Commit Graph

60835 Commits

Author SHA1 Message Date
Joakim Bengtsson
4b1447e4bb Improve V8 GC logic for external memory
The logic for V8 GC normally only takes the external memory growth
since last mark-compact into account. Unfortunately, the amount of
external memory recorded at the end of MC is often too high. The
reason is that it might take a while for the external memory
associated with the GCed objects to be released (e.g. V8 itself post a
task to release external memory for ArrayBuffer backing stores). In a
worst case scenario GC is driven only by external memory and none of
the external memory is released by the end of the MC. Then each MC
will record the external memory at its highest point and the GC logic
will allow the external memory to grow a bit higher each time which
can lead to excessive memory use.

This patch improves the situation a bit by calculating the growth from
the lowest external memory seen since the last MC. That way the growth
calculation will be offset from a level presumably closer to the
intended one (to what it would have been if the external memory
associated with the GCed objects was released during the MC). Now,
this fix is not perfect because it can be thrown off by external
memory growth occurring before the lingering memory is
released. However, it seems to work rather well in practice (e.g. when
playing MSE video on YT).

Bug: v8:10185
Change-Id: Ifcdd87eb45f3ae4a99d2aeec667c3ae4ca9a52b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042711
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66193}
2020-02-10 09:33:33 +00:00
Peter Marshall
e16bd85b8e [tooling] Reland "Keep track of idle state even when we aren't profiling"
> It isn't expensive to set this enum on the isolate and we only call
> this in chrome when the ThreadDebugger is enabled anyway.
>
> This means we have a correct idle state to use with the upcoming
> CDP event which emits the thread state.

This time, move the dcheck below the stack pointer check. It turns out
we call into this with current state == JS, but only when js is on the
stack, so we can just move the check lower.

Bug: chromium:1025490
Change-Id: Ic9b2eff1ae1880535d0c6da5487ebea4f7e5e62b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039050
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66192}
2020-02-10 09:15:22 +00:00
v8-ci-autoroll-builder
9e548ec77a Update V8 DEPS.
Rolling v8/tools/clang: 4f24c2a..7d1284a

Rolling v8/tools/luci-go: git_revision:bbda6f0d563b25ce0a25b147dec46e5815da5601..git_revision:02ba678a47594da180904851f3e6f809da7e0fc5

Rolling v8/tools/luci-go: git_revision:bbda6f0d563b25ce0a25b147dec46e5815da5601..git_revision:02ba678a47594da180904851f3e6f809da7e0fc5

Rolling v8/tools/luci-go: git_revision:bbda6f0d563b25ce0a25b147dec46e5815da5601..git_revision:02ba678a47594da180904851f3e6f809da7e0fc5

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Iff417ef02e3e79fa094fad500fec3975c915c399
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2044840
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#66191}
2020-02-10 03:55:52 +00:00
Michael Achenbach
72fc962b4d Revert "[weakrefs] Schedule FinalizationGroup cleanup tasks from within V8"
This reverts commit 31d8ff7ac5.

Reason for revert: https://crbug.com/v8/10190

Original change's description:
> [weakrefs] Schedule FinalizationGroup cleanup tasks from within V8
> 
> Deprecate the following explicit FinalizationGroup APIs in favor of
> automatic handling of FinalizationGroup cleanup callbacks:
>   - v8::Isolate::SetHostCleanupFinalizationGroupCallback
>   - v8::FinaliationGroup::Cleanup
> 
> If no HostCleanupFinalizationGroupCallback is set, then
> FinalizationGroup cleanup callbacks are automatically scheduled by V8
> itself as non-nestable foreground tasks.
> 
> When a Context being disposed, all FinalizationGroups that are
> associated with it are removed from the dirty list, cancelling
> scheduled cleanup.
> 
> Bug: v8:8179
> Change-Id: Ic09313a11dd00af36d1f698250b3d735155f45e8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986392
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66184}

TBR=ulan@chromium.org,rmcilroy@chromium.org,syg@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:8179
Change-Id: If7869e9a5841803c10e748691f019a7d28f3b62e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043807
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66190}
2020-02-09 16:24:52 +00:00
Johannes Henkel
40e2bd1a9c [DevTools] Roll inspector_protocol (V8)
Upstream PR:
"Drop && from Serializable::TakeSerialized() &&."
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/2029933

New Rev: 75c465e8d425f2e0b5297245c7eb058411af493a

Change-Id: I11dafc589c8f0c5a7e158b9cc5ad5202ba8237e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2029335
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66189}
2020-02-09 12:24:31 +00:00
Z Nguyen-Huu
ddc7e69125 [wasm] Skip test in multiple isolates
If both isolates run this test, they are kind of racing on the
{tier_down_} flag, hence you get unexpected results.

Bug: v8:10189, v8:10099
Change-Id: I8657c32c024898442d5c916cf15077c846276b1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2044544
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66188}
2020-02-09 07:50:01 +00:00
v8-ci-autoroll-builder
a781302612 Update V8 DEPS.
Rolling v8/build: d34dbf0..8ada491

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I1a5aaa521f42bf2779605345568ab851d7126e4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2044836
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#66187}
2020-02-09 04:01:41 +00:00
v8-ci-autoroll-builder
574b099985 Update V8 DEPS.
Rolling v8/build: 68bdecf..d34dbf0

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8052d29..ea794b8

Rolling v8/third_party/depot_tools: 73c7670..3b8094a

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I55eddf107dd1001dbcadef4c2222a5bd2b630117
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2044833
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#66186}
2020-02-08 03:49:30 +00:00
Milad Farazmand
f2579c7331 s390: [wasm-simd] Add to simd conversion operations
Change-Id: Id3d6566dc7b8a4cc10574abe79246ebf1398f016
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043024
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#66185}
2020-02-08 02:19:10 +00:00
Shu-yu Guo
31d8ff7ac5 [weakrefs] Schedule FinalizationGroup cleanup tasks from within V8
Deprecate the following explicit FinalizationGroup APIs in favor of
automatic handling of FinalizationGroup cleanup callbacks:
  - v8::Isolate::SetHostCleanupFinalizationGroupCallback
  - v8::FinaliationGroup::Cleanup

If no HostCleanupFinalizationGroupCallback is set, then
FinalizationGroup cleanup callbacks are automatically scheduled by V8
itself as non-nestable foreground tasks.

When a Context being disposed, all FinalizationGroups that are
associated with it are removed from the dirty list, cancelling
scheduled cleanup.

Bug: v8:8179
Change-Id: Ic09313a11dd00af36d1f698250b3d735155f45e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986392
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66184}
2020-02-08 00:20:10 +00:00
Ng Zhi An
51a7668976 [wasm-simd] Scalar lowering for load splat (s8x16, s16x8, s32x4)
We lower each op into num_lanes loads, and connecting up the effects in
a chain.

s64x2 is not implemented since we lowering for 64x2 generally doesn't
work anyway.

Load extends are a bit more complicated, so we'll do that in a separate
change.

Bug: v8:9886
Change-Id: I80096827bf8e8e0db1ef0ad1b76759ed1797ca5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2031893
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66183}
2020-02-07 19:59:09 +00:00
Seth Brenith
e5e4ea962e [torque] Support bitfield structs stored within Smis
This change moves the definition of the bits stored in DebugInfo::flags
to Torque, and updates the only Torque usage of that field to use more
natural syntax. This is intended as an example of common patterns found
in various other classes. Several supporting changes are required:

1. Add a new type representing a bitfield struct stored within a Smi. It
   is currently called SmiTagged, but I'm open to suggestions.
2. Add an enum-style output for Torque bitfield structs whose bitfields
   occupy only one bit each.
3. Add a new case to MachineOperatorReducer that makes the generated
   code for IncBlockCounter match with what was generated before this
   change.
4. Add support for reporting these bitfields in the postmortem debugging
   API. The format matches existing bitfields but with an offset value
   that includes the SMI shift size.

Bug: v8:7793
Change-Id: Icaecbe4a162da55d2d9a3a35a8ea85b285b2f1b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2028832
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66182}
2020-02-07 18:43:06 +00:00
Ng Zhi An
9991e4066c [cleanup] Add undefs for macros
Bug: v8:10115
Change-Id: If2ef0cd4bef9805dce3c9486d91385d0d40189fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2044650
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66181}
2020-02-07 18:27:40 +00:00
Ng Zhi An
62e3127111 Cast RelocInfo.Mode to int before printing
Mode has an underlying type of int8_t. When printing it we can end up
with unprintable ascii values. This shows up with --trace-turbo, and the
json file ends up with invalid bytes, and Turbolizer cannot preview.

Change-Id: I6bc905416b6e6da35a259734233b366b858452e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2031895
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66180}
2020-02-07 17:54:20 +00:00
Bill Ticehurst
1e36e21acc Remove unnecessary export, which happens to break MSVC DLL builds.
Change-Id: I47c9211274cefd26bde6bd93aa7503e022df4357
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042874
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Bill Ticehurst <billti@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#66179}
2020-02-07 17:36:10 +00:00
Ng Zhi An
7e1d052580 [wasm-simd] Add i8x16 shift tests using non-immediates
These were not added in https://crrev.com/c/2026067 when we added
similar tests for other lane sizes, since x64 had a completely different
path for i8x16. But this tests are useful anyway for other archs, so add
them in.

Bug: v8:10115
Change-Id: I77ecca0cd9f4021c94f1538aa5635b5d54983207
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041708
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66178}
2020-02-07 17:28:15 +00:00
Ng Zhi An
36ce4cdc8d [wasm-simd] Implement scalar lowering for rounding average
Bug: v8:10039
Change-Id: Ibb0fea59b180d8e015aeee6d6e211ef1f85b0c61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041698
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66177}
2020-02-07 17:27:10 +00:00
Ulan Degenbaev
23c09ad44a [ptr-compr, heap] Fix --huge_max_old_generation_size
This restores ~4GB limit for 64-bit devices with 16GB physical memory
running with pointer compression.

Bug: chromium:1049816,chromium:1045034
Change-Id: I7946a4510f8aac2c71fb427776574adba5127cbd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043797
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66176}
2020-02-07 16:30:20 +00:00
Etienne Pierre-doray
4300eec7ca [v8 heap]: Track GlobalSize in worklist.
GlobalSize will be used as a hint to schedule scavenger work in
https://chromium-review.googlesource.com/c/v8/v8/+/2036661

This is implemented as an atomic variable that's updated when adding/removing
segments.

Bug: chromium:1012816
Change-Id: I8f6c3f10612f8febda9bfe640d91e235aa3c2f12
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043273
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66175}
2020-02-07 16:12:30 +00:00
Ulan Degenbaev
1d54a600ac [heap] Enable --huge_max_old_generation_size by default and add tests
Now ResourceConstraints::ConfigureDefaults sets the heap limit to 4GB
if the physical memory size is greater or equal to 16GB on 64-bit
platforms.

This CL also adds tests for configuring heap limits from the physical
memory size.

Bug: chromium:1045034
Change-Id: If0d5a237b2db31309a9a2a6456d950ef70dc71af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043833
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66174}
2020-02-07 15:51:00 +00:00
Igor Sheludko
63228e2698 [ptr-compr][csa] Support TaggedIndex in CSA
Bug: v8:10047
Change-Id: I140fcf453ce7dd6189e0f643f95570163b625456
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043831
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66173}
2020-02-07 13:25:40 +00:00
Mythri A
e85ffb4686 Disable one shot optimizations
We used to optimize functions that are expected to executed only
once by not allocating feedback slots for some of the bytecodes. This
would help in reducing the memory and avoiding initializing feedback
that would be never used. With lazy feedback allocation, we don't
allocate feedback vectors for most of such functions anyway.

The generated bytecode for oneshot optimized functions is different and
if we don't properly track this information we might end up generating
different bytecode for the same function. This could causes problems
when there is a mismatch between the feedback slots used by the new
bytecode and the old bytecode. Since we potentially get most of the
benefits of this optimization with lazy feedback vector allocation
we can simplify the code by disabling this optimization.

Bug: chromium:1045824
Change-Id: Ib94605c8c766adc99f54c8333f780d2448caff5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2030918
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66172}
2020-02-07 12:50:40 +00:00
Emanuel Ziegler
d25872d51d [wasm] Use lookup-tables for ValueTypes static methods
Improve performance of switch statements by using constexpr lookup
tables wherever possible.

Bug: chromium:1042868

R=clemensb@chromium.org

Change-Id: I8a44bd8022d1c4e3a74243e3657498a2bc49ff64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041448
Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66171}
2020-02-07 12:21:10 +00:00
Igor Sheludko
808a3f23bc [ptr-compr] Introduce TaggedIndex class
... a Smi-looking type containing properly sign-extended int31 integer.

The idea is to use this kind of tagged integers for the cases where
the value is guaranteed to fit into int31. For example, feedback vector
slots is one of the candidates for using TaggedIndex representation.

Bug: v8:10047
Change-Id: Ifaa2978a5d42467578ff243dc44d327536efbe93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1960292
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66170}
2020-02-07 11:21:29 +00:00
Yu Yin
2877a2ad12 [mips][wasm] Fix saved parameter register
Change-Id: Ic18995af870c41852d5b10dbe5adead7bb36d37e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043611
Auto-Submit: Yu Yin <xwafish@gmail.com>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66169}
2020-02-07 11:17:20 +00:00
Leszek Swirski
7fa19160d0 [ast] Cache allocated AstConsString
Allow caching the result of allocating AstConsStrings, to allow
sharing of inferred names between functions.

This is a partial revert of https://crrev.com/c/2020953, with
the observation that *some* AstConsStrings are always flattened,
while others are only ever used as ConsStrings, so we want to
allow the allocation to be lazy while still caching the result.

As a drive-by, cleanup the old AstConsString linked list fields.

Bug: chromium:1011762
Bug: chromium:1048082
Change-Id: Icc14342eb3f6f97359596b42b2c296cbc49fd791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042093
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66168}
2020-02-07 11:10:37 +00:00
Clemens Backes
f0057afc2f [api] Remove deprecated and non-functional method
The functionality was not used since a long time, and was hence removed
for the 8.1 branch, and the method was deprecated.
This CL removed the deprecated method completely.

R=adamk@chromium.org

Bug: v8:10155
Change-Id: Iae299d64decb7230d38c2fda8d269a7b0387bb0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2033169
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66167}
2020-02-07 09:40:47 +00:00
v8-ci-autoroll-builder
f8d45ea806 Update V8 DEPS.
Rolling v8/build: c80cd76..68bdecf

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1ffa053..8052d29

Rolling v8/third_party/depot_tools: e868546..73c7670

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ic4628b14b96343bf2a9cacf07ecdde49b728dca7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042164
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#66166}
2020-02-07 03:53:06 +00:00
Johannes Henkel
2b078975e1 [DevTools] Roll inspector_protocol (V8)
Upstream PR:
"Implement crdtp::ErrorSupport, replacing the jinja2 template."
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/2036608

In addition; this PR includes removal of now unused routines
in string-util.h (StringBuilder and number conversions).

New Rev: e4ffb7288a17b2bbe2f7b7cd62abcb1d1e55681a

Change-Id: Iae14c001c1f468466a42cb1b842c0ded766fccc9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037959
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66165}
2020-02-07 01:44:26 +00:00
Z Nguyen-Huu
1f7861c8a9 Reland "[wasm] Tierdown wasm module upon "Debugger.enable""
This is a reland of 410ca4c50e

Skip new test for unsupported liftoff architecture.
Previously, if there is some unsupported liftoff functions, it fall
through Turbofan but recompilation didn't catch and count it. This CL
fixes it by using requested_tier on finished units.

Avoid to tier down asm.js.
Introduce reached recompilation tier to monitor recompilation progress.

Original change's description:
> [wasm] Tierdown wasm module upon "Debugger.enable"
>
> Put a logic in Wasm Engine to tier down all existing modules per isolate
> when debugger is enabled. This CL does not handle new module added after
> debugger is enabled yet.
>
> Bug: v8:9654
> Change-Id: I87060f5c416506543fcaf231bff9999d06ba4c0d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013692
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66017}

TBR=szuend@chromium.org,bmeurer@chromium.org

Bug: v8:9654
Change-Id: I6014ae52d1e04726e64ee9267c5ce559090414d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2031744
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66164}
2020-02-06 23:47:06 +00:00
Michael Achenbach
1ae4669bcd [release] Remove obsolete flag from auto-roller
Roller broke after this flag was removed here:
https://crrev.com/52969c9d1049ffc5daecdb9210ad29f13438449b

TBR=mslekova@chromium.org

No-Try: true
Change-Id: Ic81b093ba28df8806938f4b1022330ce0eddc082
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042710
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66163}
2020-02-06 21:29:56 +00:00
Ng Zhi An
97f0c9f447 [wasm-simd] Optimize codegen when shift is constant
Define a macro in code-generator-ia32 to help identify cases when the
shift value is an immediate/constant. In those cases we can directly
emit the shifts without any masking, since the instruction selector
would have modulo-ed the shift value. We also don't need any temporaries
in this case.

Bug: v8:10115
Change-Id: I3cdef493fd7c365c733a85ad31b86e2d258b6429
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037649
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66162}
2020-02-06 21:26:26 +00:00
Johannes Henkel
ff4e5da5a8 [DevTools] Roll inspector_protocol (V8)
Upstream: "Remove Parser_{h,cpp}.template as promised."
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/2040571

New rev: 9fd0f91cc4331f931b7ac4040ceaa36de43937d0

Change-Id: Ie8df73e1fa898d4d46090fa6597548b2e1ca9a4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039349
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66161}
2020-02-06 19:51:36 +00:00
Milad Farazmand
343eeb15aa [inspector] Remove extra byte swapping on BE machines
With "Value::parseBinary" now being revamped by https://crrev.com/c/2020518
and making use of "cbor::ParseCBOR", the extra endianness check
is not needed anymore as "ParseCBOR" already switches
the byte order in this line:

crdtp/cbor.cc
void ParseUTF16String(CBORTokenizer* tokenizer, ParserHandler* out) {
  ....
  for (size_t ii = 0; ii < rep.size(); ii += 2)
  value.push_back((rep[ii + 1] << 8) | rep[ii]);
  ...

"String16EndianTest" does not go through the newly added pipeline
and "ParseUTF16String" is never used which makes the test redundant.

Change-Id: I6ad59fef7036c70d475b492407fd394977ca98f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2038716
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66160}
2020-02-06 18:00:54 +00:00
Ulan Degenbaev
8732596c70 [ptr-compr, heap] Use system pointer size for heap limit computation
A pointer-compressed heap has the same heap limit heuristics as a 32-bit
heap. Specifically, the heap limit is restricted to 1GB due to scarce
virtual addresses space on 32-bit platforms. That limitation does not
apply for pointer-compressed heaps which can use 4GB.

This CL changes the heap limit computation to use system the pointer
size instead of the tagged pointer size. Note that the young generation
limit continues to use the tagged pointer size.

Bug: chromium:1045034
Change-Id: I9d5bb818c32a82322476e9c97feee331400ebe0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042102
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66159}
2020-02-06 17:32:44 +00:00
Omer Katz
6cfba48b65 [heap] Align v8 and oilpan worklists
This CL makes the following changes:
1) Size of allocated buffer is set by a template parameter
   (with a default value instead of hardcoded size)
2) Remove dynamic parameter for initializing number of
   tasks (see comment in scavenger.cc)

This CL aligns the v8 and oilpan heaps so that they provide
the same interface and functionality.

Change-Id: I77d63793f0a54ea29198ddd6bd298eae2c15cf42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2030920
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66158}
2020-02-06 17:31:25 +00:00
Leszek Swirski
e9d8b99063 [handles] Allow implicit HandleOrOffThreadHandle conversion
Allow HandleOrOffThreadHandle to implicitly convert to any of
Handle, MaybeHandle, and OffThreadHandle, so that it can be used
in Isolate-templated code with fewer 'get' calls.

As a drive-by, allow OffThreadHandle to have an OffThreadIsolate
parameter (so that HandleFor<Isolate, Foo>(x, isolate) works), and
use a static_cast rather than a T::cast in the implicit upcast
constructor of OffThreadHandle to prevent implicit down-casts.

Bug: chromium:1011762
Change-Id: I226f3a48b0f3b5e0347e6325be1cbd482c9048ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042100
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66157}
2020-02-06 17:11:44 +00:00
Leszek Swirski
4aa43e7d4a [offthread] OffThreadFactory support for literals
Add off-thread support for literals, including object/array boilerplates.
Notably, this includes adding FixedArray and HeapNumber support to
OffThreadFactory.

As a drive-by, OffThreadHandle is redefined to store an Address rather
than an Object, similar to Handle, so that it still works with forward
definitions of types.

Bug: chromium:1011762
Change-Id: I7c8452f450d8c57fe683a9e44532ce5647c84a11
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2036084
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66156}
2020-02-06 16:49:04 +00:00
Thibaud Michaud
9c44330d86 [wasm] Add some DCHECKs to the native module cache
And fix a few issues that were already found.

R=clemensb@chromium.org

Change-Id: Ib93626751220dcdd2b9647a6e352bd86bd0ef1ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039053
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66155}
2020-02-06 15:28:14 +00:00
Steve Blackburn
1d2c043aaa Serialization without heap assumptions.
Currently back references to regular objects are encoded in terms of
a relative address, index by chunk index and chunk offset.   This
approach has the advantage of avoiding the need for a table of
back-references at deserialization time, but makes strong assumptions
about the way objects are organized in memory (for example, this will
not work if the allocator uses a free list rather than a bump pointer).

I did some quick measurements and found that the absolute number of
objects and back-references is low, suggesting that simply indexing
objects would work with little (or no) observable impact on peak
memory use during deserialization.   Indexing only back referenced
objects is not implemented in this simple CL, but could fairly easily
be added.

Given that the existing mechanism will remain in place, I have
implemented the object index by simply making chunk size one, so
every object lives on its own chunk (with offset zero).   This is
the moral equivalent to indexing each object but is a more minimal
change.  Directly encoding an object index will be more efficient,
the trade off made here is just to keep the change absolutely minimal.

If using an object index becomes the default, this can be optimized
first by only using an index for each object that is actually back-
referenced (about half of all objects in my measurements), and more
aggressively, a technique like register allocation could be used at
serialization time to limit the number of indices to the maximum
number of outstanding back-references at any time (basically a live-
range analysis of back-references).

Bug: v8:9533
Change-Id: I1b7ae87e954f67f6405c2bbdf3b4a4f385af8579
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2030742
Commit-Queue: Steve Blackburn <steveblackburn@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66154}
2020-02-06 15:24:24 +00:00
Michael Lippautz
12fb997a37 heap: Simplify helping embedder tracing
Instead of alternating V8 and embedder steps and trying to find a
fixed point where both are empty, just run two phases and check
whether both have been observed as empty individually.

Bug: chromium:1044630, chromium:1049084
Change-Id: I7ffdca3086f1e7f772303272e370c4a6c1f83f24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041437
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66153}
2020-02-06 14:49:34 +00:00
Steve Blackburn
700665b65d Refactor code ranges for TPH
Code ranges are currently accessed from outside the heap via an
internal structure of the heap.  This change lifts the accessor
function a level higher.  This should have no cost, but will
maintain abstraction better and allow the TPH interface to work
more readily.

Bug: v8:9533
Change-Id: I154d93ce46f5137b3e3b7ecc6bed7e5b8b0343a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039351
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Steve Blackburn <steveblackburn@google.com>
Cr-Commit-Position: refs/heads/master@{#66152}
2020-02-06 14:47:04 +00:00
Steve Blackburn
d3eabf79be TPH no longer uses V8 heap.
Simple correction over prior commit since TPH no longer needs
to depend on V8 read only heap.

Bug: v8:9533
Change-Id: Icc72cdbb58fb3d9dc79573548cd9fe9cc88b2684
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039350
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Steve Blackburn <steveblackburn@google.com>
Cr-Commit-Position: refs/heads/master@{#66151}
2020-02-06 14:17:15 +00:00
Steve Blackburn
e4a4c81e15 Move check before TPH alloc
These two checks should occur regardless of which allocator we're using,
so move them above the TPH check.

The check immediately following is V8-specific, so stays where it is.

Bug: v8:9533
Change-Id: I127e39969f4aa39ef09ff7b0fdb5ed52b535ad43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039434
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Steve Blackburn <steveblackburn@google.com>
Cr-Commit-Position: refs/heads/master@{#66150}
2020-02-06 13:15:14 +00:00
Clemens Backes
2eb3b53d93 [wasm] Inline two simple macros
The LOAD_RAW and LOAD_RAW_NODE_OFFSET macros just call method on the
GraphAssembler now, hence we can remove the macros and just do the calls
directly. This reduces code complexity.

R=jkummerow@chromium.org, tebbi@chromium.org

Bug: v8:10123
Change-Id: I1d779969a14a52256eecb33007564eb190bdcff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039051
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66149}
2020-02-06 12:54:04 +00:00
v8-ci-autoroll-builder
37913a2f75 Update V8 DEPS.
Rolling v8/build: 111e7f9..c80cd76

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f72ef2d..1ffa053

Rolling v8/third_party/depot_tools: fff0fe4..e868546

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: If36c8015d0dba083c0bfafd5ee8139bfb1989b19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041394
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#66148}
2020-02-06 12:14:04 +00:00
Steve Blackburn
bd414037e9 Fix incorrect use of ptr by TPH
Bug: v8:9533
Change-Id: I8c8f6d7e2fddae13a9a01a77ac26b1f2ad338889
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2039430
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Steve Blackburn <steveblackburn@google.com>
Cr-Commit-Position: refs/heads/master@{#66147}
2020-02-06 11:33:04 +00:00
Yu Yin
f5f15871f5 [mips][wasm] Add builtin and runtime function for debug breaks
port 59bda19 https://crrev.com/c/2036082
Original Commit Message:

    This CL adds the "WasmDebugBreak" builtin for x64, ia32, arm and arm64.
    It stores all wasm parameter registers to the stack and calls the
    respective runtime function.
    The runtime function does not do anything yet, but the
    inspector/debugger/wasm-set-breakpoint-liftoff test will already execute
    both the builtin and the runtime function.

Change-Id: I7e74116f711d9d2599f6f1a6d47b972bad101f8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2041214
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#66146}
2020-02-06 10:41:54 +00:00
Tobias Tebbi
58b45cca2f [profiler] fix 4 bugs in --prof/linux-tick-processor
- In log.cc, we used InstructionStart() for code create events, but
  the Code object address for code move events. Change to use
  InstructionStart() for both.
- The symbol table contains some kind of virtual address, not file
  offsets. They happened to be identical in the past but are no longer,
  probably due to toolchain changes. Now we use objdump to figure out
  the difference between virtual addresses and file offsets.
- When a new code object happened to be created at the same address as
  a previous one, we wouldn't update it.
  This is indeed wrong, as predicted in a TODO by Jaro.
- For 64bit addresses, using >>> is wrong, now replaced with division.


Change-Id: Ib23114ed736f98bfc33c65004a039a3fd04d3c49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016586
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66145}
2020-02-06 10:38:34 +00:00
Clemens Backes
eded54ad88 [wasm] Use GraphAssembler for loads and stores
This rewrites the macros to use the GraphAssembler directly. As a next
step we should explore if the macros are still worth having, or if they
should be inlined everywhere.

R=jkummerow@chromium.org

Bug: v8:10123
Change-Id: Ia700e00af6a617c4d5a9e34f5be6cab098cd576a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037449
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66144}
2020-02-06 10:08:54 +00:00