This increases the kInstructionSize to give the nosnap Isolate
more space to initialize itself.
This is a reland of 2980961182
Original change's description:
> [heap] Add tests to CodeBuilder Build and TryBuild
>
> Bug: chromium:957934
> Change-Id: Ia1ce5f6150b7f862b38f4c135236b154a1b02d6c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594564
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Cr-Commit-Position: refs/heads/master@{#61391}
Bug: chromium:957934
Change-Id: Ib7458f7c18063dbc8bc685ddbb9f22f781c52aa5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609477
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61454}
TurboFan truncated null to +0 even in contexts such as -0 == null
because it was not handling the TypeCheck correctly. This restricts
the type conversion case to not apply truncation in this case (see
comment in patch).
Change-Id: Ia38ace9608800c8d61988de402a31dd863d9160a
Bug: chromium:961237
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609538
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61446}
I did the implementation with a runtime function. I extracted some code
from the implementation of table.get.
By accident I formatted anyfunc.js. However, since it's an improvement,
I don't want to undo it. I didn't change anything in the older tests
though, I only added new tests at the end.
R=mstarzinger@chromium.org
Bug: v8:7581
Change-Id: I31832ccc817e1e7989f486d6487108c14d21bbea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602701
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61442}
FATAL() calls with more than one argument are preserved.
The rest of chrome does this as well. Stack traces and minidumps should
be sufficient for analyzing the reason for crashes.
This saves 110kb for Android arm32.
Bug: chromium:958807
Change-Id: I88a1ec82f1ed7bd5e7dbccf6d645d5584f16de82
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598159
Commit-Queue: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61426}
This is a reland of f2e652264d
Nothing has changed but
https://chromium-review.googlesource.com/c/v8/v8/+/1585269 has been rolled
back due to v8:9234.
Original change's description:
> Reland "[compiler] Don't collect source positions for the top frame"
>
> Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
> which requires clearing and restoring the pending exception.
>
> > While most source positions were not collected even throwing exceptions,
> > the top frame still was always collected as it was used to initialize
> > the JSMessageObject. This skips even that frame, by storing the
> > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> > it to lazily evaluate the actual source position.
> >
> > Also adds tests to test-api.cc that test each of the source position
> > functions in isolation to ensure that they don't rely on previous
> > invocations to call the source collection function.
> >
> > Since no source positions are now collected at the point when an
> > exception is thrown, the mjsunit/stack-traces-overflow now passes again
> > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> > only failure).
>
> Bug: v8:8510
> Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61372}
TBR=ulan@chromium.org
Bug: v8:8510
Change-Id: Iaa9e376f90d10c0f25d1bcc352808363e4ea8b4d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605946
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61418}
Everything after UNREACHABLE is dead code, so it makes sense to remove them.
Bug: v8:9183
Change-Id: If76468a73b926d74717cc2348fd5b36d30f680c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605727
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61411}
This reverts commit b9191bd355.
Reason for revert: Clusterfuzz bugs
BUG=chromium:961507,chromium:961508
Original change's description:
> [class] implement private method declarations
>
> This patch implements the declarations of private methods, the access
> of private methods would be left to a future patch.
> When a private methods declaration is encountered, we now:
>
> - Create a brand symbol during class evaluation and store it in the
> context.
> - Create the closures for the private methods
> - Load the brand from the context and store it in the instance in the
> constructor.
>
> Design: https://docs.google.com/document/d/1T-Ql6HOIH2U_8YjWkwK2rTfywwb7b3Qe8d3jkz72KwA/edit#
>
> Bug: v8:8330
> Change-Id: I2d695cbdc8a7367ddc7620d627b318f779d36150
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568708
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61387}
TBR=rmcilroy@chromium.org,gsathya@chromium.org,verwaest@chromium.org,joyee@igalia.com
Change-Id: I429bbe8af9f94598de132814aa2c3ab9fa69b986
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8330
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605730
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61406}
Helps make configuring profilers more scalable as our number of
parameters grows.
Change-Id: I81263a30c221edaa3934a92eb000b71ddfbdea60
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601585
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#61402}
Per 262, yield* for async generators is supposed to Await the input value.
#sec-generator-function-definitions-runtime-semantics-evaluation
Section 14.4.13, yield *, 7.c.iii.1
Bug: v8:9051
Change-Id: Ie1e829309fe78683a9ff0adf816208c2bf0bb524
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1600508
Commit-Queue: Joshua Litt <joshualitt@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61390}
This patch implements the declarations of private methods, the access
of private methods would be left to a future patch.
When a private methods declaration is encountered, we now:
- Create a brand symbol during class evaluation and store it in the
context.
- Create the closures for the private methods
- Load the brand from the context and store it in the instance in the
constructor.
Design: https://docs.google.com/document/d/1T-Ql6HOIH2U_8YjWkwK2rTfywwb7b3Qe8d3jkz72KwA/edit#
Bug: v8:8330
Change-Id: I2d695cbdc8a7367ddc7620d627b318f779d36150
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568708
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61387}
This reverts commit f2e652264d.
Reason for revert: Speculative revert, seems to break GC stress bot and block LKGR - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/25701
Original change's description:
> Reland "[compiler] Don't collect source positions for the top frame"
>
> Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
> which requires clearing and restoring the pending exception.
>
> > While most source positions were not collected even throwing exceptions,
> > the top frame still was always collected as it was used to initialize
> > the JSMessageObject. This skips even that frame, by storing the
> > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> > it to lazily evaluate the actual source position.
> >
> > Also adds tests to test-api.cc that test each of the source position
> > functions in isolation to ensure that they don't rely on previous
> > invocations to call the source collection function.
> >
> > Since no source positions are now collected at the point when an
> > exception is thrown, the mjsunit/stack-traces-overflow now passes again
> > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> > only failure).
>
> Bug: v8:8510
> Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61372}
TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org
Change-Id: Ie590df6c308b38836afc5d417d03d2a63260bcb2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602692
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61381}
Moved tests for IIFEs/top level code to AllocationSiteCreationForIIFE.
It is not possible to use %EnsureFeedbackVector for these tests. They
just turn the lazy_feedback_allocation flag to false.
Bug: v8:8394
Change-Id: Id18cb43bf350efc1a26d04b9c3fce4f638dbda84
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601507
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61376}
Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
which requires clearing and restoring the pending exception.
> While most source positions were not collected even throwing exceptions,
> the top frame still was always collected as it was used to initialize
> the JSMessageObject. This skips even that frame, by storing the
> SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> it to lazily evaluate the actual source position.
>
> Also adds tests to test-api.cc that test each of the source position
> functions in isolation to ensure that they don't rely on previous
> invocations to call the source collection function.
>
> Since no source positions are now collected at the point when an
> exception is thrown, the mjsunit/stack-traces-overflow now passes again
> with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> only failure).
Bug: v8:8510
Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61372}
There are two possible type:
- scriptParsed - breakpoint for any script,
- scriptWithSourceMapParsed - breakpoint for script with
sourceMappingURL.
When one of the breakpoints is set then for each matched script
we add breakpoint on call to top level function of that script.
Node: https://github.com/nodejs/node/issues/24687R=dgozman@chromium.org
Bug: chromium:887384,chromium:724793,chromium:882909
Change-Id: I9c08b2a2a5ba7006adfedd85fc92ae191517af00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1354245
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61353}
To prevent OOMs for leaked CPU profilers, add the option to limit the
maximum number of samples that are included in a CPU profile.
Bug: chromium:956688
Change-Id: I119d0622e7d39c187f8e09e2d49dec91fd724ecb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588412
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61352}
This is a reland of 289b25765a.
The fix for failures landed here:
https://chromium-review.googlesource.com/c/v8/v8/+/1599388
Original change's description:
> [Test] Update tests to work with lazy feedback allocation.
>
> This adds either %EnsureFeedbackVectorForFunction or
> %PrepareFunctionForOptimization to allocate feedback vectors when testing
> optimization, allocation sites, IC transitions etc.,
>
> Bug: v8:8394
> Change-Id: I6ad1b6d460e4abda693b326cddb87754e080a0a1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593303
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Auto-Submit: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61212}
Bug: v8:8394
Change-Id: Idb5bba221d138e6fd73155f959b9e16fc948c709
TBR: rmcilroy@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599607
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61332}
Seems like the CodeBuilder CL actually caused this.
This is a reland of 964edc251f
Original change's description:
> [heap] Set read-only space's and its pages' heap_ to null.
>
> Various small changes are required to enable this.
>
> HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
> possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
> This requires that ReadOnlyRoots be construct-able using a raw pointer
> to the read-only space's roots array.
>
> Global read-only heap state is now cleared by tests where appropriate
> and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
> issues easier.
>
> String padding is now always cleared just before read-only space is
> sealed when not deserializing.
>
> Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
> Bug: v8:7464
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61188}
Bug: v8:7464
Change-Id: If75bbd16c2e2af5b80cd60811dfd7866f8be8309
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599186
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61323}
This is the follow-up for frozen, sealed packed elements kind.
Design docs: bit.ly/fast-frozen-sealed-elements-in-v8
This change is only support the transition from holey elements to holey sealed elements (via object.seal) or to holey frozen elements (via object.freeze).
Added tests for non-extensible, sealed, frozen holey elements in https://chromium-review.googlesource.com/c/v8/v8/+/1574503 and https://chromium-review.googlesource.com/c/v8/v8/+/1582481
Bug: v8:6831
Change-Id: Ia4373648f79f2ebebb390982a503145844a0c123
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574777
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61307}
... to minimize pollution of v8::internal namespace.
This CL also removes usages of WriteBarrierKind from CodeAssembler interface.
Bug: v8:9183
Change-Id: I7e87c0a98cfd08b3740a022cf12d3aab415da67a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599176
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61301}
This is the last string of CLs! We eliminated all Tagged loads and stores.
That's why I also cleaned up that TODO in machine-type.h
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Icb23b396d0cbb6ee914637e34e26b52435f0000c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593085
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61300}
Generalize the existing work-around in the method
`Map::GeneralizeIfCanHaveTransitionableFastElementsKind()` to also go to
the most general field representation (in addition to going to the most
field type) for objects with transitionable fast elements kinds. That
means that we essentially disable field representation tracking for
arrays, arguments objects and value wrappers (for which the field type
tracking is already disabled).
Drive-by-fix: Remove the `constness` parameter to the above mentioned
helper method. And fix the printing of the descriptor expectations to
properly print the field type.
Change-Id: I1bba9415f4bdd2c916f9d105d9120c7071d2c498
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Doc: http://bit.ly/v8-in-place-field-representation-changes
Bug: v8:8749, v8:8865, v8:9114, chromium:959645, chromium:952682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598756
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61284}
TBR=tmrts@chromium.org
Also skip some tests too slow in full debug mode.
Bug: v8:9145
Change-Id: Ied8781be26d2c1efd7720e333775da9f6d632236
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598759
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61281}
This is a reland of ad44c258d7
Patchset 2 is the original CL
Patchset 3 fixes some misuses of FixedArrayBase::length() and adds some
DCHECKS to flush out any more misuses.
Patchset 4 adds the PPC/S390 port by miladfar@ca.ibm.com.
Original change's description:
> [typedarray] Make JSTypedArray::length authoritative.
>
> This is the first step towards full huge typed array support in V8.
> Before this change, the JSTypedArray::length and the elements backing
> store length (FixedTypedArrayBase::length) were used more or less
> interchangeably to determine the number of elements in a JSTypedArray.
>
> With this change we disentangle these two lengths, and instead make
> JSTypedArray::length authoritative. For on-heap typed arrays, the
> FixedTypedArrayBase::length will remain the number of elements in the
> backing store, but for the off-heap typed arrays, this length will be
> set to 0 (matching the fact that the FixedTypedArrayBase instance does
> not contain any elements itself).
>
> This also unifies the JSTypedArray::set_/length() and length_value()
> methods to only have JSTypedArray::set_/length() which returns/takes
> size_t values. Currently this still requires the values to be in Smi
> range, but later we will extend this to allow arbitrary size_t values
> (in the safe integer range).
>
> Bug: v8:4153, v8:7881
> Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
> Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60648}
Bug: v8:4153, v8:7881, v8:9105
Change-Id: Ic38f833071a723642ebc6f82a4012dbc0878ef98
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594435
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61275}
This reverts commit 758700a708.
Reason for revert: Broken
Original change's description:
> [compiler] Don't collect source positions for the top frame
>
> While most source positions were not collected even throwing exceptions,
> the top frame still was always collected as it was used to initialize
> the JSMessageObject. This skips even that frame, by storing the
> SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> it to lazily evaluate the actual source position.
>
> Also adds tests to test-api.cc that test each of the source position
> functions in isolation to ensure that they don't rely on previous
> invocations to call the source collection function.
>
> Since no source positions are now collected at the point when an
> exception is thrown, the mjsunit/stack-traces-overflow now passes again
> with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> only failure).
>
> Bug: v8:8510
> Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61271}
TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org
Change-Id: I3ee0b5db5f8a1b3255f68070dc10d27d0e013048
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598758
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61273}
While most source positions were not collected even throwing exceptions,
the top frame still was always collected as it was used to initialize
the JSMessageObject. This skips even that frame, by storing the
SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
it to lazily evaluate the actual source position.
Also adds tests to test-api.cc that test each of the source position
functions in isolation to ensure that they don't rely on previous
invocations to call the source collection function.
Since no source positions are now collected at the point when an
exception is thrown, the mjsunit/stack-traces-overflow now passes again
with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
only failure).
Bug: v8:8510
Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61271}
GraphBuilderTester was introduced at a time where RawMachineAssembler
was going to be deprecated (https://codereview.chromium.org/1423923003/).
Now we know that it's not going to happen any time soon.
Since GraphBuilderTester it's only used in one test which can use
RawMachineAssembler, I updated it and removed the class.
Now the .h file had another class, which is now the only class in the file.
Therefore, I renamed it and updated the include calls to it.
Also updated the include commands: some were not necessary, and some others
could be moved to more aptly places.
Bug: v8:9183
Change-Id: I44bf16090c0515b1b9ff6cbded1bdb0adb4e44e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594563
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61269}
The TraceObject passed to AppendTraceEvent can be completely
uninitialized (set to all 0s) in some situations where a flush happens
between creation and initialization of the TraceObject.
Fix the MockTraceWriter in test-tracing to expect nullptr strings for
the name of the object so that it does not try to construct an
std::string from a null char*.
Bug: v8:9214
Change-Id: Ib4f3b039ab98d5d786991134cb71ecc62f127179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598751
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61265}
Until this CL, the Memory benchmark was the only one to be based on a
cctest runner; all others use d8. Besides being a tedious exception to
the rule, this caused issues such as described in the linked bug
(summary: refbuilds are built with v8_static_library, and neither
cctests nor unittests support this configuration).
Here, we move the Memory benchmark into a d8 runner.
Bug: v8:9189, chromium:957029
Change-Id: I9b45ff36f4842cb0bdef2c1c4b0184c5509d3385
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588464
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61245}
This CL extends the stack frame API to include a flag to distinguish
between user and V8 builtin frames. The intention is to extend the API in
a later CL, so stack traces include builtin frames.
This flag gives embedders more control what to do with builtin frames.
R=jgruber@chromium.org, yangguo@chromium.org
Bug: v8:8742
Change-Id: Ieda5782dd2073c1e7fd49492bfdfa829a43dc710
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1583723
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61233}
FNMUL is efficient arm64 instruction, which can save 1 cycle
by optimizing FNEG(FMUL x y)) to FNMUL x y and
FMUL((FNEG x) y) to FNMUL x y
Change-Id: If25d9de1253098b17033a9d8736ff6a1c06601f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1572681
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61230}
This reverts commit 964edc251f.
Reason for revert: chromium:959190
Original change's description:
> [heap] Set read-only space's and its pages' heap_ to null.
>
> Various small changes are required to enable this.
>
> HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
> possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
> This requires that ReadOnlyRoots be construct-able using a raw pointer
> to the read-only space's roots array.
>
> Global read-only heap state is now cleared by tests where appropriate
> and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
> issues easier.
>
> String padding is now always cleared just before read-only space is
> sealed when not deserializing.
>
> Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
> Bug: v8:7464
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61188}
TBR=ulan@chromium.org,hpayer@chromium.org,delphick@chromium.org,goszczycki@google.com
Change-Id: I53cecf3976dfeabae309040313351385f651f010
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7464, chromium:959190
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591608
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61217}
This adds either %EnsureFeedbackVectorForFunction or
%PrepareFunctionForOptimization to allocate feedback vectors when testing
optimization, allocation sites, IC transitions etc.,
Bug: v8:8394
Change-Id: I6ad1b6d460e4abda693b326cddb87754e080a0a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593303
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61212}
CodeBuilder was calling AllocateRawWithLightRetry when it should have been
calling AllocateRawWithRetryOrFail (and vice versa).
Also improved variable naming.
Bug: chromium:957934
Change-Id: I03a95165f6d5b44c1f47d08d338d48bcc37c6d04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590075
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61210}
Based on Primiano's prototype:
https://chromium-review.googlesource.com/c/v8/v8/+/1290549
This is still behind a build flag. I'll add functionality incrementally
rather than land everything in one giant CL.
This CL sets up the basic classes that will be used for the Perfetto
implementation, e.g. the producer, consumer, controller and task runner.
This implementation produces a binary proto file in the current
directory named v8_trace.proto. It doesn't yet produce JSON output,
that is coming in a following CL.
Currently the old tracing and perfetto tracing are both run alongside
each other if the build flag is enabled.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I0eb9ecefa191ceead60aadd5b591d75c99395a6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1408995
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61209}
Both MSVC and Clang require a mainCRTStartup symbol for the cctest
executable to compile. All objects from the cctest_sources source
set are bundled into a library which does not contain this symbol.
Bug: v8:7854
Change-Id: I88cd26209114daa84574e3b20046613b1560fa98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1357039
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61206}
Fix function name in error messages thrown by the streaming API. The API
functions {WebAssembly.compileStreaming} and
{WebAssembly.instantiateStreaming} are now mentioned where needed.
Bug: v8:9184
Change-Id: I70b27efe1c027d119fa7b5b9be27988a92304682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588468
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61202}
Various small changes are required to enable this.
HeapObject::GetReadOnlyRoots no longer uses the Space's heap when
possible (see comment in ReadOnlyHeap::GetReadOnlyRoots definition).
This requires that ReadOnlyRoots be construct-able using a raw pointer
to the read-only space's roots array.
Global read-only heap state is now cleared by tests where appropriate
and extra DCHECKs in ReadOnlyHeap::SetUp should make catching future
issues easier.
String padding is now always cleared just before read-only space is
sealed when not deserializing.
Change-Id: I7d1db1c11567be5df06ff7066f3a699125f8b372
Bug: v8:7464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535830
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61188}
