The DevTools frontend doesn't want the Wasm module's understanding of
function body offsets (i.e. including locals), but the ranges of
offsets where breakpoints can be set (i.e. only where instructions are).
This patch adjusts the reported offsets accordingly.
A consequence is that we have to report full (start,end) pairs for each
function, instead of being able to dedupe end1==start2 etc.
Bug: v8:12917
Change-Id: I0c7d2d96435cdac2c4553647b7bcc8783bc1798b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3780526
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81887}
Prints information about frequency and aggregate size of instructions.
Change-Id: Ia745c0e5e26fbc5e24437302ba171bd05600577d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3773779
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81875}
Background:
In order to show custom content in the "Locals" pane in WinDbg, v8windbg
replaces the getter function for a built-in debug model property named
"Debugger.Models.StackFrame.LocalVariables". This is the property that
the debugger fetches when determining what to display in "Locals". The
new implementation of that getter, V8LocalVariables::GetValue, can
either call the original getter (so that WinDbg displays the usual
content for normal C++ frames) or produce a custom result (for builtins
and JIT-compiled JS frames).
The current problem:
In new builds of WinDbg, users of v8windbg no longer see any content in
the Locals pane for stack frames that correspond to builtins or
JIT-compiled code. This is because of a behavior change in WinDbg:
previously, attempting to get Debugger.Models.StackFrame.LocalVariables
would eagerly attempt to find the symbols for the frame and return an
error code if symbols were not found, but now it returns a lazy object
which does not perform symbol lookup until you iterate its properties.
V8LocalVariables::GetValue currently starts with an early-exit path
based on checking whether the original getter succeeded, so the new lazy
implementation causes us to always take that early exit.
Proposed fix:
Rather than relying on the return value from the original getter, which
is not guaranteed to work consistently, we can base our decisions on the
instruction pointer. If it points outside any module, or if it points to
within a function in the module containing V8 whose name starts with
"Builtins_", then we can build a custom result for the Locals pane.
Change-Id: I6644071d5d83a25b964d9f4018265532528cc85c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3759228
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81856}
Some follow-up after getting rid of `let`.
Change-Id: I073372f4edd0847c4ffa428595a6f74158c87a98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3773515
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81844}
This adds support for reading modules in hex or decimal "array literal"
syntax, e.g. what --full-hexdump produces, or the result of printing
JS arrays using `console.log(JSON.stringify(bytes))` or similar.
Bonus feature: support reading input from stdin, e.g. for piping.
Change-Id: Ic268f266a243f843b6fbf1e3f090e1b06487f5d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3767743
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81829}
- accelerated nodes selection for the old IR layout;
- implemented turboshaft blocks layout building (blocks coordinates and edges);
- extended interaction with user (selecting/hovering) for such things like: blocks/nodes/edges.
Bug: v8:7327
Change-Id: I0b01679e9dde0bb7d94ba80dd0ee744f334e1968
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747871
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Danylo Boiko <danielboyko02@gmail.com>
Cr-Commit-Position: refs/heads/main@{#81810}
This adds a bunch of tracing hooks to the module decoder and uses
them to support "annotated hexdump" output for full modules in wami:
$ out/x64.release/wami my_module.wasm --full-hexdump
Change-Id: I5821d940b5ec236df9708eecd0124172d8893ffd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754741
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81791}
- Removed duplication and unnecessary indirection from all suites testcfgs.
- Introduced a more comprehensive context to cover both command context and other platform specific concerns.
- Propagated above context to TestLoader to allow for test counting command execution on all platforms.
- Wrapped original pool with another class to give it a new interface and allow injecting different implementations in the future.
- Consolidated progress indicators under a single processor in the pipeline.
- Consolidated result retention requirements calculation outside of pipeline chain.
- Refactored LoaderProc and got it under tests.
- Added some more tests for the standard runner.
- Extracted BuildConfig class.
Bug: v8:12785
Change-Id: I87be040e91f792a983662bb5a10d55b36a14ea7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701595
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81770}
As sandboxed pointers are now default-enabled when the sandbox is
enabled, it is no longer possible to deactivate the sandbox at runtime.
This CL therefore removes all the logic that was required to support a
sandbox that could be disabled at runtime, moves the initialization of
the sandbox into V8::Initialize, and deprecates V8::InitializeSandbox.
This change also makes the sandbox initialization deterministic if
FLAG_random_seed is supplied.
Bug: v8:10391
Change-Id: Ibd49f7c251b7c58c642f18a551ecc2c391740970
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3762583
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81746}
This adds "annotated hexdump" as a disassembly output format, as a
first step only for individual functions:
$ out/x64.release/wami my_module.wasm --single-hexdump 17
"Annotated hexdump" format is useful for debugging/inspecting module
wire bytes, and for creating array literals for regression tests.
Change-Id: Iabfb4f9c6f68f3328910c1225a23b424e9315d4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748652
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81616}
Minor bug fix in alias support (crrev.com/c/3723506), which broke
modes with suffixes, e.g. x64.release-css or x64.rel-css
No-Try: True
Change-Id: I16fdc83dde269f66f4bb7260de0d2649aaece27e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732929
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81541}
Prints information about sections in a given module and their sizes.
Change-Id: I3bf02f0c8be53756364db4d2dada60bc8a510815
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743447
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81522}
Initial feature: list functions in a module, as follows:
$ gm x64.release wami
$ out/x64.release/wami --list-functions my_module.wasm
More to come.
Change-Id: I9580437d51153e1b5ccc291fdb6a6a67315be07d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742700
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81515}
This adds a new --experimental-value-unavailable flag, which is disabled
for now. When enabled the debugger reports values that are optimized out
by TurboFan and values of certain variables in Temporal Dead Zones (TDZ)
as unavailable. Internally we use a special `value_unavailable` accessor
info to represent these values, and on the debugger boundary we report
these properties with `value`, `get`, or `set`.
Doc: https://goo.gle/devtools-value-unavailable
Bug: chromium:1328681
Demo: devtools-dbg-stories.netlify.app/crbug-1328681-value-unavailable
Change-Id: Idb09a4a148335a950deae60f7c07caecc48826ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627510
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81509}
Ctrl+X, Ctrl+V. No change in behavior.
This is a preparational step for templatizing the module decoder
for disassembler purposes.
Bug: v8:12917
Change-Id: I08a5d2e666cd16a207e9862b2691446c0473ddb0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738221
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81489}
This reverts commit a618a4a341.
Reason for revert: Original CL got reverted, we don't need the suppression anymore.
Original change's description:
> [foozzie] Silence a frequently occuring correctness bug
>
> This CL adds back a patch of Math.pow for correctness fuzzing, which
> drops some precision and hides a difference on the fast path.
>
> The same suppression was previously used on https://crbug.com/693426.
>
> No-Try: true
> Bug: chromium:1339320
> Change-Id: Id52f25f8a2b6b5aeca956587b16a10c61aa68e36
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726295
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Auto-Submit: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81408}
Bug: chromium:1339320
Change-Id: Id4cf04f9480b3052978ee7ca3dd83d7ee16845c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736446
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81470}
MinorMC maintained a separate marking state to support interleaved GCs.
Since MinorMC now assumes that interleaving is not possible, MinorMC can
use the same marking state as the full GC.
Bug: v8:12612
Change-Id: Ibeb7df2eb24e448f811b497c9d16b3b132f87ec2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735163
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81468}
This CL adds back a patch of Math.pow for correctness fuzzing, which
drops some precision and hides a difference on the fast path.
The same suppression was previously used on https://crbug.com/693426.
No-Try: true
Bug: chromium:1339320
Change-Id: Id52f25f8a2b6b5aeca956587b16a10c61aa68e36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726295
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81408}
The ExternalPointerTags are assumed to be compile-time constants in most
cases, so turning them into template parameters enforces that. As
decisions such as whether to use the per-isolate or the shared external
pointer table are encoded into the tag values, forcing those to be
compile-time constants guarantees that the compiler will be able to
inline the correct logic when accessing an external pointer.
With this, there are now two (high-level) ways of accessing external pointer fields from C++: the Read/WriteExternalPointerField methods
which require the ExternalPointerTag to be a template parameter, and the
ExternalPointerSlot class which takes the tag as an argument. The latter
is for example used for snapshot deserialization and by the garbage
collector (more generally, by the ObjectVisitor::VisitExternalPointer
method), where the tag is not a compile-time constant.
Finally, this CL also introduces a new ExternalPointerHandle type which
represents the (opaque) on-heap representation of a reference to an
entry in an ExternalPointerTable when sandboxing is enabled. Making this
its own type makes the code a bit more readable.
Bug: v8:10391
Change-Id: I867b8ce41d15d485f1dc66786f233c710c56afcb
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3720641
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81402}
The following flag combinations run into a CHECK in d8:
('--assert-types', '--stress-concurrent-inlining')
('--assert-types', '--stress-concurrent-inlining-attach-code')
All flags can be passed as clusterfuzz trials on d8 fuzzers and lead
to poor fuzzing outcomes. This lowers their probability as a
mitigation until a better solution is found.
No-Try: true
Bug: chromium:1336577
Change-Id: I63747bb0a466c01d2789fc76cb9232f7afe720f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721382
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81387}
Now you can use 3-letter alias for all modes: rel, opt, dbg
Example: gm.py x64.opt.d8
No-Try: True
Change-Id: I825ebbf4cc1c509599f4fd2ac5aa0ac6fab998c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723506
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81382}
If the returned promise rejects, we switch to the suspender's stack and
throw the value.
Re-purpose the WasmOnFulfilled data to also represent the rejecting
case and rename it to WasmResumeData.
R=ahaas@chromium.orgCC=fgm@chromium.org
Bug: v8:12191
Change-Id: I91a301c3c6d9d243efbfabe7263555e11f0d9277
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706606
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81325}
ICU 71 added new enum value UNUM_APPROXIMATELY_SIGN_FIELD
need to map to "approximatelySign"
We also discover a spec bug in
https://github.com/tc39/proposal-intl-numberformat-v3/issues/99
All the parts of formatRangeToParts should have a source "shared" for
the case that start and end are the same or very close.
Bug: chromium:1336865
Change-Id: I89142479989d3d2017d8cb89194db737710c38ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717278
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81286}
Initial implementation for concurrent shared arrays. Current implementation exposes a `SharedArray` constructor, but its syntax might
change in the future.
Shared arrays can be shared across Isolates, have a fixed size, have no
prototype, have no constructor, and can only store primitives, shared structs and other shared arrays. With this CL shared structs are also allowed to store shared arrays.
The Backing storage for the SharedArrays is a `FixedArrayBase`. This CL introdces a new ElementKind: `SHARED_ARRAY_ELEMENTS`. The new kind should match the overall functionality of the `PACKED_SEALED_ELEMENTS` kind, but having it as standalone kind allows for easier branching in CSA and turbofan code.
Bug: v8:12547
Change-Id: I054a04624d4cf1f37bc26ae4b92b6fe33408538a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585353
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81285}
... to avoid additional indirection on every access.
Drive-by: given that AccessorInfo class now has a custom body visitor
it's no longer necessary to encode flags field as Smi.
Bug: v8:12949
Change-Id: I30eabee3cbc5ded2bf3f050dfe22208713a764bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701590
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81237}
Instead of doing multiple separate checks with branches, turn the
name check into a single range check.
This means that the symbols and strings for properties than can
invalidate protectors need to be allocated consecutively in memory.
Change-Id: Id3a2003534bab5ecf83393a60167f779d636fc4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695360
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81185}
--no-use-map-space should now be fixed, it is already enabled with
--future.
Bug: v8:12578, chromium:1317880
Change-Id: I9ea10dfaebf7b17cb1c953e272bc3358932a10b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702232
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81173}
This prevents accidental use for release branch merging, which
works but shouldn't.
Change-Id: I4db99bb721c935a8a1c7c44c1b4d909f44a8bf9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705382
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81157}
roll_merge_gerrit.py now loops, waiting for the merge to be submitted.
Once it is, it adds a tag with the version number.
Bug: v8:12849
Change-Id: I7c2765877efad2ccbe082b984642f5e989dc3c8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705379
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81150}
- removed some 'feature envy' instances:
- created a AugmentedOptions class to take care of non trivial option look-ups
- moved some calculation closer the the actual data
- promoted parameter that was passed around a lot (options) to filed in the offending class
- similar object creation looks a bit more similar
- CommandContext provides a wrapper that ensures resource de-allocation
- separate tests from standard and num_fuzz runners
- added a couple of more tests to improve coverage
This is still in flux. But further changes risk creating a disconnect between the original implementation and further refactorings.
Bug: v8:12785
Change-Id: I0ec2e9c6a81604a5cd1d4a80982dd3329c1b48db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686411
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81148}
In previous refactoring, the CSS files are moved to subdirectory css
Change-Id: I38e05ae1a9e56f36d5bd25131e605a93cfdb61f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701958
Commit-Queue: Jie Pan <jie.pan@intel.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81120}
In particular, this CL adds support for:
- exception handling
- source positions
- OSR
- various numeric operations and conversions
Since the test suite now passes with `--turboshaft`, this also adds a
new variant for Turboshaft and enables it on some bots.
Bug: v8:12783
Change-Id: Ia2dd2e16f56fc955d49e51f86d050218e70cb575
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669251
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81074}
roll_merge.py manually checks out V8 into a temporary directory, locally
builds a cherrypick, and uploads this to Gerrit. However, Gerrit has its
own REST API which allows cherrypicking. Using this API directly has two
advantages:
1) We don't need to perform any local checkouts, so it's much faster,
and
2) The cherry-picked commit is marked as a cherry-pick by Gerrit,
which means Rubber-Stamper-Bot will treat it as a cherry-pick.
The implementation for now is very simple, and doesn't support things
like cherry-picking multiple revisions or applying an additional local
patch. It does, however, increment the patch value in v8-version.h, and
tries to set Owners-Override +1.
Bug: v8:12849
Change-Id: Ie242dbec6b3d24f5118d601e9d326465d190a8f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644609
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81072}
- moved test data closer to tests
- removed the coverage related code
- refactored to remove boilerplate from test code
Bug: v8:12785
Change-Id: I1013d29d8ff2c3ecb786c294ae3b3ab6decdca20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683610
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80921}
The last line of output (which is not terminated by a newline) was not
showing for me when running the merge script. We can either fix it by
specifying `flush=True` at the `print` statement, or flushing before
reading user input. The latter seems more future-proof.
R=machenbach@chromium.org
Change-Id: I61cb929d2f7cdd20b3e32b9beb1653fe2d5c5791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676857
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80890}
List all variants for the --variant help text
Change-Id: I249d8140b19e13dc3eceedaade2b856b1fdb1567
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663088
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80884}
This is a reland of commit ea9a1f1cbe
Changes since revert:
- Make the state field uintptr-aligned since arm64 faults on
atomic accesses to non-naturally aligned addresses.
Original change's description:
> [shared-struct] Add Atomics.Mutex
>
> This CL adds a moving GC-safe, JS-exposed mutex behind the
> --harmony-struct flag. It uses a ParkingLot-inspired algorithm and
> each mutex manages its own waiter queue.
>
> For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing
>
> Bug: v8:12547
> Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80789}
Bug: v8:12547
Change-Id: I776cbf6ea860dcc6cb0ac51694a9b584b53d255c
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673354
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80875}
This CL adds a moving GC-safe, JS-exposed mutex behind the
--harmony-struct flag. It uses a ParkingLot-inspired algorithm and
each mutex manages its own waiter queue.
For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing
Bug: v8:12547
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80789}
We want to use llvm-ml to assemble files on Windows, but it only
recognizes .asm files as input files. See
https://chromium-review.googlesource.com/c/v8/v8/+/3668287.
Change-Id: I34ff6d2693a34653c8e22a7c2d093853505cd455
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672420
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80782}
The generated code checks if the receiver is a JS_API_OBJECT and if the
receiver requires an access check, and if not it lowers the call to an
API call.
We also add compilation dependencies on the protector cell to deopt if
our invariants change. (Note - the actual invalidation of these cells
will be implemented in a follow up CL)
Bug: v8:11321
Change-Id: I15722f1e5fac7176e292da4a35186e4609636aba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2719563
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80748}
The test cctest/test-v8windbg recently started failing because the
v8windbg debugger extension is unable to read the "flags" field on a
SharedFunctionInfo instance. This occurs because one of the bitfields
within "flags" has type OSRCodeCacheStateOfSFI, which is only declared
using an "opaque enum declaration":
enum OSRCodeCacheStateOfSFI : uint8_t;
When WinDbg fails in its attempt to look up that type, v8windbg responds
by failing to construct anything at all for "flags". However, the other
17 bitfields in "flags" can be represented successfully, so a more
useful behavior is to just skip the one failed entry.
Change-Id: I40630548d21499e49f0214da28260318a38d9360
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3653096
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80615}
Split off a TurbofanFrame from OptimizedFrame, and make MaglevFrame a
subclass of OptimizedFrame. This allows it to be treated as an optimized
frame by code that is looking at deoptimization data.
Bug: v8:7700
Change-Id: Ia38e0f1c2cd73f054f63be81dff187d9197c1202
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644798
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80592}
NumFuzz passes various flags to V8 testing randomly, which can lead to
various flag contradictions with existing flags. Up to now the system
ignored the check for contradictions and kept running the test cases,
leading to false positives.
This change adds a new v8 flag --exit-on-contradictory-flags that
exists gracefully when a contradiction is detected. On the numfuzz
side we now filter simple contradictions beforehand.
Measurements showed that ~2% of all numfuzz tests ran into
contradictions. Around half of them are simple contradictions
(repetitions and inversions), which are now filtered beforehand.
The remaining ones (redundant or contradictory implications) are
now ignored.
Bug: v8:11826
Change-Id: I9942e203ba9668a097fabe1343dd1365c9da94c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650746
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80589}
Now that we require C++17 support, we can just use the standard
static_assert without message, instead of our STATIC_ASSERT macro.
R=leszeks@chromium.org
Bug: v8:12425
Change-Id: I1d4e39c310b533bcd3a4af33d027827e6c083afe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647353
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80524}
Doesn't do much at the moment beyond not being a baseline frame. Fixes a
DCHECK in tiering that checks the frame type, by removing the frame
lookup there (which wasn't necessary anymore).
Bug: v8:7700
Change-Id: Icecfe27771923d380a7d1dc1c29aa9c5c9dfbf0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644618
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80512}
This reverts commit c3ac338bb9.
Reason for revert: Breaks stepping with `n`
Original change's description:
> [tools] Add a simple gdb frame unwinder
>
> Add a simple unwinder for gdb which, on x64, walks frame pointers
> whenever there is no source information available. Ideally we would only
> do this for V8 PCs but this appears hard to do in an Unwinder without
> messing with gdb's internal assumptions.
>
> Change-Id: Iba1e62a3768340ee912e81d691237c1920a8ae91
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608628
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80204}
Change-Id: I0264cf34cfe8fe2331bacf202dedbb4706535936
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644855
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80493}
- Make sure the viewport size of the svg is adjusted properly when
scaling
- Fix an off-by-one when calculating Chunk groups
Bug: v8:10644
Change-Id: I56e857a8aa1a67e408bcfb08ed126e6bfdb0ce1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641177
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80473}
This filters the flags --maglev and --no-use-map-space when passed to
foozzie. Most open bugs are known or spurious, but all take up the
limited hashes for correctness bugs, which prevents finding other
bugs. Filtering on the source-side will make those reports appear
as fixed.
Bug: chromium:1324097, chromium:1317880
Change-Id: Ibf1b04bdfdd2395c3bda5787b4843c6bb5ca8f8e
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641171
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80468}
In the previous refactoring --filter was accidentally filtering out
paths that matched <regexp>. This CL restores the original behavior
where only the matching paths are kept.
Bug: v8:12821, v8:11113
Change-Id: I7e7d7b793107fbf9b4944b1674874150803f4bb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623539
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80426}
Turn on fuzzing for Maglev to get additional test coverage.
Bug: v8:7700
Change-Id: I5b72d851639e31dff1bd91361cd81ad448c2d69e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629334
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80416}
With the introduction of the StringForwardingTable, there are no
concurrent transitions of strings happening anymore.
- Remove String migration sentinel maps + helper methods
- Remove CanMigrateInParallel()
- Remove MigrateStringMapUnderLockIfNeeded() and simplify MakeThin()
There is still unused code I didn't remove in this CL, as we might need
it later for shared struct features: YIELD_PROCESSOR for spinlocks and
Relaxed_Memcmp().
Bug: v8:12007
Change-Id: Iaa09ef93d2ee612e42cd73395a06eada22fe7dae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629545
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80414}
Also manually reformat some files with the clang-format change.
Rolling v8/build: e10cf1a..c8ec41b
Rolling v8/buildtools: c2e4795..113378f
Rolling v8/buildtools/linux64: git_revision:7c8e511229f0fc06f6250367d51156bb6f578258..git_revision:48b013c9d9debc0f5fc1dd71a257b3c38c5acb43
Rolling v8/buildtools/third_party/libc++abi/trunk: 518fd76..c7888dd
Rolling v8/buildtools/third_party/libunwind/trunk: 705543f..d8a4746
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/88422dc..9ba02ee
Rolling v8/third_party/depot_tools: dc8ca44..fccf35c
Rolling v8/third_party/zlib: 32e65ef..961141d
Rolling v8/tools/clang: 3c4a622..75625c6
Rolling v8/tools/luci-go: git_revision:6da0608e4fa8a3c6d1fa4f855485c0038b05bf72..git_revision:2aa3d7e5e8662c5193059a490f07b7d91331933e
Rolling v8/tools/luci-go: git_revision:6da0608e4fa8a3c6d1fa4f855485c0038b05bf72..git_revision:2aa3d7e5e8662c5193059a490f07b7d91331933e
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I00a09d42cf91f226c661e97915d5a95fff84b079
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615245
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80343}
To be consistent with the all the other tiers and avoid confusion, we
rename --opt to ---turbofan, and --always-opt to --always-turbofan.
Change-Id: Ie23dc8282b3fb4cf2fbf73b6c3d5264de5d09718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610431
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80336}
This change adds support for computing SHA-256 hashes in the stack
output of errors by adding a function to the prototype of the
`CallSite` object, passed to `Error.prepareStackTrace`. Additionally,
it updates the `hash` property from `Debugger.scriptParsed` and
`Debugger.scriptFailedToParse` to be SHA-256 instead of the
proprietary hash it is today.
It is intended to be an advancement in indexing source maps to
support improved tooling, especially for post-hoc or in-production
diagnostics scenarios.
The explainer can be found here:
https://docs.google.com/document/d/13hNeeLC2Ve_FVieNndZUUUP15x2O4ltvjnGWwOsMlrU/edit?usp=sharing
Change-Id: Ifbbed4b22c8256e74e6d79974d2dd1e444143eda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229957
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Robert Paveza <Rob.Paveza@microsoft.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80320}
We usually run benchmarks in multiple variants: default, future, noopt
This is currently only achieved by copying the run-perf json file and
changing the flags at the top-level (or copy whole subsections).
Using "variants" we can duplicate the tests at the current level with
different values and easily create benchmarks that differ only in v8
flags.
Drive-by-fix:
- Add Node.__iter__ and log the whole config graph in debug mode
- Add GraphConfig.__str__ method for better debugging
- Rename TraceConfig to LeafTraceConfig
- Rename RunnableTraceConfig to RunnableLeafTraceConfig
- Make --filter accept a regexp to better filter out variants
Bug: v8:12821, v8:11113
Change-Id: I56a2ba2dd24da15c7757406e9961746219cd8061
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596128
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80307}
Introduce get_hints.py and combine_hints.py in order to make
the interpretation of basic block counts into hints more
configurable and explicit, as well as allowing more accurate
and consistent methods of combining multiple profiles.
get_hints.py allows for the minimum count and threshold ratio
values to be easily altered for different profiles, while
combine_hints.py allows the hints produced from different
benchmarks and threshold values to be easily and sensibly
combined.
Simply summing together basic block counts from different
benchmarks could previously lead to a longer running benchmark
overshadowing multiple shorter benchmarks with conflicting
hints.
Allowing alteration of the current threshold values gives a
doubling of performance, while the new method of combining
distinct profiles can double the performance improvement of the
secondary benchmark while losing as little as 4% of the
improvement gained in the primary benchmark.
Design doc: https://docs.google.com/document/d/1OhwZnIZom47IX0lyceyt-S9i8AApDB0UqJdvQD6NuKQ/edit?usp=sharing
Bug: v8:10470
Change-Id: I1c09d1eabfdda5ed6794592e2c13ff8b461be361
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545181
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: George Wort <george.wort@arm.com>
Cr-Commit-Position: refs/heads/main@{#80282}
The SIMD proposal has been merged into the main spec, it is not
necessary anymore to execute the SIMD proposal tests additionally.
R=gdeepti@chromium.org
Change-Id: I1c5847a1bfba2d0c956cf353816fd71417506a1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3609848
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80241}
Allow live ranges to be displayed beside the
instruction sequence in turbolizer.
Bug: v8:7327
Change-Id: Idec5130655ccc9365dd32ec6927d8615a3e5c570
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585960
Commit-Queue: George Wort <george.wort@arm.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80226}
Add a simple unwinder for gdb which, on x64, walks frame pointers
whenever there is no source information available. Ideally we would only
do this for V8 PCs but this appears hard to do in an Unwinder without
messing with gdb's internal assumptions.
Change-Id: Iba1e62a3768340ee912e81d691237c1920a8ae91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608628
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80204}
Add basic profiler support
- Moved profiling-related helpers to profiling.mjs
- Added bottom-up profiler table
- Added mini-timeline overview wit opt/deopt events and usage graph
- Added flame-graph, pivoted on the currently selected function
Drive-by-fixes:
- Added/updated jsdoc type information
- Fixed static symbols (builtins, bytecodehandlers) that were both
added by the CppEntriesProvider and from code-events in the v8.log
- Support platform-specific (linux/macos) dynamic symbol loader by
adding a query path ('/v8/info/platform') to lws-middleware.js
- added css var --selection-color
Bug: v8:10644
Change-Id: I6412bec63eac13140d6d425e7d9cc33316824c73
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585453
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80192}
ShadowRealm.prototype.importValue dynamically imports other files, so
the testing infrastructure need to look for these calls to gather files
to push to e.g. test devices.
The reason to do this over explicit Resources: comment lines is to also
cover test262.
Bug: v8:12829
Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng
Change-Id: I6a06933d5da849157b2c7d5fa6b7b98d39f7d39f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606391
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80189}
Invoking a JSBoundFunction is slightly slower than a normal
JSFunction (since we don't have to first jump to the
target_function).
The closure steps in SourceTextModule ExecuteAsyncModule is
controlled by the engine so it is better to create dedicated
context slots for the captured values.
Change-Id: I8163fc4b302d6d22906e578164470c9e28e768e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3584601
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#80155}
The `set disable-randomization off` command may fail on some platforms,
such as the `rr` debugger. We can just ignore the error and carry on.
Change-Id: I9b8dae183a9852178a3d3411172bf3aef173c995
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602519
Auto-Submit: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80143}
As per https://tc39.es/ecma262/#sec-hostimportmoduledynamically defined,
referencingScriptOrModule in HostImportModuleDynamically can be a Script
Record, a Module Record, or null.
So to https://tc39.es/proposal-shadowrealm/#sec-shadowrealmimportvalue,
the HostImportModuleDynamicallyCallback is been invoked with a `null`
resource_name. This may not be considered a breaking change as the
parameter resource_name is defined as Local<Value>.
Updates d8's DoHostImportModuleDynamically to handle null resource_name,
and resolve the dynamically imported specifier relative to the executing
script's origin. In this way, we have to set ModuleEmbedderData.origin
even if the JavaScript source to be evaluated is Script. Also, a
ModuleEmbedderData is created for each ShadowRealm to separate their
module maps from the initiator context's.
Bug: v8:11989
Change-Id: If70fb140657da4f2dd92eedfcc4515211602aa46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522883
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#80118}
Using this flag has led to several duplicate issues. We need to stop
using the flag for a while until the issues are investigated.
Potentially these are all false positives.
No-Try: true
Bug: chromium:1317880
Change-Id: I09f4e1c642befc3a8f5b88c2eb003931dc112826
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602508
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80114}
- Use explicit options when running gmcole.py from run-gcmole.py
- Use gcmole.py-relative paths to find the default V8 root dir for
maximum convenience when running locally
Change-Id: Iba0da90b99b0321129f1c4099f437c76dabb1186
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582386
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80058}
We do change CWD in the script which breaks relative input paths
to d8 and .js files for instance.
Drive-by-fix:
- Show clear warning if `perf record` failed
Change-Id: Ib900ca6b53307e13be459beba1e96ddfc8ee9b79
No-try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593784
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80057}
These tools haven't been used in a while and are unmaintained.
We can use pprof with stack-filtering to achieve similar results.
Change-Id: I84392c066dffc6b0d9efba27a8fdfb31091796bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593786
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80026}
i::Logger => i::V8Log
i::PerfJitLogger => i::LinuxPerfJitLogger
i::PerfBasicLogger => i::LinuxPerfBasicLogger
Note: V8Log is currently still managing instances of other loggers,
this functionality will be moved to a separate class in the future.
Bug: v8:12795, chromium:1316443
Change-Id: Id1b44e65abb7819eb6d6c718a1baa9ed61ad51aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593133
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80016}
Turn on fuzzing for disabled map space to get additional test coverage.
Bug: v8:12578
Change-Id: I82c577c8c24b51df627c873fde95fb239e16d36f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3592892
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80012}
- Start moving profiler scripts to tools/profiling
- Add linux-perf-d8.py wrapper script that runs `perf record` and
`perf inject`
- Improve waiting for the d8/chrome process and allow for early
termination if --timeout is provided
- Allow fractional seconds for --timeout
- Delete run-perf.sh and provide equivalent functionality in
linux-perf-d8.py
Change-Id: Iac1d6cf895aa7159a9bbb387aca7632df27a0ca3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585951
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79991}
API logging has not been used in a while and we have valid alternatives:
- Runtime call stats
- Profiling
- Timer events
Together they make --log-api superfluous and we can remove it and reduce
the number of branches when calling into the V8 API.
Change-Id: Ie10f70b61ebdb82166270e7630ebcf20a27c4902
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574549
Reviewed-by: Marja Hölttä <marja@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79904}
- Parse the condensed source position info support for jitted code
- Add progress bar/circle to loader
- Use temporary Array instead of concatenated strings in escapeField to
reduce gc pressure
- Use bound functions as event handlers in more places
- Various timeline legend fixes:
- Fix columns alignment when duration is present
- Use fixed width to avoid breaking the UI
- Correctly show total/percents for 'All' and 'Selection' entries
- Improve usability of filtering buttons: added tooltips and fixed
redrawing on filtering
Bug: v8:10644
Change-Id: I1275b31b7b13a05d9d6283d3067c1032d2d4819c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574544
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79897}
This is a follow up CL for https://crrev.com/c/3538284.
Tests credited to https://crrev.com/c/3468352.
- Add unicode filename path test.
- Convert ansi encoded filename argv to utf8 encoded on windows. Because
the ansi encoded filename argv may lose some information for unicode
filename, and we need to use GetCommandLineW to get the actual unicode
filename argument. And we convert it to utf8 encoded to be consistent
with subsequent processing.
- Use REPLACEMENT CHARACTER to replace the characters which cannot be
encoded with sys.stdout.encoding in progress.py.
This CL should be **reverted** if new unicode filenames cause problems.
Bug: v8:12541
Change-Id: Ic5c5ae342b3a5b11c3119452af03c9165d429ed7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568926
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#79850}
Currently, v8_presubmit uses the system version of depot_tools for C++
and JS linting. This is an issue for branches which rely on a specific
depot_tools version for linting. This CL proposes the use of the
depot_tools version defined in DEPS.
This change was evaluated in https://crrev.com/c/3571813. The first
v8_presubmit attempt uses the system-defined depot_tools version, while
the second attempt is rebased on this CL and uses the DEPS defined
version.
Bug: v8:12743
Change-Id: I87e14ea5c1e3dc20b34106ff56f608d55ec3253d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571805
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79828}
Reduce the dispatching overhead in the hottest loop when parsing log-lines.
- Using a JSMap we can avoid internalizing strings
- Preprocess the dispatch table and only have varArgs or functions as
parsers
- string[] seems to be slightly faster than string.charAt()
Bug: v8:10644
Change-Id: I03b13bdeecda1ad037191ff74e05142ceeb6533c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571890
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79816}
- Double click on the current timeline selection to focus and zoom in
- Make timeline-tracks focusable by setting a tabindex
- Add back arrow-key navigation for the map panel (only when focused)
- Prepare code for adding keyboard-based horizontal scrolling
- Use --code-font CSS variable
Bug: v8:10644
Change-Id: Ic473695c9fcdc795d173cd064b4660e100ae8b24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568475
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79786}
- Process the minidump in a separate function to avoid keeping
references to the mmapped file during disposal
- Clear all MinidumpReader variables before disposing the mmapped file
Change-Id: I0ce468597329d6f7d703a08309e4be378d9c27cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568469
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79750}
Since the new space is always empty after a full GC, the old-to-new
remembered set is also always empty after a full GC. This means we can
get rid of the sweeping_slot_set_.
This slot set was used to allow the main thread to insert into the
old-to-new remembered set non-atomically. The sweeping slot set was
owned by the sweeper, which deletes slots in free memory from it. The
main thread would start with an empty old-to-new remembered set. After
sweeping both slot sets are merged again.
The sweeper now needs to behave differently during a GC. When sweeping
a page during full GC, the sweeper needs to delete old-to-new-slots in
free memory.
Outside of the GC the sweeper isn't allowed to remove from the
old-to-new slots anymore. This would race with the main thread that adds
slots to that remembered set while the sweeper is running. However,
there should be no recorded slots in free memory. DCHECKing this is
tricky though, because we would need to synchronize with the main
thread right-trimming objects and at least String::MakeThin only deletes
slots after the map release-store.
Bug: v8:12760
Change-Id: Ic0301851a714e894c3040595f456ab93b5875c81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560638
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79713}
- Always show the navigation buttons
- Format code with fixed-width font
- Limit the property-table height for more compact tooltips
Bug: v8:10644
Change-Id: I0a0f30056455371bad12b2c679d184948c5b52de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555772
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79652}
Search for all files with testing naming convention and run that on v8_presubmit.
Also modify all PRESUBMIT files in the tools directory to include any test file
with the appropriate naming convention.
Bug: chromium:1306474
Change-Id: I61c1b7c71badbbc3b99705289588aa8280824d66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532266
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79651}
Bidirectional phase switching by shortcuts "n", "b".
Improved selection of nodes when they are splitting or raising to a common ancestor.
Fixed minor inconsistencies in some variable names with the project style.
Added name and email to the AUTHORS file for first-time contribution.
Change-Id: I0c903dbf81c3d1d75503004ce412a81aace06a61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3537008
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79636}
The debugger maintains a stack of promises used for catch prediction
with promise builtins and async functions. Previously this stack would
hold on to the individual promises strongly, and subtle bugs that lead
to not properly cleaning up the stack in some corner cases would often
lead to significant memory issues (e.g. leaking whole iframes).
This refactors the PromiseOnStack to be
(a) on the V8 heap, rather than allocating C++ structs with global
handles pointing to the promises, and
(b) hold on to the promises only weakly.
While this will not guarantee proper promise stack management, it will
at least ensure that edge cases don't lead to catastrophic (debugger
only) leaks.
Bug: chromium:1292063
Change-Id: I9c293ca2032de3a59e1e9624f132d37187805567
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545176
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79594}
Some edges are self looping because of incorrect `horizontalPos`. This is occuring because of an unexpected scenario caused due to incorrect calculation of `inputApproch` and `outputApproach`. And all of this is occuring because of insufficient distance between two nodes.
An example of the problem is shown in the image: https://imgur.com/aAmnzaK.
Change-Id: I056e1fbcc420ce65a3ae9201e187b22ad3fbaaba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3535791
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79570}
- Avoid redrawing property-link tables if the contents don't change
- Don't update timeline legends if the selection doesn't change
- Use shorter class names for the flamechart for faster parsing
- Round positions in flamechart to avoid long strings that would be
created from raw double positions
- Don't redraw the tooltip if the content is the same
Change-Id: I925f1708400286c7c9f8db62f75c3b5fe8a16b12
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3521945
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79540}
JSObject::InitializeBody now checks whether the instance type of the
object being initialized can have embedder data slots around the
initialization logic for these slots. This fixes a performance
regression on certain benchmarks.
To perform this check efficiently, a new instance type,
JSObjectWithEmbedderSlots, is introduced so that the check becomes a
simple range check.
Bug: chromium:1304139
Change-Id: I00c892bc2276e950b59602257ca1c2435c10e517
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3507712
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79497}
It turned out that on arm and arm64 we over-estimated the code size of a
Wasm module quite a bit. This CL adds some more output for the
--trace-wasm-compilation-times flag, and adds a script to compute the
factors we use for code size estimates from that output.
I ran the script on a few benchmarks (an older Epic module, the current
Photoshop module, and the benchmark from the linked bug), and adjusted
the constants accordingly.
Also, simplify the API of {ReservationSize} to only return a single
number, and fail internally if we need to allocate more than the engine
supports (which would only fail for artificially large modules).
R=jkummerow@chromium.org
Bug: chromium:1302310
Change-Id: I5b2c27ff3e360fb6738cf5dd697bcee09e106b6d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522067
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79482}
The fuzzers were passing the flag --es-staging which doesn't exist. This
CL updates them to pass the flag --harmony which does exist.
Change-Id: I02c83026e5b9bdf49e51e700f16702bf56cd49e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522064
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79464}
Instead of implementing ExternalObjects as plain JSObjects with a single
EmbedderDataSlot pointing to a Foreign containing the actual raw
pointer, this CL now creates a new JSExternalObject type that directly
contains the external pointer.
As a side-effect of this refactoring, nullptr values are now no longer
valid for ExternalObjects.
Change-Id: Ic8ff334681c966e823ca70f34dd1efaaa21a0789
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3513234
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79459}
Instead of using the high water mark for determining this metric, we use
a bitset for all active/used system pages on a V8 heap page. Each time
when allocating a LAB on a page, we add the pages of that memory range
to that bitset. During sweeping we rebuild that bitset from scratch and
replace it with the old one in case free pages are discarded by the GC.
We DCHECK here that the sweeper only ever removes pages. This has the
nice benefit of ensuring that we don't miss any allocations (like we
do now for concurrent allocations).
CommittedPhysicalMemory for a page is then calculated by counting the
set bits in the bitset and multiplying it with the system page size.
This should be simpler to verify and track the "real" effective size
more precisely.
One case where we are partially less precise than the current
implementation is for LABs. In order to reduce complexity we now treat
all pages of a LAB allocation as active immediately. In the current
implementation we tried to only account the actual used part of the LAB
when changing the LAB later. This is more complex to track correctly
but also doesn't account the currently used LAB in effective size.
Change-Id: Ia83df9ad5fbb852f0717c4c396b5074604bd21e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497363
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79428}
Clean up two flags which control features shipped in m99
harmony_intl_locale_info
harmony_intl_enumeration
Bug: v8:10743, v8:11638
Change-Id: I856afaceb0972052d1bcc70b162e8f9ee9071dd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3508169
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79397}
Prepare gcmole.cc for the next update:
- Print possible GC locations when discovering stale/dead variables
- Make error messages less confusing for the modern V8 engineer
- Prepare gcmole to read suspects.allowlist instead of .whitelist
- Use more readable variable names
- Only log non-found types with --verbose
- Change the currently unusued gccauses format in gcmole.py and
support loading it back in gcmole.cc
- Implemented first basic gc call-chain printing (disabled by default)
GCmole packaging:
- Add debug mode to bootstrap.sh build script
- Update gcmole.py run instructions in bootstrap.sh and package.sh
Bug: v8:10009
Change-Id: I369d48baa2980455d2e8f57e7a803d0384fe83f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3480095
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79357}
- Convert gcmole to python3-ish code
- use local Path implementation for future full migration
- Use optparse and explicit arguments for gcmole
- Add explicit directories flags
- Use backwards compatible env vars as fallbacks
- Add gn target v8_gcmole_files to avoid issues with missing or
incompatible generated files
Drive-by-fixes for running gcmole without ignored files:
- Disable gcmole in Isolate::UnwindAndFindHandle
- Partially disable gcmole in V8HeapExplorer::AddEntry
Bug: v8:10009
Change-Id: I5b4d1c6554db300190226361b6c518419109ff3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497320
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79348}
Store the free registers as a RegList rather than stack of Register
values. This allows us to simplify some of the register freeing logic,
including passing the current free set to nodes for use as temporaries.
Drive-by: Replace ALWAYS_ALLOCATABLE_GENERAL_REGISTERS with
ALLOCATABLE_GENERAL_REGISTERS, which is the more general list (the former
is an implementation detail for optionally reserving a register for
the cage register).
Bug: v8:7700
Change-Id: I666e9a7547c2f4f4e578fbcbb4bd3fe3cb06dac5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497767
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79344}
Profiler:
- Track profiler tick durations
- Various speedups due to low-level hacking
Improve code-panel:
- Better register highlighting
- Added address navigation and highlighting
- Removed obsolete inline source-view
Improve script-panel:
- Keep current source position focused when showing related entries
- Better tool-tip with buttons to focus on grouped entries per
source postion
- Focus by default on other views when showing related entries
Improve timeline-panel:
- Initialise event handlers late to avoid errors
- Lazy initialise chunks to avoid errors when zooming-in and trying to
create tooltips at the same time
Change-Id: I3f3c0fd51985aaa490d62f786ab52a4be1eed292
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492521
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79329}
When --maglev is set, tier up to Maglev from unoptimized tiers based on
--interrupt-budget-for-maglev, initially set to 40KB (which should very
roughly by 1/10th of the time until the TF tierup decision is made).
On the first interrupt, a non-concurrent optimization to Maglev is
requested, which the next call to the marked function will perform.
- There is no support for tiering from Maglev to TF yet.
- Maglev's language support is minimal and tests are not expected to
pass with --maglev.
- Disable --maglev by default for now.
Drive-by: fixes related to Maglev flag definitions.
Bug: v8:7700
Change-Id: I121bb3f4f3830fdd20e1d4a12d3e04f08a99be38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79328}
Maglev is currently enabled only on x64; BUILD.gn knows about this
through v8_enable_maglev, but v8_check_header_includes doesn't. It
thus tries to compile maglev files on platforms that don't have maglev
support yet.
Add an explicit maglev exclude rule until we support other platforms.
Bug: v8:7700
Change-Id: Iac991741c7d630dc4ed9f9fbf6df7656853cc743
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494536
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79305}
The per-Isolate Symbol tables are implemented using NameDictionary
before, which has additional property details overhead
And NameDictionary is limited to 2^23, which limits the Symbol
tables to be a maximum of 2^23.
- replace NameDictionary with SymbolTable in isolate
Bug: v8:12575
Change-Id: Ica4f05aac3494f7dfa3a074c240d4ba25df814e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3476897
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79285}
- List the current v8 version
- Minor code cleanup
Change-Id: Ic7a89e42d27465cc5df8e2249eaeacf8ca1eb6a7
No-Try: true
No-Presubmit: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3477034
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79222}
This is a reland of 1025bf26e3
Changes since revert:
- TSAN issue fixed by https://crrev.com/c/3475084
- Skip the shared-struct-workers test until shared GC deadlock is fixed,
being tracked in v8:12645
Original change's description:
> [shared-struct] Prototype JS shared structs
>
> Unlike the Stage 1 proposal, for simplicity the prototype does not add
> any new syntax, instead opting for exposing a SharedStructType
> constructor which takes an array of field names. This type constructor
> returns constructors for shared structs.
>
> Shared structs can be shared across Isolates, are fixed layout, have no
> prototype, have no .constructor, and can only store primitives and
> other shared structs.
>
> The initial prototype does not have TurboFan support.
>
> Bug: v8:12547
> Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79156}
Bug: v8:12547
Change-Id: Ic1f5cf9fa9791ae2d5d5dc7c110614ca10b5d98e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3475078
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79215}
Migrate predictable_wrapper to py3. Run test in v8_presubmit.
R=liviurau@chromium.org, machenbach@chromium.org
Bug: chromium:1245634
Change-Id: I941e248ffcf12ce26a55a5f5889dab06ee74e66e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3448379
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79200}
The tool has been unmaintained for a while and doesn't work.
We do have either the system-analyzer or profview as valid web-based
replacements. For all other use-cases we recommend using the
command-line versions.
Change-Id: I3a07e80aebfb1f8d6ba16d6bffe16d9da7b9eac4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3474677
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79178}
This reverts commit 1025bf26e3.
Reason for revert: https://crbug.com/v8/12645
Original change's description:
> [shared-struct] Prototype JS shared structs
>
> Unlike the Stage 1 proposal, for simplicity the prototype does not add
> any new syntax, instead opting for exposing a SharedStructType
> constructor which takes an array of field names. This type constructor
> returns constructors for shared structs.
>
> Shared structs can be shared across Isolates, are fixed layout, have no
> prototype, have no .constructor, and can only store primitives and
> other shared structs.
>
> The initial prototype does not have TurboFan support.
>
> Bug: v8:12547
> Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79156}
Bug: v8:12547
Change-Id: I44f2b8bb7487b4d39ba1282585e0b2282501230f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3474676
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79170}
Now that we are able to compact map space, we can also get rid of the
map space and allocate maps in the old space instead. This CL introduces
a FLAG_map_space for enabling/disabling the map space but the map space
remains enabled by default for now.
Without a separate space for maps, the GC can't prevent relocation of
maps anymore. Therefore this CL always allows compaction of maps when
running without a map space. Rename flag to --compact-maps to better fit
this scenario.
mkgrokdump and debug_helper also need to be updated to look for maps
also in the old space. The map space is now optional.
Bug: v8:12578
Change-Id: Ic4e4abd0b58bee26e64329b1c92dbccb07d8105a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424483
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79165}
Unlike the Stage 1 proposal, for simplicity the prototype does not add
any new syntax, instead opting for exposing a SharedStructType
constructor which takes an array of field names. This type constructor
returns constructors for shared structs.
Shared structs can be shared across Isolates, are fixed layout, have no
prototype, have no .constructor, and can only store primitives and
other shared structs.
The initial prototype does not have TurboFan support.
Bug: v8:12547
Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79156}
Historically the tool only combined files where the run number was
separate by a hash: domain#1.txt , domain#2.txt...
Fix this to allow for underscores and/or abitrary number suffixes.
Change-Id: I85253a1b871eb75fce60fef9a61b7d50afe72abd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3468900
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79134}
