An object with a deprecated Map which has already been cached in
CloneObjectIC feedback is still a valid Map for fast cloning --- but
to be consistent with other ICs, deprecated maps are ignored, and are
expected to be transitioned away from.
If the source object has a deprecated map, the instance is migrated.
BUG=v8:7611, chromium:867958, chromium:868586, chromium:869342, chromium:869347, chromium:869293
R=jkummerow@chromium.org, mvstanton@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/1154143
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#54799}
Change-Id: I6e2f7b28c41bb9bd6255441da0f209a97bce5e8f
Reviewed-on: https://chromium-review.googlesource.com/1157142
Cr-Commit-Position: refs/heads/master@{#54830}
ICU maps a few grandfathered tags to made-up values even when there
is no preferred value entry in the IANA language tag registry. [1]
1. Check for grandfathered tags without preferred value upfront
and return them as they're.
2. Lowercase the input before structural validity check to simplify
check for grandfathered tag without preferred value as well
as regexps used in the structural validity check.
intl/general/grandfathered_tags_without_preferred_value is added and
intl/general/language_tags_with_preferred_values is changed to check
for case-insensitive matching of grandfathered tags.
[1] https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry
Bug: v8:7669
Test: test262/intl402/Intl/getCanonicalLocales/preferred-grandfathered
Test: intl/general/grandfathered_tags_without_preferred_value
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie0520de8712928300fd71fe152909789483ec256
Reviewed-on: https://chromium-review.googlesource.com/1156529
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54829}
Port 199533558e
Original Commit Message:
The {CommentOperator}, used for implementing the --code-comments flag,
is not UBSan-safe. This CL fixes this and adds a test which uses code
comments.
R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ia7976ec9a726fdeb7d8bfbb99c8a16d473aa0da4
Reviewed-on: https://chromium-review.googlesource.com/1157230
Reviewed-by: Muntasir Mallick <mmallick@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#54828}
The test uses an incomplete native context, so the broker fails during
serialization.
Bug: v8:7790
Change-Id: I33e9e37df4e4acce62829123a8d16087d4fdc76d
Reviewed-on: https://chromium-review.googlesource.com/1156693
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54825}
For the sake of incremental development it makes sense to still allow
serialization to happen even when the broker is in mode 'kSerialized'.
To locally obtain the stricter behavior, I'm adding the temporary flag
--strict-heap-broker.
Bug: v8:7790
Change-Id: Ie92f4f13d76bac9ce1f98bdd245829984d436d77
Reviewed-on: https://chromium-review.googlesource.com/1156603
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54824}
The heap broker expects that handles get canonicalized.
R=jarin@chromium.org
Bug: v8:7790
Change-Id: If6162316bb2a256e783a8175ac7d4172d040b28b
Reviewed-on: https://chromium-review.googlesource.com/1155123
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54823}
MakeAssemblerBufferExecutable now flushes the i-cache, so we do
not need to do that again.
Change-Id: I46f5619167114cdb84064ef363106bee64282d1f
Reviewed-on: https://chromium-review.googlesource.com/1152813
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#54822}
... So that this can be re-used in the intl code. Also, add a helper
method that loads the iterator if it's not provided.
Bug: v8:5751
Change-Id: Ifc1142a486b2cdf1c33a813c5446b206ad9f81ef
Reviewed-on: https://chromium-review.googlesource.com/1156390
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54819}
As discussed offline, this header is not really useful without its
inline definitions. So instead of trying to split it (unnaturally),
declare defeat and make it an inline header file.
Also remove two unnecessary uses of it, move the JSON stringifier
class into its .cc file (because it needs IncrementalStringBuilder
inline) and forward declare in prettyprinter.h.
R=petermarshall@chromium.org, mstarzinger@chromium.org
BUG=v8:7965
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I7ba032ca718a195e156ec3e59f8e858a25423450
Reviewed-on: https://chromium-review.googlesource.com/1156401
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54818}
Use sizeof of the C type instead.
Also fix a few #undef's that got reported after my changes.
R=jarin@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I30a43b3d93e6df04fb9fb33050b52988edd7fdb1
Reviewed-on: https://chromium-review.googlesource.com/1155108
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54817}
This changes recording of compilation stats (i.e. code and reloc info
size) for each code object individually after it is finished, instead of
for the entire module. It avoids needed to iterate the code table which
would race with background tasks performing tier-up.
R=clemensh@chromium.org
Change-Id: Ic196fccb38b069a07e79fed4633d01dfc2639cd7
Reviewed-on: https://chromium-review.googlesource.com/1156396
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54816}
There are still some cases where entry->instruction_start() is 0,
meaning that computing pc_offset makes no sense. We don't care about
those cases really; the dcheck in CodeMap::FindEntry will find the
interesting cases.
Bug: v8:7983, v8:8002
Change-Id: I7369f32da15e858f1c7af88f88cede60751b7eea
Reviewed-on: https://chromium-review.googlesource.com/1156398
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54814}
This changes Call(ExternalReference) to use the correct Mov() overload,
which contains logic to load external references indirectly (i.e. in an
isolate-independent way).
Bug: v8:6666, v8:7985
Change-Id: Ib6f3931308c7d13fd4ef0563b7e1e83db3a760eb
Reviewed-on: https://chromium-review.googlesource.com/1152730
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54813}
This new method only compares Strings and so doesn't need a Context. It
also can't throw so it returns bool. Can be used in place of the
deprecated Equals method and many Equals call currently taking a
Context.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I4cfe7747aa140e5a55d9513681ee4704414e1545
Reviewed-on: https://chromium-review.googlesource.com/1151321
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54812}
The lifetime of the WasmInterpreter is managed by the GC. However, we
did not tell the GC the amount of memory consumed by the interpreter.
Therefore it was possible to fill up memory with instances of the
interpreter without triggering a GC to free memory. With this CL we pass
the size of the stack as an estimate for the size of the interpreter. At
least in the fuzzer the stack is the dominating factor for memory
consumption.
R=clemensh@chromium.org
Bug: chromium:863198
Change-Id: Ic5cb0bd364500bcff793a1fd53d2d0113196dfe2
Reviewed-on: https://chromium-review.googlesource.com/1156385
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54810}
For optimized code there are two modes. This is controlled by
NeedsSourcePositionsForProfiling(). The problem we currently have is
that this mode must be enabled before the code is optimized, otherwise
the source position information will be low quality, even once the CPU
profiler is turned on.
Also add an implication from --future to this new flag, to gather
perf & memory data from the bots.
Bug: v8:7983
Change-Id: I993fc03df83028529eea365b6d336d9f4c0dcd2b
Reviewed-on: https://chromium-review.googlesource.com/1156309
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54809}
This avoids serializing and deserializing the sharable part of a module
when it is transferred via {TransferrableModule}, which is possible when
all Isolates run off the same engine via the --wasm-shared-engine flag.
This adds a new --wasm-shared-code flag to enable this feature.
R=ahaas@chromium.org
BUG=v8:7424
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I099d581d7ccc4d058a4646f545a011745fd84eb4
Reviewed-on: https://chromium-review.googlesource.com/1142144
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54806}
ReadFile returned a Vector with ownership transfer, i.e. the client
needed to call Dispose to free the memory. This CL changes the interface
to return a std::string instead, which manages ownership. As it turns
out, there is only one user of ReadString that sometimes calls an API
function which expects to take ownership of its Vector argument.
Bug: v8:7932
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ie624a7a65cf5814fddce7a57bc557e4b9876bc53
Reviewed-on: https://chromium-review.googlesource.com/1155115
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54805}
Also define some infrastructure for serialization.
Bug: v8:7790
Change-Id: Icaa3d5b877dca41dfd5554683d05667fda115e80
Reviewed-on: https://chromium-review.googlesource.com/1150531
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54804}
They were marked V8_DEPRECATE_SOON for the 6.9 branch, so we deprecate
them for the 7.0 branch.
R=yangguo@chromium.org
Bug: v8:7868
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idc42affd4d1b103e9946e3b77a93720694eb2dfd
Reviewed-on: https://chromium-review.googlesource.com/1150024
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54803}
This reverts commit d854d3512e.
Reason for revert: Speculative revert for webkit unit tests:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/25209
Original change's description:
> [builtins] Clear RelocInfo for off-heap trampolines
>
> For technical reasons, we used to serialize off-heap trampolines with a
> RelocInfo containing a single OFF_HEAP_TARGET entry. This RelocInfo was
> never needed at runtime. It also ended up being somewhat misleading
> because printing an embedded code object would show the OFF_HEAP_TARGET
> entry (belonging to the trampoline) at the first 'real' instruction.
>
> With this CL, we explicitly serialize an empty byte array as the reloc
> info for each off-heap trampoline, i.e. the snapshot will never contain
> such off-heap target reloc infos.
>
> Bug: v8:6666, v8:7969
> Change-Id: If6fa85a438d093ed5dcea07ce0de1db49a224d28
> Reviewed-on: https://chromium-review.googlesource.com/1146643
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54786}
TBR=yangguo@chromium.org,jgruber@chromium.org
Change-Id: If5eabd162141149361df90095b89a173fe2cb81e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6666, v8:7969
Reviewed-on: https://chromium-review.googlesource.com/1155594
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54801}
This reverts commit d9f6c685f0.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20gc%20stress/17584
Original change's description:
> Reland [CloneObjectIC] overwrite monomorphic/polymorphic feedback if deprecated
>
> An object with a deprecated Map which has already been cached in
> CloneObjectIC feedback is still a valid Map for fast cloning --- but
> to be consistent with other ICs, deprecated maps are ignored, and are
> expected to be transitioned away from.
>
> If the source object has a deprecated map, the instance is migrated.
>
> BUG=v8:7611, chromium:867958, chromium:868586
> R=jkummerow@chromium.org, mvstanton@chromium.org
>
> Change-Id: I477aec6c8d0ae1e1648a70e85d2fd46146521d1c
> Reviewed-on: https://chromium-review.googlesource.com/1154143
> Commit-Queue: Caitlin Potter <caitp@igalia.com>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54799}
TBR=jkummerow@chromium.org,mvstanton@chromium.org,caitp@igalia.com
Change-Id: Ifcb422c3a692543490710d450590323524a6359a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7611, chromium:867958, chromium:868586
Reviewed-on: https://chromium-review.googlesource.com/1155593
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54800}
An object with a deprecated Map which has already been cached in
CloneObjectIC feedback is still a valid Map for fast cloning --- but
to be consistent with other ICs, deprecated maps are ignored, and are
expected to be transitioned away from.
If the source object has a deprecated map, the instance is migrated.
BUG=v8:7611, chromium:867958, chromium:868586
R=jkummerow@chromium.org, mvstanton@chromium.org
Change-Id: I477aec6c8d0ae1e1648a70e85d2fd46146521d1c
Reviewed-on: https://chromium-review.googlesource.com/1154143
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54799}
From the promotion code point of view, a ThinString being forwarded to
an ExternalString is exactly the same as an actual ExternalString being
forwarded to its promoted copy. These changes provide a way to disambiguate
both scenarios since they are different for external memory accounting.
Bug: chromium:867902
Change-Id: I6fd56ee5e0f8900318466108273ab26e936eb439
Reviewed-on: https://chromium-review.googlesource.com/1152975
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54790}
The following are ready for iwyu:
- src/heap/mark-compact.h
- src/heap/objects-visiting.h
Bug: v8:7490
Change-Id: I4cb9b1146586adcef8c0e0cf187ca363fe6e9a8d
Reviewed-on: https://chromium-review.googlesource.com/1154970
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54788}
For technical reasons, we used to serialize off-heap trampolines with a
RelocInfo containing a single OFF_HEAP_TARGET entry. This RelocInfo was
never needed at runtime. It also ended up being somewhat misleading
because printing an embedded code object would show the OFF_HEAP_TARGET
entry (belonging to the trampoline) at the first 'real' instruction.
With this CL, we explicitly serialize an empty byte array as the reloc
info for each off-heap trampoline, i.e. the snapshot will never contain
such off-heap target reloc infos.
Bug: v8:6666, v8:7969
Change-Id: If6fa85a438d093ed5dcea07ce0de1db49a224d28
Reviewed-on: https://chromium-review.googlesource.com/1146643
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54786}
AdvanceUntil allows the Utf16CharacterStream to advance until a charater is found
that passes the check.
Bug: v8:7926
Change-Id: Iae39fb24194aa0ee2f544a55a7847956aa324b64
Reviewed-on: https://chromium-review.googlesource.com/1151303
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54783}
This CL introduces InstanceTypeChecker namespace with type checkers for
types used by the optimizing compiler. The type checkers are global
functions. Examples:
bool InstanceTypeChecker::IsJSFunction(InstanceType);
bool InstanceTypeChecker::IsAllocationSite(InstanceType);
The CL also uses these type checkers in the HeapObject::IsXXXX()
functions to ensure consistency.
Bug: v8:7790
Change-Id: I7eb9e79ca28da02fd489201f532e566d0d13243a
Reviewed-on: https://chromium-review.googlesource.com/1154529
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54782}
