FLAG_disable_write_barriers is a constexpr so the V8_LIKELY macro isn't
necessary. Interestingly, it can also cause clang to warn that the code
is unreachable, whereas without `__builtin_expect()` the compiler
doesn't mind. See for example:
```
constexpr bool kNo = false;
void warns() {
if (__builtin_expect(kNo, 0)) {
int a = 42;
}
}
void does_not_warn() {
if (kNo) {
int a = 42;
}
}
```
Compiling V8 for arm64 with both `v8_disable_write_barriers = true` and
`v8_enable_pointer_compression = false` would trigger this warning.
Bug: v8:9533
Change-Id: Id2ae156d60217007bb9ebf50628e8908e0193d05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534811
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#71157}
The recently-added verifiers for indexed fields have caught a bug: the
definition of SmallOrderedNameDictionary in Torque contained incorrect
padding for builds without pointer compression.
Bug: v8:11063
Change-Id: I2c3d7f06965ec0598ef4fe56923090aa89bc9df1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529013
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71156}
This CL reverses the count logic for the tiering strategy of the
js-to-wasm wrappers. The initial approach was that calls to each
function were counted up, until a threshold was reached and the function
would tier up. With this CL, each function is assigned a budget of calls
that can be handled through the generic wrapper. Calls are counted down
until the budget is exhausted, which will trigger the tier-up
for the function.
This approach comes with two advantages. Firstly, determining whether
a function's budget is exhausted is as simple as checking the flags set
from the decrement of the budget. Secondly, the code generated by the
generic wrapper does not depend on the specific value of the initial
budget.
Bug: v8:10982
Change-Id: I5e186c6cf836a9c197b41d0f7ad075b07c87a4da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532300
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Vicky Kontoura <vkont@google.com>
Cr-Commit-Position: refs/heads/master@{#71153}
The fuzzer is expected to generate a lot of syntax and runtime errors,
and the respective messages just flood the fuzzer output. By always
putting a {TryCatch} scope around the execution, we prevent those
messages from being printed.
At the same time, inspector tests need to properly propagate uncaught
exceptions in the backend to the inspector, and fail on uncaught
exceptions in the frontend.
This CL allows for all these behaviours by extending the
{CatchExceptions} enum and the {TryCatch} logic in the task runner.
Drive-by: Use {base::OS::ExitProcess} instead of the explicit
{fflush} and {_exit}.
R=szuend@chromium.org
Bug: chromium:1142437
Change-Id: Ic2cb3b0de2399d25bd8c53090575308cb0e09ab0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529135
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71152}
which was enabled a long ago and is not supposed to be disabled.
In addition this CL adds Representation::MightCauseMapDeprecation()
predicate and ensures it's consistent with the existing
MostGenericInPlaceChange() and CanBeInPlaceChangedTo().
Bug: v8:11104, v8:8865
Change-Id: Ia8046b76822c9b20fe3ce85de6b98570334aad21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2527088
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71151}
This is a reland of e3ec228c0a
Original change's description:
> Temporary compilation failure to test tree closing
>
> This will be reverted after testing the new tree closer.
>
> No-Try: true
> Bug: v8:10661
> Change-Id: I1b47976ee38cda447e2960ca4b6bd274f16425fe
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529131
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Liviu Rau <liviurau@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71081}
No-Try: true
Bug: v8:10661
Change-Id: I90742ecde3f8333c6d069b17e80b185cf26530db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531787
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71145}
Now that we loop the entire polymorphic weak fixed array, there's
no need to reorder the deprecated maps.
Bug: v8:10582
Change-Id: Icf03d6c0ada34f385ffb747c7246c79f7341106d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2530875
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71144}
A PropertyCell holding the_hole can't have cell type Undefined when the
compiler sees it.
Change-Id: Idcfe6c57c669a65a4ffbe522803bf25efc8bee5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531785
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71143}
Instead of just comparing the first 4 elements, load and loop
over the entire array so that we don't miss out on deprecate
maps.
Bug: v8:10582
Change-Id: I67542e2ab24367a11a4bb84b6745a4fa80c42772
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2524441
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71141}
For NCI compilation tasks, we don't actually install the generated
Code object on the function. In that case, we cannot make assertions
about function state.
Bug: v8:8888,chromium:1146013
Change-Id: Ia2342c52e565ccb1f6b5b09dda5e998b3fd3eb3a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532297
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71140}
The target can be used in Chromium to get basic cppgc types without
building the actual library.
Bug: chromium:1056170
Change-Id: Idaed19d265c63b2665e34d667903804708411c45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532308
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71136}
Turboprop should tierup to OSR roughly at the same time as TurboFan,
so we wait for kProfilerTicksForTurboPropOSR ticks before OSRing. This
value was incorrect because we OSR after 4 ticks (we increment the ticks
after the tiering up decision). Also, we wait for additional ticks based
on function size. That should also adjust for the lower interrupt budget
on Turboprop.
Bug: v8:9684
Change-Id: I84c0afadd0562e598bbbe1c0cf904d7488c70261
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532295
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71135}
JS objects with embedder fields cannot be deferred because the
serialize/deserialize callbacks need the back reference immediately
to identify the object.
Refs: https://github.com/nodejs/node-v8/issues/175
Bug: v8:11146
Change-Id: I4292f2ab0041f7b0779620437ed26905c194cd9b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531195
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#71134}
They are never used, and can't really be TNodified since they are
not a value output in any case.
BUG=v8:6949,v8:11074
Change-Id: Id6f5807247c6fe53fb12dce9e2cfc66b5a046398
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532305
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71133}
Splits the 64bit operation to a seperate function since there are
different return types depending upon whether the architecture is
64-bit or 32-bit.
BUG=v8:6949,v8:11074
Change-Id: If196cf658298ca0a1e5a13e1db812178307e7d12
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531789
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71132}
The new predicate allows a background thread to check if the given
object was recently allocated and may potentially be unsafe to read
from the background thread.
The current implementation has relatively high overhead as it loads
two pointers per heap space. It will be optimized in the future.
Bug: v8:11148
Change-Id: I2a9dfb2c70de4b8214b8f8a35681a8bab1a63ca8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532296
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71130}
Splits the 64bit operation to a seperate function since there are different
return types depending upon whether the architecture is 64-bit or 32-bit.
BUG=v8:6949,v8:11074
Change-Id: I47c84a0104f71ec8865f12cbfa201f2f76cf08bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529911
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71128}
Previously, we performed "is A subtype of B?" checks by walking
A's supertypes list and comparing every found type to B.
This CL stores not just A's immediate parent type on A, but its
entire list of supertypes, and uses that list plus compile-time
knowledge of B's distance to the root type in order to compare
only exactly one of A's supertypes to B.
Bug: v8:7748
Change-Id: I0011b72c4b54440b16494918f64d8fb119bef8b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2527097
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71127}
With --always-opt / %OptimizeFunctionOnNextCall it is also possible
that we see CompileOptimizedConcurrent marker when we install optimized
code. For example,
1. Mark function for concurrent optimization and trigger a job.
2. Create a new JSClosure and with --always-opt we optimize concurrently
and install optimized code. This clears the marker.
3. The installed optimized code is GCed or deopts and we re-mark the
function for concurrent optimization.
4. The optimize job created in step 1 finishes.
Bug: v8:11139, chromium:1146714
Change-Id: Ic2aa456b76d74d939441a84528bc5c27d9ea9381
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529450
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71126}
Address a few bits of code review feedback that came in after landing
https://chromium-review.googlesource.com/c/v8/v8/+/2493060:
- Add ModuleRequest:kAssertionEntrySize and use in place of a numeric
literal.
- Get rid of ModuleRequestLocation and separate module_request_positions
FixedArray, and merge these into AstModuleRequest and
v8::internal::ModuleRequest.
Change-Id: If6d628d29bfa6fbd9933c6cdaa706623128ccc5d
Bug: v8:10958
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2530478
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71125}
On builds without pointer compression enabled, v8windbg currently fails
to display information about objects in the Locals pane. This is because
some important code to get a type name was hidden behind a
COMPRESS_POINTERS_BOOL check. The existing cctest
test-v8windbg/V8windbg is sufficient to catch this error, but apparently
nobody ever runs that test in the failing configuration (Windows,
symbol_level = 2, v8_enable_pointer_compression = false).
Change-Id: Ia4e2714b11e6854b3f4f6b72da4ae8c352e8cddc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2530413
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71124}
This CL lets Torque generate the Context C++ class and BodyDescriptor
for Context.
This requires two Torque changes:
- Allow @generateBodyDescriptor on @abstract classes, since all Context
classes share the same BodyDescriptor.
- Add a new annotation @relaxedWrite, which makes C++ setters
use WRITE_RELAXED_FIELD instead of WRITE_FIELD.
Attention: As a side-effect, this CL disables using
WRITE_RELAXED_FIELD by default for all non-array fields. If this
causes problems, we should manually add @relaxedWrite to the
corresponding fields.
Bug: v8:7793
Change-Id: I735b310bcb36a3612d86c22efa9c0bfc108d4ca6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529453
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71123}
This adds support for OrderedHashSet, OrderedHashMap, and
OrderedNameDictionary to Object::Print.
It also refactors the existing printing of (unordered) hash sets, maps,
and dictionaries to increase code reuse.
Bug: v8:7569
Change-Id: I598f6a025f4170e440d3840ce18234772068a7ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523320
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71122}
Adds traits for checking for Member,WeakMember, and UntracedMember
types.
This allows the embedder to specify its own traits and restrictions
around cppgc types.
Bug: chromium:1056170
Change-Id: Ibe60b774128f72f1398267edd81233c50fca6eb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532299
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71121}
Splits the 64bit operations to a seperate function since there are different
return types depending upon whether the architecture is 64-bit or 32-bit.
BUG=v8:6949,v8:11074
Change-Id: I13cc576a26f60288281c42df3326ba902fd36dbb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529910
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71120}
Replace by explicitly deleting the copy constructor and copy assignment
operator.
R=zhin@chromium.org
Bug: v8:11074
Change-Id: Ifbfaad91d555649f586f37c251c6f4c378dcba46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523317
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71118}
... instead of FLAG_concurrent_recompilation. The
optimizing_compile_dispatcher may be nullptr despite the flag being
set.
Bug: v8:8888,chromium:1145988
Change-Id: Ia3a6b1a95dde2b8cdd43dd2beebf04c66f145f78
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2531781
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71116}
Replace by explicitly deleting the copy constructor and copy assignment
operator.
R=zhin@chromium.org
Bug: v8:11074
Change-Id: I30f4ff5ace47622cfb9891ee6a4d4f815ceb0ba3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523314
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71115}
This CL
* renames Name::hash_field field to raw_hash_field.
* all local variables that store raw_hash_field value are also renamed
to raw_hash_field where possible.
Bug: chromium:1133527, v8:11074
Change-Id: I17313f386110b33a64f629cc2b9d4afd1e06c6c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2471999
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71114}
After https://crrev.com/c/2529140, the actual data race should already
be fixed. This CL updates documentation (by moving the field to the
fields protected by {mutex_}), and updates {SetHighPriority} to also
take the mutex. This change is not strictly necessary, because this
method is only called right after creating the object, so no other
threads have access to it yet. But relying on that seems brittle, and
moving the initialization to the constructor is a bigger refactoring
that I don't consider worth it at the moment. The whole priority
management will probably be refactored again soon anyway.
R=ahaas@chromium.org
Bug: v8:11141
Change-Id: I496b619d551aeb584bd6e777c04ed4df076c3ae9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529143
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71113}
This contains more changes to ordered hash tables towards using them as
property dictionaries.
Most notably, this CL makes the type of the used isolates a template
parameter for certain operations. This is already the case for
unordered hash tables, and necessary in follow-up CLs where ordered
name dictionaries are used with LocalIsolate as the isolate type.
Bug: v8:7569
Change-Id: I5c938425a2c196ccd0866b66318a350ebeac8be2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523319
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71112}
The message on the DCHECK says that no compilation should have started
when adding js-to-wasm units, but the check itself then also allows for
situations where the job was created but is already done. This is
unnecessarily permissive.
This CL fixes the DCHECK to check what the comment says.
R=ahaas@chromium.org
Change-Id: I6de8af33869fd11ae91ce2009c360b8d4ed54e9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2529142
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71111}