Before a young GC, the scavenger finalizes a pending full GC sweeping,
in case there are no more running sweeping jobs, to avoid unnecessarily
pausing sweeping and then resuming it.
This CL moves this sweeping finalization from
ScavengerCollector::CollectGarbage to Heap::CompleteSweepingYoung, so
that it is also performed for the minor mark-compactor and that sweeping
is correctly attributed to the previous full GC cycle (instead of the
beginning young cycle). Furthermore, it also finalizes CppGC sweeping
if there are no more running sweeping jobs.
Bug: chromium:1154636
Change-Id: Ic9ba4803f49db32c0a539f080329f012859bc8bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3508011
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79407}
We can cache this in a static field during V8 initialization such that
we don't need to cache this method's result for each use-case that
might benefit.
Bug: v8:12691
Change-Id: I4391a5e306646465ce96fb7e354be996d9fe8b44
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506375
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79406}
This rename better reflects that heap_base is both used in cppgc but
also V8's GC.
Bug: v8:12691
Change-Id: Ia18ecba462d1b55cee6722452ceb28b25490a066
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506374
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79398}
Clean up two flags which control features shipped in m99
harmony_intl_locale_info
harmony_intl_enumeration
Bug: v8:10743, v8:11638
Change-Id: I856afaceb0972052d1bcc70b162e8f9ee9071dd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3508169
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79397}
Fix typo which should check y match -∞ but checked -0
Bug: v8:10776
Change-Id: I6bddbf91dbee2411d47a5e3b8ccbc456a0602bf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504646
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79391}
Instead of returning a boolean success/failure value, the Free* methods
of the VirtualAddressSpace API now terminate the process on failure, as
this implies a bug in the caller. This is simpler than CHECKing for
success in all callers and also provides more details about the possible
cause of the failure.
Bug: v8:12656
Change-Id: I5b469ae2c564068cff74e60b7e98f6a4776a239d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506992
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79388}
Change TestPlatform's old_platform_ field to an atomic, so that its
write in the constructor and subsequent reads (that can be cross thread)
are race-free.
Hopefully this fixes the TSAN flakes we've been seeing.
Bug: v8:9054
Change-Id: Ib2b6edd21508ffa18debd6326dd7a100266125f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506505
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79385}
This decreases the snapshot size (we don't need to write the ID for the
string) and speeds up deserialization.
Bug: v8:11525
Change-Id: I8f48d2344a7fd895c746e6a3d26f6dbbdd11a062
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494539
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79381}
HeapNumbers that are in the shared heap were incorrectly considered
!IsShared().
TBR=jkummerow@chromium.org
Bug: v8:12547
Change-Id: Ie4b9575445d841a7045c947ff4439bf53a22869d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504085
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79372}
Because I don't get much out of "Object() != Object()"
Change-Id: I5a765b9cb0a272d30edcd834ec7b60d2fd03190b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497352
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79370}
This introduces a new (inspector-only) `v8::debug::ScriptSource`,
which represents the source for a given `v8::debug::Script` (in
case of JavaScript it's a `v8::internal::String` while in case of
WebAssembly it's a `Managed<v8::internal::wasm::NativeModule>`).
Every `v8_inspector::V8DebuggerScript` now holds on weakly to the
`v8::debug::Script` and strongly to its `ScriptSource`, making it
possible to access the source even after the `Script` dies.
This is preliminary work to allow for the removal of the special
GC feature that a `WeakCallbackType::kFinalizer` callback can
resurrect the object (this change is split into a separate follow
up CL https://crrev.com/c/3497324).
Bug: chromium:1295659, chromium:1302195
Doc: https://bit.ly/v8-inspector-script-caching
Change-Id: I503d0d9283e2da392023f06f79b8ff35953e7935
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494242
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79363}
This proposal adds i32 and i64 addition, subtraction, and multiplication
to the list of constant expressions.
See https://github.com/WebAssembly/extended-const.
Bug: v8:12089
Change-Id: I23a27a54a15fd37ee1d553992ab3b355eb9d317c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497665
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79362}
When the function is created with FunctionTemplate and set name with
native data property accessors, binding the function should throw
immediately if the native accessor throws.
Bug: v8:11989
Change-Id: Ief282202aa5b8515f581fd5478886ed5f001fd4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492966
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#79356}
Prototype F32x4Relaxed(Min/Max) and F64x2Relaxed(Min/Max)
operations for ARM. F32x4 variants map directly to vmin/vmax
hardware instructions which are also used for F32x4(Min/Max)
operations. The F64x2 variants are mapped in this implementation
to Pmin/Pmax instructions as detailed in the github issue.
https://github.com/WebAssembly/relaxed-simd/issues/33
Bug: v8:12284
Change-Id: I5ea939385fa0ae97bbdf776fc0b763cabb1b293c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3501347
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79355}
With the previous change to using the mask as the first
input to the node, the lane select ARM codegen is equivalent
to V128Select. Also enable cctests to run on ARM.
Bug: v8:12284
Change-Id: I5572f4845307ff20cc2a0a58d3ccf162caa436b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500655
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79352}
A TrapUnless after an IfTrue, and conversely, a TrapIf after an IfFalse,
should not optimize away the respective Branch node.
Bug: v8:12624
Change-Id: I250b2f84c38295ca35e440589901ed5a58bb4e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500303
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79349}
This renaming was missed in
https://chromium-review.googlesource.com/c/v8/v8/+/3468577, because the
code adding these #ifdef blocks landed in-between the renaming change
being uploaded and landed.
Bug: chromium:1298417
Change-Id: I8c2e951099dafcce7e19a59e40e36f308e2ed867
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3498349
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Benoit Lize <lizeb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79345}
Currently, a streamed script which specifies 'use strict' is stored in
the isolate script cache with a key indicating that it is strict mode.
However, the keys should be based on the context executing the script,
not the content of the script, so that the next lookup can find the
entry without having to parse the script first.
Bug: v8:12668
Change-Id: Iaa76c00c431ad54a86ffd18b61cb4f67dc457b03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3498220
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#79331}
When --maglev is set, tier up to Maglev from unoptimized tiers based on
--interrupt-budget-for-maglev, initially set to 40KB (which should very
roughly by 1/10th of the time until the TF tierup decision is made).
On the first interrupt, a non-concurrent optimization to Maglev is
requested, which the next call to the marked function will perform.
- There is no support for tiering from Maglev to TF yet.
- Maglev's language support is minimal and tests are not expected to
pass with --maglev.
- Disable --maglev by default for now.
Drive-by: fixes related to Maglev flag definitions.
Bug: v8:7700
Change-Id: I121bb3f4f3830fdd20e1d4a12d3e04f08a99be38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79328}
According to the latest changes in wasm-gc, externref will be renamed
to anyref, and will be assigned as the top of the reference type
hierarchy. Since in the current wasm type system funcref is not a
subtype of anyref, subtyping is now dependent on whether wasm-gc is
enabled.
Bug: v8:7748
Change-Id: I0c0ae3dd5523e624d4490ca33d1fba4c2ae59393
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3468345
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79322}
- Add the Isolate as an explicit param (we already have it at all
callsites)
- Pass an explicit CodeKind param to MarkForOptimization in preparation
for Maglev.
- Split EnsureFeedbackVector into that, plus
CreateAndAttachFeedbackVector for when we know it has to be created.
Bug: v8:7700
Change-Id: Ie9022deccd31d472d6df3d442b25583af5569ab0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497383
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79318}
When running with the simulator, Assembler::debug() can record an inline
comment to be printed when the simulator encounters it. We need to make
sure pools are not emitted while the comment is recorded in the code
stream.
However the BlockPoolsScope was missing its margin argument to tell it
how much code we're going to generate, and could forget to emit pools
when it should have, causing crashes later on when a branch cannot jump
over the code comment.
Bug: v8:12637
Change-Id: I39e50f176d87c781c865b81fb9aca57d69c8c019
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494544
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/main@{#79317}
Single generation doesn't have a young generation, so we cannot check
whether it's inline allocation is enabled.
Bug: v8:12615
Change-Id: I145e7c3ff225dc0099136289c9aef4ddd28b3578
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487993
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79316}
The following histograms have been deprecated, as they are superseded
by V8.GC.Cycle.*.Young or not needed anymore (next to each, the
corresponding isolate counter):
- V8.GCScavenger (gc_scavenger)
- V8.GCScavengerBackground (gc_scavenger_background)
- V8.GCScavengeReason (scavenge_reason)
- V8.GCScavengerForeground (gc_scavenger_foreground)
- V8.GCBackgroundScavenger (background_scavenger)
- V8.GCMarkCompactor (gc_mark_compactor)
This CL removes the corresponding instrumentation in the code and the
isolate counters.
Bug: chromium:1154636
Bug: chromium:1299555
Change-Id: I62d28ff60ef47a058fe148c7855af8e2c1cc0aed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487548
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79308}
inspector tests are not yet enabled as a few issues need to be
solved related to endianness and IBM lane numbering.
Change-Id: I3c5c87af45037033d4a112cb7e1da8b7923ce0f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3489244
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#79306}
The main change is the section name, which is now 'metadata.code.branch_hint'.
The binary format has also a couple of minor changes.
Semantics remain unchanged.
Change-Id: I056c9f672ae494979e8ea55266fa766139b71d38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487788
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79292}
After https://crrev.com/c/3484317, passing {nullptr} to the
{CodeSpaceWriteScope} won't work any more. Since the tests do not have a
{NativeModule} to pass instead, make them use
{pthread_jit_write_protect_np} directly.
The jump-table assembler tests have dedicated threads for writing and
executing the code, so we just switch once per thread. The icache test
switches between writing and executing, so we use a little struct for
switching.
R=jkummerow@chromium.org, tebbi@chromium.org
Bug: v8:12644, v8:11974
Change-Id: I116f3ad75454f749cdc4635802a4617ff91548b2
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487995
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79290}
When we can eliminate a branch-on-type instruction based on statically
available type information and replace it with an unconditional branch,
we have to mark the rest of the current block as unreachable.
Change-Id: I9b8cc2f8e76da0b1b7cdf72b150ec675e9aae1a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3490931
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79288}
mjsunit/compiler/deopt-pretenure.js is flaky due to --gc-interval in
some variants.
The flag can cause a variable to be promoted to old space before the
test can force allocation site pretenuring for that variable, which is
essential for the test case.
Bug: v8:12652
Change-Id: If7239deaa3026bb781d3ee96df28a1bbf3a5b6f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3488371
Auto-Submit: Patrick Thier <pthier@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79275}
This is a reland of a183895687
Now that https://crrev.com/c/3485678 landed and fixed the deadlock
in the linked bug, we can reland this CL without changes.
Original change's description:
> [heap] Allow shared references in WeakMap
>
> Shared references can also be stored in WeakMaps and during marking we
> need to be able to deal with such references. In a client GC shared
> objects are treated as live, so we don't need to update or check mark
> bits for such objects.
>
> Bug: v8:11708
> Change-Id: I0dbf797472c4779f462750dab63cc9b012aad091
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3447365
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79153}
Bug: v8:11708, v8:12642
Change-Id: I5945a16255647c897a1df834267137bf73b6207f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3485679
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79267}
{AtomicSub} on x64 first negates the {value} register, then does an
atomic addition. For that reason, {value} should be a unique register.
So far, we only checked that it's not used in the value stack, but we
should also check for overlap with the destination address or the offset
register.
Drive-by: Remove unneeded handling of non-unique register index on arm,
as that cannot happen (LiftoffCompiler ensures that the result register
is unique).
R=thibaudm@chromium.org
Bug: chromium:1296876
Change-Id: Ie6b97eec8e8dea07b0bcc644d261f47467cc5b8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487987
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79265}
This CL introduces an additional verification pass at the end of
SimplifiedLowering. The verification checks consistency of the lowered
graph with respect to node types under the effect of used truncations.
Typing of additional, lower level nodes is required and added in this
CL.
The verification pass can be enabled using --verify-simplified-lowering.
Bug: v8:12619, v8:11682
Change-Id: I21e7ebcf40153e53108ddfad2a871c7cbd61a085
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3452029
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79264}
Previously, the interval was max(6, <interval_value>) which was
changed to actually consider the value of the flag.
Change-Id: Iec3cef19b6ec8528f03c36db6239b044ee90cde1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487969
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79262}
This CL refactors Heap::GCTypeTimer and Heap::GCTypePriorityTimer
and moves them to a GCTracer::RecordGCPhasesInfo class. This is
a necessary change for deprecating counters that are used for
old style GC metrics, like gc_scavenger. When all such counters
are deprecated, GCTracer::RecordGCPhasesInfo will no longer be
necessary and will be removed.
Bug: chromium:1154636
Change-Id: I04504a0f6c7a0955f4300a1c94c969aaeb23b77f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3486556
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79257}
Keep --gc-interval precise wrt to the # of allocations needed for a
GC.
Bug: v8:12615
Change-Id: I1ff45ef709013427b5f27643e3a6135dd0f4025d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3485676
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79256}
With this change we can easily track and filter unsupported objects
for full-page snapshots.
Bug: v8:11525
Change-Id: Id75b6f4edf68b47d6dfbe79aed2b686aeec61068
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484320
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79252}
