Replace the template parameter by a parameter list, so we can also pass
zero observers.
This removes nullptr checks and the {EmptyImmediateObserver}
implementation.
R=jkummerow@chromium.org
Change-Id: Ia10bf319039c2b3af9376deb6613b9b683c40d11
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973268
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83902}
Follow-up to commit 6168782925
With this change 0x14 now also consumes a sig index immediate.
This will allow users to switch from 0x17 back to 0x14 without
breaking changes. After another grace period, 0x17 can be removed.
Reland of commit I65fe8b5bceb70323dd5e6450ec7bcc02696b15fa adapted by the concurrent changes in 35cc93aa42.
(This reverts commit 01379ba6d65371b70908da8e8386a9d9993aa2f9.)
Change-Id: I699095afb85d460e1fef8bd88abfd4c748090eda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3977828
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83900}
This CL solves two problems:
- Eliminating redundant CheckBigInt/CheckBigInt64 by decomposing
CheckBigInt64 to CheckBigInt and CheckedBigIntToBigInt64.
- Having precise checks for SignedBigInt64 to make the range of BigInt64
consistent in CheckedBigInt64Ops and CheckedBigIntToBigInt64.
Otherwise, there would be semantic difference between the subgraphs
where we keep CheckBigInt64 inbetween two CheckedBigInt64Ops (e.g.,
the variant assert_types) and the subgraphs where we eliminate the
checks.
Bug: v8:9407
Change-Id: I79a5c99e12eb3f3ffc7b5cbfc51191e6792f634b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3960333
Commit-Queue: Qifan Pan <panq@google.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83899}
This reverts commit 8f3047531d.
Reason for revert: CL collision:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20builder/63710/overview
Original change's description:
> [wasm] ref.call: Consume sig index immediate
>
> Follow-up to commit 6168782925
> With this change 0x14 now also consumes a sig index immediate.
> This will allow users to switch from 0x17 back to 0x14 without
> breaking changes. After another grace period, 0x17 can be removed.
>
> Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83890}
Change-Id: I65fe8b5bceb70323dd5e6450ec7bcc02696b15fa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976029
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83894}
This code looks like it was copied over of Abseil. However, parts of it
are not used anywhere, aside from their own unit tests, so delete them.
The unused functions are:
- MatchEmptyOrDeleted()
- CountLeadingEmptyOrDeleted()
- ConvertSpecialToEmptyAndFullToDeleted()
In turn, _mm_cmpgt_epi8_fixed() is also unused and can be deleted.
Bug: v8:11388
Change-Id: I35b84600690e6f044a1d5ab4bf41e7f67fb76d87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3965230
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83892}
... as an example of a simple builtin.
Bug: v8:7700
Change-Id: I4eb3479c04066cf4860d1fc28d5f7e9c758a6375
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974773
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83891}
Follow-up to commit 6168782925
With this change 0x14 now also consumes a sig index immediate.
This will allow users to switch from 0x17 back to 0x14 without
breaking changes. After another grace period, 0x17 can be removed.
Change-Id: I5d0039fd1ca9d62c3d42e5834fe7924de45ad7ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974512
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83890}
The wasm decoder immediates are currently templatized by the {validate}
enum value. They do not need to be though; the only difference is in the
constructor, so the constructor should be templatized instead.
This CL implements that, and also changes the {validate} enum to be a
tag (a typename) instead. This is needed in order to enable template
parameter deduction for the constructor calls (C++ does not allow to
explicitly define the template parameter at constructor calls).
As a nice side effect, this produces nicer symbolized stack traces.
Before:
v8::internal::wasm::Decoder::read_u32v<(v8::internal::wasm::Decoder::ValidateFlag)1>
After:
v8::internal::wasm::Decoder::read_u32v<v8::internal::wasm::Decoder::BooleanValidationTag>
R=jkummerow@chromium.org
Change-Id: I013c909ebaf2c8c495f32b5ce598905f3eccc3ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973267
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83889}
This reverts commit bd590292b3.
Reason for revert:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/25069/overview
Original change's description:
> [turbofan] Optimize rab/gsab-backed TypedArrays and DataViews
>
> This CL adds TurboFan optimizations for length and element access
> of TypedArrays and DataViews that are rab/gsab-backed.
>
> To enable this optimization, this CL builds the necessary machinery
> required to allow machine operators at the front of the pipeline
> (before simplified lowering). Some key changes to allow this are:
> - Introduce Type::Machine() to allow the typer and the verifier to
> provide a type to those machine operators in parts of the pipeline
> that require nodes to be typed.
> - Add EnterMachineGraph and ExitMachineGraph operators that define
> the boundary between early machine graphs and the normal graph with
> JS semantics.
> - Give Branch operators a BranchSemantics parameter to distinguish
> between machine branches (condition is a machine level value) and
> JS branches (condition is a JS boolean value) and have phases that
> handle branches decide on the branch's semantics based on this
> parameter instead of the position in the pipeline.
> - Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
> machine graphs. In particular, constants required special handling,
> because they are cached in the graph but they may have uses in both
> a machine and the JS graph, which prevents consistent typing of
> them.
> - Moved lots of logic from JSCallReducerAssembler into
> [JS]GraphAssembler such that functionality can be shared between
> different phases (e.g. JSNativeContextSpecialization and
> JSCallReducer need to generate logic to compute a TypedArray's
> byte length). Extended assembler interface in general with
> additional TNode<> overloads.
>
>
> Bug: v8:11111, chromium:1358505
> Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#83881}
Bug: v8:11111, chromium:1358505
Change-Id: Ifa7b81523237ebda941cab2feed42c176846b618
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3976028
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83888}
We should not clobber the input registers in the codegen
of a Maglev IR.
We use a new temporary register instead.
Bug: v8:7700
Change-Id: Icacbee4e030f426001c224e25aed6ce86ad8b811
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3973311
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83884}
This reverts commit 9dedaaf313.
Reason for revert: crashes have been fixed:
- https://crrev.com/c/v8/v8/+/3888198
- https://crrev.com/c/v8/v8/+/3965723
Original change's description:
> Revert "Enable background merging of deserialized scripts"
>
> This reverts commit f388f96fdb.
>
> Reason for revert: Crashes in canary (https://crbug.com/1360024)
>
> Original change's description:
> > Enable background merging of deserialized scripts
> >
> > This can save memory in cases where multiple frames in a process use the
> > same script, with sufficient time between loads that the script's
> > top-level SharedFunctionInfo is no longer present in the compilation
> > cache. Merging is relatively fast; it generally takes about one tenth as
> > long as deserialization.
> >
> > Bug: v8:12808
> > Change-Id: I7366a51f1d2ca6a9f551cdf2bdbe0441450cf1bb
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3868088
> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#82920}
>
> Bug: v8:12808
> Change-Id: If160173afaab351d995ddcf4b60d6efe656cf70b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3871208
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#82983}
Bug: v8:12808
Change-Id: I1d19a0e9ff4172435f4b2b9bbe3bf72a93e2411c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3972179
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83882}
This CL adds TurboFan optimizations for length and element access
of TypedArrays and DataViews that are rab/gsab-backed.
To enable this optimization, this CL builds the necessary machinery
required to allow machine operators at the front of the pipeline
(before simplified lowering). Some key changes to allow this are:
- Introduce Type::Machine() to allow the typer and the verifier to
provide a type to those machine operators in parts of the pipeline
that require nodes to be typed.
- Add EnterMachineGraph and ExitMachineGraph operators that define
the boundary between early machine graphs and the normal graph with
JS semantics.
- Give Branch operators a BranchSemantics parameter to distinguish
between machine branches (condition is a machine level value) and
JS branches (condition is a JS boolean value) and have phases that
handle branches decide on the branch's semantics based on this
parameter instead of the position in the pipeline.
- Extend SimplifiedLowering and SimplifiedLoweringVerifier to handle
machine graphs. In particular, constants required special handling,
because they are cached in the graph but they may have uses in both
a machine and the JS graph, which prevents consistent typing of
them.
- Moved lots of logic from JSCallReducerAssembler into
[JS]GraphAssembler such that functionality can be shared between
different phases (e.g. JSNativeContextSpecialization and
JSCallReducer need to generate logic to compute a TypedArray's
byte length). Extended assembler interface in general with
additional TNode<> overloads.
Bug: v8:11111, chromium:1358505
Change-Id: Ife006b8c38a83045cd3b8558acbfdcb66408891f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3898690
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83881}
This removes the temporary option and sets its value to {true}
everywhere.
Bug: v8:7748
Change-Id: Icbc3071b531b130c0eb007758452d09b65491c04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974510
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83880}
Shared space is used concurrently and thus pages cannot shrink like
we do for old or code space.
Bug: v8:13267
Change-Id: I646120b1690d6fe628e524a4926e5648871b960e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974808
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83879}
Isolates need to be deserialized to run a GC. Similarly all client
isolates need to be deserialized for a shared GC.
This CL allows heap expansion during isolate deserialization.
Previously shared heap allocations could fail which would have led to a
CHECK failure in the subsequent GC.
Bug: v8:13267
Change-Id: Iae6934e9372063fcbe7de37128b7e783b09bb3c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974669
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83878}
Rolling v8/build: b8f0bc7..cb6dbd1
Rolling v8/buildtools: 10c7a0a..32851f2
Rolling v8/buildtools/third_party/libc++/trunk: 997e036..166132d
Rolling v8/third_party/depot_tools: 9879712..61ef3d8
Rolling v8/third_party/fuchsia-sdk/sdk: version:10.20221021.3.1..version:10.20221023.3.1
Rolling v8/tools/clang: 7b9e2e2..bc55ae7
Change-Id: Ie718d51122809672447c1d8e7fcb2ff46ce68c01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974078
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#83877}
We don't currently try the fast path if left side
is negative. See {if_lhs_negative} branch.
Change-Id: Ieea2977209902ad90c29ff3b305ca047fafbdd80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3974511
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83873}
v8::TracedReference and their underlying traced handles are not
actually phantom references but have been historically represented as
such. This patch splits off their backing implementaton into
`TracedHandles`.
As a drive-by, re-organize the free list to rely on indices instead of
pointers, saving a full word for each node. In additon, the setup also
allows for freeing fully empty node blocks after GCs.
Allocation/free of nodes is also organized in a way that avoids
jumping between handles/blocks/nodes for accounting purposes.
Removing CRTP in GlobalHandle internals is left for a follow up.
Bug: v8:13372
Change-Id: Ib55aa9ba71202d5918b486c161fe6f747d31c719
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3966952
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83872}
Map space is gone now so we can use SnapshotSpace::kOld instead.
Bug: v8:12578
Change-Id: If7509ee6bea04fed263a6d8b15597fd051697e4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968480
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83869}
... and prepare for using PGO profiles for arm builds.
Bug: v8:10470
Change-Id: If71d363195c60277a59dc68d0c18e361e24209c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3970665
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83867}
The feature has been enabled since M106 so we can safely remove the
flag with M109.
R=bmeurer@chromium.org
Bug: chromium:1334585
Change-Id: Iefe0b10e3be59d6dde54d676b5f1e0cf938851ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3959659
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83865}
Fix by disabling the use of the trap handler in the "ARM64 simulator
running on x64" case. (Note that the ARM64-simulator-on-x64 case gets
built for mksnapshot as a host tool even if we didn't specifically
want the simulator case.)
Using the trap handler in that case currently uses some inline
assembly (the top-level asm() statements in
src/trap-handler/handler-outside-simulator.cc), but MSVC does not
support that type of asm() statement.
Disable using that asm() code by conditionalising it on "#if
V8_TRAP_HANDLER_SUPPORTED". Note that we're not putting this
condition into the GN build because it's complicated to keep the two
sets of conditions totally in sync.
Put the "#if V8_TRAP_HANDLER_SUPPORTED" into handler-inside-win.cc to
match the same #if in handler-inside.cc, otherwise we would get a link
error when the former refers to TryFindLandingPad(), which is defined
behind the #if in the latter.
Do the same in handler-inside-posix.cc for consistency.
Remove the earlier attempt at doing the fix by implementing
ProbeMemory in C++, which won't necessarily work. This reverts:
https://chromium-review.googlesource.com/c/v8/v8/+/3913036
Change-Id: If8e1720a90f89175d730cf32ee5ac42451b9b5be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3964232
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Mark Seaborn <mseaborn@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83864}
It's been enabled by default since Chrome 91.
Bug: v8:6020
Change-Id: Id26b7fb0b7dffe19a88a6f0071dd59203b06415a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3957636
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83862}
Port a02c56694f
Original Commit Message:
This is a reland of commit 4804c4de31.
There are major changes since the previous attempt:
- The WasmLiftoffFrameSetup (formerly WasmGetFeedbackVector) builtin
now performs as much of the frame setup work as possible, to reduce
generated code size for each function.
- The WasmLazyCompile builtin/runtime function no longer allocates,
hence gets frame type INTERNAL, and is un-handlified.
Original change's description:
> [wasm] Allocate feedback vectors on demand
>
> We previously allocated feedback vectors when instantiating the module,
> or when lazily compiling a function. That's not sufficient when there
> are multiple instances of the same NativeModule, or when we eagerly
> tier-down all code for debugging. This patch changes the "get vector from
> instance" sequence at the beginning of every Liftoff function to "get
> or allocate vector"; factored into a builtin call to avoid generating
> more code for every function.
>
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3939667
> Cr-Commit-Position: refs/heads/main@{#83610}
R=jkummerow@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I7d7e65a32e89285cb583216455ea1b9a490cb16b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968705
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83861}
We pass the *declared* function index on the stack now, so we must
convert it to a regular function index before using it to look up
the function's signature.
Change-Id: Ib98d71a02ba8ca885136c010cf7dbb6ef7f62950
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971365
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83860}
This enriches KnownNodeAspects to use a map from Node to a set of
Maps, instead of a single map. We update known maps with set
intersection. We recompute the set from scratch, since set removal
is expensive.
It also adapts CheckMaps and CheckMapsWithTransition to support
a set of maps.
Bug: v8:7700
Change-Id: I0c16a456a1a186aaedcbacf2491ec4f0cb8b0682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3966441
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83859}
Similar to how `time COMMAND` measures time, `rss.py COMMAND` measures
memory consumption, by sampling RSS (Resident Set Size) for the child
process in /proc at a configurable interval (default: every 1ms).
No-Try: true
Change-Id: I381cdd6325fae67944ee96e44ba09dd948d432cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971360
Reviewed-by: Matthias Liedtke <mliedtke@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83858}
Make maglev less aggressive, and TF a little more again. Maglev deopts
will ensure that we'll back off on TF as long as feedback changes.
Bug: v8:7700
Change-Id: I98b4c339de598d96329b79d7b6862605f9bfd87c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3968703
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83856}
PagedSpaceIterator just bailed out on first optional space.
Bug: v8:13267
Change-Id: I6f8dba6c510a641930b364698dc91529b2db1146
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971361
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83855}
%OptimizeFunctionOnNextCall could be called while compilation (Maglev or
Turbofan) was still on-going -- this would make DCHECKs fail when
attempting to save the compiled code on the feedback vector. This is not
an issue normally when tests are carefully crafted, but can easily
happen during fuzzing.
Unify the two %Optimize*OnNextCall paths, and make sure that they check
for in-progress compilation.
Fixed: v8:13404
Change-Id: I021e1305bc2ba769b7484f9a122792aeb22060ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3971122
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83854}
