCC=mmoroz@chromium.org
Change-Id: If690022558bb5780edf5a3649fb9745ef9c7407a
Reviewed-on: https://chromium-review.googlesource.com/490367
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44991}
- we should always set creation async stack if it's available regardless existing of current parent async stack,
- we should cleanup parent link iff there is no creation and schedule async stack for parent.
Let's consider example: Promise.resolve().then(x => x).then(x => x), there is three promises which will call following instrumentation:
1) created #1 (Promise.resolve()) - collected stack #1
2) scheduled #1 - collected stack #2
3) created #2 with #1 as parent (first .then) - collected stack #3
4) created #3 with #2 as parent (first .then) - collected stack #4
5) started #2 - use stack #2 as scheduled
6) scheduled #2 - collected stack #6
7) finished #2
8) started #3 - use stack #6 as scheduled
9) scheduled #3 - collected stack #7
10) finished #3
If we collect stacks between step 4 and 5, it's possible to collect scheduled stack #2 but still have creation stack for #2 - stack #3 - so we always need to add creation event if scheduled is collected.
If we collect stacks between created and scheduled we should not remove parent link even if parent was not scheduled yet.
BUG=v8:6189
R=dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2844753002
Cr-Commit-Position: refs/heads/master@{#44990}
Only WASM has the notion of changing the maximum memory pages. This
CL corrects the UMA stats to only collect this data for WASM only.
BUG=v8:6321
R=bradnelson@chromium.org,bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2845163002
Cr-Commit-Position: refs/heads/master@{#44988}
1. Replaces --crankshaft with --opt in tests.
2. Also fixes presubmit to check for --opt flag when
assertOptimized is used.
3. Updates testrunner/local/variants.py and
v8_foozie.py to use --opt flag.
This would mean, nooptimize variant means there are
no optimizations. Not even with %OptimizeFunctionOnNextCall.
Bug:v8:6325
Change-Id: I638e743d0773a6729c6b9749e2ca1e2537f12ce6
Reviewed-on: https://chromium-review.googlesource.com/490206
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44985}
