This CL introduces a JSAny type for user-exposed JavaScript values and
a few new types to define it. Especially, it splits Symbol into
PrivateSymbol (not exposed) and PublicSymbol (JavaScript exposed
symbols).
The change is mostly mechanical, but a few things are interesting:
- PropertyKey and JSPrimitive were designed to coincide with the spec
notions of IsPropertyKey() and primitive value, respectively.
- Since Name is an open type, we define AnyName to be the known
subtypes of Name. This is not too elegant, but by using AnyName
instead of Name, typeswitch can properly conclude something if a
subtype of Name is excluded.
Small drive-by changes, which were necessary:
- Allow subtyping on label parameters.
- Fix the formatting of typeswitch, it was broken with union types
in case types.
Bug: v8:7793
Change-Id: I14b10507f8cf316ad85e048fe8d53d1df5e0bb13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735322
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63114}
Instead of inserting "deletion" entries into the store buffer, keep
a list of invalidated objects to filter out invalid old-to-new slots.
The first CL https://crrev.com/c/1704109 got reverted because both the sweeper and the main task were modifying the invalidated slots data structure concurrently. This CL changes this, such that the sweeper only modifies the invalidated slots during the final atomic pause when the main thread is not running. The sweeper does not need to clean this data structure after the pause, since the "update pointers" phase already removed all invalidated slots.
Bug: v8:9454
Change-Id: Iffb5bf96de2c89eee1ee1231a3414a0f2a155cbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1733081
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63087}
This is a reland of 3fc9663159
The private method on_event in timeout proc is now renamed to be truly
private.
Original change's description:
> [test] Print hanging tests on linux on test-runner termination
>
> This will print the list of processes still running before and after
> joining workers during termination. This will help debugging hanging
> tests during flake-bisect or with num-fuzzer, which both terminate
> on total timeout and currently still sometimes hang without printing
> processes.
>
> Bug: v8:8292
> Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63065}
Bug: v8:8292
Change-Id: Ibad1172666d6f4d2c07884a54edfe9d6499b57fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735318
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63072}
This reverts commit 3fc9663159.
Reason for revert: _on_event clashes with a the same function in timeout proc.
Original change's description:
> [test] Print hanging tests on linux on test-runner termination
>
> This will print the list of processes still running before and after
> joining workers during termination. This will help debugging hanging
> tests during flake-bisect or with num-fuzzer, which both terminate
> on total timeout and currently still sometimes hang without printing
> processes.
>
> Bug: v8:8292
> Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63065}
TBR=machenbach@chromium.org,tmrts@chromium.org
Change-Id: Ic29013e92c77a9905e06ee13a2449e033285eb36
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8292
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735317
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63066}
This will print the list of processes still running before and after
joining workers during termination. This will help debugging hanging
tests during flake-bisect or with num-fuzzer, which both terminate
on total timeout and currently still sometimes hang without printing
processes.
Bug: v8:8292
Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63065}
This is a reland of 517ab73fd7
Updates since original: now compressed pointers passed to the function
GetObjectProperties are required to be sign-extended. Previously, the
function allowed zero-extended values, but that led to ambiguity on
pointers like 0x88044919: is it compressed or is the heap range actually
centered on 0x100000000?
Original change's description:
> Add postmortem debugging helper library
>
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
>
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
>
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
>
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
>
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
> the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
> generated by mkgrokdump. The caller may optionally provide the
> pointers for the first pages of various heap spaces, to avoid spurious
> matches. If those pointers are not provided, then any matches are
> prefixed with "maybe" in the resulting description string, such as
> "maybe UndefinedValue (0x4288000341 <Oddball>)".
>
> Bug: v8:9376
>
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}
Bug: v8:9376
Change-Id: I866a1cc9d4c34bfe10c7b98462451fe69763cf3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1717090
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#63008}
Previously, this was run as a microtask and this CL changes it to run
as a separate task as mandated by the current WeakRef spec.
This CL also introduces a FinalizationGroup type to the V8 API
representing the JSFinalizationGroup. This has a `Cleanup`
function that runs the cleanup callback associated with it.
SetHostCleanupFinalizationGroupCallback is added to set
the embedder defined HostCleanupFinalizationGroupCallback.
ClearKeptObject is exposed on the v8::Isolate to reset the strongly
held set of objects.
The general workflow is the following:
(a) When the GC notices that a given finalization group has dirty
cells, it calls HostCleanupFinalizationGroupCallback with the given
finalization group.
(b) As part of HostCleanupFinalizationGroupCallback, the embedder
enqueues a task that at some point later calls
FinalizationGroup::Cleanup.
(c) At some point in the future, FinalizationGroup::Cleanup is called,
which runs the cleanup callback of the finalization group.
This patch also includes d8 changes to use these new APIs. Currently,
d8 cycles through the enqueued finalization groups after a synchronous
turn (and it's microtask checkpoint) and runs the cleanup callbacks.
Change-Id: I06eb4da2c103b2792a9c62bc4b98fd4e5c4892fc
Bug: v8:8179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655655
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62984}
Data in the viewer has to be in the same order as the labels.
Change-Id: I2e64fb30ebc0e3585c7b9d364553cb6a5ec1f3cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1718159
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62921}
Distinguish between generic Tagged and Smi in-object fields, and special
case (boxed) double values and string data rather than lumping those
into generic "raw data"
Change-Id: I5d635434ab94065c077a40110948424c31ead73d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1718154
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62914}
This reverts commit 517ab73fd7.
Reason for revert: Test failures https://bugs.chromium.org/p/v8/issues/detail?id=9538
Original change's description:
> Add postmortem debugging helper library
>
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
>
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
>
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
>
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
>
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
> the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
> generated by mkgrokdump. The caller may optionally provide the
> pointers for the first pages of various heap spaces, to avoid spurious
> matches. If those pointers are not provided, then any matches are
> prefixed with "maybe" in the resulting description string, such as
> "maybe UndefinedValue (0x4288000341 <Oddball>)".
>
> Bug: v8:9376
>
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}
TBR=yangguo@chromium.org,mvstanton@chromium.org,jgruber@chromium.org,tebbi@chromium.org,seth.brenith@microsoft.com
Change-Id: Ia078f2e8d101d2375b5db88021b2d65d28f1b075
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9376
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1716033
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62899}
This change begins to implement the functionality described in
https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
for investigating V8 state in crash dumps.
This change adds a new library, v8_debug_helper, for providing platform-
agnostic assistance with postmortem debugging. This library can be used
by extensions built for debuggers such as WinDbg or lldb. Its public API
is described by debug-helper.h; currently the only method it exposes is
GetObjectProperties, but we'd like to add more functionality over time.
The API surface is restricted to plain C-style structs and pointers, so
that it's easy to link from a debugger extension built with a different
toolchain.
This change also adds a new cctest file to exercise some basic
interaction with the new library.
The API function GetObjectProperties takes an object pointer (which
could be compressed, or weak, or a SMI), and returns a string
description of the object and a list of properties the object contains.
For now, the list of properties is entirely based on Torque object
definitions, but we expect to add custom properties in future updates so
that it can be easier to make sense of complex data structures such as
dictionaries.
GetObjectProperties does several things that are intended to generate
somewhat useful results even in cases where memory may be corrupt or
unavailable:
- The caller may optionally provide a type string which will be used if
the memory for the object's Map is inaccessible.
- All object pointers are compared against the list of known objects
generated by mkgrokdump. The caller may optionally provide the
pointers for the first pages of various heap spaces, to avoid spurious
matches. If those pointers are not provided, then any matches are
prefixed with "maybe" in the resulting description string, such as
"maybe UndefinedValue (0x4288000341 <Oddball>)".
Bug: v8:9376
Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62882}
This makes sure the language mode of the module is correctly propagated
through the WebAssembly module, so that exported functions are allocated
with the correct language mode. It extends the existing {ModuleOrigin}
enum to consist of three values now.
R=clemensh@chromium.org
TEST=mjsunit/regress/wasm/regress-985154
BUG=chromium:985154
Change-Id: Id7b566738b1e710cc5001b894022bcd0f2c01bc3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708484
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62826}
With this CL we add proposal tests to the wasm-spec-tests. For this I
extended the update-wasm-spec-tests.sh script. Additionally to
generating the spec tests it does the following:
For each proposal it identifies those tests that are different to the
spec tests, and then copies those tests also to the wasm-spec-tests
directory.
Additionally I adjusted the test runner of the wasm spec test to
run the proposal tests with the correct flags.
CC=binji@chromium.orgR=clemensh@chromium.org
Bug: v8:7581
Change-Id: Idb7aa3c0a468ddb65b2ef3421def836561579cd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706470
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62777}
{do_raw_json} and {do_json} both read the log files to construct a dictionary of
stats.
This CL extracts that logic and eliminates code duplication
No-Try: true
Bug: v8:9448
Change-Id: I375920c25942a92cc12790ac60a4c7960cfd44b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706473
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62768}
{json} command prints the results of benchmarks after aggregating it. This makes
accessing raw data for analysis, a tedious process.
This CL implements {raw-json} for accessing raw results.
TBR=ulan@chromium.org
No-Try: true
Bug: v8:9448
Change-Id: I7c00fc0eca23b8bd5c967db903f71c5b46eddea3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706059
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62761}
This reverts commit dcac02ee81.
Reason for revert: TSAN discovered issue with cleaning invalidated slots in sweeper threads and inserting new slots in the main thread.
Original change's description:
> Use list of invalidated objects for old-to-new refs
>
> Instead of inserting "deletion" entries into the store buffer, keep
> a list of invalidated objects to filter out invalid old-to-new slots.
>
> Bug: v8:9454
> Change-Id: Icd21d8cb2159190457f54d0f8b56742ecc820419
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695474
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62744}
TBR=ulan@chromium.org,petermarshall@chromium.org,dinfuehr@chromium.org
Change-Id: I4278e9100c76657663e0a6a62f5d86bb3a343c0e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9454
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1704109
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62746}
Instead of inserting "deletion" entries into the store buffer, keep
a list of invalidated objects to filter out invalid old-to-new slots.
Bug: v8:9454
Change-Id: Icd21d8cb2159190457f54d0f8b56742ecc820419
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695474
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62744}
perfrunner returns a failure if the build timeouts at any point even if it's
successful after retries. It tries to surface up the timeout issue. Due to this,
some bots stay red consistently, and confuses the sheriffs.
This CL masks the timeouts if the suite succeeds in the end.
TBR=verwaest@chromium.org,sergiyb@chromium.org
Bug: v8:9494
Change-Id: I8e107e80dfaa51095501bb2e855d9fbbe4023da9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1702612
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62735}
This change is mostly mechanical, but it's worth mentioning a few
slightly interesting cases:
- A couple of field definitions didn't match the signedness of their
corresponding accessors.
- The generated accessors for Smi data use Smi values directly, but
usually we want C++ accessors to use ints instead. I added a macro
that hides the generated Smi accessors and exposes int accessors,
but we might consider generating int accessors directly.
- The data held in some fields is described in comments next to the
accessor definition for those fields. With automatically generated
accessors, those comments need a new home. In this change I put them
in the Torque object definition, but I'm open to other suggestions.
- gen-postmortem-metadata couldn't find updated class definitions after
they got split across multiple lines, so I changed its matching
logic. (Ideally debug-support.cc should be a Torque compiler output
rather than something that involves parsing C++ with regexes, but
this makes it correctly report subclass relationships for now.)
- The end offsets generated by Torque were off by one from the values
that would be generated by DEFINE_FIELD_OFFSET_CONSTANTS.
Change-Id: I3df4fcd27997b46c41ca879065b9d97f6c939f07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692192
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62719}
I noticed the indentation was off in one function, but also fixed
all the other flake8 issues in this file.
Change-Id: I2303ed87da7154484a872315f8355f57621514c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697054
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sam Clegg <sbc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62669}
With lazy feedback allocation and bytecode flushing we need to call
%PrepareFunctionForOptimize before we call %OptimizeFunctionOnNextCall/
%OptimizeOsr. This cl:
1. Adds an additional state in pending optimized table to check if the
optimization was triggered manually.
2. Changes the compilation pipeline to delete the entry from pending
optimized table only if the optimization was triggered through
%OptimizeFunctionOnNextCall / %OptimizeOsr.
3. Adds a check to enforce %PrepareFunctionForOptimize was called.
4. Adds a new run-time flag to only check in the d8 test runner. We
don't want this check enabled in other cases like clusterfuzz that doesn't
ensure %PrepareFunctionForOptimize is called.
Bug: v8:8394, v8:8801, v8:9183
Change-Id: I9ae2b2da812e313c746b6df0b2da864c2ed5de51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664810
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62653}
In order to migrate the extra flags into the fuzzer and keep bisection stable,
we need to use the same RNG state for each call to generating fuzz flags.
Throughout one fuzzing session the same random-seed is used
(https://crbug.com/983128) and we'll pass it to the fuzz config in a follow up.
TBR=tmrts@chromium.org
NOTRY=true
Bug: chromium:813833
Change-Id: I3203c86028a5d283238e6ef739f82eccee1302b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697254
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62646}
Prior to this CL, it was possible to pollute another context's
fast/slow-path state for RegExp builtins due to the species protector
being per-isolate rather than per-context. Among other things, this
means that iframes can slow down the main site, and slowdowns persist
across page reloads and navigation within the same tab.
This CL thus moves the RegExpSpeciesProtector to the native context.
The same should be done for all other protectors in the future.
Bug: chromium:977382, v8:5577, v8:9463
Change-Id: I577f470229cb9dfcd4a88c20b1b9111c65a9b85f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695465
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62631}
The info tab says that 'i' reveals outputs and 'o' reveals inputs, it should be
the opposite.
Bug: v8:7327
Change-Id: I1bf96653129e14ef315a01dc2c7a3083c9caa5bb
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692929
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Auto-Submit: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62603}
Performance infra recipes use callstats.py to run web page replays. Split (v8,
infa, perf-infra) repositories make experimenting with callstats.py hard.
This CL creates feature gating for simplifying performance infra experiments.
R=ulan@chromium.org
No-Try: true
Bug: v8:9448
Change-Id: I2c3e139f4b9d6bce1ea4fdda1a44960d74d7d414
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690950
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62565}
Cpplint usually checks for non-const reference arguments. They are
forbidden in the style guide, and v8 does not explicitly make an
exception here.
This CL re-enables that warning, and fixes all current violations by
adding an explicit "NOLINT(runtime/references)" comment. In follow-up
CLs, we should aim to remove as many of them as possible.
TBR=mlippautz@chromium.org
Bug: v8:9429
Change-Id: If7054d0b366138b731972ed5d4e304b5ac8423bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687891
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62551}
But does not change to xenial for test using armv7l cpu.
Bug: chromium:954890
Change-Id: I02268f469001f197210cde9c63804a3dcea06a7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687831
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62531}
This is the first of three CLs which refactors indirect function calls
through tables with index > 0 to work without runtime calls.
The first CL introduces the WasmIndirectFunctionTable heap object. For
a table of type anyfunc within a WebAssembly instance,
WasmIndirectFunctionTable stores the size, the signature id's, the
call targets, and the reference parameters for that table. I used the
names that are already used for the matching fields of the
WasmInstanceObject.
The second CL expands the IndirectFunctionTableEntry to work also on
WasmIndirectFunctionTable objects. All changes to a function table go
through this class.
The third CL introduces uses of the WasmIndirectFunctionTable. In this
CL I change the code generation in TurboFan to replace runime calls with
direct accesses to the new WasmIndirectFunctionTable. Additionally I
extended the initialization of WasmIndirectFunctionTable, and also
implement Table.grow.
R=jkummerow@chromium.org
Bug: v8:7581
Change-Id: I0ecfcb9565e992ddba087d46c1f0e952abfa5822
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681134
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62492}
This allows us to use this flag to specify the local location of a
shared library when processing a trace run on Android.
Change-Id: I3aa44beaed700b8c5354af12a4df176aa1cbfd0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681137
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62448}
The latter is better because it takes field type into account when
decompressing field value.
Drive-by: use [DECL_]ACCESSOR macros for some fields.
Bug: v8:9353
Change-Id: I3d7f07d11b1e379e3e6cf0310d836af6b48c1338
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1680539
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62444}
New Revision: 8b7ea912e516a6daa61487c700687a9426e3a396
Update v8 files / build config accordingly.
- There's now a new library in third_party/inspector_protocol,
bindings/bindings.h, which is configured much like encoding/encoding.h.
It doesn't have much stuff in it yet, but will soon get more code
that would otherwise need to go into jinja templates.
It also comes with a new test, only a smoke test thus far.
Change-Id: I9c00a54a840c214b4bb744a3b272e5ce221954fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678273
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62442}
Instead of conditionally normalizing file paths, go back to using
the basename in the dynamically-generated regular expression
pattern.
Bug: v8:7950, v8:9395, v8:9406
Change-Id: I57d2449a8229a67b038c7fcffe36218848d9a575
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681122
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62439}
This change is a partial implementation of Synthetic Module Record as specified here:
https://heycam.github.io/webidl/#synthetic-module-records
This includes:
- Introduce SyntheticModule class inheriting from Module.
- Extend v8::Module interface in v8.h to include Synthetic Module APIs, with corresponding
implementations in api.cc.
- Provide SyntheticModule implementations of PrepareInstantiate, FinishInstantiate, and SetExport.
- Provide cctest unit tests for the implementations in the preceding item.
We will follow up with further submissions to implement the remaining members of
SyntheticModule (ResolveExport and Evaluate).
Bug: v8:9292
Change-Id: I25b1b695b5d1c3004677cd685f0dfd95283438fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1626829
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62433}
The macro pn ensures that TurboFan nodes can be easily
printed in gdb, even in release builds where Node::Print
is sometimes not available (because all uses have been
inlined).
This CL also modifies the print function to deal gracefully
with nullptr input nodes, which is helpful for debugging.
Change-Id: Ib5f58aa13b719c8390826bc89dfe21cf58586de5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672941
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62422}
d8 treats files with the .mjs extension as modules instead of
classic scripts. Thus, the `// MODULE` pragma and its corresponding
logic in test runners can be removed in favor of explicitly adding
the extension.
Bug: v8:7950, v8:9395, v8:9406
Also-By: tmrts@chromium.org
Change-Id: Ic74328dc5c5f176bb4bdf6d74bdd4d3966279ba5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675958
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62421}
Also show constant for ArchNops that encode assigning from a
constant.
Change-Id: I84590005dda62ebf445aada57f826f5ffcd5a802
Bug: v8:7327
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672943
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62388}
Currently, probabilities for extra flags are calculated in the correctness
fuzzer harness, which makes the RNG fragile when bisecting backwards, when
the script's config changes during bisection.
This adds the possibility to pass extra flags on command line to the
script. After a grace period, we will migrate the flag calculation to
clusterfuzz.
NOTRY=true
Bug: chromium:813833
Change-Id: I515181847474515089b847f8aaffc7c6560d9390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675945
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62359}
This will prevent unnecessary recompilation effort on the subsequent
build, and avoids a common issue on Windows where format-torque replaces
all of the line endings in a .tq file without changing any actual
content.
Bug: v8:8805
Change-Id: Id695351c242739d92aef47cd09e651bfbe3c8f9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1673456
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62357}
testrunner assumes that each test suite has a single extension for base tests.
".mjs" extension can be used for ECMAScript modules in addition to the standard
extension ".js" we use for the base tests.
This CL generalizes the {TestLoader} to accept multiple extensions for
a single test suite.
R=mathias@chromium.orgTBR=machenbach@chromium.org
CC=gsathya@chromium.org
Bug: v8:9395
Change-Id: Ibc155f4963472fe9f989458cd839f3642ffbddea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675961
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62356}
To correctly fuzz the behaviour of optimized code and ICs we need to
allocate feedback vectors. So for the configurations testing these we
should turn off lazy feedback allocation.
It is also good to fuzz without lazy feedback allocation on other
configurations to flush out any other issues. So we also fuzz this with
0.35 chance. We also fuzz aggressive lazy feedback allocation (allocate
feedback vectors on first branch / return) with 0.05 chance to test
corner cases related to lazy feedback allocation.
Bug: v8:9342
Change-Id: Id0761d1396bfc0866988abb8fb20168b86a5da20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672939
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62347}
We currently use the class name “JSValue” for JSObjects that wrap
primitive values. This name is a common source of confusion. This patch
switches to a name that’s more clear.
In addition to manual tweaks, the patch applies the following mechanical
global replacements:
before | after
--------------------------------|--------------------------------------
if_valueisnotvalue | if_valueisnotwrapper
if_valueisvalue | if_valueiswrapper
js_value | js_primitive_wrapper
JS_VALUE_TYPE | JS_PRIMITIVE_WRAPPER_TYPE
JSPrimitiveWrapperType | JSPrimitiveWrapper type
jsvalue | js_primitive_wrapper
JSValue | JSPrimitiveWrapper
_GENERATED_JSVALUE_FIELDS | _GENERATED_JSPRIMITIVE_WRAPPER_FIELDS
Change-Id: I9d9edea784eab6067b013e1f781e4db2070f807c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672942
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62337}
Rework the implementation of non-external Torque classes to use
Struct machinery rather than FixedArray machinery. This allows
Torque-only defined 'internal' classes to the automatically generate
class verifiers and printers.
As part of this change, generate C++ boilerplate accessors for
internal Torque classes, since this is a pre-requisite for the
verifiers, printers and other Struct-based functionality.
Moreover, augment the header-generating functionality in Torque
to create separate header files for field offset definitions,
internal class C++ definitions and instance types.
Bug: v8:7793
Change-Id: I47d5f1570040c2b44d378f23b6cf95d3d132dacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607645
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62317}
The extensions require isolate address to be set but don't rely on calling
any runtime functions, which makes them viable for post-mortem debugging,
if the corresponding memory is included into the dump
!set_iso(isolate_address)
call this function before using !mem or other heap routines
!mem or !mem(\"space1[ space2 ...]\")
prints memory chunks from the 'space' owned by the heap in the
isolate set by !set_iso; valid values for 'space' are:
new, old, map, code, lo [large], nlo [newlarge], ro [readonly]
if no 'space' specified prints memory chunks for all spaces,
e.g. !mem(\"code\"), !mem(\"ro new old\")
!where(address)
prints name of the space and address of the MemoryChunk the
'address' is from, e.g. !where(0x235cb869f9)
Output from !mem would look something like this:
0:000> !mem("old")
Heap at 0x210652b8838
Im address: object area start - end (size)
OldSpace (allocating at: 0x1703dae7a20):
* 0x33d9a8c0000: 0x33d9a8c0138 - 0x33d9a8f1000 (0x31000)
0x1703dac0000: 0x1703dac0138 - 0x1703db00000 (0x40000)
Change-Id: Iae1a217bbc5c5a88e2cf742db88ead9bb6fc904c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669744
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62316}
Introduce SourceTextModule as a subclass of Module. Move all the
JavaScript-module-specific code down from Module to
SourceTextModule, with all code applicable to other future
module types remaining in Module.
With this change, Module is roughly equivalent to the spec's
Abstract Module Record and SourceTextModule is roughly equivalent
to Source Text Module Record.
Bug: v8:9292
Change-Id: I6e9cd3ece9d0c1da57e52f8af8ed5848d87dd22d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1633154
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62296}
For every @noVerifier in base.tq, this change either removes it or
ensures that it has some annotation explaining why it can't be removed.
The @noVerifier usages that can't be removed fall into the following
categories:
1. Classes that don't have their own instance types and therefore have
no meaningful way to do an Is...() check
2. Fields that might not exist
3. Fields that are waiting for MaybeObject support in Torque
Bug: v8:9311
Change-Id: Id452d4151ec07347ae96a9b5f3b26e2ac8065d31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659134
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62263}
We have too many dupes in the no-ic comparisons. We'll increase the
experiment size again once bugs are fixed.
TBR=jarin@chromium.org
NOTRY=true
Bug: chromium:961709
Change-Id: Ic946100b45fd73e1bee59f188a766384836bcdcf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660624
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62212}
Implicit parameters for builtins with JavaScript linkage are now separate, using
the keyword "js-implicit". They have to be one of:
- context: Context
- receiver: Object (this in JS)
- target: JSFunction (arguments.callee in JS)
- newTarget: Object (new.target in JS)
Bug: v8:9120 v8:7793
Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62174}
It was hiding the nodes, but never showing them. Therefore it wasn't
'toggling'.
Change-Id: I6fe57860f44ba05abac0f1575678a494f9d07ae8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649557
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62057}
Some of the tooltips had the wrong text on them when hovering over with
the mouse.
Change-Id: I4d1ba37b0fad276356b76d16710a5dba7dedc6ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649556
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62056}
Breakpad used to put a custom identifier 0x8003 into minidumps to
indicate arm64 architecture. Crashpad now uses the new standardized
value 12. This CL updates grokdump.py to understand both.
Change-Id: Ie9bf5106beba8059e89a48d42d32ac8069493925
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648258
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62047}
So far, calls to Wasm C/C++ API functions reused the call descriptors
of WasmImportWrappers, and the stack frame type of regular Wasm
functions. This CL cleans that up by introducing separate implementations
for both. No change in functionality or performance is expected.
Change-Id: I79301fa81da52283cc776ddf19d4712372f3a58b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632235
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61914}
On Android libraries there are zero length entries within the ranged
symbols which break our range processing. This updates the logic to
only add entries for zero-length entries if they aren't within the range
of the previously added entry.
Change-Id: I511a6221817c535d967a50413948a29d9deb1e85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627985
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61903}
On Android we load the native library directly from the APK. As such,
we need to convert symbols from the mapped APK to the underlying .so
when symbolizing the ticks.
This CL adds a --apk-embedded-library argument to tick processor to enable
specifying which unstripped library file was embeded in the APK and enable
symbolizing.
Change-Id: Ic992825b831f984a1217eed71847bdb158eb992b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627546
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61902}
In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests",
powered by gtest/gmock (like unittests).
Also fix a bunch of issues that these tests uncovered, mostly to ensure
that the stack is walkable.
Change-Id: I1d5604eea85da078ebecd4ebb7383647595f16ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627539
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61885}
This is a reland of 4b86fea530 with
copy&paste typo in CodeStubAssembler::AllocateByteArray() fixed
(bug led to holes in new space, which was crashing reproducibly
on the ia32 bot).
Original change's description:
> [typedarray] Move external/data pointer to JSTypedArray.
>
> As the next step in supporting huge typed arrays in V8, this moves the
> external/data pointer from the FixedTypedArrayBase backing store to the
> JSTypedArray instance itself, and replaces the special backing stores
> with a plain ByteArray (removing all the code for the FixedTypedArrayBase
> class hierarchy). By doing so, we can drastically simplify the system
> around typed arrays.
>
> Note: Several places in the code base used to check the instance type
> of the elements backing store of a JSTypedArray instead of checking the
> elements kind on the JSTypedArray map directly. Those had to be fixed,
> since the backing store is now always a ByteArray.
>
> Drive-by-fix: Move all the typed elements access related code into the
> elements.cc file to properly encapsulate the accesses.
>
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
> Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
> Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61855}
Tbr: petermarshall@chromium.org
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Change-Id: I87fcdb28532c5f08cc227332a4d59546cb423810
Cq-Include-Trybots: luci.chromium.try:linux-rel, win7-rel
Cq-Include-Trybots: luci.v8.try:v8_linux_shared_compile_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631592
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61864}
This reverts commit 4b86fea530.
Reason for revert: Fails on linux shared: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20shared/31045
Original change's description:
> [typedarray] Move external/data pointer to JSTypedArray.
>
> As the next step in supporting huge typed arrays in V8, this moves the
> external/data pointer from the FixedTypedArrayBase backing store to the
> JSTypedArray instance itself, and replaces the special backing stores
> with a plain ByteArray (removing all the code for the FixedTypedArrayBase
> class hierarchy). By doing so, we can drastically simplify the system
> around typed arrays.
>
> Note: Several places in the code base used to check the instance type
> of the elements backing store of a JSTypedArray instead of checking the
> elements kind on the JSTypedArray map directly. Those had to be fixed,
> since the backing store is now always a ByteArray.
>
> Drive-by-fix: Move all the typed elements access related code into the
> elements.cc file to properly encapsulate the accesses.
>
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
> Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
> Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61855}
TBR=ulan@chromium.org,yangguo@chromium.org,titzer@chromium.org,sigurds@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,szuend@chromium.org
Change-Id: I0bc1f935de6063acf75a0f4bb8c0ba67428603fd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Cq-Include-Trybots: luci.chromium.try:linux-rel, win7-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631427
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61856}
As the next step in supporting huge typed arrays in V8, this moves the
external/data pointer from the FixedTypedArrayBase backing store to the
JSTypedArray instance itself, and replaces the special backing stores
with a plain ByteArray (removing all the code for the FixedTypedArrayBase
class hierarchy). By doing so, we can drastically simplify the system
around typed arrays.
Note: Several places in the code base used to check the instance type
of the elements backing store of a JSTypedArray instead of checking the
elements kind on the JSTypedArray map directly. Those had to be fixed,
since the backing store is now always a ByteArray.
Drive-by-fix: Move all the typed elements access related code into the
elements.cc file to properly encapsulate the accesses.
Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61855}
This reverts commit 384a51da42.
This hack is both broken (builtins now have individual symbols and no
longer resolve to v8_Default_embedded_blob_) and useless (profview
seems to detect builtins just fine without it).
Bug: v8:6666
Change-Id: I264b4de31124f1657f4dc570590eb73e53aa08d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627344
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61842}
The python script allows to inject hints into a Wasm module. Hints are
injected into a newly created custom section named "compilationHints"
that is used by the compiler to determine its compilation strategy. The
section is placed after the functions section and before the code
section.
Bug: v8:9003
Change-Id: I531c57e4269ff9ae42b95be3515d2409627d6fb9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619865
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61797}
This makes the WebAssembly function constructor return a proper function
object. Note that the returned object is not yet callable, only the
prototype structure is in place.
R=jkummerow@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: If6a3d0ae7078b5526606eef1b8fd4815353b850b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627343
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61792}
Introduce a single point to emit CodeCreateEvents for all builtins in
Isolate::Init. At this location, we cover both the case of builtin generation
(e.g. in mksnapshot) and deserialized builtins (in standard builds),
whereas previously we only emitted events post-builtin-generation.
In order to preserve behavior for bytecode handler events, pack the bytecode
and operand scale into our existing builtin metadata table.
Drive-by: Update way-out-of-date comment in the static initializer
check.
Bug: v8:8674
Change-Id: Iced8f73568e920846cde6f7b0a9c1e61844258ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627337
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61782}
The python script allows to read the custom section "compilationHints"
from a Wasm module. It prints all hints to standard out.
Bug: v8:9003
Change-Id: Ife8173e3267557d8adf4b6739f45060d386f25dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619764
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61775}
Macros are now inaccessible from CSA except if their declaration is
marked with the "export" keyword. The implicit field accessors for class
fields are always exported.
In this CL, unwarranted access from CSA is prevented by appending a
pseudo-random suffix to non-exported names. This is to be replaced by
something more principled, namely by not including these macros at all in
the headers included from CSA.
Bug: v8:7793
Change-Id: I3ffb2e91a616623f81b4b4508e001ad0cf65d2c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1615258
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61672}
The script does not have the shebang and apparently running it without 'python'
on the command line produces some strange errors such as script trying to parse
itself as a suite config. Making it non-executable will make it clear that users
should prefix it with 'python' or 'vpython'.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Change-Id: I1d4373b8846034cf28b5fd02e60e9ed682330706
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605942
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61607}
This commit attempts to change as little behavior as possible, but it
does require reordering the fields within Map to abide by Torque rules
specifying that strong and weak fields must be in separate sections.
Also includes some Torque compiler updates:
- Allow enums (types extending from integral types) as class fields
- Rename @ifdef to @if and add @ifnot for inverse checks
- Allow void fields in class declarations, which take up no space and
emit no accessors
Bug: v8:8952
Change-Id: I1de6f34c1b15ed87d718666a05176980a218e97c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1480919
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61588}
Also cleanup variable class size calculation for 'new'
statements as well as spread-based indexed field
initialization in Torque rather than in hand-written
ImplementationVisitor code. This is done with new
%-intrinsics. With this change, %-intrinsics can also
have bodies, in which case they are treated as macros.
Bug: v8:7793
Change-Id: I012d57166761688747eb683cb618263e8d0953db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1554695
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61585}
This is a reland of d61a9347c8
6th attempt. Relanding after fixing TSan/UBSan issues.
Original change's description:
> [ptr-compr][x64] Temporarily enable pointer compression on x64
>
> ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the full pointer mode.
>
> Bug: v8:7703
> Change-Id: Ib1498609603cb03be2464043658131d5a2f1e012
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559850
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61416}
Bug: v8:7703
Change-Id: I1fa0989aef9ea08e54fd6dfd32d6989367332ce3
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
Cq-Include-Trybots: luci.v8.try:v8_linux64_cfi_rel_ng
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607654
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61559}
This CL imports some gdbinit magic from Chromium's tools. This fixes
gdb warnings about differences between psymtab and symtab.
R=bmeurer@chromium.orgCC=leszeks@chromium.org
Change-Id: I06e67c17e03b803c516ab59aeb6c17435b81d6d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1611540
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61492}
This CL introduces the new suffix '-tq' for Torque generated files,
and replaces the infix 'FromDSL' in type names with a prefix
'TorqueGenerated'.
Change-Id: I1e90460cc0c666da6cf5017e8b3cb7c39c6ac668
Bug: v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609798
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61490}
Added null check when printing the brand with --print-ast.
Bug: chromium:961507, chromium:961508
Original change's description:
> [class] implement private method declarations
>
> This patch implements the declarations of private methods, the access
> of private methods would be left to a future patch.
> When a private methods declaration is encountered, we now:
>
> - Create a brand symbol during class evaluation and store it in the
> context.
> - Create the closures for the private methods
> - Load the brand from the context and store it in the instance in the
> constructor.
>
> Design: https://docs.google.com/document/d/1T-Ql6HOIH2U_8YjWkwK2rTfywwb7b3Qe8d3jkz72KwA/edit#
>
> Bug: v8:8330
> Change-Id: I2d695cbdc8a7367ddc7620d627b318f779d36150
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568708
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61387}
Change-Id: I3bf465f70c27914c9ec19f3f59ae018b28c9a866
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605521
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61459}
Fixed by 6644f2b872
(https://chromium-review.googlesource.com/c/v8/v8/+/1605728)
This is a reland of 652e32f9f9
Original change's description:
> [heap] Make trampoline CodeDataContainers immutable and deduplicate them
>
> Moves all trampoline CodeDataContainers to read-only space, making them
> immutable. Containers with no 'kind specific flags' set or 'promise
> rejection' flag are deduplicated by replacing them with the new canonical
> CodeDataContainers roots.
>
> This saves around 36KB from the snapshot.
>
> RO_SPACE NEW_SPACE OLD_SPACE CODE_SPACE MAP_SPACE LO_SPACE
> old 32048 0 225944 149280 20240 0
> new 32120 0 189344 149280 20240 0
>
> Bug: v8:7464
> Change-Id: Iedd538a86311ef501cd88c90ec75e1308195762f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601257
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61378}
Bug: v8:7464
Change-Id: Ib98577d7d6c8c1205c94bf8c57d9cb38f51fdad3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609539
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61451}
Having an TaggedImpl template will simplify adding compressed variants
of Object and MaybeObject which is required for avoiding unnecessary
value decompression in tight copying loops and write barrier
implementations.
Bug: v8:7703, v8:9183
Change-Id: I388b008aad0dbeb2d33fc5fb80c5f29b55ef993e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588419
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61441}
1. Use the newer LocalizedNumberFormatter API which improve
the performance score x3.3.
Here are how I got the performance score:
$ python -u tools/run_perf.py --binary-override-path \
out/x64.release/d8 --filter "JSTests/Intl" \
test/js-perf-test/JSTests5.json
Look for NewIntlNumberFormat-Intl(Score) for 3 runs.
BEFORE: 539 507 507
AFTER: 2009 2069 1994
2. Also add symbol and enum to prepare implementing of the unified
number proposal.
Bug: v8:8515
Change-Id: Ie1ca1dba1e806449632cc96b81d44f0dc61b6093
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1392233
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61421}
This is a reland of 42beed975e
Relanding after fixing Chromium issues.
Original change's description:
> [ptr-compr][x64] Temporarily enable pointer compression on x64
>
> ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the full pointer mode.
>
> Bug: v8:7703
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Change-Id: Iee725deda813425a6f0722948b54976154f50909
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
> Reviewed-by: Michael Hablich <hablich@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60230}
Bug: v8:7703
Change-Id: Ib1498609603cb03be2464043658131d5a2f1e012
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559850
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61416}
This reverts commit b9191bd355.
Reason for revert: Clusterfuzz bugs
BUG=chromium:961507,chromium:961508
Original change's description:
> [class] implement private method declarations
>
> This patch implements the declarations of private methods, the access
> of private methods would be left to a future patch.
> When a private methods declaration is encountered, we now:
>
> - Create a brand symbol during class evaluation and store it in the
> context.
> - Create the closures for the private methods
> - Load the brand from the context and store it in the instance in the
> constructor.
>
> Design: https://docs.google.com/document/d/1T-Ql6HOIH2U_8YjWkwK2rTfywwb7b3Qe8d3jkz72KwA/edit#
>
> Bug: v8:8330
> Change-Id: I2d695cbdc8a7367ddc7620d627b318f779d36150
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568708
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61387}
TBR=rmcilroy@chromium.org,gsathya@chromium.org,verwaest@chromium.org,joyee@igalia.com
Change-Id: I429bbe8af9f94598de132814aa2c3ab9fa69b986
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8330
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605730
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61406}
These are added as mjsunit tests for now since they haven't been merged
to the spec repo. When that happens, the wasm-spec-tests testsuite can
be updated to include these tests, and the tests in this directory can
be removed.
This CL also adds the test/mjsunit/wasm/bulk-memory-spec directory to a
list of directories that aren't checked for copyright (since these files
are auto-generated).
Bug: v8:7747
Change-Id: I906f2ca45f497a6728f94afb9b3330971e1d3fd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1600363
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61395}
This reverts commit 652e32f9f9.
Reason for revert: speculative revert due to flaky test failures:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20nosnap%20-%20debug/23920
Original change's description:
> [heap] Make trampoline CodeDataContainers immutable and deduplicate them
>
> Moves all trampoline CodeDataContainers to read-only space, making them
> immutable. Containers with no 'kind specific flags' set or 'promise
> rejection' flag are deduplicated by replacing them with the new canonical
> CodeDataContainers roots.
>
> This saves around 36KB from the snapshot.
>
> RO_SPACE NEW_SPACE OLD_SPACE CODE_SPACE MAP_SPACE LO_SPACE
> old 32048 0 225944 149280 20240 0
> new 32120 0 189344 149280 20240 0
>
>
> Bug: v8:7464
> Change-Id: Iedd538a86311ef501cd88c90ec75e1308195762f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601257
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61378}
TBR=ulan@chromium.org,delphick@chromium.org,goszczycki@google.com
Change-Id: Ifaf9987bc3770f9e80701e8d011ab19da5c747ca
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602877
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61388}
This patch implements the declarations of private methods, the access
of private methods would be left to a future patch.
When a private methods declaration is encountered, we now:
- Create a brand symbol during class evaluation and store it in the
context.
- Create the closures for the private methods
- Load the brand from the context and store it in the instance in the
constructor.
Design: https://docs.google.com/document/d/1T-Ql6HOIH2U_8YjWkwK2rTfywwb7b3Qe8d3jkz72KwA/edit#
Bug: v8:8330
Change-Id: I2d695cbdc8a7367ddc7620d627b318f779d36150
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568708
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61387}
When retries succeed, the perfrunner masks the timeouts.
This CL exposes those failures.
R=sergiyb@chromium.org
Bug: chromium:841700
Change-Id: Ia69a191e84fd994bd25deb2d7019f7acf11db45c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602695
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61384}
Moves all trampoline CodeDataContainers to read-only space, making them
immutable. Containers with no 'kind specific flags' set or 'promise
rejection' flag are deduplicated by replacing them with the new canonical
CodeDataContainers roots.
This saves around 36KB from the snapshot.
RO_SPACE NEW_SPACE OLD_SPACE CODE_SPACE MAP_SPACE LO_SPACE
old 32048 0 225944 149280 20240 0
new 32120 0 189344 149280 20240 0
Bug: v8:7464
Change-Id: Iedd538a86311ef501cd88c90ec75e1308195762f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601257
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61378}
For faster calls from Wasm to C-API functions, passing parameter
values directly instead of through JavaScript wrapper objects.
Change-Id: I31e7d1622dedaf3154483306ab159427ac167663
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591601
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61338}
TBR=tmrts@chromium.org
Also skip some tests too slow in full debug mode.
Bug: v8:9145
Change-Id: Ied8781be26d2c1efd7720e333775da9f6d632236
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598759
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61281}
Error messages are unspecified in JavaScript and occasional small
differences in the compared configurations lead to an unjustified
maintenance burden of correctness-fuzzing issues.
This CL replaces most error messages with a fixed suppression
message during correctness fuzzing (behind a flag).
The flag covering all extra behavior for correctness fuzzing is now
renamed to --correctness-fuzzer-suppressions.
Bug: chromium:958668,chromium:946476
Change-Id: Iba1197f765138a962d5bbb176730322e5a411707
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594730
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61249}
Overall, total test runtime that was wasted due to timeouts is 3420 seconds in
the last 2 weeks. Even with 4 retries, assuming all of them time out, needed
additional capacity is under 2 hours per week. Based on this analysis, I think
it's safe to land this CL.
Note that this is not intended as a long-term solution of the timeout problem,
but rather a temporary solution to prevent ongoing errors. Proper investigation
and correct long-term solution are still needed and tracked in the bug.
R=machenbach@chromium.org, tmrts@chromium.org
Bug: chromium:841700
Change-Id: Id16e6b784fa85bb9e28ed8c6b267b583636e2dc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593342
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61224}
Based on Primiano's prototype:
https://chromium-review.googlesource.com/c/v8/v8/+/1290549
This is still behind a build flag. I'll add functionality incrementally
rather than land everything in one giant CL.
This CL sets up the basic classes that will be used for the Perfetto
implementation, e.g. the producer, consumer, controller and task runner.
This implementation produces a binary proto file in the current
directory named v8_trace.proto. It doesn't yet produce JSON output,
that is coming in a following CL.
Currently the old tracing and perfetto tracing are both run alongside
each other if the build flag is enabled.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I0eb9ecefa191ceead60aadd5b591d75c99395a6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1408995
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61209}
The script still works with Python 2.
There are no intended behaviour changes.
Bug: chromium:941669
Change-Id: I5ec63564fdb29a326c64d6ac7465f86b30ef16c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585857
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Raul Tambre <raul@tambre.ee>
Cr-Commit-Position: refs/heads/master@{#61191}
The registry right now has no users. In a follow-up CL I will
remove the skip list for code pages and make users of the skip
list use the registry.
Bug: v8:9093
Change-Id: I23a2b9e0d4158e2ffa89626e71f58d3bb5a41201
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593074
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61184}
The "stress_background_compile" variant runs on all our bots. We
combine it with testing wasm code GC (which kind of fits into
background compile stressing) to get more coverage for that. Both
features are orthogonal, so we can test both at the same time without
loosing any coverage.
R=machenbach@chromium.orgCC=rmcilroy@chromium.org
Bug: v8:8217
Change-Id: Ib17decd4869978ff98e302694fa73d70ceec120e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588472
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61151}
This is needed to allow deriving timeout and near_timeout runnables on the
recipe side and drop corresponding fields in the output.
We also remove some unused code that was removed in previous refactoring CLs.
R=tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:841700
Change-Id: Ib7cec9baceff994fb9b32be09ba4a4079ebff2c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588417
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61095}
This makes the gc-stress bots set the '--stress-wasm-code-gc' flag.
Note that this also implicitly enables wasm code gc on these bots.
R=mstarzinger@chromium.org, machenbach@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg
Cq-Include-Trybots: luci.v8.try:v8_mac64_gc_stress_dbg
Bug: v8:8217
Change-Id: Idc4fb996f50632d5621200e138f3ddc572ed9b05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585721
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61089}
This CL removes a build script that was used to create ANTLR visitors
for Torque parsing. As Torque rolls its own parser now, this script
can safely be removed.
R=tebbi@chromium.org
Bug: v8:9183
Change-Id: Id56ee590d79e5c849ac111e8825cd3733cd55d90
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587379
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61069}
This CL fixes an issue where a comment was not highlighted correctly
after a class definition.
Bug: v8:7793
Notry: true
Change-Id: I378a1373c8f4a6c8d48c4bb2ee4a4c3b39b2341f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585733
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61067}
This also makes processing immediate, i.e. outputs are parsed into results as
soon as test run is finished, which will allow us to implement logic that checks
whether we have enough runs based on already-accumulated results.
Since we process each output immediately, we do not need Measurement class any
longer and its ConsumeOutput is now integrated directly into TraceConfig.
Similarly AccumulateResults is replaced with RunnableConfig.ProcessOutput as we
do not accumulate results any longer.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:880724
Change-Id: I0fc4846024c43258c10ba8d568312aa4746d746f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584325
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61048}
This is part of the refactoring needed to implement a feature that allows
re-running benchmarks until needed confidence is reached.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:880724
Change-Id: I45f584a3503ecf567f4c2661a302a74fc5e516af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581605
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61037}
Peeling away layers of indirection. More to follow.
Change-Id: Ide15b9ece926f51d957de8fdc37829f02d86ca49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1573700
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61035}
The --run-count-multiplier flag was used to run an experiment and is not needed
anymore. It will be superceeded by another parameter that will run benchmarks as
many times as needed until needed confidence is achieved.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:880724
Change-Id: Iedd3d0f900a838f97cfa3339f582f6d02cce3e93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578504
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60980}
This prepares removing the special timeout of 200 on the bots. First
we temporarily set 200 on v8 side to remove the flag on the infra side.
Afterwards we'll remove the v8-side code, tested in CQ.
TBR=tmrts@chromium.org
Bug: v8:9145
Change-Id: I61578da02ab8c101d0d6c916106ad5a8bc6841cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581259
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60962}
This is dead code as no benchmarks seem to be using it and removing this
additional logic will reduce maintenance cost for the perf infrastructure.
R=machenbach@chromium.org, tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Change-Id: I952af069d4d18d63624510b4c461fa1891703db9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570008
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60947}
This is part of the refactoring to allow exporting more information about test
execution to the recipes and upload this information to ChromePerf.
This fixes running secondary even after primary run fails, which will allow us
to differentiate between test and infra failures as latter ones will also affect
refbuilds and re-runs without patch.
R=machenbach@chromium.org, tmrts@chromium.org
Bug: chromium:841700
Change-Id: I29ce49d2f8c5e73158f1d41a73c51f2b35929f36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570006
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60946}
This is part of the refactoring to allow exporting more information about
test execution to the recipes and upload this information to ChromePerf.
R=machenbach@chromium.org,tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:841700
Change-Id: Iab400e8922231d8eac91a6fa22ce8f45053f7ac6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569442
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60944}
The WebAssembly JavaScript Interface specifies[1] that exported
functions are not constructors, hence do not have the "prototype"
property. This is not true for asm.js exported functions which are
expected to look like normal functions (or constructors).
[1] https://webassembly.github.io/spec/js-api/index.html#exported-function-exotic-objectsR=clemensh@chromium.org
TEST=mjsunit/regress/regress-crbug-935800
BUG=chromium:935800
Change-Id: Idecacfb7f5d4668540589af95fd59872334c21a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578499
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60943}
This prints the current v8-specific processes on linux whenever the
test driver emits a heart beat (i.e. no output for 30 seconds).
This is to investigate the cause of currently hanging tests on linux.
Bug: v8:9145
Change-Id: I857bb6d1c5f0b0917c64cdc0aa6076c6633f9dd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578438
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60941}
We see crashes in the wild that we suspect are caused by these changes.
This is a manual revert because of conflicts.
Revert "[turbofan] Fix incorrect CheckNonEmptyString lowering."
This reverts commit b3b7011867.
Revert "[turbofan] Fix incorrect lowering of CheckNonEmptyString."
This reverts commit 5758209026.
Revert "[turbofan] Significantly improve ConsString creation performance."
This reverts commit d6a60a0ee1.
Bug: v8:9147
Change-Id: I262c21e5406a9c4c8ad0e0f995582c5802f0fa1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571613
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60919}
Plus a script to compile/link/run them.
Change-Id: Iac8ffcda3a73902261c07a7b4e5d967a19414c75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564058
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60911}
We've originally added them in https://crrev.com/c/1159361 and then removed
again in https://crrev.com/c/1291370 since they were implemented in LogDog
Viewer. However, looks like logs from the swarming tasks are all dumped into
step stdout at the same time and thus logdog assigns idential timestamp to all
lines making it fairly useless.
TBR=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:841700
Change-Id: I49bfb23f8007e4a0facdfea6a09cde911f8e5a51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569432
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60875}
- Remove AllocationSpaceName() which was in SHOUTY_CASE and did not
actually handle CODE_LO_SPACE.
- Make GetSpaceName() static because it is.
- Change callers of old AllocationSpaceName() to use GetSpaceName().
- Change the input type to a AllocationSpace rather than int given the
function crashes on invalid values.
Space::name() now returns a lower case result but this is only used by
functions guarded by gc_verbose or trace_fragmentation so I don't think
this will break anything.
Change-Id: Ice9a955365d4a22233af7ba39126ad8e5cff2aab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1565474
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60842}
This enable test suites to check which test driver framework is used.
When using number fuzzer on mjsunit, we add a JS file that
switches off the optimization-state assertions.
Checking intrinsic state is not feasible on the number fuzzer and in
the past, we needed to skip tests on demand, which is a maintenance
burden. The main function of the fuzzer, to check for dcheck errors and
tsan issues, is retained.
Bug: v8:9127
Change-Id: I699b85d5f7c9aaed337a2130d9eddc160c059d7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1565892
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60816}
This is not fixing the root cause of the flakiness, but prevents us from loosing
data in the short to medium term as investigation proved to be difficult and
will likely take even more time.
R=machenbach@chromium.org, tmrts@chromium.org
Bug: chromium:872257
Change-Id: Id5fbd0a00058f8612089ee4d6a858193924bd868
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564204
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60814}
- Remove all relative imports from mock and os
- Fix mocking in a few tests to prevent cross-test side-effects
- Add run_perf_test.py to v8_presubmit.py
- The vpython config was not added since root .vpython already includes
coverage and mock libraries
- Convert all double-quoted strings to single-quoted (PS8->PS9)
R=sergiyb@chromium.org
Bug: chromium:123456
Change-Id: I7b3a08dc5d950b0f51cc7a5eb3a012ea953ca824
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564206
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60810}
This will allow to distinguish between the standard runner and the num fuzzer
on the infra side when generating flako command lines. The value could be
inferred, but it'd be more confusing.
Bug: v8:8971
Change-Id: I78f5104135d1c7fd7d98bceb4b17897e79421455
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564050
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60769}
This is a reland of Ie3ac389e1c082d1671efd4d74abc076ce943301b with a fix
for MSAN failures.
Interrupt budget was store in bytecode array and used to be shared
across all contexts. With lazy feedback allocation, using context
independent interrupt budget might lead to performance cliffs when
we have closures that do not share the same feedback (for ex: across
contexts). This would be a problem even earlier but it could be
more pronounced with feedback vector allocation, since the budgets
for optimization is much higher (144x) than the budget for feedback
allocation.
Bug: chromium:948835, v8:8394
Change-Id: I74f998c30e27caf3bd34510f4d7f57b65e6c7f0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1561072
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60750}
This reverts commit f39944853f.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26128
Original change's description:
> [interpreter] Move interrupt budget from BytecodeArray to FeedbackCell
>
> Interrupt budget was store in bytecode array and used to be shared
> across all contexts. With lazy feedback allocation, using context
> independent interrupt budget might lead to performance cliffs when
> we have closures that do not share the same feedback (for ex: across
> contexts). This would be a problem even earlier but it could be
> more pronounced with feedback vector allocation, since the budgets
> for optimization is much higher (144x) than the budget for feedback
> allocation.
>
> Bug: chromium:948835, v8:8394
> Change-Id: Ie3ac389e1c082d1671efd4d74abc076ce943301b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1558088
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60734}
TBR=jarin@chromium.org,mlippautz@chromium.org,mythria@chromium.org,jgruber@chromium.org,bmeurer@chromium.org
Change-Id: Icbec4d28d6ac258827e222461cff51f2a2f42472
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:948835, v8:8394
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1560990
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60735}
Interrupt budget was store in bytecode array and used to be shared
across all contexts. With lazy feedback allocation, using context
independent interrupt budget might lead to performance cliffs when
we have closures that do not share the same feedback (for ex: across
contexts). This would be a problem even earlier but it could be
more pronounced with feedback vector allocation, since the budgets
for optimization is much higher (144x) than the budget for feedback
allocation.
Bug: chromium:948835, v8:8394
Change-Id: Ie3ac389e1c082d1671efd4d74abc076ce943301b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1558088
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60734}
Since wasm optimizations are independent of JS optimizations, we can
just combine the "no_liftoff" variant with the existing "stress"
variant (which has the similar "--always-opt" option for JS), and add
a "Liftoff only" variant as part of "nooptimization".
This gives more coverage to find bugs like https://crrev.com/c/1543354
more easy.
R=mstarzinger@chromium.org, machenbach@chromium.org
Change-Id: I81bb22074c59dcb650a05252da43a4170cd467ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559740
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60714}
For standard test failures, the variant name is enough to deduce the
full command line of the test. This is used to create the flako
command line on the infra side.
Test failures from numfuzz have additional variant_flags, calculated
by the fuzzer, which don't match a variant name. Exposing those in
the test results will enable printing a proper flako command line
on infra side for numfuzz cases.
Bug: v8:8971
Change-Id: Ie47d42a0b34037da458b474f2a9ab38f1a5d238a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1554689
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60656}
This reverts commit 42beed975e.
Reason for revert: This commit seems to cause consistent failures in
some ProcessMemoryMetricsEmitterTest tests on Mac and ChromeOS. I'm
not sure what the exact reasoning behind this is. See https://crbug.com/949157.
Original change's description:
> Reland "[ptr-compr][x64] Temporarily enable pointer compression on x64"
>
> This is a reland of 4f051fd5da
>
> Relanding after fixing Chromium issues.
>
> Original change's description:
> > [ptr-compr][x64] Temporarily enable pointer compression on x64
> >
> > ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> > pointer compression in order to keep testing the full pointer mode.
> >
> > Bug: v8:7703
> > Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> > Change-Id: Iee725deda813425a6f0722948b54976154f50909
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
> > Reviewed-by: Michael Hablich <hablich@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#60230}
>
> Bug: v8:7703
> Change-Id: Ic2d1c2ae41ec645f34963f5f561c33199c72ef4b
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535819
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60582}
TBR=machenbach@chromium.org,hablich@chromium.org,leszeks@chromium.org,ishell@chromium.org,verwaest@chromium.org
Change-Id: Ib9737081e90dddcfe44af9da1275a610da209323
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7703
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1550709
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60618}
Reading --verify_predictable makes me sad, whereas --verify-predictable
makes me happy. This CL introduces more happiness.
R=machenbach@chromium.org
Bug: v8:8834
Change-Id: Id51a75f32e6d5a2f87aed81e058a8b6dff189758
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1550399
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60599}
This is a reland of 4f051fd5da
Relanding after fixing Chromium issues.
Original change's description:
> [ptr-compr][x64] Temporarily enable pointer compression on x64
>
> ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the full pointer mode.
>
> Bug: v8:7703
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Change-Id: Iee725deda813425a6f0722948b54976154f50909
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
> Reviewed-by: Michael Hablich <hablich@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60230}
Bug: v8:7703
Change-Id: Ic2d1c2ae41ec645f34963f5f561c33199c72ef4b
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535819
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60582}
Allocate feedback vectors lazily when the function's interrupt budget has
reached a specified threshold. This cl introduces a new field in the
ClosureFeedbackCellArray to track the interrupt budget for allocating
feedback vectors. Using the interrupt budget on the bytecode array could
cause problems when there are closures across native contexts and we may
delay allocating feedback vectors in one of them causing unexpected
performance cliffs. In the long term we may want to remove interrupt budget
from bytecode array and use context specific budget for tiering up decisions
as well.
Bug: v8:8394
Change-Id: Ia8fbb71f5e8543a92f14c44aa762973da82d445c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520719
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60450}
This is used to convert files with binary proto data to the Trace Event
.json format for use with the chrome://tracing viewer.
Change-Id: Ib5478f6aa2326b5e085506859f4a7f30f95c79f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535823
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60422}
