The involved code kinds should no longer appear as part of frames for
{Code} objects since they have been moved to {WasmCode} for quite a
while now.
R=jkummerow@chromium.org
Change-Id: Iadc4ef668ebb56bf418fb706c3f118d9c3b553bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598755
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61347}
Otherwise (this) will leak into a later this=> making it seem like a valid
arrow function head.
Bug: chromium:941703
Change-Id: I5c3ff70f1d525ec0da53b401a0bfec4c1ee7812f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601260
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61345}
If concurrent sweeping is not making progress, then the slow path of allocation
tries to sweep one page before allocating a new page. If that one page happens
to be a never-evacuate page, then sweeping it will not produce any free space.
This is problematic for tests that disable page allocation by setting the
force_oom flag. Such tests become sensitive to the number of pages marked
as never-evacuate (i.e. pages that were deserialized from the snapshot).
Bug: v8:9205
Change-Id: If19a036b67319a5a2170f378f2c07ffa01bb7b27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601259
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61344}
Below change canceled removing x18 from restore_list for deoptimization
entries, but it also doesn't remove it from the saved_register list
which causes x18 be restored incorrectly when deopt happens.
https://chromium-review.googlesource.com/c/v8/v8/+/1583762
Bug: chromium:893460
Change-Id: Iccb950150a07119a3642dc42f044e94eb49db76e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1600674
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61342}
For faster calls from Wasm to C-API functions, passing parameter
values directly instead of through JavaScript wrapper objects.
Change-Id: I31e7d1622dedaf3154483306ab159427ac167663
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591601
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61338}
This fixes a crash when using --trace-ic on Arm64 debug. For a given return
address, the assembler's `target_address_from_return_address()` method will
displace it to give you the call-site address. However, this is fragile because
it needs to decode the instruction stream to distinguish between different call
sequences. So it triggered an assertion on Arm64 because we now use BL for
builtin to buitin calls.
We only use this when tracing IC states to detect if the caller is a deoptimized
function. But to do this it doesn't matter if the address we have is the return
or the call-site address. So we can just remove the need for the fragile
Assembler method.
As a drive-by, also remove `return_address_from_call_start()` which was doing
the opposite and was unused.
Change-Id: I5988d17eadd1652ed85d662e62bc4c579665dd31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594566
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61337}
Lazy compilation no longer asserts the non-existence of code. Code may
exist when tiering finishes (and publishes code) after {CompileLazy}
started execution and before it reached the DCHECK.
Bug: v8:9211
Change-Id: I03ed44da7e16f1e4b4dca4b314a56cf6828bf1a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596447
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61336}
This CL introduces an AnnotationSet to unify annotation handling. Grammar
rules now accept a list of annotations (via annotations Symbol), where an
annotation is an Identifier starting with '@'. The new class AnnotationSet
can be used to restrict the allowed annotations and query presence of annotations
in the Make* functions.
Bug: v8:7793
Change-Id: Iad5435d4a94a3bea99aca76c23d2cffffe78a97f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601142
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61334}
Flatten cons strings into a buffer instead, as we already did for strings
larger than 64 anyway.
Change-Id: Ida7afb9f7ceb38505d67bedfdfbc43c8b4d8c303
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599428
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61333}
The {DiscardSystemPages} call occasionally fails on win32, thus disable
it until the error is found.
R=mstarzinger@chromium.org
Bug: v8:8217, chromium:960707
Change-Id: Idf77dd8e85d3d38cc12a9f4d2db5cc98eb2c7d08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601150
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61331}
This is a reland of 3c51043860TBR=jarin@chromium.org
Original change's description:
> [ptr-compr][turbofan] Calling the non-compressed Tagged loads and stores
>
> This CL changes the instruction selector so that we use the normal load
> and store, instead of the one that (de)compresses.
>
> Also removed "return;"s and "break;"s that were unnecessary.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I4f2a82bfc4d300dd56300f394f59c3f9da242ba8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593296
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61304}
Bug: v8:8977, v8:7703
Change-Id: I3a587662248fad0d633b543ec03f1aba88410ff1
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601151
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61330}
Pass the FunctionLiteral to `SharedFunctionInfo::ToTracedValue()` and
take the source position from that for logging, as the SFI itself might
not have a way to get to the source position in the beginning (currently
that's the case for functions that are marked for eager compilation).
Tbr: ulan@chromium.org
Bug: chromium:956848, v8:8598, v8:9039
Change-Id: I05c31c7d48734f1f301930ba455d3d5a77b9df13
Doc: bit.ly/v8-tracing-signals
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601146
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61329}
MakeExternal can change byteness of strings without updating wrappers; hence we
cannot trust byteness of wrappers. Unwrap the string before checking encoding.
Bug: chromium:960680
Change-Id: I95d2bca906141c0d8b3de8fdac44b9fdb2ef2c43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601140
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61326}
We are changing all heap Tagged loads and stores to used the Compressed
representation. From this point forward,
MachineType::TypeCompressedTaggedXXX has to be used instead of
MachineType::TaggedXXX.
This function was added in the middle of my CLs and therefore was not
included in my wasm CL.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: If3973d436ae04520b36d0f442b7886a58ac901ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601137
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61325}
This reverts commit cc71d5ca52.
Reason for revert: gc-stress failures, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/22357
Original change's description:
> [wasm][gc] Use SetPermissions to discard pages
>
> On 32bit windows, DiscardSystemPages fails sometimes (see bug). We don't
> have a reproducer, so this is a purely speculative fix.
> {SetPermissions} has some platform-specific logic to also discard the
> pages. Specifially, on windows it uses {VirtualFree} instead of
> {DiscardVirtualMemory}.
> {SetPermissions} is also semantically stronger, since it forbids any
> further access to the pages.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:8217, chromium:960707
> Change-Id: I8b3325264c86aff8d6e7c6b01c22ae410e87faf4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601134
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61321}
TBR=mstarzinger@chromium.org,clemensh@chromium.org
Change-Id: Ib2d534a6906ea5d390d08943ea71e1f8799278e8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8217, chromium:960707
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601147
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61324}
Seems like the CodeBuilder CL actually caused this.
This is a reland of 964edc251f
Original change's description:
> [heap] Set read-only space's and its pages' heap_ to null.
>
> Various small changes are required to enable this.
>
> HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
> possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
> This requires that ReadOnlyRoots be construct-able using a raw pointer
> to the read-only space's roots array.
>
> Global read-only heap state is now cleared by tests where appropriate
> and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
> issues easier.
>
> String padding is now always cleared just before read-only space is
> sealed when not deserializing.
>
> Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
> Bug: v8:7464
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61188}
Bug: v8:7464
Change-Id: If75bbd16c2e2af5b80cd60811dfd7866f8be8309
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599186
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61323}
On 32bit windows, DiscardSystemPages fails sometimes (see bug). We don't
have a reproducer, so this is a purely speculative fix.
{SetPermissions} has some platform-specific logic to also discard the
pages. Specifially, on windows it uses {VirtualFree} instead of
{DiscardVirtualMemory}.
{SetPermissions} is also semantically stronger, since it forbids any
further access to the pages.
R=mstarzinger@chromium.org
Bug: v8:8217, chromium:960707
Change-Id: I8b3325264c86aff8d6e7c6b01c22ae410e87faf4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601134
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61321}
Perfetto will actually call this from the main thread in various cases
so we need to implement it.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I509fa277fb0f7e98e9dea4d991a2d313e0a249da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599183
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61320}
This reverts commit 3c51043860.
Reason for revert: Breaks pointer compression bots (https://ci.chromium.org/p/v8/builders/try.triggered/v8_linux64_pointer_compression_rel_ng_triggered/b8914100067516580000)
Original change's description:
> [ptr-compr][turbofan] Calling the non-compressed Tagged loads and stores
>
> This CL changes the instruction selector so that we use the normal load
> and store, instead of the one that (de)compresses.
>
> Also removed "return;"s and "break;"s that were unnecessary.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I4f2a82bfc4d300dd56300f394f59c3f9da242ba8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593296
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61304}
TBR=mvstanton@chromium.org,jarin@chromium.org,solanes@chromium.org
Change-Id: I022895f648b7f9a24944d1c647ba76773cee3669
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8977, v8:7703
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601136
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61319}
The default protobuf compiler main builds generators for the CLI tool
for all the supported languages.
This CL adds a custom main() which only requires the CPP generator.
The protobuf compiler is a build-time dependency so this won't shrink
binary size but will speed up compile a little bit and means we don't
have to list all of the files for the other supported languages in the
build.gn file. That should hopefully make protobuf rolls a bit easier
given that we are maintaining GN build files for protobuf.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: Iac432dfe53b7ac9cfa819be1b2945d5948ffff38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599448
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61317}
This is needed for Perfetto which sometimes chooses to bypass the task
queue if the task queue uses a given thread to run tasks.
Bug: v8:8339
Change-Id: Iecec5e7883d174e4b63495ecdadfb96105e4505c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588471
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61316}
This is a reland of 2d45ecf09f
The reland properly initializes struct fields in unittests. To prevent
this in the future, TorqueCompilerOptions uses brace initialization.
Original change's description:
> [torque] Introduce force_assert_statements compiler option
>
> "assert(...)" statements are usually only visited and generated in
> debug builds. To provide Language Server support for statements inside
> asserts, the force_assert_statements option allows to manually
> override this behavior and visit assert statements in release builds.
>
> R=sigurds@chromium.org
>
> Bug: v8:7793
> Change-Id: I38f48e35f2b0a1a98abb74b7babb1edd2d7dba24
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599180
> Auto-Submit: Simon Zünd <szuend@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61295}
Bug: v8:7793
Change-Id: I96ef863c8c85ae87a00cbe858655d4a2c9368b41
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599599
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61315}
This is the follow-up for frozen, sealed packed elements kind.
Design docs: bit.ly/fast-frozen-sealed-elements-in-v8
This change is only support the transition from holey elements to holey sealed elements (via object.seal) or to holey frozen elements (via object.freeze).
Added tests for non-extensible, sealed, frozen holey elements in https://chromium-review.googlesource.com/c/v8/v8/+/1574503 and https://chromium-review.googlesource.com/c/v8/v8/+/1582481
Bug: v8:6831
Change-Id: Ia4373648f79f2ebebb390982a503145844a0c123
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574777
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61307}
When one of two compared strings is empty, or when both
are the same object, we can skip the calls to Flatten
and into ICU.
Performance results on hikey620(cortex-a53) device:
Speedometer2.0 - no impact.
Jetstream2.0 - only impacts CDJS subtest:
name old score new score delta
CDJS 2.33 ± 3% 2.38 ± 1% +2.35% (p=0.009 n=6+5)
Change-Id: Ibe490f86188caab1d7712b52c610658e1e2b819c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584221
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61305}
This CL changes the instruction selector so that we use the normal load
and store, instead of the one that (de)compresses.
Also removed "return;"s and "break;"s that were unnecessary.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I4f2a82bfc4d300dd56300f394f59c3f9da242ba8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593296
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61304}
In PrepareFunctionForOptimization, for functions that are already optimized
we didn't hold on to the bytecode array strongly. If these functions get
deoptimized before we call OptimizeFunctionOnNextCall, then they need to
be re-optimized again. So we should hold the bytecode arrays for optimized
functions as well. OptimizeFunctionOnNextCall removes it from the table if
the function is still optimized.
Bug: v8:8801
Change-Id: I7f3d94d9842223d85843c9ddb109c8bc9f414891
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599388
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61303}
... to minimize pollution of v8::internal namespace.
This CL also removes usages of WriteBarrierKind from CodeAssembler interface.
Bug: v8:9183
Change-Id: I7e87c0a98cfd08b3740a022cf12d3aab415da67a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599176
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61301}
This is the last string of CLs! We eliminated all Tagged loads and stores.
That's why I also cleaned up that TODO in machine-type.h
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Icb23b396d0cbb6ee914637e34e26b52435f0000c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593085
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61300}
That's the only place where it's used, with a known StringTableKey type.
This also makes MakeThin available on String.
Change-Id: If1aca892045dadae91c902e783822280ae01f485
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598764
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61299}
In the {WasmEngine::RemoveIsolate} method, we might remove the last
outstanding isolate for the current GC. In that case, finish the GC at
that point.
R=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I7d710756d29265e0552fcc318435133f7db03dda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598706
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61298}
This is for the finch experiment CL 1592792 V8HugeMaxOldGenerationSize
(--js-flags="huge_max_old_generation_size").
The purpose of this finch is to support web apps that require more heap
space for their data sets.
The current max_old_space_size is 2 GB. This CL increases the size to 4 GB for
64-bit systems with a physical memory size bigger than 16 GB. This CL does not
change MaxGrowingFactor. HeapController::kMaxSize is still set to 2GB so the
GC schedule remains the same.
All tests from "tools\dev\gm.py x64.release.check" passes in my local machine
with FLAG_increase_max_old_space_size forced to true.
Bug:958974
Change-Id: I9d916d75c0b16342040dd1336e28e423e5bcc474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1592129
Commit-Queue: Maggie Chen <magchen@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61297}
"assert(...)" statements are usually only visited and generated in
debug builds. To provide Language Server support for statements inside
asserts, the force_assert_statements option allows to manually
override this behavior and visit assert statements in release builds.
R=sigurds@chromium.org
Bug: v8:7793
Change-Id: I38f48e35f2b0a1a98abb74b7babb1edd2d7dba24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599180
Auto-Submit: Simon Zünd <szuend@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61295}
DocumentSymbol responses provide all symbols (macros, classes, etc.)
in a given document. The LSP standard evolved over time and supports
two different kind of responses here:
- A simpler one, that is a plain list of all the symbols
- A more detailed one, allowing a hierarchy of symbols. For example
a class symbol has a list of field/method symbols attached. This
is used by editors to build hierarchical outline views.
For now, the simpler response is chosen as its also used for
workspace wide symbol searches.
This CL adds the necessary boilerplate so the actual implementation CL
is easier to review.
R=tebbi@chromium.org
Bug: v8:8880
Change-Id: I6c86fc839b1f4e0309f6403a5f9afd5c162c0e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598757
Auto-Submit: Simon Zünd <szuend@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61294}
The Change nodes have to be explicitly introduced in effect control linearizer
since it runs after the pass that adds the Change nodes automatically.
This is a CL in a string of CLs that aims to eliminate all Tagged loads and
stores. We are getting close to that goal.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I07521edad0d6d28a549572b56edd91aa5ddb7146
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591774
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61293}
This switches --modify-field-representation-inplace to true again, after
the issue with the elements kinds transitions is fixed.
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Doc: http://bit.ly/v8-in-place-field-representation-changes
Bug: v8:8749, v8:8865, v8:9114, chromium:959645, chromium:952682
Change-Id: Ieb9a40d6ff44dd5f327e18ed7e7a169951c58416
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598705
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61291}
This is a step towards reducing the number of StringTableKeys to the absolute
minimum so we can better optimize how they work. This always flattens
ConsStrings into a buffer to avoid expensive comparison with cons string (as
well as hash computation).
Change-Id: I6dcf0bdd2a722f490dad02b7f887083e1ac46000
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598707
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61289}
This is a CL in a string that aims to replace the Tagged loads and stores
nodes that are still being created.
Also took the liberty of cleaning up part of wasm-compiler. There were some
cases where we could have been using the existing macros, but weren't.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Ic6ce2f9dc9f2ad440c91c98b1f449d3c76f42fd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591773
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61288}
This is a reland of cb3caa1ea3
Original change's description:
> [ptr-compr][turbofan] Adding the final compressed access builders
>
> This CL is the final one for the access-builder.cc's changes. There are
> still Tagged loads and stores (e.g in wasm) which will be tackled on
> following CLs.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61272}
Bug: v8:8977, v8:7703
Change-Id: I6bdaad7e6c628dfa6d5a41581fd0ee4ef9d36260
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599168
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61287}
Generalize the existing work-around in the method
`Map::GeneralizeIfCanHaveTransitionableFastElementsKind()` to also go to
the most general field representation (in addition to going to the most
field type) for objects with transitionable fast elements kinds. That
means that we essentially disable field representation tracking for
arrays, arguments objects and value wrappers (for which the field type
tracking is already disabled).
Drive-by-fix: Remove the `constness` parameter to the above mentioned
helper method. And fix the printing of the descriptor expectations to
properly print the field type.
Change-Id: I1bba9415f4bdd2c916f9d105d9120c7071d2c498
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Doc: http://bit.ly/v8-in-place-field-representation-changes
Bug: v8:8749, v8:8865, v8:9114, chromium:959645, chromium:952682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598756
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61284}
We only run one GC at a time. If another one should be triggered before
the previous one finished, that second one is just ignored.
This CL changes that to set a bit on the current GC to trigger another
one once it finished. This fixes situations where
a) a lot of code becomes dead after a GC is triggered but before it
finished, but
b) no more code becomes dead after the GC.
R=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I5b5ca055124f467e1b0d67b8eb818069affc4a1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598696
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61278}
Beside scheduling a foreground task per isolate, do also request a
stack guard interrupt to report live code objects. This ensures that
also workers which never return from wasm code will report their live
wasm code objects.
R=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I07ba9e5125263365596331197813494d8ad5ee89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596739
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61277}
This reverts commit cb3caa1ea3.
Reason for revert: Speculative revert, timeouts on Windows https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20nosnap%20-%20shared/33313
Original change's description:
> [ptr-compr][turbofan] Adding the final compressed access builders
>
> This CL is the final one for the access-builder.cc's changes. There are
> still Tagged loads and stores (e.g in wasm) which will be tackled on
> following CLs.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61272}
TBR=mvstanton@chromium.org,jarin@chromium.org,solanes@chromium.org
Change-Id: I7c1ba713dc808359b97e6fa8f7afaa87c9daad68
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8977, v8:7703
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598703
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61276}
This is a reland of ad44c258d7
Patchset 2 is the original CL
Patchset 3 fixes some misuses of FixedArrayBase::length() and adds some
DCHECKS to flush out any more misuses.
Patchset 4 adds the PPC/S390 port by miladfar@ca.ibm.com.
Original change's description:
> [typedarray] Make JSTypedArray::length authoritative.
>
> This is the first step towards full huge typed array support in V8.
> Before this change, the JSTypedArray::length and the elements backing
> store length (FixedTypedArrayBase::length) were used more or less
> interchangeably to determine the number of elements in a JSTypedArray.
>
> With this change we disentangle these two lengths, and instead make
> JSTypedArray::length authoritative. For on-heap typed arrays, the
> FixedTypedArrayBase::length will remain the number of elements in the
> backing store, but for the off-heap typed arrays, this length will be
> set to 0 (matching the fact that the FixedTypedArrayBase instance does
> not contain any elements itself).
>
> This also unifies the JSTypedArray::set_/length() and length_value()
> methods to only have JSTypedArray::set_/length() which returns/takes
> size_t values. Currently this still requires the values to be in Smi
> range, but later we will extend this to allow arbitrary size_t values
> (in the safe integer range).
>
> Bug: v8:4153, v8:7881
> Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
> Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60648}
Bug: v8:4153, v8:7881, v8:9105
Change-Id: Ic38f833071a723642ebc6f82a4012dbc0878ef98
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594435
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61275}
The implementation is done with a runtime function.
R=mstarzinger@chromium.org
Bug: v8:7581
Change-Id: I5f27b1fdc7cc2baf6919b4db3bf053a350b91a74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596738
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61274}
This reverts commit 758700a708.
Reason for revert: Broken
Original change's description:
> [compiler] Don't collect source positions for the top frame
>
> While most source positions were not collected even throwing exceptions,
> the top frame still was always collected as it was used to initialize
> the JSMessageObject. This skips even that frame, by storing the
> SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> it to lazily evaluate the actual source position.
>
> Also adds tests to test-api.cc that test each of the source position
> functions in isolation to ensure that they don't rely on previous
> invocations to call the source collection function.
>
> Since no source positions are now collected at the point when an
> exception is thrown, the mjsunit/stack-traces-overflow now passes again
> with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> only failure).
>
> Bug: v8:8510
> Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61271}
TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org
Change-Id: I3ee0b5db5f8a1b3255f68070dc10d27d0e013048
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598758
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61273}
This CL is the final one for the access-builder.cc's changes. There are
still Tagged loads and stores (e.g in wasm) which will be tackled on
following CLs.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61272}
While most source positions were not collected even throwing exceptions,
the top frame still was always collected as it was used to initialize
the JSMessageObject. This skips even that frame, by storing the
SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
it to lazily evaluate the actual source position.
Also adds tests to test-api.cc that test each of the source position
functions in isolation to ensure that they don't rely on previous
invocations to call the source collection function.
Since no source positions are now collected at the point when an
exception is thrown, the mjsunit/stack-traces-overflow now passes again
with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
only failure).
Bug: v8:8510
Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61271}
Follow -up CL that aims to eliminate the straggler tagged loads and stores.
It includes a lot of access builder changes. There are 8 access
(2 Any and 6 Pointer) that are still remaining as tagged since changing
those to compressed make some tests fail.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Iad305fd3a2da257764d22bad30b25489f727e676
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588431
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61270}
This is a reland of d14ed12e56
with fix for test failures in lite mode.
When handling load named properties (without feedback vectors) we used
to miss to runtimes if the prototypes aren't set. This was because we
wanted to give the prototype a chance to become fast, since most prototypes
start in slow mode but move to fast after the initial setup. Though this
check is not really useful when we don't have feedback vectors, and once
feedback vectors are allocated we will turn the prototypes fast anyway.
Bug: v8:8394, v8:8860
Change-Id: I5c7b5061e1d9068c72d6f0eea47517880940a054
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591772
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61267}
Torque semantic analysis is now a four-stage process:
1. The TypeDeclarationVisitor introduces a TypeAlias for every
TypeDeclaration* (or derived) in the Torque source, but does
not process the TypeDeclaration* itself.
2. All aliases are resolved in a dependency respecting manner.
This CL also changes struct member resolution to happen at
this point already. Types for classes are created, but their
members are not resolved to allow classes to mutually reference
each other in their field types.
3. 'value' declarations (macros, etc.) are processed.
4. Members of classes are processed.
Bug: v8:7793
Change-Id: I46108555a5cdf30df03c5d4399ec786ee6cc6df4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584319
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61264}
To obtain SourcePositions for unary and binary operators, this CL
changes the "OneOf" parser rule to produce an Identifier*. Forwarding
this new identifier as callee for a CallExpression enables
"goto Definition" support for operators in the Language Server.
Side note: VSCode won't highlight operators with an underlined font
when hovering with Ctrl pressed. "goto Definition" will work
nonetheless using default F12 or Ctrl-Click.
R=tebbi@chromium.org
Bug: v8:7793
Change-Id: Iada06009e324a3de8c453ec058427049e921a70d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598690
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61263}
The Torque compiler generates macros for accessing fields in classes.
These are currently indistiguishable from user defined macros. To
improve the upcoming symbol search in the Torque Language Server, this
CL introduces a flag on macros to differentiate user defined and auto
generated macros.
R=sigurds@chromium.org
Bug: v8:7793
Change-Id: I84a8ab14535ec779494b5b2e887fda8fc4edf3e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598688
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61261}
The call to EnsureSourcePositionsAvailable for a given SharedFunctionInfo
is now done in the serializer for each SFI that is marked as serialized for
compilation. This will enable brokerization of the JSInliner class.
Change-Id: I7821a50fcac8a3e19386e98758f2b0dea3023bb6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1582400
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61260}
This reverts commit efd8c2d975.
Reason for revert: Performance regressions (chromium:958035)
Original change's description:
> Remove --win64-unwinding-info flag and always generate unwind info on Win/x64
>
> The generation of unwind info to enable stack walking on Windows/x64
> (https://chromium-review.googlesource.com/c/v8/v8/+/1469329) was implemented
> behind a temporary flag, in order to coordinate these changes with the
> corresponding changes in Chromium.
>
> The required changes to Chromium
> (https://chromium-review.googlesource.com/c/chromium/src/+/1474703) have also
> been merged, so we can now remove the flag and enable the generation of stack
> unwinding info by default on Windows/x64.
>
> Bug: v8:3598
> Change-Id: I88814aaeabecc007f5262227aa0681a1d16156d5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1573138
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Paolo Severini <paolosev@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#61020}
TBR=ulan@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,paolosev@microsoft.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Tbr: ulan@chromium.org,mstarzinger@chromium.org,paolosev@microsoft.com
Bug: v8:3598, chromium:958035
Change-Id: Ia86a230ee83080ed8ace43e4641c8c1013043df4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598748
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61259}
This reverts commit b51404a8a1.
Reason for revert: Need to revert this change due to a revert on this commit: 1810066662
Original change's description:
> PPC/S390: [typedarray] Make JSTypedArray::length authoritative.
>
> Removing NumberToSize on PPC and S390.
>
> Port ad44c258d7
>
> Change-Id: Ic5d3132f1bb396f07a26399d2e3f6aca4689aa3f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1554227
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60691}
TBR=jarin@chromium.org,titzer@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,miladfar@ca.ibm.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: Idd6cf715ce25ed35f9cb55c70e20183072c660d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598308
Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61257}
mips load/store instructions can only handle when the memory offset is in range
[int16_min, int16_max], when beyond this range, we can use macro instructions which
will adjust base and offset first.
Change-Id: I84319b7fef9de8d0b8f507374654e38827503bdd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596046
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#61255}
Bug: v8:8996
Change-Id: Ie4b17928fcb9d426bade5afc1238d24bc75ec13e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594275
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#61252}
It's not necessarily helpful, and can actually cause pretty bad performance and
memory usage.
I moved up the next_ field to where allocation_ used to be since apparently the
alignment caused by it has huge impact on perf (>10% diff...) at least on my
machine.
Change-Id: I1026a2e954d061b1a178f6a733d8ef81ae6d0cab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594432
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61250}
Error messages are unspecified in JavaScript and occasional small
differences in the compared configurations lead to an unjustified
maintenance burden of correctness-fuzzing issues.
This CL replaces most error messages with a fixed suppression
message during correctness fuzzing (behind a flag).
The flag covering all extra behavior for correctness fuzzing is now
renamed to --correctness-fuzzer-suppressions.
Bug: chromium:958668,chromium:946476
Change-Id: Iba1197f765138a962d5bbb176730322e5a411707
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594730
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61249}
Original change's description:
> [runtime] Inline SeqOneByteSubStringKey IsMatch and AsHandle
>
> The performance actually matters to JSON parsing and this improves it by a % or
> 2.
>
> In the longer run we should probably share the IsMatch implementation in
> StringTableKey directly and call a virtual GetBytes on the key implementation.
>
> Change-Id: I838a106f9c8c52f0385057a52a8c0b9141ae025b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589977
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61183}
Change-Id: I3fc73b4d123f193f7c2ce3078b0b030a652efc17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596735
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61248}
This is a reland of b0c4a8764b
Original change's description:
> [json] Speed up json parsing
>
> - scan using raw data pointers + GC callback
> - scan using scanner tables
> - cap internalizing large string values
> - inline fast transitioning logic
>
> Fixes previous CL by moving AllowHeapAllocation to callers of
> ReportUnexpectedCharacter where needed to make it clear we need to exit.
>
> Tbr: ulan@chromium.org
> Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61159}
Change-Id: I0d713e02d243723df2d2a7c252eae44a6648b6b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596444
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61247}
Until this CL, the Memory benchmark was the only one to be based on a
cctest runner; all others use d8. Besides being a tedious exception to
the rule, this caused issues such as described in the linked bug
(summary: refbuilds are built with v8_static_library, and neither
cctests nor unittests support this configuration).
Here, we move the Memory benchmark into a d8 runner.
Bug: v8:9189, chromium:957029
Change-Id: I9b45ff36f4842cb0bdef2c1c4b0184c5509d3385
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588464
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61245}
To reduce physical memory consumption, discard code pages that are
fully freed.
To determine pages which only become fully free after several freed
wasm code objects, this CL adds a {DisjointAllocationPool} to track all
freed code ({freed_code_space_} in {NativeModule}).
R=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I22ad92d2c0bd4469e92f0dfd5aec05c03b5a47d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594728
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61244}
This fixes a performance regression.
Bug: v8:9197, chromium:958730
Change-Id: I70a59dd85d74275b967a196e9ab4623293b92756
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596446
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61241}
The interpreter accesses code directly from the code manager. With lazy
validation, however, this code is not guaranteed to exist. The
interpreter now checks for this and compiles it lazily if needed. It
also handles exceptions that may arise from lazy validation.
Bug: v8:9003
Change-Id: I37c365f0a4d755ed55630d01c8526f2a3efa9a9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594567
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61240}
This fixes the source position printed in the stack trace for exceptions
thrown from within Wasm code. Specifically this affects the stack trace
attached to the exception object, as well as the message propagated to
the console. Both are tested by the new message test.
R=clemensh@chromium.org
TEST=message/fail/wasm-exception-throw
BUG=v8:8091
Change-Id: I5b2f76191cf47457ac113dce9d9601a8a810ee19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591603
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61239}
It was a std::list for no obvious reason. This CL turns it into a
vector, which is the standard data structure we use if we don't have
any special requirements.
R=mstarzinger@chromium.org
Change-Id: Iefc321db9327e0743772dd804e2325266a9bff64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594727
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61235}
This CL improves SourcePosition support inside the Torque compiler.
It starts with the parser, where the SourcePosition of the
MatchedInput now encompasses all tokens, not just the first one.
Second, AST nodes can now be created with an explicit source position.
This can be used to forward the "all encompassing" source position
via MatchedInput -> ParseResultIterator to AST nodes.
Third, declarables are extended to hold two different SourcePositions:
- One represents the whole declarable. For a macro this would
inlcude the body as well as the signature.
- The other is the SourcePosition of the identifying part of a
declarable. In most cases this is the name. For the rest this
will stay invalid.
R=sigurds@chromium.org, tebbi@chromium.org
Bug: v8:7793
Change-Id: I509f83aeef7a040d0ea6363b5b7c31ff1b11f47b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591600
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61234}
This CL extends the stack frame API to include a flag to distinguish
between user and V8 builtin frames. The intention is to extend the API in
a later CL, so stack traces include builtin frames.
This flag gives embedders more control what to do with builtin frames.
R=jgruber@chromium.org, yangguo@chromium.org
Bug: v8:8742
Change-Id: Ieda5782dd2073c1e7fd49492bfdfa829a43dc710
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1583723
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61233}
Remove DCHECK because the interpreter may still have activations when
the isolate is torn down. This can happen in particular, when {quit} is
called in d8. A test for this will follow when v8:9209 is resolved.
Change-Id: Ia3ab0daa061d6427df3f778ba5fb195218910280
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594560
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61232}
FNMUL is efficient arm64 instruction, which can save 1 cycle
by optimizing FNEG(FMUL x y)) to FNMUL x y and
FMUL((FNEG x) y) to FNMUL x y
Change-Id: If25d9de1253098b17033a9d8736ff6a1c06601f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1572681
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61230}
This CL adds navigation support for labels in "goto" statements.
Similar to labels listed in the "otherwise" clause of call expression,
definitions of such a label can be found in two places:
- The signature of the current macro.
- A label block of a "try" statement that surrounds the "goto".
R=sigurds@chromium.org
Bug: v8:8880
Change-Id: I6c5ebea0b0f80b1882e6672bbb0f45196a7201ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594433
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61229}
This CL adds navigation support for labels listed in the "otherwise"
part of a call expression. There are two places where a definition for
such a label can be found:
- The signature of the current macro (caller)
- A label block of a "try" statement that surrounds the call
expression.
R=tebbi@chromium.org
Bug: v8:8880
Change-Id: If8849ad29abcf94f301d7a51e3e52c5517601bc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593295
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61228}
Bug: v8:8996
Change-Id: I86104991d9732157c1fbdff273046bf4f7e0186f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593853
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61221}
My recent change
https://chromium-review.googlesource.com/c/v8/v8/+/1570666 introduced an
error, found by ClusterFuzz, because I forgot to use EnsureSpace in a
new method in assembler-x64.
Bug: chromium:959014
Change-Id: I4c1b564b05de6d4403632e1521520f87706d56c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594977
Auto-Submit: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61219}
This reverts commit 964edc251f.
Reason for revert: chromium:959190
Original change's description:
> [heap] Set read-only space's and its pages' heap_ to null.
>
> Various small changes are required to enable this.
>
> HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
> possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
> This requires that ReadOnlyRoots be construct-able using a raw pointer
> to the read-only space's roots array.
>
> Global read-only heap state is now cleared by tests where appropriate
> and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
> issues easier.
>
> String padding is now always cleared just before read-only space is
> sealed when not deserializing.
>
> Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
> Bug: v8:7464
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61188}
TBR=ulan@chromium.org,hpayer@chromium.org,delphick@chromium.org,goszczycki@google.com
Change-Id: I53cecf3976dfeabae309040313351385f651f010
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7464, chromium:959190
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591608
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61217}
This is a reland of b6fb27077d.
Unchanged reland, TSan issue were fixed in https://crrev.com/c/1593340
and https://crrev.com/c/1594553.
Original change's description:
> [wasm][gc] Free WasmCode objects
>
> This adds the next step to freeing code: We free the actual C++
> {WasmCode} objects. This will cause UAF if any C++ code uses stale
> references.
> The underlying machine code will still not be freed.
>
> For simplicity, this CL changes the vector of owned_code to an ordered
> set, such that lookup and removal is much simpler. The drawback is that
> insertion is now more expensive.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:8217
> Change-Id: I07fc81167816637fbaad6c06ff79e3f952f2fde8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593080
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61165}
TBR=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I809832bb609663d794c7aafcf071823db7fb6212
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594436
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61215}
Keep the existing method for compatibility, by converting
to json from CBOR using the inspector_protocol_encoding library,
via a v8 specific interface library that directs routines for
converting between strings and doubles to v8's implementations.
This change also brings in the encoding.h / encoding.cc files from the
upstream inspector_protocol project. The only modification here
are the header guards, and the namespace. I will fix roll.py to
make it so that we pick up future changes.
third_party/inspector_protocol/BUILD.gn is specific to v8, by necessity.
third_party/inspector_protocol/.clang-format is a copy of the upstream
file. If we don't put this, we'll find ourselves auto-formatting the roll,
which is annoying.
This is a reland of
https://chromium-review.googlesource.com/c/v8/v8/+/1590627 with the
only modification in the DEPS file; this time I'm including
third_party/inspector_protocol/encoding/encoding{.h,cc} in addition to
the relative include there. Not sure why this is needed but I'm hoping
it gets me past the presubmit which may resolve the include path
relative to the V8 base (the ../../third_party is needed for when V8 is
embedded into Chromium).
Change-Id: Ic76b2b5faa7e1cbdceb15aff3f369e9a303e3e85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593646
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61214}
CodeBuilder was calling AllocateRawWithLightRetry when it should have been
calling AllocateRawWithRetryOrFail (and vice versa).
Also improved variable naming.
Bug: chromium:957934
Change-Id: I03a95165f6d5b44c1f47d08d338d48bcc37c6d04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590075
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61210}
Based on Primiano's prototype:
https://chromium-review.googlesource.com/c/v8/v8/+/1290549
This is still behind a build flag. I'll add functionality incrementally
rather than land everything in one giant CL.
This CL sets up the basic classes that will be used for the Perfetto
implementation, e.g. the producer, consumer, controller and task runner.
This implementation produces a binary proto file in the current
directory named v8_trace.proto. It doesn't yet produce JSON output,
that is coming in a following CL.
Currently the old tracing and perfetto tracing are both run alongside
each other if the build flag is enabled.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I0eb9ecefa191ceead60aadd5b591d75c99395a6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1408995
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61209}
TSan reports errors if one thread changes the ref count using relaxed
semantics, then another thread frees the code object. Acquire-release
semantics fix this, as they impose an ordering between the memory
accesses of different threads.
R=mstarzinger@chromium.org
Bug: v8:8217, v8:9200
Change-Id: I30ce150154e6459c2c64e16be603f29187af1dcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594553
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61205}
Between determining the set of wasm code objects to free, and actually
freeing them, we should not give up the mutex of the wasm engine.
Otherwise, a NativeModule can die in-between, and we would access a
stale pointer.
This fixes some flakes seen on the TSan bots with --stress-wasm-code-gc.
R=mstarzinger@chromium.org
Bug: v8:8217, v8:9200
Change-Id: Iad5b47379b5be6269180094cfeb2a2f2dfefb425
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593340
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61204}
Fix function name in error messages thrown by the streaming API. The API
functions {WebAssembly.compileStreaming} and
{WebAssembly.instantiateStreaming} are now mentioned where needed.
Bug: v8:9184
Change-Id: I70b27efe1c027d119fa7b5b9be27988a92304682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588468
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61202}
... from JSNativeContextSpecialization.
Bug: v8:9197
Change-Id: I332ba27e78b0c10b3406cf39e9a2178c8c74fede
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593339
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61201}
Bug: v8:9197
Change-Id: If72dbf1507f68fa344db389c08ad8614bca6667e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593337
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61199}
This new function forwards to v8::Object::CreationContext but has
special handling for JSGlobalProxy objects to prevent the former from
crashing.
R=yangguo@chromium.org
Bug: chromium:952057
Change-Id: I5ade682976efd1724c13f52b468e4fb30bb9ade7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569425
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61197}
This CL adds decoding and code generation for the table.size
instruction.
R=mstarzinger@chromium.org
Bug: v8:7581
Change-Id: I0e689a993d25db72281ebba0854454be12f4d350
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593302
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61195}
This reverts commit a87a971b7e.
Reason for revert: required for revert of
bbd740f038
Original change's description:
> [runtime] Inline SeqOneByteSubStringKey IsMatch and AsHandle
>
> The performance actually matters to JSON parsing and this improves it by a % or
> 2.
>
> In the longer run we should probably share the IsMatch implementation in
> StringTableKey directly and call a virtual GetBytes on the key implementation.
>
> Change-Id: I838a106f9c8c52f0385057a52a8c0b9141ae025b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589977
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61183}
TBR=ishell@chromium.org,verwaest@chromium.org
Change-Id: I8797310ef7834c04b44c735ce60813e3fb596013
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594440
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61193}
This CL add decoding and code generation for the table.grow
instruction. For code generation we just generate a runtime
call. The implementation is quite straight-forward. However,
I did several small cleanups along the way. I hope it's still
acceptable. I could also split out some cleanups into separate
CLs.
R=mstarzinger@chromium.org
Bug: v8:7581
Change-Id: Id885b7e70eb4f5bccfe779eb216f7cc9302ea3a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593078
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61192}
This reverts commit b7134d3af6.
Reason for revert: breaks presubmit
Original change's description:
> [DevTools] Add V8InspectorSession::state(), which returns binary (CBOR).
>
> Keep the existing method for compatibility, by converting
> to json from CBOR using the inspector_protocol_encoding library,
> via a v8 specific interface library that directs routines for
> converting between strings and doubles to v8's implementations.
>
> This change also brings in the encoding.h / encoding.cc files from the
> upstream inspector_protocol project. The only modification here
> are the header guards, and the namespace. I will fix roll.py to
> make it so that we pick up future changes.
>
> third_party/inspector_protocol/BUILD.gn is specific to v8, by necessity.
> third_party/inspector_protocol/.clang-format is a copy of the upstream
> file. If we don't put this, we'll find ourselves auto-formatting the roll,
> which is annoying.
>
> Change-Id: I20fa8759164e7a39f8a7c30e0d2a3f8a7e4be227
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590627
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Commit-Queue: Johannes Henkel <johannes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61187}
TBR=dgozman@chromium.org,alph@chromium.org,caseq@chromium.org,johannes@chromium.org
Change-Id: I67f297ef8454499036c94bf88e0d23657a579140
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1592130
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61189}
Various small changes are required to enable this.
HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
This requires that ReadOnlyRoots be construct-able using a raw pointer
to the read-only space's roots array.
Global read-only heap state is now cleared by tests where appropriate
and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
issues easier.
String padding is now always cleared just before read-only space is
sealed when not deserializing.
Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
Bug: v8:7464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61188}
Keep the existing method for compatibility, by converting
to json from CBOR using the inspector_protocol_encoding library,
via a v8 specific interface library that directs routines for
converting between strings and doubles to v8's implementations.
This change also brings in the encoding.h / encoding.cc files from the
upstream inspector_protocol project. The only modification here
are the header guards, and the namespace. I will fix roll.py to
make it so that we pick up future changes.
third_party/inspector_protocol/BUILD.gn is specific to v8, by necessity.
third_party/inspector_protocol/.clang-format is a copy of the upstream
file. If we don't put this, we'll find ourselves auto-formatting the roll,
which is annoying.
Change-Id: I20fa8759164e7a39f8a7c30e0d2a3f8a7e4be227
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590627
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61187}
On Windows, expanding the stack by more than 4 KB at a time can cause
access violations. This change fixes a few known cases (and includes
unit tests for those), and attempts to make stack expansion more
consistent overall by using the AllocateStackSpace helper method
everywhere we can, even when the offset is a small constant.
On arm64, there was already a consistent method for stack pointer
manipulation using the Claim and Drop methods, so Claim is updated to
touch every page.
Bug: v8:9017
Change-Id: I2dbbceeebbdefaf45803e9b621fe83f52234a395
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570666
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61186}
Code relocation info is now always allocated in old-space. Before relocation
info allocated for placeholders and builtins (which get replaced with
trampolines in nosnap builds) would become unreachable. Since read-only space
is not GCed and ReadOnlyHeapIterator doesn't check for reachability,
ValidateSnapshot would fail finding unreachable objects returned by
ReadOnlyHeapIterator.
Because trampoline relocation info gets replaced with canonical one, this only
affects no-embdded-builtins nosnap builds, which don't get much benefit from
read-only relocation info anyway.
A new check has been added to the read-only deserializer to verify that every
read-only object is reachable at mksnapshot-time.
The CombinedHeapIterator iteration order was changed to iterate over
read-only space first, because that's how HeapIterator worked.
This is a reland of 3d1d8eae77
Original change's description:
> [heap] Skip ro-space from heap iterators, add CombinedHeapIterator.
>
> Read-only space sharing requires an iterator independent of heap. This
> also enables future removal of read-only space from heap.
>
> Bug: v8:7464
> Change-Id: Ia07a9369494ea2c547d12c01ffa1d7b8b6bbeabc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1552795
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60819}
Bug: v8:7464
Change-Id: I49ae070955b77956962334a84f762ab29052d5ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566513
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#61185}
The registry right now has no users. In a follow-up CL I will
remove the skip list for code pages and make users of the skip
list use the registry.
Bug: v8:9093
Change-Id: I23a2b9e0d4158e2ffa89626e71f58d3bb5a41201
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593074
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61184}
The performance actually matters to JSON parsing and this improves it by a % or
2.
In the longer run we should probably share the IsMatch implementation in
StringTableKey directly and call a virtual GetBytes on the key implementation.
Change-Id: I838a106f9c8c52f0385057a52a8c0b9141ae025b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589977
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61183}
This ensures that the parent class' field 'elements' is not shadowed.
Bug: v8:9194
Change-Id: Ibb53dedc0205cbb4c61e810e2d5822a94843c605
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593076
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61181}
This is the first CL that aims to eliminate the straggler tagged loads and
stores.
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: If3782c0c7047d4c7d8669e12fb423cc0c74bc58a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587392
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61180}
This is a reland of b0c4a8764b
Original change's description:
> [json] Speed up json parsing
>
> - scan using raw data pointers + GC callback
> - scan using scanner tables
> - cap internalizing large string values
> - inline fast transitioning logic
>
> Fixes previous CL by moving AllowHeapAllocation to callers of
> ReportUnexpectedCharacter where needed to make it clear we need to exit.
>
> Tbr: ulan@chromium.org
> Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61159}
Tbr: verwaest@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel
Change-Id: Ic7d0057178c649fc45b8c8f4587ee9128e351515
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593292
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61179}
This reverts commit b6fb27077d.
Reason for revert: TSan issues, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/26177
Original change's description:
> [wasm][gc] Free WasmCode objects
>
> This adds the next step to freeing code: We free the actual C++
> {WasmCode} objects. This will cause UAF if any C++ code uses stale
> references.
> The underlying machine code will still not be freed.
>
> For simplicity, this CL changes the vector of owned_code to an ordered
> set, such that lookup and removal is much simpler. The drawback is that
> insertion is now more expensive.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:8217
> Change-Id: I07fc81167816637fbaad6c06ff79e3f952f2fde8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593080
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61165}
TBR=mstarzinger@chromium.org,clemensh@chromium.org
Change-Id: I167a8d806a8c6ac1c90e0743cdf86d492389bbed
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8217, v8:9200
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593305
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61176}
This enables the embedder to check if the snapshot generated
from SnapshotCreator::CreateBlob() can be rehashed and the seed
can be recomputed during deserialization.
The lack of this functionality resulted in a temporary vunerability
in Node.js: https://github.com/nodejs/node/pull/27365
Change-Id: I88d52337217c40f79c26438be3c87d2db874d980
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578661
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61175}
When asked to start at the receiver and the receiver is a primitive, the
dependency should be taken on the primitive map (which is a no-op)
rather than the wrapper object's map.
Bug: chromium:958716
Change-Id: I9c8b2b56436d134b2f79dbe458c0c527fe6d17a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593086
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61174}
Port 381a7f9e76
Original Commit Message:
On Arm/64 the last return address is stored in a link register instead of
being pushed to the top-of-stack like on x64/ia32. Extend the support in the
tick sampler to check for samples in a frameless bytecode handler with support
for checking the link register if it exists instead of top-of-stack. In addition,
make the x64/ia32 check more robust by ensuring we only apply the change if the
pc is a bytecode handler and the top frame isn't a bytecode handler (stub) frame.
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:9162
LOG=N
Change-Id: I893b45af40a48415fbbc2c9f5e9e5cd72ed8d9e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588888
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61173}
This reverts commit ad44c258d7.
Reason for revert: Missed some users: crbug.com/v8/9105
Original change's description:
> [typedarray] Make JSTypedArray::length authoritative.
>
> This is the first step towards full huge typed array support in V8.
> Before this change, the JSTypedArray::length and the elements backing
> store length (FixedTypedArrayBase::length) were used more or less
> interchangeably to determine the number of elements in a JSTypedArray.
>
> With this change we disentangle these two lengths, and instead make
> JSTypedArray::length authoritative. For on-heap typed arrays, the
> FixedTypedArrayBase::length will remain the number of elements in the
> backing store, but for the off-heap typed arrays, this length will be
> set to 0 (matching the fact that the FixedTypedArrayBase instance does
> not contain any elements itself).
>
> This also unifies the JSTypedArray::set_/length() and length_value()
> methods to only have JSTypedArray::set_/length() which returns/takes
> size_t values. Currently this still requires the values to be in Smi
> range, but later we will extend this to allow arbitrary size_t values
> (in the safe integer range).
>
> Bug: v8:4153, v8:7881
> Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
> Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60648}
TBR=jarin@chromium.org,titzer@chromium.org,hpayer@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
TBR=jarin@chromium.org, szuend@chromium.org
Bug: v8:4153, v8:7881
Change-Id: I96992bff15b4a2765ae4a557d2c37e78269c927d
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593294
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61172}
This is a reland of 7c42628676
Original change's description:
> [heap] Use normal marking write barrier for fixed array elements
>
> This simplifies the marking write barrier for elements to mark the
> values instead of revisiting the array.
>
> Bug: chromium:918485
>
> Change-Id: Id5da0d5b9ff8385a256fe14f4bf7171f9f6343e1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588459
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61125}
Bug: chromium:918485
Change-Id: I8075e0333b3a05bc6193eb4bc030bfdcd72e64d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593088
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61170}
This fixes a memory leak.
Bug: v8:9191, v8:7790
Change-Id: I0df49cd3a6791600638a67b4b7ad9687562e500b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588426
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61166}
This adds the next step to freeing code: We free the actual C++
{WasmCode} objects. This will cause UAF if any C++ code uses stale
references.
The underlying machine code will still not be freed.
For simplicity, this CL changes the vector of owned_code to an ordered
set, such that lookup and removal is much simpler. The drawback is that
insertion is now more expensive.
R=mstarzinger@chromium.org
Bug: v8:8217
Change-Id: I07fc81167816637fbaad6c06ff79e3f952f2fde8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593080
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61165}
This reverts commit b0c4a8764b.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26470
Original change's description:
> [json] Speed up json parsing
>
> - scan using raw data pointers + GC callback
> - scan using scanner tables
> - cap internalizing large string values
> - inline fast transitioning logic
>
> Fixes previous CL by moving AllowHeapAllocation to callers of
> ReportUnexpectedCharacter where needed to make it clear we need to exit.
>
> Tbr: ulan@chromium.org
> Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61159}
TBR=ulan@chromium.org,ishell@google.com,ishell@chromium.org,verwaest@chromium.org
Change-Id: Ibe823e187d9ab999be7278140b0ed31868440e9e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593090
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61163}
Change-Id: I626e26fa2e1486365c858f3fc616422199242f5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588422
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61162}
We won't remove the jump table for performance reasons. That would
complicate a lot of code and remove options for tiering and code
aging.
Thus remove the TODO.
R=titzer@chromium.org
No-Try: true
Change-Id: Ifbbfdeeeb17078feaea4f358169bc5943ba09ddb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593089
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61160}
- scan using raw data pointers + GC callback
- scan using scanner tables
- cap internalizing large string values
- inline fast transitioning logic
Fixes previous CL by moving AllowHeapAllocation to callers of
ReportUnexpectedCharacter where needed to make it clear we need to exit.
Tbr: ulan@chromium.org
Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61159}
The problem is with element kinds transitions without going through
runtime (i.e., IC or optimizing compiler).
Bug: chromium:952682
Change-Id: I6fe2bb30a0ea6fecb8f6e0750427cc50cc50f9e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593083
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61158}
- Add missing uses of MapInference::NoChange.
- Insert map checks even if inferred maps were reliable, because
they were inferred for an earlier effect input.
Bug: chromium:958420, chromium:958350, v8:9197
Change-Id: Id7677b1fc6f1e09dc12ae178f1155e4245b4e3e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593077
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61157}
Replace the unsafe function NodeProperties::HasInstanceTypeWitness
with a new safe method on MapInference.
Bug: v8:9197
Change-Id: I937433c7721946139dc761750ea34032e58e275c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591612
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61156}
R=jarin
Change-Id: I36d4952f351cfa428532cfd56ecbb10c9fe3d39a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588469
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61154}
Fixes several warnings reported for internal repo by:
* using vector::empty instead of vector::size() == 0
* removing redundant return; at the end of a function
* making operator= return OriginalType&
Bug: v8:9183
Change-Id: I8c725bd7b0bc011557fb2bb68a561ee413ab38f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589978
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61149}
The index is an {int} initially. We then store it as {intptr_t}, and
the accessor returns it as {size_t}.
This CL consolidates everything to {int}, fixes naming of
{HasTrapHandlerIndex} and defines the simple accessors inline.
R=titzer@chromium.org
Bug: v8:9183
Change-Id: I1afa792117201d4dda3fcc437a4e518489b9ff17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590079
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61146}
Port 18c29ab939
Original Commit Message:
Port ed319e841c
Original Commit Message:
Failure addressed by not exposing the new test to the jitless environment.
(jgruber@ on TBR).
New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
compressed pointers in generated code. Enum name EMBEDDED_OBJECT
changed to FULL_EMBEDDED_OBJECT.
RelocInfo::[set_]target_object() abstract away the difference between
FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.
Compressed embedded objects can only be created at this time on
x64 with pointer compression turned on. Arm64 constant pools don't
support compressed objects at this time.
R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I97ef9b7394f384c2a1b97aab9fdac0eeb80eb734
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591993
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61143}
Port 0875682600
Original Commit Message:
Port 4b0f9c856e
Original Commit Message:
Our {Vector} template provides both {start} and {begin} methods. They
return exactly the same value. Since the {begin} method is needed for
iteration, and is also what standard containers provide, this CL
switches all uses of the {start} method to use {begin} instead.
Patchset 1 was auto-generated by using this clang AST matcher:
callExpr(
callee(
cxxMethodDecl(
hasName("start"),
ofClass(hasName("v8::internal::Vector")))
),
argumentCountIs(0))
Patchset 2 was created by running clang-format. Patchset 3 then
removes the now unused {Vector::start} method.
R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ief052e7655ede161504cf058eddd81714e6e5929
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590168
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61142}
This is a reland of 9284ad5731, after
adding a missing speculation mode check in ReduceCallApiFunction.
Original change's description:
> [turbofan] Avoid raw InferReceiverMaps in JSCallReducer
>
> Instead provide an abstraction that makes it hard to forget
> dealing with unreliable maps.
>
> This also fixes a deopt loop in Function.prototype.bind and
> one in Array.prototype.reduce.
>
> Bug: v8:9137
> Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61106}
Tbr: jarin@chromium.org
Bug: v8:9137, v8:9197
Change-Id: I0db68d267055969553c0c1b85fad7b909075c062
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589976
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61140}
Wasm compilation units got smaller and smaller with recent refactorings
(https://crrev.com/c/1587386, https://crrev.com/c/1587387,
https://crrev.com/c/1587388, plus previous CLs).
They now only store a function index and the requested compilation
tier. Hence there is no reason any more to heap-allocate them.
This CL changes the compilation unit queues and interfaces to store and
pass compilation units by value. Methods that could return an empty
{unique_ptr} before are now returning a {base::Optional}.
R=mstarzinger@chromium.org
Bug: v8:8343
Change-Id: I63037156b1a700095c13010450e5fedb51544401
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588456
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61133}
This is an extension of 138d2dfcb1.
Change-Id: Icb10aab6e6799ab4f45dcbd26fc69206dbef29bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588430
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61131}
This reverts commit 7c42628676.
Reason for revert: Compile error on cfi: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20cfi/20196
Original change's description:
> [heap] Use normal marking write barrier for fixed array elements
>
> This simplifies the marking write barrier for elements to mark the
> values instead of revisiting the array.
>
> Bug: chromium:918485
>
> Change-Id: Id5da0d5b9ff8385a256fe14f4bf7171f9f6343e1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588459
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61125}
TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
Change-Id: I8576fe00b19db906aa80ca9cb54c3b8cc95e3d97
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:918485
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590076
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61128}
TraceIC always expects a valid feedback vector to check for state
transitions. With lazy feedback allocations, it is possible that we don't
have feedback vectors. This cl fixes TraceIC to also work when there is no
feedback vector.
Bug: v8:8394
Change-Id: If7e40a9f16de7415e04a812440ccc0cfcf1cbc07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584322
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61126}
This simplifies the marking write barrier for elements to mark the
values instead of revisiting the array.
Bug: chromium:918485
Change-Id: Id5da0d5b9ff8385a256fe14f4bf7171f9f6343e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588459
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61125}
Remove unused function {UseLazyStubs}. Lazy compile stubs are now set on
a per function basis. This made the function {UseLazyStubs} redundant.
Change-Id: I8e715d6a9774c39841219c04c42364fc2e964569
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588473
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61124}
Port ed319e841c
Original Commit Message:
Failure addressed by not exposing the new test to the jitless environment.
(jgruber@ on TBR).
New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
compressed pointers in generated code. Enum name EMBEDDED_OBJECT
changed to FULL_EMBEDDED_OBJECT.
RelocInfo::[set_]target_object() abstract away the difference between
FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.
Compressed embedded objects can only be created at this time on
x64 with pointer compression turned on. Arm64 constant pools don't
support compressed objects at this time.
R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I8bdb5391fd2b2565d2fcaf6c806fcdbe1a1f27b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589862
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61123}
Relative code targets are emitted as pc-relative jumps. The
relocation delta must be subtracted (not added) from the branch
offset.
Before GC:
|-------- branch offset --->|
[host code object] [target code object]
After GC:
|- delta ->| |- new offset -->|
[host code object] [target code object]
See also the similar fix for mips in https://crrev.com/c/1581239.
Bug: v8:6666
Change-Id: Ie0867d98906d4a8daa7e335884f7a4d814333872
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581260
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61121}
This reverts commit 9284ad5731.
Reason for revert: breaks blink tests:
https://ci.chromium.org/p/v8/builders/ci/V8-Blink%20Win/16839
Original change's description:
> [turbofan] Avoid raw InferReceiverMaps in JSCallReducer
>
> Instead provide an abstraction that makes it hard to forget
> dealing with unreliable maps.
>
> This also fixes a deopt loop in Function.prototype.bind and
> one in Array.prototype.reduce.
>
> Bug: v8:9137
> Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61106}
TBR=jarin@chromium.org,neis@chromium.org
Change-Id: I97e0f47fb82eda76656905a3f7cc494babd92be6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9137
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588433
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61118}
Treat lazy functions the same no matter whether they are lazy due to
compilation hints or flags ({--wasm-lazy-compilation},
{--asm-wasm-lazy-compilation}). Test coverage is given by regression
tests 956771 and 956771b.
Bug: v8:9003
Change-Id: I123f83636f055fb142cd71f6cde88480f3c141bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585846
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61116}
Fix recognition of lazy functions when {--wasm-lazy-compilation} is
used.
Bug: chromium:956771
Change-Id: I3f9bb25ccf3920a6c3d266876faace8841dcdc61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585843
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61114}
This CL refactors WasmTableObject::Grow to make it usable for the
table.grow instruction of WebAssembly.
The refactored version of WasmTableObject::Grow does additionally:
* Check if growing is possible
* Grow the FixedArray backing store of the table and initialize the new
fields.
* Calculate the return value of WasmTableObject::Grow.
R=jkummerow@chromium.org
Bug: v8:7581
Change-Id: Ic6c867b96c30bd987ea281d5b3515a04bc5a3900
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588136
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61112}
Instead, use std::sort and std::stable_sort at the 3 (!) call sites
directly. This also removes the weird comparer adaptors from Vector,
which are only used in ZoneList.
R=jkummerow@chromium.org
Bug: v8:9183
Change-Id: I4d0377976fb0a965cb68a21d4307df9ba09fd55d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587394
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61109}
Instead provide an abstraction that makes it hard to forget
dealing with unreliable maps.
This also fixes a deopt loop in Function.prototype.bind and
one in Array.prototype.reduce.
Bug: v8:9137
Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61106}
Failure addressed by not exposing the new test to the jitless environment.
(jgruber@ on TBR).
New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
compressed pointers in generated code. Enum name EMBEDDED_OBJECT
changed to FULL_EMBEDDED_OBJECT.
RelocInfo::[set_]target_object() abstract away the difference between
FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.
Compressed embedded objects can only be created at this time on
x64 with pointer compression turned on. Arm64 constant pools don't
support compressed objects at this time.
NOPRESUBMIT=true
Bug: v8:7703
TBR: jgruber@chromium.org
Change-Id: Ifff53b041bab09b4b8c3e16085e5df4aa2b99f4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588461
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61104}
Port 4b0f9c856e
Original Commit Message:
Our {Vector} template provides both {start} and {begin} methods. They
return exactly the same value. Since the {begin} method is needed for
iteration, and is also what standard containers provide, this CL
switches all uses of the {start} method to use {begin} instead.
Patchset 1 was auto-generated by using this clang AST matcher:
callExpr(
callee(
cxxMethodDecl(
hasName("start"),
ofClass(hasName("v8::internal::Vector")))
),
argumentCountIs(0))
Patchset 2 was created by running clang-format. Patchset 3 then
removes the now unused {Vector::start} method.
R=clemensh@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I119532691af31a3db1107c47de8b6f0c84697b5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588226
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61102}
This adds a new %_CopyDataProperties intrinsic, that reuses most of the
existing machinery that we already have in place for Object.assign() and
computed property names in object literals. This speeds up the general
case for object spread (where the spread is not the first item in an
object literal) and brings it on par with Object.assign() at least - in
most cases it's significantly faster than Object.assign().
In the test case [1] referenced from the bug, the performance goes from
objectSpreadLast: 3624 ms.
objectAssignLast: 1938 ms.
to
objectSpreadLast: 646 ms.
objectAssignLast: 1944 ms.
which corresponds to a **5-6x performance boost**, making object spread
faster than Object.assign() in general.
Drive-by-fix: This refactors the Object.assign() fast-path in a way that
it can be reused appropriately for object spread, and adds another new
builtin SetDataProperties, which does the core of the Object.assign()
work. We can teach TurboFan to inline Object.assign() based on the new
SetDataProperties builtin at some later point to further optimize
Object.assign().
[1]: https://gist.github.com/bmeurer/0dae4a6b0e23f43d5a22d7c91476b6c0
Bug: v8:9167
Change-Id: I57bea7a8781c4a1e8ff3d394873c3cd4c5d73834
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587376
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61100}
It was once widely used throughout v8 but now there is no need for it
anymore.
Bug: v8:9183
Change-Id: Id766987d468383cf459414eb5edfdee71b83a60b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585839
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61098}
Switch all uses of NewCode and TryNewCode to CodeBuilder and remove these
methods.
NewCode and TryNewCode use a large number of default parameters, which makes
it difficult to use and add any new ones. Large chunks of code were also
duplicated across TryNewCode and NewCode. The previous CL
(https://chromium-review.googlesource.com/c/v8/v8/+/1585736) added a new
CodeBuilder class which allows much simpler building of Code objects.
Bug: v8:9183
Change-Id: I9f6884f35a3284cbd40746376f0f27e36f9051b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585737
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61096}
... to a separate file.
Bug: v8:9183
Change-Id: I87f98ed0fec84eb32403c3447bec7be50a79261d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588095
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61094}
... where the other set of similar macros live.
Bug: v8:9183
Change-Id: I114237a90c45205417b6d3fb0d939542c5c4fc76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588096
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61093}
The {Vector} class does not use it any more. External uses should be
converted to {size_t} instead of {int}.
This CL removes the function from vector.h and updates all users to
either use {size_t}, or cast to {int} explicitly. In tests, no further
checks are needed if the string is a constant.
R=mstarzinger@chromium.org
Bug: v8:9183
Change-Id: I60f99302504c74d8a7c79b147ca01d8ba61b6879
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587393
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61092}
