This decreases the snapshot size (we don't need to write the ID for the
string) and speeds up deserialization.
Bug: v8:11525
Change-Id: I8f48d2344a7fd895c746e6a3d26f6dbbdd11a062
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494539
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79381}
HeapNumbers that are in the shared heap were incorrectly considered
!IsShared().
TBR=jkummerow@chromium.org
Bug: v8:12547
Change-Id: Ie4b9575445d841a7045c947ff4439bf53a22869d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504085
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79372}
Because I don't get much out of "Object() != Object()"
Change-Id: I5a765b9cb0a272d30edcd834ec7b60d2fd03190b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497352
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79370}
This introduces a new (inspector-only) `v8::debug::ScriptSource`,
which represents the source for a given `v8::debug::Script` (in
case of JavaScript it's a `v8::internal::String` while in case of
WebAssembly it's a `Managed<v8::internal::wasm::NativeModule>`).
Every `v8_inspector::V8DebuggerScript` now holds on weakly to the
`v8::debug::Script` and strongly to its `ScriptSource`, making it
possible to access the source even after the `Script` dies.
This is preliminary work to allow for the removal of the special
GC feature that a `WeakCallbackType::kFinalizer` callback can
resurrect the object (this change is split into a separate follow
up CL https://crrev.com/c/3497324).
Bug: chromium:1295659, chromium:1302195
Doc: https://bit.ly/v8-inspector-script-caching
Change-Id: I503d0d9283e2da392023f06f79b8ff35953e7935
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494242
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79363}
This proposal adds i32 and i64 addition, subtraction, and multiplication
to the list of constant expressions.
See https://github.com/WebAssembly/extended-const.
Bug: v8:12089
Change-Id: I23a27a54a15fd37ee1d553992ab3b355eb9d317c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497665
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79362}
When the function is created with FunctionTemplate and set name with
native data property accessors, binding the function should throw
immediately if the native accessor throws.
Bug: v8:11989
Change-Id: Ief282202aa5b8515f581fd5478886ed5f001fd4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492966
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#79356}
Prototype F32x4Relaxed(Min/Max) and F64x2Relaxed(Min/Max)
operations for ARM. F32x4 variants map directly to vmin/vmax
hardware instructions which are also used for F32x4(Min/Max)
operations. The F64x2 variants are mapped in this implementation
to Pmin/Pmax instructions as detailed in the github issue.
https://github.com/WebAssembly/relaxed-simd/issues/33
Bug: v8:12284
Change-Id: I5ea939385fa0ae97bbdf776fc0b763cabb1b293c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3501347
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79355}
With the previous change to using the mask as the first
input to the node, the lane select ARM codegen is equivalent
to V128Select. Also enable cctests to run on ARM.
Bug: v8:12284
Change-Id: I5572f4845307ff20cc2a0a58d3ccf162caa436b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500655
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79352}
A TrapUnless after an IfTrue, and conversely, a TrapIf after an IfFalse,
should not optimize away the respective Branch node.
Bug: v8:12624
Change-Id: I250b2f84c38295ca35e440589901ed5a58bb4e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500303
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79349}
This renaming was missed in
https://chromium-review.googlesource.com/c/v8/v8/+/3468577, because the
code adding these #ifdef blocks landed in-between the renaming change
being uploaded and landed.
Bug: chromium:1298417
Change-Id: I8c2e951099dafcce7e19a59e40e36f308e2ed867
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3498349
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Benoit Lize <lizeb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79345}
Currently, a streamed script which specifies 'use strict' is stored in
the isolate script cache with a key indicating that it is strict mode.
However, the keys should be based on the context executing the script,
not the content of the script, so that the next lookup can find the
entry without having to parse the script first.
Bug: v8:12668
Change-Id: Iaa76c00c431ad54a86ffd18b61cb4f67dc457b03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3498220
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#79331}
When --maglev is set, tier up to Maglev from unoptimized tiers based on
--interrupt-budget-for-maglev, initially set to 40KB (which should very
roughly by 1/10th of the time until the TF tierup decision is made).
On the first interrupt, a non-concurrent optimization to Maglev is
requested, which the next call to the marked function will perform.
- There is no support for tiering from Maglev to TF yet.
- Maglev's language support is minimal and tests are not expected to
pass with --maglev.
- Disable --maglev by default for now.
Drive-by: fixes related to Maglev flag definitions.
Bug: v8:7700
Change-Id: I121bb3f4f3830fdd20e1d4a12d3e04f08a99be38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79328}
According to the latest changes in wasm-gc, externref will be renamed
to anyref, and will be assigned as the top of the reference type
hierarchy. Since in the current wasm type system funcref is not a
subtype of anyref, subtyping is now dependent on whether wasm-gc is
enabled.
Bug: v8:7748
Change-Id: I0c0ae3dd5523e624d4490ca33d1fba4c2ae59393
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3468345
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79322}
- Add the Isolate as an explicit param (we already have it at all
callsites)
- Pass an explicit CodeKind param to MarkForOptimization in preparation
for Maglev.
- Split EnsureFeedbackVector into that, plus
CreateAndAttachFeedbackVector for when we know it has to be created.
Bug: v8:7700
Change-Id: Ie9022deccd31d472d6df3d442b25583af5569ab0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497383
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79318}
When running with the simulator, Assembler::debug() can record an inline
comment to be printed when the simulator encounters it. We need to make
sure pools are not emitted while the comment is recorded in the code
stream.
However the BlockPoolsScope was missing its margin argument to tell it
how much code we're going to generate, and could forget to emit pools
when it should have, causing crashes later on when a branch cannot jump
over the code comment.
Bug: v8:12637
Change-Id: I39e50f176d87c781c865b81fb9aca57d69c8c019
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494544
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/main@{#79317}
Single generation doesn't have a young generation, so we cannot check
whether it's inline allocation is enabled.
Bug: v8:12615
Change-Id: I145e7c3ff225dc0099136289c9aef4ddd28b3578
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487993
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79316}
The following histograms have been deprecated, as they are superseded
by V8.GC.Cycle.*.Young or not needed anymore (next to each, the
corresponding isolate counter):
- V8.GCScavenger (gc_scavenger)
- V8.GCScavengerBackground (gc_scavenger_background)
- V8.GCScavengeReason (scavenge_reason)
- V8.GCScavengerForeground (gc_scavenger_foreground)
- V8.GCBackgroundScavenger (background_scavenger)
- V8.GCMarkCompactor (gc_mark_compactor)
This CL removes the corresponding instrumentation in the code and the
isolate counters.
Bug: chromium:1154636
Bug: chromium:1299555
Change-Id: I62d28ff60ef47a058fe148c7855af8e2c1cc0aed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487548
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79308}
inspector tests are not yet enabled as a few issues need to be
solved related to endianness and IBM lane numbering.
Change-Id: I3c5c87af45037033d4a112cb7e1da8b7923ce0f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3489244
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#79306}
The main change is the section name, which is now 'metadata.code.branch_hint'.
The binary format has also a couple of minor changes.
Semantics remain unchanged.
Change-Id: I056c9f672ae494979e8ea55266fa766139b71d38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487788
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79292}
After https://crrev.com/c/3484317, passing {nullptr} to the
{CodeSpaceWriteScope} won't work any more. Since the tests do not have a
{NativeModule} to pass instead, make them use
{pthread_jit_write_protect_np} directly.
The jump-table assembler tests have dedicated threads for writing and
executing the code, so we just switch once per thread. The icache test
switches between writing and executing, so we use a little struct for
switching.
R=jkummerow@chromium.org, tebbi@chromium.org
Bug: v8:12644, v8:11974
Change-Id: I116f3ad75454f749cdc4635802a4617ff91548b2
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487995
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79290}
When we can eliminate a branch-on-type instruction based on statically
available type information and replace it with an unconditional branch,
we have to mark the rest of the current block as unreachable.
Change-Id: I9b8cc2f8e76da0b1b7cdf72b150ec675e9aae1a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3490931
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79288}
mjsunit/compiler/deopt-pretenure.js is flaky due to --gc-interval in
some variants.
The flag can cause a variable to be promoted to old space before the
test can force allocation site pretenuring for that variable, which is
essential for the test case.
Bug: v8:12652
Change-Id: If7239deaa3026bb781d3ee96df28a1bbf3a5b6f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3488371
Auto-Submit: Patrick Thier <pthier@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79275}
This is a reland of a183895687
Now that https://crrev.com/c/3485678 landed and fixed the deadlock
in the linked bug, we can reland this CL without changes.
Original change's description:
> [heap] Allow shared references in WeakMap
>
> Shared references can also be stored in WeakMaps and during marking we
> need to be able to deal with such references. In a client GC shared
> objects are treated as live, so we don't need to update or check mark
> bits for such objects.
>
> Bug: v8:11708
> Change-Id: I0dbf797472c4779f462750dab63cc9b012aad091
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3447365
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79153}
Bug: v8:11708, v8:12642
Change-Id: I5945a16255647c897a1df834267137bf73b6207f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3485679
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79267}
{AtomicSub} on x64 first negates the {value} register, then does an
atomic addition. For that reason, {value} should be a unique register.
So far, we only checked that it's not used in the value stack, but we
should also check for overlap with the destination address or the offset
register.
Drive-by: Remove unneeded handling of non-unique register index on arm,
as that cannot happen (LiftoffCompiler ensures that the result register
is unique).
R=thibaudm@chromium.org
Bug: chromium:1296876
Change-Id: Ie6b97eec8e8dea07b0bcc644d261f47467cc5b8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487987
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79265}
This CL introduces an additional verification pass at the end of
SimplifiedLowering. The verification checks consistency of the lowered
graph with respect to node types under the effect of used truncations.
Typing of additional, lower level nodes is required and added in this
CL.
The verification pass can be enabled using --verify-simplified-lowering.
Bug: v8:12619, v8:11682
Change-Id: I21e7ebcf40153e53108ddfad2a871c7cbd61a085
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3452029
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79264}
Previously, the interval was max(6, <interval_value>) which was
changed to actually consider the value of the flag.
Change-Id: Iec3cef19b6ec8528f03c36db6239b044ee90cde1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487969
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79262}
This CL refactors Heap::GCTypeTimer and Heap::GCTypePriorityTimer
and moves them to a GCTracer::RecordGCPhasesInfo class. This is
a necessary change for deprecating counters that are used for
old style GC metrics, like gc_scavenger. When all such counters
are deprecated, GCTracer::RecordGCPhasesInfo will no longer be
necessary and will be removed.
Bug: chromium:1154636
Change-Id: I04504a0f6c7a0955f4300a1c94c969aaeb23b77f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3486556
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79257}
Keep --gc-interval precise wrt to the # of allocations needed for a
GC.
Bug: v8:12615
Change-Id: I1ff45ef709013427b5f27643e3a6135dd0f4025d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3485676
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79256}
With this change we can easily track and filter unsupported objects
for full-page snapshots.
Bug: v8:11525
Change-Id: Id75b6f4edf68b47d6dfbe79aed2b686aeec61068
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484320
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79252}
{FreePages} is never expected to fail, and each caller wraps the call in
a CHECK macro. In order to learn more about failures, this CL moves the
CHECK inside of {::FreePages}, to fail whenever the {PageAllocator}
fails to free pages.
As a next step, I'll audit our {PageAllocator} implementations to ensure
that none of them return {false} for {FreePages}. Note that this is
already the case for the gin platform (chromium).
R=mlippautz@chromium.org
Bug: v8:12656, chromium:1299735
Change-Id: Ib61be6cc8da0110ead2db1ad005728bd061e0243
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484321
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79248}
Maglev is mid-tier optimising compiler designed mainly for compilation
speed that can still generate good code for straightforward JS.
This initial commit is an MVP for Maglev which can compile and run some
very simple code, and sets up a framework that we can build upon.
Design:
https://docs.google.com/document/d/13CwgSL4yawxuYg3iNlM-4ZPCB8RgJya6b8H_E2F-Aek/edit#
Bug: v8:7700
Change-Id: I5ae074ae099126c2c0d50864ac9b3d6fa5c9e85a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3483664
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79247}
The external project is effectively abandoned. Fork and move it in-tree
for easier maintenance and Python 3 migration.
Bug: chromium:1296209
Change-Id: I4ff97749acb2895bd8433c08b2a4ff109c90cda2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3475086
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79240}
To avoid leaking VMState cross origin leverage existing FilterContext
to filter out VMSTates.
GC State is the exception as it is not coupled to any native context and
is always included.
Bug: chromium:1263871
Change-Id: I5cab8620460f4db24fa183c891cb0c43996e95c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3465735
Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79234}
Embedder fields are located between JSObject header and inobject fields
and there must be no gaps.
This CL adds respective check to Map verification and fixes existing
issues.
Bug: v8:10391
Change-Id: If55652095588f8704c9a375fb86be1599816aa86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3482436
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79227}
When triggering a step out action, we check whether we already
are at a return or suspend location. If not, we first flood all
return positions with breakpoints, set the fast_forward_to_return_
flag and continue.
With the new way of reporting instrumentation breakpoints, we now
may get into the situation where we stopped on an instrumentation,
but may still need to continue until we reach the return point for
the step out. This CL fixes a bug in which we ran into a DCHECK
that expected us to stop on a return location (since
fast_forward_to_return_ is set to true), but we didn't.
Drive-by: adapt other stepping tests to properly wait for all pauses
Bug: chromium:1229541
Change-Id: Ie5fd358922f4cdaf1f8584bb0b35e87b0e221fb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3480094
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79226}
Custom callbacks assume that untraced pointers always point to valid,
not freed objects. They must make sure that upon callback completion no
UntracedMembers point to an unreachable object. This may not hold true
if a custom callback for an old object operates with a reference to a
young object that was freed on a minor collection cycle. To maintain
the mentioned invariant, the CL calls custom callbacks for old objects
on every minor collection cycle.
The alternative options could be:
1) Replacing all UntracedMembers with WeakMembers, since WeakMember
supports tracing and the barrier.
2) Emitting the generational barrier for UntracedMember + tracing
UntracedMember on minor collection cycles.
The first option requires changing multiple use sites and can bring some
performance regression. The second option requires changing the GC logic
and the semantics of UntracedMember.
Bug: chromium:1029379
Change-Id: I9bb89e4787daf05990feed374dceca940be7be63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3472499
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79221}
Previously we'd hold on to Script objects strongly after they are
considered unreachable by V8 itself, and keep them around for the
V8DebuggerAgent cache (whose upper limit can be controlled with a
parameter to `Debugger.enable`).
This CL changes that to instead copy out the script source and the
WebAssembly bytecode (depending on whether it's JavaScript or Wasm)
to the C++ heap and keep it cached there.
Fixed: chromium:1295659
Bug: chromium:1246884
Change-Id: Idfcd7172715eafca6b011826ae03a573d58803f2
Doc: https://bit.ly/v8-inspector-script-caching
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3472082
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79217}
