.. just until I can implement the fix.
Bug: v8:7700,v8:13251
Change-Id: I8ccbe8b08351472a1144db46fd8d9bcbd4188633
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865919
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82914}
This CL renames ConcurrentMarking::JobTask to JobTaskMajor, adds
JobTaskMinor, and makes ScheduleJob branch to schedule the respective
JobTask depending on its GarbageCollector parameter.
Bug: v8:13012
Change-Id: Ic7ab15ba70f7d4e86c94a6824623c258aa8b739c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850482
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#82913}
Fold the CheckHeapObject check into the other checks (CheckMaps,
CheckString, etc), to avoid emitting a separate IR node with separate
deopt info and a separate actual deopt point.
Allow this check to be elided when we already know the node is a heap
object.
Bug: v8:7700
Change-Id: I981860a6522c082d86abc856cfe1b3ff5658ac59
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867733
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82912}
Add a simple forward check elimination based on a side hashmap of "known
node aspects", namely the node type and node map (if any). This set of
aspects is cloned when merge states are created, and destructively
merged when merged into existing merge states -- destructive cloning
here means removing any mismatching information. This allows information
in dominators to be preserved.
Maps are kept separate from node types because we want to distinguish
between stable and unstable maps, where the former need a dependency and
the latter must be flushed across side-effecting calls.
The representation of this known information is currently very
inefficient, and won't win us any compilation speed prizes -- just
ZoneMaps keyed on ValueNode*. We should optimize this to take into
account some sort of liveness information, and clear out nodes that
aren't reachable anymore. There is also a lot more information we could
store per Node, e.g. known loaded fields or alternative representations;
depending on what we want to store and how that has to be invalidated,
we likely might need an alternative way of representing it. This
implementation is good enough for now though, for measuring the impact
of check elimination.
Bug: v8:7700
Change-Id: I2f001dedf8ab5d86f8acaa22416617bd80701982
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865160
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82911}
This CL removes the marking_worklists parameter from the
ConcurrentMarking constructor, and instead sets marking_worklists_
in ScheduleJob based on the new GarbageCollector parameter.
We will use the ConcurrentMarking class for both major and minor
marking later, and this CL does preparatory work for that by allowing
to change the mode of operation (minor/major) through ScheduleJob.
Bug: v8:13012
Change-Id: I44a35155cf19e1df139a6a4e5bc5cbedbc3e00aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850289
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82910}
This is a reland of commit aa541f1c9c
Original change's description:
> [turbofan][arm64] Emit Lsl for Int32MulWithOverflow when possible
>
> Int32MulWithOverflow on arm64 uses a cmp to set flags rather than
> the multiply instruction itself, thus we can use a left shift when
> the multiplication is by a power of two.
>
> This provides 0.15% for Speedometer2 on a Neoverse-N1 machine,
> with React being improved by 0.45%.
>
> Change-Id: Ic8db42ecc7cb14cf1ac7bbbeab0e9d8359104351
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829472
> Commit-Queue: George Wort <george.wort@arm.com>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82499}
Change-Id: Ib8f387bd41d283df551299f7ee98e72d39e2a3bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865484
Commit-Queue: George Wort <george.wort@arm.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82909}
Remove jump optimization for platforms such as arm64 that
do not support it, and thus unblock alignment in builtins.
This provides a 0.3% improvement in Speedometer2
on a Cortex-A55 machine when PGO is applied.
This patch increases arm64's embedded code size by 0.3%.
Change-Id: Ice09c39f5f3fc954e114b9ee30630c0d9528107c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863281
Commit-Queue: George Wort <george.wort@arm.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82908}
This CL adds src/base/container-utils.h wich contains a few utilities
to make working with containers easier by providing a few additional
functions (e.g. contains, all_equal, ...) that are not (yet) shipped
with C++ standard containers.
Change-Id: I365b88c4286bf58bcac32c7bb89a5b0a98fc3509
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865966
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82907}
Sufficiently full pages in new space are promoted as is to old space. If
a string is allocated on such a page, it won't be promoted to the shared
heap. The string can later be promoted by the next full GC, but then it
is promoted from old space, not new space, which was not supported.
Bug: v8:12612
Change-Id: I6133e13bec9ba3110b2b9dbfb4dcef47bde25e90
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865162
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82906}
This is a reland of commit 911c7170dc
Re-landed as https://crrev.com/c/3867727 has also been re-landed.
Original change's description:
> [debug] CHECK that a function's context is always available
>
> After https://crrev.com/c/3854501 has landed, we no longer have to
> handle the case that we do not find a function's context in the
> scope iterator even though the function requires one.
>
> This CL renames `NeedsAndHasContext` to `NeedsContext` since we
> always find a scope's context now. Additionally we turn this
> assumption into a dedicated check.
>
> R=bmeurer@chromium.org
>
> Bug: chromium:1246907
> Change-Id: I6458df76689c0bfa6d6b2f8c421f9ce481855547
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865153
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82848}
Bug: chromium:1246907
Change-Id: I5ce4fe458e4614f4d6ee419483c5a9071dc91bbb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865555
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82905}
Otherwise we could point to a potentially dead (not allocable)
input to GeneratorStore.
Bug: v8:7700
Change-Id: I113a02e0c1a3eb1b817dc4eb8f538cf40a1d0d3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867729
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82904}
It is possible for IncrementalMarkingJob to be scheduled while MajorMC
is running, but it only gets to run after MajorMC finished.
If concurrent MinorMC is run in the meantime, RunInternal should not
invoke Step, which is currently only supported for MajorMC. This CL adds
a bailout for this case.
Bug: v8:13012
Change-Id: I3012cac3de5195a9f1b85f1ac18b02cef67b004b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867516
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82903}
This is a reland of commit 3297ccca23
This is a straight-up reland of the original CL. The failing test
was flaky and removed with https://crrev.com/c/3868727. We replaced
the test with a proper DevTools e2e test: https://crrev.com/c/3867522
Original change's description:
> [debug] Immediately step-in for 'stack check triggered' debug breaks
>
> This CL changes debug breaks that are triggered via interrupts (i.e.
> via stack check). One client of this behavior is the `Debugger.pause`
> CDP method.
>
> The problem is that when we pause so early, the JSFunction didn't have
> time yet to create and push it's context. This requires special
> handling in the ScopeIterator and makes an upcoming change unnecessary
> complex.
>
> Another (minor) problem is that local debug-evaluate can't change
> context-allocated local variables (see changed regression bug). Since
> the context is not yet created and pushed, variables are written to
> the DebugEvaluateContext that goes away after the evaluation.
>
> The solution is to mirror what `BreakOnNextFunction` does. Instead
> of staying paused in the middle of the function entry, we trigger
> a "step in" and pause at the first valid breakable position instead.
> This ensures that the function context is already created and pushed.
>
> Note that we do this only in case for JSFunctions. In all other cases
> we keep the existing behavior and stay paused in the entry.
>
> R=jgruber@chromium.org
>
> Fixed: chromium:1246907
> Change-Id: I0cd8ae6e049a3b55bdd44858e769682a1ca47064
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854501
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82817}
Change-Id: I1938ccb5979fd80dff530b2ffe3f18714b7eff3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867727
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82901}
Add a mechanism similar to the optimizing compile dispatcher, for tests
to be able to wait for Maglev compilation to finish, and to force
finalization.
Bug: v8:7700
Change-Id: I0ef542001fe9f6622b1231eb9406130ad81c8f6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865551
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82899}
New Flags added:
--log-source-code
--log-source-position
--log-feedback-vector
With the above flags we can choose between detailed or lightweight
logging.
Drive-by-fix:
- Use std::isprint
- Add AppendRawString to avoid vprintf formatting for raw strings
Change-Id: I3e9eda8473153de9620d24617c5a5e12e2e3bd56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863469
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82897}
... which works for stale pointers. The default == operator contains
a DCHECK guarding against Code vs. non-Code object comparisons and
thus it can't be used for stale pointer.
Bug: v8:13252, v8:11880
Change-Id: Iaf80d7d1039515fee0d4d294f1fc4c6689cd8d5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867734
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82896}
This CL skips the MarkingFromInternalFields write barrier when
MinorMC concurrent marking is active, because we do not run Oilpan
young GCs yet.
Bug: v8:13012
Change-Id: Ib73dea8357be6d135290009258b5d172477a633b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865464
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#82895}
This is a reland of commit ddafb7a30e
CL is relanded without changes. https://crrev.com/c/3865965 and
https://crrev.com/c/3865967 fixed the failing DCHECKs that caused
this CL to be reverted.
Original change's description:
> [heap] Verify client heaps during shared GC
>
> With --verify-heap verify all client heaps before and after a shared
> GC. This ensures that the OLD_TO_SHARED remembered set is properly
> filled for each client isolate.
>
> Bug: v8:11708
> Change-Id: I1506a419c7a91c5baa87ce251da9861d8ad9e066
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857559
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82829}
Bug: v8:11708
Change-Id: I38bd6724807fee36bc47d70b0d83156b81a2b4fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865968
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82893}
Currently MinorMC does not suport incremental marking but uses the
IncrementalMarking class to bootstrap concurrent marking.
IncrementalMarkingJob::ScheduleTask is called from multiple call
sites which assume major incremental marking. This CL adds a bailout
to ScheduleTask on IsMajorMarking()==false to avoid erreoneously
doing incremental steps while in MinorMC mode.
Bug: v8:13012
Change-Id: I57803a8f258697478a9696716063c8c2cae1ae30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865147
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#82891}
This CL removes two DCHECKs which no longer hold with minor
concurrent marking.
Bug: v8:13012
Change-Id: I6f24284f0955c57deeb2fa2c300623d9aedfdd3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865463
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#82890}
Some wasm simd unit tests are not guarded by V8_ENABLE_WEBASSEMBLY,
it will cause test failure on no-wasm build.
Change-Id: Ib08e133f979e492ca620191d799f641bdb0f60bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866706
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jie Pan <jie.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#82887}
We've previously reset profiler ticks on ML finalization to avoid
unexpected early tierups to TF. This CL additionally avoid early TF
tierup through the `small function` reason by disabling small-function
optimization.
Bug: v8:7700
Change-Id: I57ba294af0d1d189f76c2cb1ffc31af0837b1e42
Fixed: v8:13242
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865550
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82886}
Emit an unconditional deopt if a BinOp/CompareOp has insufficient
feedback, rather than emitting a generic op.
Bug: v8:7700
Change-Id: I3e47d82716a8fe7832cc179e949d689b9aef14e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867731
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82885}
... for PC-relative builtin calls/jumps and explicitly use near_call /
near_jump instructions.
This is a step towards
1) removing the RelocInfo::RUNTIME_ENTRY which was temporarily used
for this purpose,
2) being able to remap embedded builtins into the code range multiple
times.
Bug: v8:11527
Change-Id: Ife26c8bbc524be0b07f333776716f22bd4bd36aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866190
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82884}
.. and update old entries:
- Remove --no-untrusted-code-mitigations (flag no longer exists)
- Make --stress-concurrent-inlining-attach-code less likely since it
mostly overlaps with --stress-concurrent-inlining and there haven't
been many reports in this are lately.
Bug: v8:7700
Change-Id: Ic88ea74ca88a7c14edfc39bc0a55b846bb01e465
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867506
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82882}
Introduce an inspector client interface method for running an
"instrumentation pause" (when an instrumentation breakpoint is hit).
This allows the client to run a more restrictive version of message
pumping on instrumentation breakpoint hits.
If not overriden, the instrumentation pause message loop handler will
run the normal message loop. Such an implementation preserves the
behavior for existing clients.
Bug: chromium:1354043
Change-Id: Id33bb10503d73b59b24e63fd9d24631611f68dee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863256
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82881}
Changes:
- Limit how often a function can be inlined, mostly to constrain
recursive-function inlining.
- Move call count limiting earlier (to WasmInliner::ReduceCall), and
guard it behind the flags that are required to generate call counts.
Bug: v8:12166
Change-Id: Ie3c140daff110e08fe7103ee79393ea27ae49bb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865918
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82880}
Rolling v8/build: d74c524..252971c
Rolling v8/buildtools: 69f262d..c24a0d5
Rolling v8/buildtools/linux64: git_revision:5705e56a0e5856621415cfdf444432554e72c9c9..git_revision:00b741b1568d56cf4e117dcb9f70cd42653b4c78
Rolling v8/buildtools/third_party/libc++/trunk: e5670a0..42e738f
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6552f9b..638d30e
Rolling v8/third_party/depot_tools: b0fb8d5..5084800
Rolling v8/third_party/fuchsia-sdk/sdk: version:9.20220830.2.1..version:9.20220831.2.1
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: Ic2b31700344a5e433521362408949fa382ae0d2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865743
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#82879}
Port commit ed90ea5cf7
Port commit ed90ea5cf7
Port commit ab5db111d0329cb0954c110a8cc67b9793b2bb8f
Change-Id: I7981793d7f38d3769a1c9fdca23b7607d7772089
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867138
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#82878}
This CL removes dependence on the ForegroundTaskRunner in the shared
isolate because the shared isolate doesn't have one associated with it.
There are 3 places:
1. The memory reducer is no longer allocated on the shared isolate.
2. The WasmEngine is no longer initialized for the shared isolate, which
never executes user code.
3. Ability to post non-nestable tasks is no longer required on the
shared isolate. This is required for FinalizationRegistry, and
the shared isolate never executes user code.
Bug: v8:11708
Change-Id: I4b0cf2c8dc8686ccc7b7d24e6c9e12eb4b9d03d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3864275
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82876}
We fixed the test earlier but forgot to remove the SKIP.
Bug: v8:11544
Change-Id: I6594dc2ad07fe88fdc2ed9bfaa0f0715bc14930b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867132
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82874}
Add test for ensuring that page promotion records old-to-shared slots
during a full GC.
Bug: v8:11708
Change-Id: Id2eb77a623c84586cad61d72bb80479ef69e3b29
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866176
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82873}
If we see a default ctor, walk up the constructors until we find a non-
default one.
Default ctors can only be skipped if there are no class fields / private
brands.
This CL implements the Ignition parts; Sparkplug, Maglev and TF will
be implemented as follow ups. (This is fine, since this feature is
behind a flag.)
Bug: v8:13091
Change-Id: Ie8ca8aedb01bd4b13adf1063332a5cdf41ab358a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804601
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82872}
This CL has two changes:
1. Remove ValueDeserializer::Delegate::SupportsSharedValues. Only
ValueSerializer::Delegate needs to report whether it supports
serializing shared values. The ValueDeserializer::Delegate should
DCHECK if it gets a shared object tag but it doesn't support it.
This better mirrors what happens with SharedArrayBuffer transfers
currently.
2. When attempting to serialize a shared object (shared struct, shared
array, Atomics.Mutex, or Atomics.Condition) when
!SupportsSharedValues(), throw instead of assert. This is for better
ergonomics.
Bug: v8:12547
Change-Id: I2bb66830393526578016813c4e3488859dd07073
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866302
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82870}
Rename BytecodeOperandFlag to BytecodeOperandFlag8. The methods in
interpreter-assembler were missed in https://crrev.com/c/3857561.
Change-Id: I09383531e4d16e6e428a56feb76192156211dc81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867515
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82869}
When an entry is allocated from the freelist, is is not correct to
`DCHECK(entry.IsFreelistEntry())` before the compare-and-swap succeeds:
another thread may have allocated the same entry in the meantime,
thereby turning it into a regular entry. However, in that case the CAS
will fail and then entry allocation will be retried.
Drive-by: factor out the common logic from AllocateAndInitializeEntry
and AllocateEvacuationEntry into a new TryAllocateEntryFromFreelist.
Bug: v8:13246
Change-Id: Idf16b67a2ca5ddeef16620a4d6f4a8a6c07d917b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865864
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82868}
Some optimizations need to know if an operation has multiple uses,
for example to avoid extending live-ranges.
However, maintaining full use-lists is expensive memory-wise and
not really needed in this case, where we only need to distinguish
between 1 or more uses.
Therefore, we only count the number of uses. To save even more memory,
we use the 1 byte currently left for alignment padding in the
operation header and put the count there.
With a single byte, we cannot count beyond 255, but for the use-case
at hand, this is enough. When reaching 255, we no longer track the
use-count.
Nodes with so many uses should be rare and their use-count will usually not go down to 1 again, so this does not loose much precision.
Another possible future use of these counts is reserving memory for
full use-lists.
This CL also removes mutable access to node inputs, as this would need
to update use-counts and is not actually needed currently.
Bug: v8:12783
Change-Id: Idd2035c6f8ced6317e3aec0c42eecd1383e86248
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863266
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82867}
