We had IsJSHandlerOnTop and IsExternalHandlerOnTop, which were almost
opposites but not quite. We often did the same computation repeatedly
for determining which kind of a handler is at the top (if any).
This CL simplifies the logic, and only does the three-way logic once:
either there's an external handler, a JS handler, or neither.
It also removes dead code from Isolate::ReportPendingExceptions: we
already do an early return if there's a JS handler on top, so we don't
need to re-check.
Bug: v8:12437
Change-Id: Ic15675bf2177772037d9fcec31c79019e4f0e02c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302802
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78129}
This method should make it easier to debug memory leaks or out-of-memory
errors with d8.
Bug: v8:12198
Change-Id: I66d0ce8e04732badb7902453a1cd95ba9c29f3e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303801
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78128}
With https://crrev.com/c/3272577 we introduced a `StackFrame` cache for
the inspector, which is keyed on the script ID, line and column number,
so the syntactic properties of the function. However, the name that we
report for functions is dynamic and can change (per closure) by
explicitly reconfiguring the "name" property via
```js
var f = function() { /* ... */ }
Object.defineProperty(f, "name", {value: "super duper function"});
```
for example, so we need to take that into account as well, and only use
the cached `StackFrame` instance if the dynamic names still match up.
Otherwise we just overwrite the cached entry with a new instance (the
assumption here is that "name" isn't reconfigured often).
Fixed: chromium:1274529
Bug: chromium:1268436
Change-Id: I519017c762aed5b4f93b9dc4553fa81d5979f1a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306376
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78127}
{WasmInternalFunction::external} might return a function that is not
a WasmExportedFunction, at which point the code in ProcessTypeFeedback
fails.
See crrev.com/c/3277878 for context.
Bug: v8:12436
Change-Id: I447710cfa2dbdb64cba27922da85871d18bc79a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303613
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78126}
Until now, histograms associated with isolate counters were created
at the time of isolate initialization. This is too early because it
happens before persistent memory is configured. Histograms created
before persistent memory is set up are retrieved periodically but
infrequently and are not "flushed" on process termination. As a result,
a lot of samples from V8 are lost.
This CL implements lazy creation of counter histograms, the first time
that they are used.
Bug: chromium:1270428
Change-Id: I8540b50b6c3dde1f477853a011b6c3f2c2c6ef9d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3284888
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78125}
To trigger speculative inlining, a function needs to run a few times on
Liftoff-tier, and then tier-up to Turbofan. We make sure this happens
by enabling --wasm-dynamic-tiering with a small budget, and running
the critical functions until {%IsLiftoffFunction} is false.
We also add an additional test.
Bug: v8:12166
Change-Id: I6c5e0d3f1e3ba0df8510ae6850d8e9af1d01c179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306372
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78123}
Previously, we would encode 'other' as a reason for pausing when
stepping too, however, it would not show as such in case it would
overlap with another reason. This CL makes sure that we always report
'other' as a reason if we are stepping.
Drive-by: only encode 'other' as a reason once
Bug: chromium:1229541
Change-Id: Id73822dff68d1d54a2f1fafdf2a097e1377ece75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3295346
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78118}
result needs to byte-swapped as it's currently in machine
native order and Wasm requires LE ordering.
Change-Id: I9c1d6752fbdaba18fb7a8d49a9848d04c1a21be8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303954
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78114}
This allows the embedder to determine whether some function has been
called from a destructor.
See discussion in
https://crrev.com/c/3302810
Bug: chromium:1273928
Change-Id: Icb5d98eff777574488a7d6de5e693c502c2fb53e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303793
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78113}
This also fuzzes values of --budget-for-feedback-vector-allocation.
Boundaries for the intervals are the default values in the code.
No-Try: true
Bug: v8:12434
Change-Id: I0a9d7421408a51c717c2edfe0e67c459f0a2834c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303792
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78111}
The CL converts uses of v8::internal::Worklist to heap::base::Worklist
which does not require to know the number of tasks working with the
work list upfront. heap::base::Worklist is the common implementation
for V8's heap and cppgc and should be used/optimized going forward.
Bug: v8:12426
Change-Id: If219edb8c0a8890c7bd0a131b8847b66256fdc21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302799
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78110}
See crrev.com/c/3277878 for context.
We should only transform extenral to internal function references when
passing a function value to a function-typed global or table. For their
externref counterparts, we should preserve the reference unchanged.
Bug: v8:11510, chromium:1273705
Change-Id: Ic1719c4d31e175f3a37ced6e4e4dfcd61a19ae57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302790
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78108}
This fuzzes more values of interrupt-budget on numfuzz. For now
as a single instance. In a follow up we add it also to combined
flags.
No-Try: true
Bug: v8:12434
Change-Id: I836c5e829ffeabfa4a4686d4d3d2fd43fce1ee88
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302797
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78107}
... and thus avoid the need for special handling of objects located
in external code space.
This will also allow making HeapObject::IsBlah() checks faster when
external code space is enabled.
Bug: v8:11880
Change-Id: I12d07c05451ff198f0a6182d9b5849f76015e7fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300140
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78104}
SIMD tests moved from the proposal directory to the main spec test
directory. Test expectations needed to be adjusted therefore.
Change-Id: I02225da1f55ba173bbda22257edf45a3e987ba0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302795
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78101}
Rolling v8/build: 44b802e..26881c1
Rolling v8/buildtools/third_party/libunwind/trunk: 038090f..f51a154
Rolling v8/third_party/aemu-linux-x64: R6v-hxhOQyZL9y_avAvE80v7II7utrI5Px4EUlMdtrAC..vRCm89BzABss-_H8vC-tLjcSf6uusZA9IBSSYtdw4_kC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5d7ccbf..75423c3
Rolling v8/third_party/depot_tools: afb82b2..2ffa1bd
Rolling v8/tools/luci-go: git_revision:7972ced81286b7897c8712afe0f36eb9cf7bc098..git_revision:03f7c59feeac59c211e5b06fbbbc7405861b482e
Rolling v8/tools/luci-go: git_revision:7972ced81286b7897c8712afe0f36eb9cf7bc098..git_revision:03f7c59feeac59c211e5b06fbbbc7405861b482e
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I16dd56334c813d03cdb2bf66f996e00966b47680
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303151
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78098}
PTHREAD_STACK_MIN is an alias for __sysconf(__SC_THREAD_STACK_MIN_VALUE)
in glibc 2.34.
__sysconf() returns long, causing a -Werror,-Wsign-compare error build
error.
Change-Id: I15da8e7ee57a6979682ff7166990698965481586
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3301464
Commit-Queue: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78097}
After https://crrev.com/c/3301477 compilation with gcc could
fail with the following errors:
```
error: reference to 'MarkingType' is ambiguous
error: reference to 'SweepingType' is ambiguous
```
Change-Id: Idb0f52853d377ec0c0f373f2e908e6c7fa0da914
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302850
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78095}
ShouldVisit() uses obj.Size() to increment the live bytes counter after
the object was successfully marked grey. However, this re-reads the
length field which could have already been overwritten by a
concurrent left-trimming operation on the main thread. Fix this by
calculating the object size later with the length field we read before
marking that object black. That value is guaranteed to be a SMI.
Bug: chromium:1273352
Change-Id: I47e5a2df3eef61b4ef07af943f30123e5c2f7f9d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302793
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78093}
The bytecode can be flushed and/or the function can be
compiled and installed before the interruption to install
the new batch of compiled baseline code.
Bug: v8:12415, v8:12054
Change-Id: I092c8e0f31735119e6b2c6c46ce97ba8a4cdc91e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302788
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78091}
Some of the JumpIf Bytecode Handlers will load the jump offset from
bytecode array or constant pool before checking whether the condition is
matched, and this jump offset is unused if the jump not actually happens.
This CL move the Load operations to the branch on which the condition is
matched.
Bug: v8:12431
Change-Id: I3cb2fa7447ee2a9cb514148efb605617f95b1b68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300994
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78088}
Snapshot decompression for new isolates or new context is roughly 10%
of the time. Unlike on mobile, we don't need to compress the snapshot
on desktop where we can live with a 400KiB regression.
Bug: v8:12195, chromium:1270752
Change-Id: Ie4b307125f5df3d94374d5295b06c457ab6e8c24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3275554
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78087}
Between the loop entry and the Dequeue call, another
thread might exhaust the queue itens and the Dequeue
call will return false without setting the job.
Bug: chromium:1272009
Change-Id: Ia254d97de36395676f069c100f46747b41483783
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300130
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78084}
Not all infra members are common owners, but own several parts of the
tools directory.
No-Try: true
Change-Id: I48ab2e95b67d13a01a88fef34b86e992da4b9fba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3301462
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78083}
