Currently the size of compaction spaces is not taken into account in
the Heap::CanExpandOldGeneration predicate. This can push the heap size
over the hard limit in some cases.
This patch makes Heap::CanExpandOldGeneration stricter and also fixes
the SelectGarbageCollector to prefer Mark-Compact near the hard limit.
Bug: chromium:784077
Change-Id: I00c7295eba8794a342dd6277a45f995529054b64
Reviewed-on: https://chromium-review.googlesource.com/779265
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49519}
This code was confusing, since "target" declared in one of the subscopes
shadowed a parameter with the same name.
Change-Id: Ibf694c94f0a26ca65609cb80d22c40a8fa98f4f3
Reviewed-on: https://chromium-review.googlesource.com/779261
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49518}
Not resetting the ticks regresses optimization time without substantial
performance benenfits on twitter, facebook, youtube, linkedin and wikipedia.
There was no net positive effect visible otherwise.
Bug: chromium:786908
Change-Id: I98237dee170e7a387f09ccfbad178793361d4a67
Reviewed-on: https://chromium-review.googlesource.com/779435
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49516}
The strex (Store Exclusive) instruction has the form:
strex rd, rt, [rn]
It stores the value in register rt at the address in register rn. If the
store succeeds, then 0 is stored in rd, otherwise 1 is stored. The ARM
manual says that behavior is "unpredictable" if d == n || d == t (i.e.
those registers are aliased).
We were not checking for this behavior in the assembler or simulator,
and as a result were generating output where it occurred. This didn't
always break; the tests we run on ARM hardware run this instruction and
pass.
BUG: chromium:786168
Change-Id: I57fe3a1db406eac96eb04ef2246f6970548d3cf9
Reviewed-on: https://chromium-review.googlesource.com/777777
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49513}
This is a reland of c71fd20cf9
Original change's description:
> [wasm] Data structures for JIT-ing wasm to native memory.
>
> This CL introduces the structures for JIT-ing wasm on the native heap.
> They are described in detail at go/wasm-on-native-heap-stage-1
>
> Briefly:
> - WasmCodeManager manages memory for modules and offers an interior
> pointer lookup (i.e. PC -> WasmCode)
> - WasmCode represents code, including reloc info. It holds wasm
> specific data, like function index, and runtime information, like trap
> handler info.
> - NativeModule manages memory for one module.
>
> Tests cover the allocation and lookup aspects, following that current
> regression tests cover the JITed code. A separate CL will enable
> JITing using the new data structures.
>
> Bug: v8:6876
> Change-Id: I1731238409001fe97c97eafb7a12fd3922da6a42
> Reviewed-on: https://chromium-review.googlesource.com/767581
> Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49501}
Bug: v8:6876
Change-Id: Ifd1a4c23de8150dbdc75f059cd657e9670b15c9b
Reviewed-on: https://chromium-review.googlesource.com/779680
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49512}
This adds a bigint branch to the typed-optimization of the TypeOf
bytecode. The implementation of the TestTypeOf bytecode already supports
bigints, as does the Typeof stub.
R=jarin@chromium.org
Bug: v8:6791
Change-Id: Ib9a21f3fc48d57873b014a01c68a143bfb8ac6c6
Reviewed-on: https://chromium-review.googlesource.com/778880
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49509}
This is a reland of 236298acbf.
Original change's description:
> [wasm] Unify deoptimization data
>
> Add methods to add deoptimization data and use them from all the places
> where we currently add them manually. Also add them to wasm-to-wasm
> wrappers compiled on table set, which was missing before, leading to
> the referenced bug.
>
> R=ahaas@chromium.org
>
> Bug: chromium:779292
> Change-Id: Ib9132d9faeb1092c46e22dd8196d201ce5c0942f
> Reviewed-on: https://chromium-review.googlesource.com/774838
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49452}
Bug: chromium:779292
Change-Id: I8219305fc894c50904db57e51245733f6613dcd3
Reviewed-on: https://chromium-review.googlesource.com/778159
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49508}
Free ArrayBuffer backing stores on a background thread, rather than
blocking the main thread after processing. Could potentially cause
contention with the array buffer allocator once JS execution resumes.
The new ArrayBufferCollector class tracks these dead allocations.
Later, the processing of array buffers can happen in parallel.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux64_tsan_rel;master.tryserver.v8:v8_linux64_tsan_concurrent_marking_rel_ng;master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel
Bug: v8:6992
Change-Id: I2b74f008f79521414374f607ed510f66508af160
Reviewed-on: https://chromium-review.googlesource.com/779182
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49505}
This reverts commit c71fd20cf9.
Reason for revert: msvc is unhappy (https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20msvc/builds/208)
Original change's description:
> [wasm] Data structures for JIT-ing wasm to native memory.
>
> This CL introduces the structures for JIT-ing wasm on the native heap.
> They are described in detail at go/wasm-on-native-heap-stage-1
>
> Briefly:
> - WasmCodeManager manages memory for modules and offers an interior
> pointer lookup (i.e. PC -> WasmCode)
> - WasmCode represents code, including reloc info. It holds wasm
> specific data, like function index, and runtime information, like trap
> handler info.
> - NativeModule manages memory for one module.
>
> Tests cover the allocation and lookup aspects, following that current
> regression tests cover the JITed code. A separate CL will enable JITing
> using the new data structures.
>
> Bug: v8:6876
> Change-Id: I1731238409001fe97c97eafb7a12fd3922da6a42
> Reviewed-on: https://chromium-review.googlesource.com/767581
> Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49501}
TBR=bradnelson@chromium.org,ulan@chromium.org,mstarzinger@chromium.org,titzer@chromium.org,mtrofin@chromium.org,mlippautz@chromium.org
Change-Id: Id54deb74782c6f0fd06c61ddcabb727eb7010333
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6876
Reviewed-on: https://chromium-review.googlesource.com/779679
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49503}
This CL introduces the structures for JIT-ing wasm on the native heap.
They are described in detail at go/wasm-on-native-heap-stage-1
Briefly:
- WasmCodeManager manages memory for modules and offers an interior
pointer lookup (i.e. PC -> WasmCode)
- WasmCode represents code, including reloc info. It holds wasm
specific data, like function index, and runtime information, like trap
handler info.
- NativeModule manages memory for one module.
Tests cover the allocation and lookup aspects, following that current
regression tests cover the JITed code. A separate CL will enable JITing
using the new data structures.
Bug: v8:6876
Change-Id: I1731238409001fe97c97eafb7a12fd3922da6a42
Reviewed-on: https://chromium-review.googlesource.com/767581
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49501}
Streaming compilation started the compilation of a module at the
beginning of the code section. However, there exist valid modules which
do not contain a code section. In this CL we check for the existence of
a code section when we finish the stream. We do this by checking if the
module compiler in the AsyncCompileJob exists, because the module
compiler gets initialized at the beginning of the code section.
If we detect that compilation has not been started because there was no
code section, then we start compilation when the stream finishes.
R=clemensh@chromium.org
Bug: chromium:771973
Change-Id: I7c95a7a791d02254f086961e7cd81885eec27382
Reviewed-on: https://chromium-review.googlesource.com/778541
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49494}
We should only ever call value() on a variable while we are inside a block.
This CL adds a DEBUG check to this effect.
Bug:
Change-Id: Ic85fae70e2c3543ff79e3234ba26e1daa234f7e3
Reviewed-on: https://chromium-review.googlesource.com/772233
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49492}
This reverts commit b6658adee0.
Reason for revert: Breaks TSAN :(
Original change's description:
> [heap] Concurrently free ArrayBuffer allocations.
>
> Free ArrayBuffer backing stores on a background thread, rather than
> blocking the main thread after processing. Could potentially cause
> contention with the array buffer allocator once JS execution resumes.
>
> The new ArrayBufferCollector class tracks these dead allocations.
>
> Later, the processing of array buffers can happen in parallel.
>
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
>
> Bug: v8:6992
> Change-Id: I49ae4db12ed62d8400ba2bbafeda05a11479d904
> Reviewed-on: https://chromium-review.googlesource.com/739829
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49485}
TBR=hpayer@chromium.org,mlippautz@chromium.org,petermarshall@chromium.org
Change-Id: If6743b83f871c0fd0d6e83a3083dce0eecd99021
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6992
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/779159
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49488}
Avoid the stupid newline when the name is a String, which is
automatically appended by the Object::Print() method. Just use
the Name::NamePrint() method instead.
Bug: v8:5267
Change-Id: I12ec878325b6f6ecdd8633a5ac8129b2398ddf9a
Reviewed-on: https://chromium-review.googlesource.com/778823
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49486}
Free ArrayBuffer backing stores on a background thread, rather than
blocking the main thread after processing. Could potentially cause
contention with the array buffer allocator once JS execution resumes.
The new ArrayBufferCollector class tracks these dead allocations.
Later, the processing of array buffers can happen in parallel.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Bug: v8:6992
Change-Id: I49ae4db12ed62d8400ba2bbafeda05a11479d904
Reviewed-on: https://chromium-review.googlesource.com/739829
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49485}
When collecting source ranges for conditionals (`a ? b : c`), include
the '?' and ':' tokens in the then- and else ranges, respectively.
Bug: v8:7098
Change-Id: I22315e2040c96c977e0b49e1fafe4228a6558471
Reviewed-on: https://chromium-review.googlesource.com/778321
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49484}
This moves the logging of the RCS event for background parsing tasks out
of the parser and performs it at the end of the background parsing task.
This is necessary in order to log background compile RCS events which happen
after parsing.
BUG=v8:5203
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ie216eeade0279d8243818a8eb59309969775823c
Reviewed-on: https://chromium-review.googlesource.com/776669
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49483}
For the fast case we can avoid the instance type check, since the map
check covers that. We also don't need to call out to the ToBoolean
builtin in general, but just use the BranchIfToBooleanIsTrue logic.
Plus in the fast case, we don't know that the JSIteratorResult::done is
a boolean, since the map doesn't guard this assumption, so we also need
to do a proper BranchIfToBooleanIsTrue in that case.
Bug: v8:5269
Change-Id: I36f0d0841472c02f8030f9ce067d20326c9388bd
Reviewed-on: https://chromium-review.googlesource.com/778882
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49482}
We can just use the same trick here that we use with TurboFan and load
the (signaling) NaN value out of the canonical tagged root. This
improves the loop for initializing double backing stores by hoisting the
load of the constant value out of the loop.
Bug: v8:5267
Change-Id: Idcf07c0e910ecc085a8b89225613f0a8fb50a414
Reviewed-on: https://chromium-review.googlesource.com/778979
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49480}
Now that Crankshaft is gone we no longer need to worry about parameter
mismatch for safepoints and we can just tail-call to %GrowArrayElements
from the GrowArrayElementsStub.
Bug: chromium:608675, v8:5269, v8:6408
Change-Id: I1b11d7d00cad02749a0ebc0a7de5e608de6d91c9
Reviewed-on: https://chromium-review.googlesource.com/778861
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49474}
For simple replacement strings without $ characters, we can do the
replacement in CSA for a global regexp. This is a common case because
this is currently the most widely used way to 'replaceAll' in a string.
This CL speeds up the test case in the linked bug by 13%.
Bug: v8:7053
Change-Id: I0d1d7c25fed07dfd7927191a3ef3138302e10c8f
Reviewed-on: https://chromium-review.googlesource.com/774440
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49472}
The "array protector" now guards the Object.prototype, the
Array.prototype and the String.prototype, so the name was a
bit misleading nowadays. So the new name "no elements protector"
was chosen.
Bug: v8:6936, v8:7014, v8:7027
Change-Id: I9a9d7caa2caf0ac9e78cc6658de2f0506970dfa2
Reviewed-on: https://chromium-review.googlesource.com/778162
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49471}
The ToBooleanHints were used to represent the ToBoolean feedback
collected by Fullcodegen. But Ignition doesn't collect this feedback
and also TurboFan doesn't make use of the hints, so we should remove
this for now.
Bug: v8:7101
Change-Id: Ifc97d3ebb7494029b33ad79fc8bafdf3c08fb871
Reviewed-on: https://chromium-review.googlesource.com/778163
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49470}
Previously, in order to get immortal immovable objects onto
the first page, the serializer would iterate the root list
twice. The first time it would prioritize immortal immovables.
The second time it would serialize the rest.
This does not guarantee that immortal immovable objects
actually end up on the first page, and by now this is not
necessary anymore, since we mark all pages created during
heap init as immortal immovable pages.
R=mlippautz@chromium.org
Change-Id: Ie95fcd779377a75337621ba862bc1a745ed5cbaa
Reviewed-on: https://chromium-review.googlesource.com/768731
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49468}
The existance of an `AllowJavascriptExecutionDebugOnly` scope in
`Isolate::ReportPendingMessages()` indicates that the API supports
running arbitrary JS code in a `AddMessageListener` callback.
Currently, this can fail in debug mode: The
`!isolate->external_caught_exception()` condition is checked when
entering API methods inside such a handler. However, if there is
a verbose `TryCatch` active when the exception occurs, this
check fails, and when calling `ToString()` on the exception object
leaves a pending exception itself, the flag is re-set to `true`.
Fix this problem by clearing the flag and the pending exception if
there was one during `ToString()`. This matches the code a few lines
up in `messages.cc`, so the exception state is now consistent
during the callback.
This currently makes a Node.js test fail in debug mode
(`parallel/test-error-reporting`).
Bug: node:7144
Bug: node:17016
Change-Id: I060d00fea3e9a497f4df34c6ff8d6e29ebe96321
Reviewed-on: https://chromium-review.googlesource.com/718096
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49466}
- This precents us from logging two ICEvents for a megamorphic miss that adds
a new property
- We don't have to reset the profiler ticks anymore for this miss
The particular case for missing to add a new property happens ~1700 times in
the Speedometer Angular benchmark where we get an already internalized key
as property name.
Change-Id: I2362c3b7a66d9def1bc4295f6f1e64c96b25fe8a
Reviewed-on: https://chromium-review.googlesource.com/777259
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49464}
This CL creates the invariant that the BigInt class treats
BigInt objects as immutable. Writing to new BigInt objects
as part of their construction is done by the MutableBigInt
helper class, which in turn is hidden as an implementation
detail in bigint.cc.
As a side effect, this refactoring enforces right-trimming
checks for all newly created BigInts, and ensures that all
BigInt allocations possibly exceeding kMaxLength check for
this case and throw a RangeError instead of crashing.
Bug: v8:6791
Tbr: mlippautz@chromium.org
Change-Id: Id239746108e6b076b47a03ba37462001eb501507
Reviewed-on: https://chromium-review.googlesource.com/742329
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49462}
The layout descriptor helper computes the object header size using
map->instance_size() and map->GetInObjectProperties().
It races with finalization of slack tracking, which changes both
the instance size and the in-object properties count.
This patch replaces the in-object properties count byte in the map
with the byte that stores the start offset of in-object properties.
The new byte can be used in the layout descriptor to compute the
object header size and it is immutable.
This patch also renames InstanceSize to InstanceSizeInWords where
the instance size is represented in words.
Bug: chromium:786069, chromium:694255
Change-Id: I4b48c6944d3fe8a950bd7b0ba43d75216b177a78
Reviewed-on: https://chromium-review.googlesource.com/776720
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49461}
The logger for perf does not support relocating code objects so as a result we
disable code space compacting to make sure code does not move. However, a
a CodeMove event may still happen if a BytecodeArray object moves, which isn't
relevant to the perf jit support so we can ignore it.
Bug:
Change-Id: Ie6acf58fe6adfb5cec2f8756f457134cf3b13c2a
Reviewed-on: https://chromium-review.googlesource.com/759795
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#49459}
Add another entry to the NoCacheReason enum, reporting that the chromium
ScriptResource has no cache handler.
Also, the amount of chromium-specific entries in this enum is getting
too high. So, added a TODO for removing them -- possibly in the future
we want to do this no-cache reason logging in Chromium after all,
propagating isolate cache hits and consume failures back up the API with
an out parameter.
Bug: chromium:769203
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I63ca863cfef61e04e7104318eb79810796b61a9c
Reviewed-on: https://chromium-review.googlesource.com/776893
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49458}
This CL also includes fixes for CF issues found while the previous
reland was active.
Bug: v8:5799, chromium:783902, chromium:783926, chromium:783822
Change-Id: I1f7d9b037d90838469c45f5d72771a77444c662e
Reviewed-on: https://chromium-review.googlesource.com/764067
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49457}
Persistent handles are always independent these days. Users should mark
weak handles as active using MarkActive if they want to keep weak
handles that are otherwise unreachable alive across scavenges.
Bug: chromium:780749
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I116e984ce14a035d1cef491d49f11a388fa8169d
Reviewed-on: https://chromium-review.googlesource.com/759794
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49456}
This reverts commit 236298acbf.
Reason for revert: suspected cause of failures on GC stress bots:
https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/16341https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/16269
Original change's description:
> [wasm] Unify deoptimization data
>
> Add methods to add deoptimization data and use them from all the places
> where we currently add them manually. Also add them to wasm-to-wasm
> wrappers compiled on table set, which was missing before, leading to
> the referenced bug.
>
> Drive-by: Disable non-applicable MaybeHandle constructors to allow
> overloading functions with different Handle types.
>
> R=ahaas@chromium.org
>
> Bug: chromium:779292
> Change-Id: Ib9132d9faeb1092c46e22dd8196d201ce5c0942f
> Reviewed-on: https://chromium-review.googlesource.com/774838
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49452}
TBR=ahaas@chromium.org,clemensh@chromium.org
Change-Id: I02fb49d2ece8e04ac5fb26f618bfe6fb2f133d06
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:779292
Reviewed-on: https://chromium-review.googlesource.com/777079
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49455}
This reverts commit 4d3bc552b5.
Reason for revert: https://crbug.com/785778
Original change's description:
> [coverage] add coverage for binary expressions
>
> Adds block-level coverage tracking for binary && and ||
> expressions. Introduces a BinaryOperation source-range
> for tracking the operations themselves and an Expression
> source-range, used for tracking NaryLogical expressions.
>
> This builds on work by jgruber@chromium.org in
> the issue.
>
> TBR=marja@chromium.org
> R=jgruber@chromium.org, rmcilroy@chromium.org
>
> Bug: v8:6660
> Change-Id: I83a81f13a3514a734c06948b2d3e91138fb00e18
> Reviewed-on: https://chromium-review.googlesource.com/754564
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49304}
TBR=rmcilroy@chromium.org,marja@chromium.org,jgruber@chromium.org,ben@npmjs.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6660
Change-Id: Ie017c528604b2e01400f527511413eaea5786198
Reviewed-on: https://chromium-review.googlesource.com/776768
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49454}
Both of these features were shipped in Chrome 62.
Bug: v8:4545, v8:6172
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Ie00dcbeded7517a15696d4a78fcfbbf162919923
Reviewed-on: https://chromium-review.googlesource.com/775601
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49453}
Add methods to add deoptimization data and use them from all the places
where we currently add them manually. Also add them to wasm-to-wasm
wrappers compiled on table set, which was missing before, leading to
the referenced bug.
Drive-by: Disable non-applicable MaybeHandle constructors to allow
overloading functions with different Handle types.
R=ahaas@chromium.org
Bug: chromium:779292
Change-Id: Ib9132d9faeb1092c46e22dd8196d201ce5c0942f
Reviewed-on: https://chromium-review.googlesource.com/774838
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49452}
