Resurrecting finalizers cause all sorts of problems, from performance
penalties when used to hard-to-debug memory leaks.
There's no more usage left in Blink as well as V8 internally, so
deprecate resurrecting finalizers.
Bug: v8:12672
Change-Id: I998373d6468bbd3bd581a41dec8904de80561f43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3507991
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79394}
Fix typo which should check y match -∞ but checked -0
Bug: v8:10776
Change-Id: I6bddbf91dbee2411d47a5e3b8ccbc456a0602bf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504646
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79391}
Instead of returning a boolean success/failure value, the Free* methods
of the VirtualAddressSpace API now terminate the process on failure, as
this implies a bug in the caller. This is simpler than CHECKing for
success in all callers and also provides more details about the possible
cause of the failure.
Bug: v8:12656
Change-Id: I5b469ae2c564068cff74e60b7e98f6a4776a239d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506992
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79388}
Change TestPlatform's old_platform_ field to an atomic, so that its
write in the constructor and subsequent reads (that can be cross thread)
are race-free.
Hopefully this fixes the TSAN flakes we've been seeing.
Bug: v8:9054
Change-Id: Ib2b6edd21508ffa18debd6326dd7a100266125f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3506505
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79385}
This simplifies various bits of logic around EmbedderDataSlots as the
raw part will now always contain a valid index into an external pointer
table entry.
This CL also unifies the initialization of EmbedderDataSlots by
providing a EmbedderDataSlots::Initialize method and adds more
documentation about the layout of EmbedderDataSlots in the different
configurations.
Bug: v8:10391
Change-Id: Ie952598898a7a6c9d40b28d3a7370bfc1291bcf0
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3472495
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79384}
This decreases the snapshot size (we don't need to write the ID for the
string) and speeds up deserialization.
Bug: v8:11525
Change-Id: I8f48d2344a7fd895c746e6a3d26f6dbbdd11a062
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494539
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79381}
Currently ClobberDoubleRegisters is implemented in C++ and is
not guaranteed to clobber all registers. Rewritten in assembly
to clobber all double registers
Bug: v8:11798
Change-Id: I11c09bd247c929d251e6e509ea5cc76b9981ea98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3490715
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79380}
xorl + setcc is more efficient than setcc + movzxbl and encodes one byte
shorter.
Change-Id: Ib6679ce9ab0ac0d34701daba5c3d4d8bb57a8fc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492946
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Cr-Commit-Position: refs/heads/main@{#79377}
HeapNumbers that are in the shared heap were incorrectly considered
!IsShared().
TBR=jkummerow@chromium.org
Bug: v8:12547
Change-Id: Ie4b9575445d841a7045c947ff4439bf53a22869d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504085
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79372}
Start allowing heavier testing of maglev by allowing graph building to
bail out if passed an unsupported bytecode.
Bug: v8:7700
Change-Id: I7e3d2c5a8896d4f4e0da5ef444c95a286f9ac117
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500417
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79371}
Because I don't get much out of "Object() != Object()"
Change-Id: I5a765b9cb0a272d30edcd834ec7b60d2fd03190b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497352
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79370}
The newly optimised CopyDataPropertiesWithExcludedProperties acceses the
excluded properties directly on the stack, to avoid pushing them twice.
This meant that we had to pass a stack pointer into the runtime, which
we couldn't do directly because all arguments to runtime functions
should be tagged.
We tried to work around this by passing the stack pointer in a Foreign,
but this violated the V8 sandbox. Fortunately, the stack pointer is
aligned, so it looks like a Smi to the GC. So, we can pass it directly
on the stack as a runtime argument but doing a bit of bitcasting.
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng
Bug: v8:11614
Change-Id: I87c4a34a15ae863277142aa29f48b1dd546014e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497745
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79369}
The heap snapshot generator is meant to apply descriptive names to Code
objects, but was using CodeDataContainer instead. Attempting to set the
name of the CodeDataContainer instances did nothing because they already
had the name "system / CodeDataContainer".
Bug: v8:11880
Change-Id: If7bd115bde36386d283d319c1ee28df565a39569
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3498849
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#79368}
Previously, the inspector would resurrect `v8::internal::Script` objects
when the weak callback is invoked, in order to access their fields and
read out the source (either a String in case of JavaScript or the module
bytes in case of WebAssembly). With https://crrev.com/c/3494242 we no
longer need to access the `v8::internal::Script` now, and so we can stop
relying on the `WeakCallbackType::kFinalizer` logic.
Bug: chromium:1295659
Fixed: chromium:1302195
Doc: https://bit.ly/v8-inspector-script-caching
Change-Id: I6a444bfcdf6cd23b30043f7386d6c18b7afec659
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497324
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79366}
This introduces a new (inspector-only) `v8::debug::ScriptSource`,
which represents the source for a given `v8::debug::Script` (in
case of JavaScript it's a `v8::internal::String` while in case of
WebAssembly it's a `Managed<v8::internal::wasm::NativeModule>`).
Every `v8_inspector::V8DebuggerScript` now holds on weakly to the
`v8::debug::Script` and strongly to its `ScriptSource`, making it
possible to access the source even after the `Script` dies.
This is preliminary work to allow for the removal of the special
GC feature that a `WeakCallbackType::kFinalizer` callback can
resurrect the object (this change is split into a separate follow
up CL https://crrev.com/c/3497324).
Bug: chromium:1295659, chromium:1302195
Doc: https://bit.ly/v8-inspector-script-caching
Change-Id: I503d0d9283e2da392023f06f79b8ff35953e7935
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494242
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79363}
This proposal adds i32 and i64 addition, subtraction, and multiplication
to the list of constant expressions.
See https://github.com/WebAssembly/extended-const.
Bug: v8:12089
Change-Id: I23a27a54a15fd37ee1d553992ab3b355eb9d317c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497665
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79362}
In x64, the result of WordAnd with a positive integer constant is known
to be sign(zero)-extended. Comparing this result with another positive
integer constant can have narrowed op according to the value of the
constants.
This CL do this narrow for WordAnd. It also makes the narrow in Word
comparison to deal with X64Cmp and X64Test.
Bug: v8:12650
Change-Id: I77f4ada9a9f94d78b3a78911e279a647c561cce4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3462081
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Cr-Commit-Position: refs/heads/main@{#79361}
Prepare gcmole.cc for the next update:
- Print possible GC locations when discovering stale/dead variables
- Make error messages less confusing for the modern V8 engineer
- Prepare gcmole to read suspects.allowlist instead of .whitelist
- Use more readable variable names
- Only log non-found types with --verbose
- Change the currently unusued gccauses format in gcmole.py and
support loading it back in gcmole.cc
- Implemented first basic gc call-chain printing (disabled by default)
GCmole packaging:
- Add debug mode to bootstrap.sh build script
- Update gcmole.py run instructions in bootstrap.sh and package.sh
Bug: v8:10009
Change-Id: I369d48baa2980455d2e8f57e7a803d0384fe83f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3480095
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79357}
When the function is created with FunctionTemplate and set name with
native data property accessors, binding the function should throw
immediately if the native accessor throws.
Bug: v8:11989
Change-Id: Ief282202aa5b8515f581fd5478886ed5f001fd4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492966
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#79356}
Prototype F32x4Relaxed(Min/Max) and F64x2Relaxed(Min/Max)
operations for ARM. F32x4 variants map directly to vmin/vmax
hardware instructions which are also used for F32x4(Min/Max)
operations. The F64x2 variants are mapped in this implementation
to Pmin/Pmax instructions as detailed in the github issue.
https://github.com/WebAssembly/relaxed-simd/issues/33
Bug: v8:12284
Change-Id: I5ea939385fa0ae97bbdf776fc0b763cabb1b293c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3501347
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79355}
A dispatcher that currently does nothing, installed on the Isolate.
The implementation is close to the baseline concurrent compiler; but
boilerplate is short enough that a common base class is not worth the
additional complexity.
Bug: v8:7700
Change-Id: Ia34781e24cb6b1f72e5560fb0afe107bb0486092
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497690
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79353}
With the previous change to using the mask as the first
input to the node, the lane select ARM codegen is equivalent
to V128Select. Also enable cctests to run on ARM.
Bug: v8:12284
Change-Id: I5572f4845307ff20cc2a0a58d3ccf162caa436b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500655
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79352}
This fixes 'fetch v8' on Arm Macs.
Bug: chromium:1295840
Change-Id: Ifa7a07eef508c0e0203de8ea8d54ddcd31815fe8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494442
Auto-Submit: David Benjamin <davidben@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79351}
A TrapUnless after an IfTrue, and conversely, a TrapIf after an IfFalse,
should not optimize away the respective Branch node.
Bug: v8:12624
Change-Id: I250b2f84c38295ca35e440589901ed5a58bb4e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500303
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79349}
- Convert gcmole to python3-ish code
- use local Path implementation for future full migration
- Use optparse and explicit arguments for gcmole
- Add explicit directories flags
- Use backwards compatible env vars as fallbacks
- Add gn target v8_gcmole_files to avoid issues with missing or
incompatible generated files
Drive-by-fixes for running gcmole without ignored files:
- Disable gcmole in Isolate::UnwindAndFindHandle
- Partially disable gcmole in V8HeapExplorer::AddEntry
Bug: v8:10009
Change-Id: I5b4d1c6554db300190226361b6c518419109ff3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497320
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79348}
