utils.h itself is fairly large and contains lots of unrelated functions
as well as having a fair number of dependencies itself, so this splits
bounds checking and bit field operations into their own headers in base
and replaces uses of utils.h with the more appropriate header where
possible. (Also fixes some cases where other headers were previously
brought in transitively).
Bug: v8:9810, v8:8912
Change-Id: I76c53f953848a57e2c5bfad6ce45abcd6d2a4f1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916604
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64983}
This reverts commit 64c09f67d2.
Reason for revert: We already support up to max int32 sized TypedArrays
regardless of the smi size, so the chromium:1009439 issue should no longer be a blocker.
Original change's description:
> [ptr-compr] Temporarily disable 31 bit Smis on 64-bit architectures
>
> The reason is to unblock M79 blocked by chromium:1009439 while full
> solution is not ready yet.
>
> This CL will be reverted after the M79 branch point.
>
> Bug: v8:9767, chromium:1009439
> Change-Id: I5302d86fe953ecd94d9a4bba0d29c807b7b9d703
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1862554
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64286}
Bug: v8:9767, chromium:1009439
Change-Id: I92c43c8b27feb4f99e948bca03551e3e0316f2b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916692
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64971}
This creates a .tq file in src/objects for each src/objects/*.h file
with Torque-defined classes and moves the object definitions and
corresponding helpers/macros there.
In addition, we create files convert.tq and cast.tq in src/builtins
to move the casts and conversions to.
Since Torque-generated .cc files end up as .o files in the same
directory, there cannot be two .tq files of the same name. Thus it
was necessary to rename src/builtins/arguments.tq and
src/builtins/string.tq to not clash with the new files in src/objects.
This is a mechanical change that only moves code.
Design doc: http://doc/1fh4OUMjQMnQdJm3aiAPXQUNdgbQugkRGdJzDh8hmyzk
Bug: v8:9861 v8:9810 v8:7793
Change-Id: I9c54cb50f32b9ae0fb41752199515133eb59ea5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1910100
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64892}
This fixes MSVC Windows builds that were broken due to a missing deps
definition.
Bug: v8:9954
Change-Id: I19c5112226caadae6a0221acee7bcf19cf0abbc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906379
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64873}
Using proper register (RIP) on this platform.
Change-Id: Iaa0a25e328bd82c152db0ef3632523fd7d621020
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1857221
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64863}
Since the turbo_decompression_elimination flag is removed, there
are several methods in machine-type.h that get simplified, e.g
TypeCompressedTaggedPointer() can be replaced by just
"TaggedPointer()".
Also Removing the creation of Change to/from Compressed nodes.
Removing these Change nodes' logic is left to a follow-up CL.
Bug: v8:7703
Change-Id: Iff1f9aa8361189cf781a26317fd342b942fd5aa4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1897537
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64834}
Implement the possibility to revisit the same function in the
serializer using equality of its arguments.
Bug: v8:7790
Change-Id: I609a6009bf503e378e50d0b32c6f1c13721d2557
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1863198
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64683}
This is a reland of 4a16305b65
The original CL adjust only one part of the stack check, namely the
comparison of the stack pointer against the stack limit in generated code.
There is a second part: Runtime::kStackGuard repeats this check to
distinguish between a stack overflow and an interrupt request.
This second part in runtime must apply the offset just like in generated
code. It is implemented in this reland by the StackCheckOffset operator
and a new StackGuardWithGap runtime function.
Original change's description:
> [compiler] Optionally apply an offset to stack checks
>
> The motivation behind this change is that the frame size of an optimized
> function and its unoptimized version may differ, and deoptimization
> may thus trigger a stack overflow. The solution implemented in this CL
> is to optionally apply an offset to the stack check s.t. the check
> becomes 'sp - offset > limit'. The offset is applied to stack checks at
> function-entry, and is set to the difference between the optimized and
> unoptimized frame size.
>
> A caveat: OSR may not be fully handled by this fix since we've already
> passed the function-entry stack check. A possible solution would be to
> *not* skip creation of function-entry stack checks for inlinees.
>
> This CL: 1. annotates stack check nodes with the stack check kind, where
> kind is one of {function-entry,iteration-body,unknown}. 2. potentially
> allocates a temporary register to store the result of the 'sp - offset'
> in instruction selection (and switches input registers to 'unique'
> mode). 3. Applies the offset in code generation.
>
> Drive-by: Add src/compiler/globals.h for compiler-specific globals.
>
> Bug: v8:9534,chromium:1000887
> Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63701}
Bug: v8:9534, chromium:1000887
Change-Id: I71771c281afd7d57c09aa48ea1b182d01e6dee2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822037
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64634}
This is the first step in unification of concurrent and main thread
marking visitors. The new MarkingVisitorBase will become a base class
for all marking visitors and will remove the existing code duplication.
This is a refactoring without behavior change.
Subsequent CL will change the main thread marking visitor to derive
from the new base class.
Bug: chromium:1019218
Change-Id: I3d47030d396e0ba6706882fbd922bbcac46181b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1886920
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64632}
The new API with v8::BackingStore should be used instead as explained in
https://docs.google.com/document/d/1sTc_jRL87Fu175Holm5SV0kajkseGl2r8ifGY76G35k
This also relaxes the pre-condition for [Shared]ArrayBuffer::Detach to
not require externalization first.
Bug: v8:9380, v8:9908
Change-Id: Idd119fcd28be84a2fae74ae86f7381fd997766f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859628
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64625}
This rearranges the TurboProp pipeline to avoid the need for a second
schedule of the graph. To do this, it moves the final schedule creation
before effect-control-linearization (which used a temporary schedule
previously, and with TurboFan). It then enables the block updater in the
graph assembler for effect control linearization and does select and
memory lowering in a new ScheduledMachineLowering phase to maintain
this existing schedule during these lowering passes.
BUG=v8:9684
Change-Id: I6a7790b010f8b152dd01d85aa95ee5d4f99087a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1847351
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64537}
This CL integrates the "v8_nosnapshot" source set into the "mksnapshot"
binary. The "mksnapshot" binary is the last use-site after unconditionally
enabling snapshot and embedded builtins.
Bug: v8:8519
Change-Id: I8e737e10a3f7729e18ac71733b811bf399ebf330
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1873685
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64494}
... and refactor String.prototype.substring.
This is done to simplify cleaning up callers of ConvertToRelativeIndex()
in a follow-up CL.
This CL also introduces Smi-overflow friendly helper function
ClampToIndexRange(index: JSAny, min: uintptr, max: uintptr): uintptr
which can be used in other String builtins as a better alternative to
NumberMin(NumberMax(value, min), max)
pattern.
Bug: v8:8996, v8:4153
Change-Id: Ie1bb5ab305ebf851c033d109ffe9e6afb9418274
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1872392
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64463}
This is a reland of f5611402f7
We had to revert due to branch cut. The A/B experiment wasn't done yet.
Original change's description:
> [ptr-compr][arm64] Temporarily enable pointer compression on arm64
>
> ... and make sure that the arm64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the other config.
>
> Commented out the 'extra' variant since it was crashing. Opened a bug
> regarding that: https://bugs.chromium.org/p/v8/issues/detail?id=9568
>
> Similar to x64's https://chromium-review.googlesource.com/c/v8/v8/+/1607654
>
> Bug: v8:7703
> Change-Id: Ifd46b029bab34524f9f536dcdbd1574f2ddcbf37
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1724216
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63019}
Bug: v8:7703
Change-Id: I28726f534dfd17dd695a3ba5653873368e7a44b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1872403
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64459}
This CL removes the 'v8_enable_embedded_builtins' GN argument and sets
the 'V8_EMBEDDED_BUILTIN' define unconditionally.
Removing the now obsolete 'define' and corresponding C++ code will be
done in a separate CL.
R=machenbach@chromium.org
Bug: v8:8519
Change-Id: Ibaa3e958121931c0ce14baf48ad401fab87c5337
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864929
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64456}
The natives blob was deprecated in V8 7.8. This CL removes all related
functionality, including:
- Build system support, i.e.: generation of natives_blob.bin and the
v8_extra_library_files gn flag.
- Related scripts (js2c.py, concatenate-files.py).
- Related API functions (SetNativesDataBlob,
InitializeExternalStartupData).
- Natives bootstrapping logic.
- The InternalArray type (previously exposed through natives).
- Other natives-exposed builtins.
- Inlining of these builtins.
- The dedicated 'uncached external one byte string' type.
Step 1 landed in https://crrev.com/c/1824944.
Step 2 landed in https://crrev.com/c/1835536.
Step 3 (this CL) removes these all functionality related to natives
support in V8.
Bug: v8:7624
Change-Id: Ice6c2662781efe8417231805276476d32bc5a625
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844771
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64446}
This reverts commit ca1259fcac.
Reason for revert: Branch was cut and we don't want the flag flip shipping.
Original change's description:
> [ptr-compr][arm64] Temporarily enable pointer compression on arm64
>
> ... and make sure that the arm64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the other config.
>
> Bug: v8:7703
> Change-Id: I0017345273d5328d95a338064dd80b44974c1c53
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844780
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64132}
TBR=machenbach@chromium.org,ishell@chromium.org,tmrts@chromium.org,solanes@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:7703
Change-Id: I67c244e583893bb1062dbaa610c9c470fbfb9e40
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1868610
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64374}
The DecompressionOptimizer aims to avoid adding the root in AnyTagged
or TaggedPointer loads. For the TaggedSigned case, we already solve it
in instruction selection.
The new phase will run only when pointer compression is enabled. For
the moment, it's also requires FLAG_turbo_decompression_elimination to
be false. This latter flag is only temporary to test out the
implementation.
The phase needs to be run when Machine are present in the graph, i.e
at the very end of the pipeline. Also, since this phase may change
the load's MachineRepresentation from Tagged to Compressed, it's best
to run it as late as possible in order to keep the phases that know
about Compressed MachineRepresentation to a minimum.
As an example, if we Load a Tagged value only to Store it back again
(i.e Load -> Store nodes, with the Load being the Store's value) we
don't need to fully decompress it since the Store will ignore the
top bits.
Bug: v8:7703
Change-Id: I6b4aec203ab8cbb540b2513cabb1e2a5691ce938
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859615
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64358}
This is a reland of 1c56974f2a
This is a plain reland of the original CL. The original CL was speculatively
reverted, but ended up not being the cause for bot failures.
Original change's description:
> Unconditionally enable snapshot builds and remove 'v8_use_snapshot'
>
> This CL removes 'v8_use_snapshot' and the usages of the implied
> V8_USE_SNAPSHOT define. One test runner unittest was updated to use the
> "asan" variant instead of the now obsolete "no_snap" variant.
>
> Related chromium CL: https://crrev.com/c/1796325.
>
> Bug: v8:8531
> Change-Id: I5da7c9f8e9110fe7bc0f4e4f821bcb7f7d98f927
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784282
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Nico Weber <thakis@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64290}
TBR=thakis@chromium.org,machenbach@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tmrts@chromium.org,szuend@chromium.org
Bug: v8:8531
Change-Id: Id75a802279238138f7aefec62e0b6425a5acc08d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864649
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64305}
This reverts commit 1c56974f2a.
Reason for revert: Causes several bots to timeout, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20debug/27945
Original change's description:
> Unconditionally enable snapshot builds and remove 'v8_use_snapshot'
>
> This CL removes 'v8_use_snapshot' and the usages of the implied
> V8_USE_SNAPSHOT define. One test runner unittest was updated to use the
> "asan" variant instead of the now obsolete "no_snap" variant.
>
> Related chromium CL: https://crrev.com/c/1796325.
>
> Bug: v8:8531
> Change-Id: I5da7c9f8e9110fe7bc0f4e4f821bcb7f7d98f927
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784282
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Nico Weber <thakis@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64290}
TBR=thakis@chromium.org,machenbach@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tmrts@chromium.org,szuend@chromium.org
Change-Id: I4024d818877e534b9f7908a2d14f33dca35b5924
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8531
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1862572
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64293}
This CL removes 'v8_use_snapshot' and the usages of the implied
V8_USE_SNAPSHOT define. One test runner unittest was updated to use the
"asan" variant instead of the now obsolete "no_snap" variant.
Related chromium CL: https://crrev.com/c/1796325.
Bug: v8:8531
Change-Id: I5da7c9f8e9110fe7bc0f4e4f821bcb7f7d98f927
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784282
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64290}
The reason is to unblock M79 blocked by chromium:1009439 while full
solution is not ready yet.
This CL will be reverted after the M79 branch point.
Bug: v8:9767, chromium:1009439
Change-Id: I5302d86fe953ecd94d9a4bba0d29c807b7b9d703
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1862554
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64286}
Design doc:
https://docs.google.com/document/d/1ZU6rCvF2YHBGMLujWqqaxlPsjFfjKDE9C3-EugfdlAE/edit
Changes from the design doc:
- Changed to use 'class' declarations rather than 'type' declarations
for things that need instance types but whose layout is not known to
Torque. These declarations end with a semicolon rather than having a
full set of methods and fields surrounded by {}. If the class's name
should not be treated as a class name in generated output (because
it's actually a template, or doesn't exist at all), we use the
standard 'generates' clause to declare the most appropriate C++ class.
- Removed @instanceTypeName.
- @highestInstanceType became @highestInstanceTypeWithinParentClassRange
to indicate a semantic change: it no longer denotes the highest
instance type globally, but only within the range of values for its
immediate parent class. This lets us use it for Oddball, which is
expected to be the highest primitive type.
- Added new abstract classes JSCustomElementsObject and JSSpecialObject
to help with some range checks.
- Added @lowestInstanceTypeWithinParentClassRange so we can move the new
classes JSCustomElementsObject and JSSpecialObject to the beginning of
the JSObject range. This seems like the least-brittle way to establish
ranges that also include JSProxy (and these ranges are verified with
static assertions in instance-type.h).
- Renamed @instanceTypeValue to @apiExposedInstanceTypeValue.
- Renamed @instanceTypeFlags to @reserveBitsInInstanceType.
This change introduces the new annotations and adds the ability for
Torque to assign instance types that satisfy those annotations. Torque
now emits two new macros:
- TORQUE_ASSIGNED_INSTANCE_TYPES, which is used to define the
InstanceType enumeration
- TORQUE_ASSIGNED_INSTANCE_TYPE_LIST, which replaces the non-String
parts of INSTANCE_TYPE_LIST
The design document mentions a couple of other macro lists that could
easily be replaced, but I'd like to defer those to a subsequent checkin
because this one is already pretty large.
Bug: v8:7793
Change-Id: Ie71d93a9d5b610e62be0ffa3bb36180c3357a6e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1757094
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64258}
This reverts commit 12b22b5198.
Reason for revert: Experiment finished.
Original change's description:
> Disable --instruction-scheduling for mksnapshot
>
> This is an experiment to see the memory/performance impact.
>
> Bug: v8:9775
> Change-Id: I2ae61ae8bb5c6c1c55436e96c4b2d8201cbf4739
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1832177
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64062}
TBR=mvstanton@chromium.org,neis@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9775
Change-Id: Ife556af5f8c09c25f20756a9b2ac940cb74359e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1855983
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64239}
instead of plain uint32_t as entry. This provides some type safety,
because the compiler will check that we are not mixing up indexes
and entries. It also paves the way to consistently using size_t for
TypedArray indexes.
Bug: v8:4153
Change-Id: Ie0eb63693c871efda9860d3d288896819868b66a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1852765
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64236}
For this, all Torque stub-linkage builtins use TFC instead of TFS,
with a custom descriptor added to interface-descriptors.h
To avoid having complex logic in the generated code, the new class
TorqueInterfaceDescriptor contains the logic to create a
CallInterfaceDescriptor from a signature consisting of TNode types.
As an example and test, this CL ports StringCharAt to Torque.
Bug: v8:7793
Change-Id: I8339d2ad6e4f908ebdc3b8d30244e4bcbd974f21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798427
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64148}
... and make sure that the arm64 ptr-compr bots proceed testing V8 without
pointer compression in order to keep testing the other config.
Bug: v8:7703
Change-Id: I0017345273d5328d95a338064dd80b44974c1c53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844780
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64132}
This CL removes the StoreBuffer and inserts slots into the
RememberedSet directly from within the RecordWrite builtin. Only calls
into C code when either the SlotSet-array or the bucket is not
allocated. This avoids filling the store buffer up with duplicates or
due to a write-heavy workload and then blocking the main thread on
store buffer processing.
The first CL (https://crrev.com/c/1815241) got reverted, because
mksnapshot was using a different size for SlotSet than the final
binary on ARM. This is fixed now, SlotSet has a standard layout.
Bug: v8:9454
Change-Id: I881641f4ee08a8b42c36fdca8733138b908096bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1842452
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64126}
This adds a fake toolchain for pointer compression, used for
correctness fuzzing. The toolchain enables us to have an extra build
with inverse pointer-compression defaults side-by-side.
The extra build is used similarly to existing x64/x86 comparisons,
except that we now compare builds with different compile-time flags.
Change-Id: I75491371262204b86eaa006ca8d04848f49121ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1829275
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64123}
The natives blob is deprecated and will be removed in the next
release.
This commit does two things, 1. it disables the v8_extra_library_files
gn argument which will make building natives_blob.bin through gn
impossible; 2. it marks API functions associated with the natives blob
as V8_DEPRECATE_SOON.
Embedders should remove any uses of SetNativesDataBlob and replace all
calls to
InitializeExternalStartupData(const char*, const char*)
with the new function
InitializeExternalStartupDataFromFile(const char*)
Step 2 is to mark API functions as V8_DEPRECATED.
Step 3, in the next V8 release, is to remove these functions and all
other natives support in V8.
Bug: v8:7624
Change-Id: I745e96c60204a9b94d9240be65dd59bb9bdd0699
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824944
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64080}
This is a reland of 6612943010
Fixed: Unaligned reads, unspecified evaluation order.
Original change's description:
> [regexp] Bytecode peephole optimization
>
> Bytecodes used by the regular expression interpreter often occur in
> specific sequences. The number of dispatches in the interpreter can be
> reduced if those sequences are combined into a single bytecode.
>
> This CL adds a peephole optimization pass for regexp bytecodes.
> This pass checks the generated bytecode for pre-defined sequences that
> can be merged into a single bytecode.
>
> With the currently implemented bytecode sequences a speedup of 1.12x on
> regex-dna and octane-regexp is achieved.
>
> Bug: v8:9330
> Change-Id: I827f93273a5848e5963c7e3329daeb898995d151
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813743
> Commit-Queue: Patrick Thier <pthier@google.com>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63992}
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux_gcc_rel
Bug: v8:9330,chromium:1008502,chromium:1008631
Change-Id: Ib9fc395b6809aa1debdb54d9fba5b7f09a235e5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1828917
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64064}
This is an experiment to see the memory/performance impact.
Bug: v8:9775
Change-Id: I2ae61ae8bb5c6c1c55436e96c4b2d8201cbf4739
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1832177
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64062}
This reverts commit 70e07cdb6e.
Reason for revert: Clusterfuzz found issue in chromium:1009019
Original change's description:
> [heap] Insert directly into RememberedSet and remove StoreBuffer
>
> This CL removes the StoreBuffer and inserts slots into the
> RememberedSet directly from within the RecordWrite builtin. Only calls
> into C code when either the SlotSet-array or the bucket is not
> allocated. This avoids filling the store buffer up with duplicates or
> due to a write-heavy workload and then blocking the main thread on
> store buffer processing.
>
> Change-Id: I05b0b0938d822cdf0e8ef086ad4527d3229c05b2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815241
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64002}
TBR=ulan@chromium.org,jkummerow@chromium.org,dinfuehr@chromium.org
Change-Id: I6f4cc1641965c83b05f3b3830b0f526b362beb49
Bug: chromium:1009019, chromium:1009196
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1829259
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64043}
This is a reland of cfb100282e
with a fix for failures in lite mode.
Original change's description:
> [compiler] Cache OSR optimized code
>
> With lazy feedback allocation, for functions that get OSRed we may
> not have feedback for the initial part of the functions since feedback
> vectors might be allocated after the function started executing. Hence
> we would not be able to optimize the function on the next call. This
> means we may have to OSR twice before we actually optimize function.
> This cl introduces OSR cache, so we could reuse the optimized code. One
> side effect of this cl is that the OSRed code won't be function context
> specialized anymore.
>
> Bug: chromium:987523
> Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64014}
Bug: chromium:987523
Change-Id: I9c782242b07b24d15247533ab4ee044334b429ff
TBR: rmcilroy@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826898
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64023}
This reverts commit cfb100282e.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20lite/6483
Original change's description:
> [compiler] Cache OSR optimized code
>
> With lazy feedback allocation, for functions that get OSRed we may
> not have feedback for the initial part of the functions since feedback
> vectors might be allocated after the function started executing. Hence
> we would not be able to optimize the function on the next call. This
> means we may have to OSR twice before we actually optimize function.
> This cl introduces OSR cache, so we could reuse the optimized code. One
> side effect of this cl is that the OSRed code won't be function context
> specialized anymore.
>
> Bug: chromium:987523
> Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64014}
TBR=rmcilroy@chromium.org,neis@chromium.org,mythria@chromium.org
Change-Id: Ib3692e7570bed5d3e88ca8a0247b185d70497a04
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:987523
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826668
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64015}
With lazy feedback allocation, for functions that get OSRed we may
not have feedback for the initial part of the functions since feedback
vectors might be allocated after the function started executing. Hence
we would not be able to optimize the function on the next call. This
means we may have to OSR twice before we actually optimize function.
This cl introduces OSR cache, so we could reuse the optimized code. One
side effect of this cl is that the OSRed code won't be function context
specialized anymore.
Bug: chromium:987523
Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64014}
This CL removes the StoreBuffer and inserts slots into the
RememberedSet directly from within the RecordWrite builtin. Only calls
into C code when either the SlotSet-array or the bucket is not
allocated. This avoids filling the store buffer up with duplicates or
due to a write-heavy workload and then blocking the main thread on
store buffer processing.
Change-Id: I05b0b0938d822cdf0e8ef086ad4527d3229c05b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815241
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64002}
This reverts commit 6612943010.
Reason for revert: Fails on gcc: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20gcc/3394
Original change's description:
> [regexp] Bytecode peephole optimization
>
> Bytecodes used by the regular expression interpreter often occur in
> specific sequences. The number of dispatches in the interpreter can be
> reduced if those sequences are combined into a single bytecode.
>
> This CL adds a peephole optimization pass for regexp bytecodes.
> This pass checks the generated bytecode for pre-defined sequences that
> can be merged into a single bytecode.
>
> With the currently implemented bytecode sequences a speedup of 1.12x on
> regex-dna and octane-regexp is achieved.
>
> Bug: v8:9330
> Change-Id: I827f93273a5848e5963c7e3329daeb898995d151
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813743
> Commit-Queue: Patrick Thier <pthier@google.com>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63992}
TBR=jgruber@chromium.org,petermarshall@chromium.org,pthier@google.com
Change-Id: Ie526fe3691f6abdd16b51979000fdafb7afce8ef
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9330
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826727
Reviewed-by: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Commit-Queue: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63998}
Bytecodes used by the regular expression interpreter often occur in
specific sequences. The number of dispatches in the interpreter can be
reduced if those sequences are combined into a single bytecode.
This CL adds a peephole optimization pass for regexp bytecodes.
This pass checks the generated bytecode for pre-defined sequences that
can be merged into a single bytecode.
With the currently implemented bytecode sequences a speedup of 1.12x on
regex-dna and octane-regexp is achieved.
Bug: v8:9330
Change-Id: I827f93273a5848e5963c7e3329daeb898995d151
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813743
Commit-Queue: Patrick Thier <pthier@google.com>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63992}
This was missed in a file move
Bug: chromium:991547
Change-Id: I4442f2e4e7acdb91b16151714b87e229bce1a409
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824945
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63968}
Seperates the memory lowering operations into a seperate MemoryLowering
class which is used by the MemoryOptimizer. This will enable TurboProp
to reduce memory operations without having to do a full memory
optimization pass.
BUG=v8:9684
Change-Id: I1b333f1360fd342612672842bf879f44ab1ee60c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815243
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63966}
This is a reland of 12a9ee3a5b
Fixed arm64 disasm test.
Original change's description:
> [ptr-compr] Switch to 31 bit Smis on 64-bit architectures
>
> 32 bit Smis are incompatible with pointer compression so we land disable
> them before enabling pointer compression in order to separate memory and
> performance regressions caused by 31 bit Smis from pointer compression
> change.
>
> Bug: v8:9767
> Change-Id: I3d4a675df4208f808b1ba6e7816be545eae0dc24
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815249
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63934}
Bug: v8:9767
Change-Id: Ife46a4240141dd89d841eac152032ad6ca471810
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1820939
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63940}
This reverts commit 12a9ee3a5b.
Reason for revert: Breaks arm64 sim bot
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/17467
Original change's description:
> [ptr-compr] Switch to 31 bit Smis on 64-bit architectures
>
> 32 bit Smis are incompatible with pointer compression so we land disable
> them before enabling pointer compression in order to separate memory and
> performance regressions caused by 31 bit Smis from pointer compression
> change.
>
> Bug: v8:9767
> Change-Id: I3d4a675df4208f808b1ba6e7816be545eae0dc24
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815249
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63934}
TBR=ishell@chromium.org,verwaest@chromium.org
Change-Id: Icc5a5b676a7f7d3fdb3fe3cf84007d4f9bce6eaf
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9767
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815842
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63936}
32 bit Smis are incompatible with pointer compression so we land disable
them before enabling pointer compression in order to separate memory and
performance regressions caused by 31 bit Smis from pointer compression
change.
Bug: v8:9767
Change-Id: I3d4a675df4208f808b1ba6e7816be545eae0dc24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815249
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63934}
This CL allows us to distinguish between the host- and target OS. The
host OS is defined by V8_OS_ macros (e.g. V8_OS_WIN). The target OS is
defined by V8_TARGET_OS_ macros (e.g. V8_TARGET_OS_WIN).
V8_TARGET_OS_ macros are defined by gn, based on the `target_os` gn
variable. If a V8_TARGET_OS_ is set, we also define V8_HAVE_TARGET_OS
(this determines fall-back behavior in V8; if it is not defined, we set
V8_TARGET_OS_ to equal the equivalent V8_OS_ define).
Besides adding the defines, this CL also adds logic to consider the
target OS in codegen. Specifically, x64 builds now look at the
V8_TARGET_OS_WIN define instead of V8_OS_WIN or _WIN64. This
effectively makes cross-compilation to x64 Windows in mksnapshot
possible.
In future work, we could add similar support for cross-compiling to
other platforms such as ia32 Windows.
Bug: v8:9736,chromium:803591
Change-Id: I689f3de8c206b743c4bef703f5ade0bba32ce995
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809374
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63892}
By providing a custom implementation of __mulodi4(). This function
usually comes from libcompiler_rt, but our build system doesn't
provide that.
Bug: v8:9665
Change-Id: Ia72f0c23e83724f73ec72b404706c9a40ed861ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1806682
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63826}
The first land did not correctly handle exceptions for already evaluated
modules.
Original description:
Implements AsyncModules in SourceTextModule. However, there is no
support in the parser or D8 for actually creating / resolving
AsyncModules. Also adds a flag '--top-level-await,' but the only
external facing change with the flag enabled is that Module::Evaluate
returns a promise.
Bug: v8:9344
Change-Id: I24725816ee4a6c3616c3c8b08a75a60ca9f27727
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1797658
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63803}
This enables using TNode types without including code-assembler.h,
which is useful when generating CallInterfaceDescriptors.
As a drive-by, this moves TNode from v8::internal::compiler to
v8::internal. It's only used outside of the compiler anyway.
Change-Id: I3d938c22366a3570315041683094f77b0d1096a2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798425
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63721}
This was missed during a file move and can cause build bugs.
Bug: chromium:991547
Change-Id: I157e7bb656956c08293c205c0d00884aecc7adee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798430
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63711}
This reverts commit 4a16305b65.
Reason for revert: Need to revalidate assumptions behind the CHECK.
Original change's description:
> [compiler] Optionally apply an offset to stack checks
>
> The motivation behind this change is that the frame size of an optimized
> function and its unoptimized version may differ, and deoptimization
> may thus trigger a stack overflow. The solution implemented in this CL
> is to optionally apply an offset to the stack check s.t. the check
> becomes 'sp - offset > limit'. The offset is applied to stack checks at
> function-entry, and is set to the difference between the optimized and
> unoptimized frame size.
>
> A caveat: OSR may not be fully handled by this fix since we've already
> passed the function-entry stack check. A possible solution would be to
> *not* skip creation of function-entry stack checks for inlinees.
>
> This CL: 1. annotates stack check nodes with the stack check kind, where
> kind is one of {function-entry,iteration-body,unknown}. 2. potentially
> allocates a temporary register to store the result of the 'sp - offset'
> in instruction selection (and switches input registers to 'unique'
> mode). 3. Applies the offset in code generation.
>
> Drive-by: Add src/compiler/globals.h for compiler-specific globals.
>
> Bug: v8:9534,chromium:1000887
> Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63701}
TBR=neis@chromium.org,sigurds@chromium.org,jgruber@chromium.org
Change-Id: Iebf46d5256b6dee13451741781ef85a5fe9b1628
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9534, chromium:1000887
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800565
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63706}
This removes the {base::ReversedAdapter} class and uses
{base::iterator_range} instead. The types are inferred from what
{std::rbegin} and {std::rend} return.
Since src/base/adapters.h would only contain this one method after
this refactoring, it was merged into src/base/iterator.h.
Some includes of src/base/adapters.h were unused and hence dropped.
R=mlippautz@chromium.org
Bug: v8:9396
Change-Id: I597172ec790193b73af196d1afcd64bbed0a597d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798432
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63703}
The motivation behind this change is that the frame size of an optimized
function and its unoptimized version may differ, and deoptimization
may thus trigger a stack overflow. The solution implemented in this CL
is to optionally apply an offset to the stack check s.t. the check
becomes 'sp - offset > limit'. The offset is applied to stack checks at
function-entry, and is set to the difference between the optimized and
unoptimized frame size.
A caveat: OSR may not be fully handled by this fix since we've already
passed the function-entry stack check. A possible solution would be to
*not* skip creation of function-entry stack checks for inlinees.
This CL: 1. annotates stack check nodes with the stack check kind, where
kind is one of {function-entry,iteration-body,unknown}. 2. potentially
allocates a temporary register to store the result of the 'sp - offset'
in instruction selection (and switches input registers to 'unique'
mode). 3. Applies the offset in code generation.
Drive-by: Add src/compiler/globals.h for compiler-specific globals.
Bug: v8:9534,chromium:1000887
Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63701}
This adds a new API function and provides a simple implementation
of performance.measureMemory() in d8. The implementation currently
immediately resolves the result promise with the current heap size.
Bug: chromium:973627
Change-Id: Ia8e1963a49b7df628b5487a2c0d601473f0cb039
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796502
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63694}
This reverts commit 591d1c9de4.
Reason for revert: breaks blink
Original change's description:
> [top-level-await] Implement top-level-await in V8
>
> Implements AsyncModules in SourceTextModule. However, there is no
> support in the parser or D8 for actually creating / resolving
> AsyncModules. Also adds a flag '--top-level-await,' but the only
> external facing change with the flag enabled is that Module::Evaluate
> returns a promise.
>
> Bug: v8:9344
> Change-Id: Idc722efc1e2aa780d04bdb985bb7920ab969d34e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1728037
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Joshua Litt <joshualitt@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63686}
TBR=ulan@chromium.org,adamk@chromium.org,neis@chromium.org,joshualitt@chromium.org
Change-Id: I6ceeb3a293a948af04bf200ab784ceb03386a3fd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9344
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1797656
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63692}
Implements AsyncModules in SourceTextModule. However, there is no
support in the parser or D8 for actually creating / resolving
AsyncModules. Also adds a flag '--top-level-await,' but the only
external facing change with the flag enabled is that Module::Evaluate
returns a promise.
Bug: v8:9344
Change-Id: Idc722efc1e2aa780d04bdb985bb7920ab969d34e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1728037
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63686}
This reverts commit 9da3483136
Original change's description:
> "Reland x4 [arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of bc33f5aeba
>
> Contributed by titzer@chromium.org
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
>
> TBR=yangguo@chromium.org
>
> BUG=v8:9380,v8:9221,chromium:986318
>
> Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63041}
TBR=yangguo@chromium.org
Change-Id: I3cc4bb80081c662b1751234bc16a821c20e744be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792166
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63617}
Implements match indices for regexp, as specified by
https://github.com/tc39/proposal-regexp-match-indices,
a stage 3 TC39 proposal. This implementation is hidden
behind the '--harmony-regexp-match-indices' flag.
Regexp match indices extends the JSRegExpResult object
with an array of indices of matches, as well as a
dictionary of capture names to match indices.
Bug: v8:9548
Change-Id: Ia9efcee00d997dda6158539b8d0f4c4e5965e5e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771379
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63581}
This reverts commit 62e168308c.
Reason for revert: it will be relanded after branch
Original change's description:
> Reland x5 [arraybuffer] Rearchitect backing store ownership
>
> This reverts commit 8fdb23873b.
>
> Original change's description:
> > "Reland x4 [arraybuffer] Rearchitect backing store ownership"
> >
> > This is a reland of bc33f5aeba
> >
> > Contributed by titzer@chromium.org
> >
> > Original change's description:
> > > [arraybuffer] Rearchitect backing store ownership
> > >
> > > This CL completely rearchitects the ownership of array buffer backing stores,
> > > consolidating ownership into a {BackingStore} C++ object that is tracked
> > > throughout V8 using unique_ptr and shared_ptr where appropriate.
> > >
> > > Overall, lifetime management is simpler and more explicit. The numerous
> > > ways that array buffers were initialized have been streamlined to one
> > > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > > and the construction and destruction of the BackingStore object itself
> > > handles the underlying page or embedder-allocated memory.
> > >
> > > The embedder API remains unchanged for now. We use the
> > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > > keep the backing store alive properly, even in the case of aliases
> > > from live heap objects. Thus the embedder has a lower chance of making
> > > a mistake. Long-term, we should move the embedder to a model where they
> > > manage backing stores using shared_ptr to an opaque backing store object.
> >
> > TBR=yangguo@chromium.org
> >
> > BUG=v8:9380,v8:9221,chromium:986318
> >
> > Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005
> > Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#63041}
>
> TBR=yangguo@chromium.org,clemensh@chromium.org,mstarzinger@chromium.org
>
> Change-Id: Iba55c7ab71e5642b5cb6aeb699d6fc9cf9061486
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771795
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63461}
TBR=ulan@chromium.org,mlippautz@chromium.org
Change-Id: Id8f67a68ab398032eb2975b1b24ee125394d9c4b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776095
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63471}
This reverts commit 8fdb23873b.
Original change's description:
> "Reland x4 [arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of bc33f5aeba
>
> Contributed by titzer@chromium.org
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
>
> TBR=yangguo@chromium.org
>
> BUG=v8:9380,v8:9221,chromium:986318
>
> Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63041}
TBR=yangguo@chromium.org,clemensh@chromium.org,mstarzinger@chromium.org
Change-Id: Iba55c7ab71e5642b5cb6aeb699d6fc9cf9061486
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771795
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63461}
Adds a simple static class to manage fast path protectors, thereby
eventually allowing us to remove a bunch of boilerplate from isolate.
Bug: v8:9463
Change-Id: I99306e5c914c16045d0b891bdc3c62cfd98fddfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774187
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63450}
This CL adds a new class WasmModuleSourceMap for source map support of WasmModule,
which maps C/C++ source code to WASM bytecode. Via this support, V8 can build a
direct map of source code and JITted code and inform profilers of it, thus the
source-code-level profiling information is presented.
Change-Id: I346f6216809ce4f3bf8b27f1e839dd4efdb00ead
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708029
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Zhiguo Zhou <zhiguo.zhou@intel.com>
Cr-Commit-Position: refs/heads/master@{#63401}
This reverts commit 9460101cdb.
Reason for revert: Causes confusion on Blink side, as it introduces
an object with >=2 internal fields that is not a wrapper (see bug).
Bug: chromium:996681
Change-Id: I275b5a064a4ee8c73c05f97be322924a3bc5370e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1769148
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63386}
This reverts commit 5db04cc0dd.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> Revert "[regexp] Only append to JSRegExpResult's initial map if we add descriptor"
>
> This reverts commit dc1cc2232b.
>
> Revert "[regexp] Implement the match indices proposal"
>
> This reverts commit 9460101cdb.
>
> Reason for revert: Causes confusion on Blink side, as it introduces
> an object with >=2 internal fields that is not a wrapper (see bug).
>
> Bug: chromium:996681
> Change-Id: I5c167e9e15bfbec2aa6b843e3063ead5d52fb26c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768897
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63376}
TBR=yangguo@chromium.org,sigurds@chromium.org,joshualitt@chromium.org
Change-Id: Ic58fc3fc83faaf86bd895da29eacb7d51c443beb
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:996681
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768584
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63379}
Replace all usages of VectorSlotPair with FeedbackSource.
Bug: v8:7790
Change-Id: I0ac6e9cd8f5730154cc1842e267ca1ebfdebc874
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763536
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63378}
This reverts commit dc1cc2232b.
Revert "[regexp] Implement the match indices proposal"
This reverts commit 9460101cdb.
Reason for revert: Causes confusion on Blink side, as it introduces
an object with >=2 internal fields that is not a wrapper (see bug).
Bug: chromium:996681
Change-Id: I5c167e9e15bfbec2aa6b843e3063ead5d52fb26c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768897
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63376}
5th attempt to reland now that crash with cpu profiler combined with
code caching is fixed.
Bug: v8:8510
Change-Id: I3489150a5067c41c36a4b468e412f9398a55135d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762293
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63290}
The deoptimizer calculates frame layout based on the translation's
`height` field, together with additional data (e.g.: are we looking at
the topmost frame? what kind of deopt are we in?). The result is the
final deoptimized frame size in bytes, together with a bunch of
intermediate results such as the variable frame size (= without the
fixed-size portion).
In order to consider the deoptimized frame size in optimized stack
checks, we will need to calculate the frame layout during compilation
in addition to what we currently do during deoptimization. This CL
moves in that direction by extracting relevant parts of frame layout
calculation into classes that can be reused by both compiler and
deoptimizer.
These helpers will support both precise and conservative modes; the
deoptimizer will use the precise mode (since it has full information),
while the instruction selector will use the conservative mode.
Bug: v8:9534
Change-Id: I93d6c39f10d251733f4625d3cc161b2010652d02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760825
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63279}
Implements match indices for regexp, as specified by
https://github.com/tc39/proposal-regexp-match-indices,
a stage 3 TC39 proposal. This implementation is hidden
behind the '--harmony-regexp-match-indices' flag.
Regexp match indices extends the JSRegExpResult object
with an array of indices of matches, as well as a
dictionary of capture names to match indices.
Bug: v8:9548
Change-Id: I9866a2d1f5af6a507de710357cb5e74c694e7558
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1734937
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63272}
Flag off by default now since it's causing crashes in the profiler.
R=rmcilroy
Bug: chromium:994673
Change-Id: I92b46e1f90819c0007106d843ecae2c3974eb3c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760814
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63250}
This reverts commit f54f92dda1.
Reason for revert: CSA_ASSERTS failing while rolling into Chromium,
see https://crbug.com/994103 for details.
Original change's description:
> [builtins] Port RegExpTest to Torque
>
> Bug: v8:8976
> Change-Id: Ia4dc120a31eb363599b47b22b749a3146a9c7c73
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1746083
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63211}
TBR=jgruber@chromium.org,tebbi@chromium.org,duongn@microsoft.com,szuend@chromium.org
Change-Id: Id3e1fe4e323826d3a48db667b032f0fddd7cb064
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8976
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1756389
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63217}
This reverts commit d1a4706af9.
Reason for revert: Experiment over.
Original change's description:
> Reland "[ptr-compr][arm64] Temporarily enable pointer compression on arm64"
>
> This is a reland of f5611402f7
>
> Original change's description:
> > [ptr-compr][arm64] Temporarily enable pointer compression on arm64
> >
> > ... and make sure that the arm64 ptr-compr bots proceed testing V8 without
> > pointer compression in order to keep testing the other config.
> >
> > Commented out the 'extra' variant since it was crashing. Opened a bug
> > regarding that: https://bugs.chromium.org/p/v8/issues/detail?id=9568
> >
> > Similar to x64's https://chromium-review.googlesource.com/c/v8/v8/+/1607654
> >
> > Bug: v8:7703
> > Change-Id: Ifd46b029bab34524f9f536dcdbd1574f2ddcbf37
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1724216
> > Reviewed-by: Tamer Tas <tmrts@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#63019}
>
> Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng
> Bug: v8:7703
> Change-Id: I1a82b87bf6db4e6d100aeffc29dae60ba73d8119
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1730998
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63043}
TBR=machenbach@chromium.org,tmrts@chromium.org,solanes@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:7703
Change-Id: I86a801d44ad4ea14b1388ad8ca6109cc8a57a7d7
Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1746470
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63148}
This CL changes the dispatch technique in the regex interpreter to
token-threaded dispatch, if computed gotos are supported by the
compiler. Otherwise old switch-based dispatch is still used
(e.g. for MSVC).
With computed gotos, less jumps will be emitted (no extra jump to
single branch point/begin of switch) and branch prediction will
be better because of no single branch point.
This CL improves performance on the RexBench Benchmark suite by ~10%.
Bug: v8:9575
Change-Id: I585ad824ff1cc595a5dfa8831ad66d6810d0119b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1733073
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Patrick Thier <pthier@google.com>
Cr-Commit-Position: refs/heads/master@{#63126}
This reverts commit 5611f70b3d.
Reason for revert: flaky tests: v8:9588, v8:9587
Original change's description:
> "Reland x4 [arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of bc33f5aeba
>
> Contributed by titzer@chromium.org
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
>
> TBR=yangguo@chromium.org
>
> BUG=v8:9380,v8:9221,chromium:986318
>
> Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63041}
TBR=ulan@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,clemensh@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9380, v8:9221, chromium:986318
Change-Id: Ic7381239f4e90d0c437b7e47a5ac6e8bce60f882
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1736747
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63081}
When a fast path was added for Math.hypot, the algorithm was also
simplified. This simplification turns out to be incorrect in some rare
edge cases. This cl reverts back to the original algorithm and converts it to torque.
Original cl: https://chromium-review.googlesource.com/c/v8/v8/+/1684178
Bug: v8:9546
Change-Id: If4e21504732f46081a8de823f50f499917f1a20c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1725200
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63070}
This is a reland of f5611402f7
Original change's description:
> [ptr-compr][arm64] Temporarily enable pointer compression on arm64
>
> ... and make sure that the arm64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the other config.
>
> Commented out the 'extra' variant since it was crashing. Opened a bug
> regarding that: https://bugs.chromium.org/p/v8/issues/detail?id=9568
>
> Similar to x64's https://chromium-review.googlesource.com/c/v8/v8/+/1607654
>
> Bug: v8:7703
> Change-Id: Ifd46b029bab34524f9f536dcdbd1574f2ddcbf37
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1724216
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63019}
Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng
Bug: v8:7703
Change-Id: I1a82b87bf6db4e6d100aeffc29dae60ba73d8119
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1730998
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63043}
This is a reland of bc33f5aeba
Contributed by titzer@chromium.org
Original change's description:
> [arraybuffer] Rearchitect backing store ownership
>
> This CL completely rearchitects the ownership of array buffer backing stores,
> consolidating ownership into a {BackingStore} C++ object that is tracked
> throughout V8 using unique_ptr and shared_ptr where appropriate.
>
> Overall, lifetime management is simpler and more explicit. The numerous
> ways that array buffers were initialized have been streamlined to one
> Attach() method on JSArrayBuffer. The array buffer tracker in the
> GC implementation now manages std::shared_ptr<BackingStore> pointers,
> and the construction and destruction of the BackingStore object itself
> handles the underlying page or embedder-allocated memory.
>
> The embedder API remains unchanged for now. We use the
> v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> keep the backing store alive properly, even in the case of aliases
> from live heap objects. Thus the embedder has a lower chance of making
> a mistake. Long-term, we should move the embedder to a model where they
> manage backing stores using shared_ptr to an opaque backing store object.
TBR=yangguo@chromium.org
BUG=v8:9380,v8:9221,chromium:986318
Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63041}
The mode without write barriers works only if incremental marking
is disabled and the single generation mode is enabled.
Bug: v8:9533
Change-Id: Iecf83b0810f757c9b50e7fb338a2905af938f1d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1716471
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63033}
... and make sure that the arm64 ptr-compr bots proceed testing V8 without
pointer compression in order to keep testing the other config.
Commented out the 'extra' variant since it was crashing. Opened a bug
regarding that: https://bugs.chromium.org/p/v8/issues/detail?id=9568
Similar to x64's https://chromium-review.googlesource.com/c/v8/v8/+/1607654
Bug: v8:7703
Change-Id: Ifd46b029bab34524f9f536dcdbd1574f2ddcbf37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1724216
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63019}
This reverts commit df8e617772.
Reason for revert: Multiple flakes in apparently related areas:
https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8906409837768155568/+/steps/Check__flakes_/0/logs/BackingStoreTest.RacyGrowWasmMem.../0
Original change's description:
> "Reland x3 [arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of bc33f5aeba
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
>
> R=mlippautz@chromium.org
> BUG=v8:9380,v8:9221,chromium:986318
> TBR=ulan@chromium.org
>
> Change-Id: I6c49e2425029b5664ef1c68dab8b5146f4ed0ff2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1719191
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63007}
TBR=mstarzinger@chromium.org,titzer@chromium.org,mlippautz@chromium.org
Change-Id: If0266e5893b1325a332d5986337fa7ece2cb6943
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9380, v8:9221, chromium:986318
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1729549
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63011}
This is a reland of 517ab73fd7
Updates since original: now compressed pointers passed to the function
GetObjectProperties are required to be sign-extended. Previously, the
function allowed zero-extended values, but that led to ambiguity on
pointers like 0x88044919: is it compressed or is the heap range actually
centered on 0x100000000?
Original change's description:
> Add postmortem debugging helper library
>
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
>
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
>
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
>
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
>
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
> the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
> generated by mkgrokdump. The caller may optionally provide the
> pointers for the first pages of various heap spaces, to avoid spurious
> matches. If those pointers are not provided, then any matches are
> prefixed with "maybe" in the resulting description string, such as
> "maybe UndefinedValue (0x4288000341 <Oddball>)".
>
> Bug: v8:9376
>
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}
Bug: v8:9376
Change-Id: I866a1cc9d4c34bfe10c7b98462451fe69763cf3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1717090
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#63008}
This is a reland of bc33f5aeba
Original change's description:
> [arraybuffer] Rearchitect backing store ownership
>
> This CL completely rearchitects the ownership of array buffer backing stores,
> consolidating ownership into a {BackingStore} C++ object that is tracked
> throughout V8 using unique_ptr and shared_ptr where appropriate.
>
> Overall, lifetime management is simpler and more explicit. The numerous
> ways that array buffers were initialized have been streamlined to one
> Attach() method on JSArrayBuffer. The array buffer tracker in the
> GC implementation now manages std::shared_ptr<BackingStore> pointers,
> and the construction and destruction of the BackingStore object itself
> handles the underlying page or embedder-allocated memory.
>
> The embedder API remains unchanged for now. We use the
> v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> keep the backing store alive properly, even in the case of aliases
> from live heap objects. Thus the embedder has a lower chance of making
> a mistake. Long-term, we should move the embedder to a model where they
> manage backing stores using shared_ptr to an opaque backing store object.
R=mlippautz@chromium.org
BUG=v8:9380,v8:9221,chromium:986318
TBR=ulan@chromium.org
Change-Id: I6c49e2425029b5664ef1c68dab8b5146f4ed0ff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1719191
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63007}
With the arrival of generic structs (https://chromium-review.googlesource.com/c/v8/v8/+/1714868) the existing type inference procedure for generic calls became incomplete, since it could not infer types that were only constrained as part of generic types. For instance, given
struct Box<T: Type> { ... }
macro unbox<T: type>(box: Box<T>): T
the type argument (Smi) at the following call site
const box: Box<Smi> = ...;
unbox(box);
could not be inferred.
This CL re-implements the inference procedure and documents the semantics of type argument inference in Torque a bit more clearly.
R=tebbi@chromium.org
Change-Id: I868f16afbd9864b9c810ac49bc1639b467df939c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1720812
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63005}
On Windows ARM64, OS stack walking does not work because the V8 ARM64 backend
doesn't emit unwinding info and also because it doesn't emit ABI compliant
stack frames. This was fixed for Windows X64 (https://crrev.com/c/1469329) and
documented below:
https://docs.google.com/document/d/1-wf50jFlii0c_Pr52lm2ZU-49m220nhYMrHDi3vXnh0
This problem can be fixed similarly for Windows ARM64 by observing that V8
frames usually all have the same prolog which maintains a chain via frame
pointer (fp or x29 register).
stp fp, lr, [sp, ...]
One exception is JSEntry which stops fp pointer chain and needs to be handled
specially.
So it is possible to define XDATA with UNWIND_CODE which specify how Windows
should walk through V8 dynamic frames. The same as X64, since V8 Code objects
are all allocated in the same code-range for an Isolate, it is possible to
register at most 2 XDATA and a group of PDATA entries to cover stack walking
for all the code generated inside that code-range. This is more than 1
PDATA/XDATA because according to the Windows ARM64 exeption handling document,
1 PDATA can cover less than 1MB code range (see below doc).
https://docs.microsoft.com/en-us/cpp/build/arm64-exception-handling
This PR implements stackwalk for Windows ARM64 to be on par with X64, including
embedded builtins, jitted code and wasm jitted code, but not including register
handler for handling exception only, because there is no backward compatibility
to maintain for Windows ARM64 which was released since 1709 windows build.
Bug: chromium:893460
Change-Id: Ic74cbdad8af5cf342185030a4c53796f12ea5429
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1701133
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63002}
Previously, this was run as a microtask and this CL changes it to run
as a separate task as mandated by the current WeakRef spec.
This CL also introduces a FinalizationGroup type to the V8 API
representing the JSFinalizationGroup. This has a `Cleanup`
function that runs the cleanup callback associated with it.
SetHostCleanupFinalizationGroupCallback is added to set
the embedder defined HostCleanupFinalizationGroupCallback.
ClearKeptObject is exposed on the v8::Isolate to reset the strongly
held set of objects.
The general workflow is the following:
(a) When the GC notices that a given finalization group has dirty
cells, it calls HostCleanupFinalizationGroupCallback with the given
finalization group.
(b) As part of HostCleanupFinalizationGroupCallback, the embedder
enqueues a task that at some point later calls
FinalizationGroup::Cleanup.
(c) At some point in the future, FinalizationGroup::Cleanup is called,
which runs the cleanup callback of the finalization group.
This patch also includes d8 changes to use these new APIs. Currently,
d8 cycles through the enqueued finalization groups after a synchronous
turn (and it's microtask checkpoint) and runs the cleanup callbacks.
Change-Id: I06eb4da2c103b2792a9c62bc4b98fd4e5c4892fc
Bug: v8:8179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655655
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62984}
This CL removes the built-in reference type in favor of a Torque-implemented generic struct, i.e., internal::Reference<T>. It also adds various infrastructure for getting and creating new generic struct instances, as well as matching against them.
R=tebbi@chromium.org
Change-Id: I1e3d6afe355a0603fa9c3ad789c6b8a97d1b3c26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1718148
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62939}
This reverts commit 517ab73fd7.
Reason for revert: Test failures https://bugs.chromium.org/p/v8/issues/detail?id=9538
Original change's description:
> Add postmortem debugging helper library
>
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
>
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
>
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
>
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
>
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
> the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
> generated by mkgrokdump. The caller may optionally provide the
> pointers for the first pages of various heap spaces, to avoid spurious
> matches. If those pointers are not provided, then any matches are
> prefixed with "maybe" in the resulting description string, such as
> "maybe UndefinedValue (0x4288000341 <Oddball>)".
>
> Bug: v8:9376
>
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}
TBR=yangguo@chromium.org,mvstanton@chromium.org,jgruber@chromium.org,tebbi@chromium.org,seth.brenith@microsoft.com
Change-Id: Ia078f2e8d101d2375b5db88021b2d65d28f1b075
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9376
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1716033
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62899}
This flag ensures that all allocations are performed in the old generation. This only works when inline allocation and allocation folding are both disabled.
Bug: v8:9533
Change-Id: I9ad5e8bf492c43603ab2a4a1292198e1b9882dfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710335
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62893}
This change begins to implement the functionality described in
https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
for investigating V8 state in crash dumps.
This change adds a new library, v8_debug_helper, for providing platform-
agnostic assistance with postmortem debugging. This library can be used
by extensions built for debuggers such as WinDbg or lldb. Its public API
is described by debug-helper.h; currently the only method it exposes is
GetObjectProperties, but we'd like to add more functionality over time.
The API surface is restricted to plain C-style structs and pointers, so
that it's easy to link from a debugger extension built with a different
toolchain.
This change also adds a new cctest file to exercise some basic
interaction with the new library.
The API function GetObjectProperties takes an object pointer (which
could be compressed, or weak, or a SMI), and returns a string
description of the object and a list of properties the object contains.
For now, the list of properties is entirely based on Torque object
definitions, but we expect to add custom properties in future updates so
that it can be easier to make sense of complex data structures such as
dictionaries.
GetObjectProperties does several things that are intended to generate
somewhat useful results even in cases where memory may be corrupt or
unavailable:
- The caller may optionally provide a type string which will be used if
the memory for the object's Map is inaccessible.
- All object pointers are compared against the list of known objects
generated by mkgrokdump. The caller may optionally provide the
pointers for the first pages of various heap spaces, to avoid spurious
matches. If those pointers are not provided, then any matches are
prefixed with "maybe" in the resulting description string, such as
"maybe UndefinedValue (0x4288000341 <Oddball>)".
Bug: v8:9376
Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62882}
This reverts commit 306cf40344.
Reason for revert: performance regressions / too near branch point
TBR=mslekova@chromium.org
BUG=v8:9380
Change-Id: If77630b73eafbf1190c823199fe2a34361da303f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714867
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62867}
This is a reland of bc33f5aeba
Original change's description:
> Reland "[arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of 31cd5d83d3
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
> >
> > R=mlippautz@chromium.org
> > BUG=v8:9380,v8:9221
> >
> > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323
> > Commit-Queue: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#62572}
>
> Bug: v8:9380, v8:9221
> Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62809}
Bug: v8:9380, v8:9221
Change-Id: I9a2525753ae2424108d074fa81df5f25d945c824
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709409
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62847}
Reflect.deleteProperty now is a Torque builtins, also containing fast
path for proxy object.
Bug: v8:6664
Change-Id: I76d6fba2c9d05d991132957783d987a190585ec8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1704943
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62813}
This reverts commit bc33f5aeba.
Reason for revert: Still failing (OOM on win32): https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/22210
Original change's description:
> Reland "[arraybuffer] Rearchitect backing store ownership"
>
> This is a reland of 31cd5d83d3
>
> Original change's description:
> > [arraybuffer] Rearchitect backing store ownership
> >
> > This CL completely rearchitects the ownership of array buffer backing stores,
> > consolidating ownership into a {BackingStore} C++ object that is tracked
> > throughout V8 using unique_ptr and shared_ptr where appropriate.
> >
> > Overall, lifetime management is simpler and more explicit. The numerous
> > ways that array buffers were initialized have been streamlined to one
> > Attach() method on JSArrayBuffer. The array buffer tracker in the
> > GC implementation now manages std::shared_ptr<BackingStore> pointers,
> > and the construction and destruction of the BackingStore object itself
> > handles the underlying page or embedder-allocated memory.
> >
> > The embedder API remains unchanged for now. We use the
> > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> > keep the backing store alive properly, even in the case of aliases
> > from live heap objects. Thus the embedder has a lower chance of making
> > a mistake. Long-term, we should move the embedder to a model where they
> > manage backing stores using shared_ptr to an opaque backing store object.
> >
> > R=mlippautz@chromium.org
> > BUG=v8:9380,v8:9221
> >
> > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323
> > Commit-Queue: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#62572}
>
> Bug: v8:9380, v8:9221
> Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62809}
TBR=ulan@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,titzer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org
Change-Id: Iea755df9aaa1e95d284135bd0a6681b1340b6832
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9380, v8:9221
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708487
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62811}
This is a reland of 31cd5d83d3
Original change's description:
> [arraybuffer] Rearchitect backing store ownership
>
> This CL completely rearchitects the ownership of array buffer backing stores,
> consolidating ownership into a {BackingStore} C++ object that is tracked
> throughout V8 using unique_ptr and shared_ptr where appropriate.
>
> Overall, lifetime management is simpler and more explicit. The numerous
> ways that array buffers were initialized have been streamlined to one
> Attach() method on JSArrayBuffer. The array buffer tracker in the
> GC implementation now manages std::shared_ptr<BackingStore> pointers,
> and the construction and destruction of the BackingStore object itself
> handles the underlying page or embedder-allocated memory.
>
> The embedder API remains unchanged for now. We use the
> v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> keep the backing store alive properly, even in the case of aliases
> from live heap objects. Thus the embedder has a lower chance of making
> a mistake. Long-term, we should move the embedder to a model where they
> manage backing stores using shared_ptr to an opaque backing store object.
>
> R=mlippautz@chromium.org
> BUG=v8:9380,v8:9221
>
> Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62572}
Bug: v8:9380, v8:9221
Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62809}
This adds a simple counter to Turbofan that's incremented throughout the compilation, hopefully
frequently enough so we can use it to detect divergence and performance bugs.
In addition, we assert that this counter never gets too high. That's the equivalent of a simple
timeout, just more deterministic. The limitations on Turbofan input size should guarantee that
we never exceed this limit. Since we probably do exceed it rarely, this check is only a DCHECK and
intended to detect performance and divergence issues, but not supposed to be performed in release
builds.
In addition, this CL adds UMA stats to observe the real world distribution of the tick measurement.
Bug: v8:9444
Change-Id: I182dac6ecac64715e3f5885ff5c7c17549351cd0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695475
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62754}
Add CPU trace mark extension for adding a magic instruction like 'cpuid'
to the code stream when perform trace collection.
This feature can be enabled by --expose-cputracemark-as=THE_NAME_YOU_SPECIFIED option.
Change-Id: I33e94793cddf4956dbb3ddddf2f599420aa4a945
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1699749
Commit-Queue: Tianyou Li <tianyou.li@intel.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62749}
This CL adds the support for Base64 VLQ decoding, which is the base of
parsing source map files (Version 3). With this support, the mappings of
C/C++ source code and WASM bytecode could be built in V8 engine. The
newly-added function is called VLQBase64Decode, which accepts two
character to be decoded. Upon its return, the position is updated with
the next start position. The unittest of this support is also added in
this CL.
argument: the Base64-encoded VLQ string and the position of first
Change-Id: If0f32972ecd7488844478a7b93a0f10cc38b6a5d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657421
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Zhiguo Zhou <zhiguo.zhou@intel.com>
Cr-Commit-Position: refs/heads/master@{#62748}
This CL adds the --assert-types flag to d8, which is intended to
insert additional runtime checks after typed nodes, verifying the
validity of our typing rules. So far, only range types are checked.
Thanks to Neil Patil for suggesting something similar.
R=neis@chromium.org, tebbi@chromium.org
Change-Id: I5eb2c482235ec8cd07ee802ca7c12c86c2d3dc40
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678372
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62664}
With lazy feedback allocation and bytecode flushing we need to call
%PrepareFunctionForOptimize before we call %OptimizeFunctionOnNextCall/
%OptimizeOsr. This cl:
1. Adds an additional state in pending optimized table to check if the
optimization was triggered manually.
2. Changes the compilation pipeline to delete the entry from pending
optimized table only if the optimization was triggered through
%OptimizeFunctionOnNextCall / %OptimizeOsr.
3. Adds a check to enforce %PrepareFunctionForOptimize was called.
4. Adds a new run-time flag to only check in the d8 test runner. We
don't want this check enabled in other cases like clusterfuzz that doesn't
ensure %PrepareFunctionForOptimize is called.
Bug: v8:8394, v8:8801, v8:9183
Change-Id: I9ae2b2da812e313c746b6df0b2da864c2ed5de51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664810
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62653}
BasicMemoryChunk sits above the MemoryChunk in the chunk hierarchy and
is responsible for storing the bare minimum data to identify a chunk of
memory, without worrying about GC etc.
This change also completes the MemoryChunk offset asserts, which were
previously missing for few key properties.
Bug: v8:7464
Change-Id: Id4c7716c4ed5722ceca3cbc66d668aed016c74b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1688843
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62652}
This makes it clearer what this class does, and is more consistent with
the terminology used by ignition (BytecodeGenerator).
Change-Id: I9085f29f437cf15605a5ae971b1fc72d6c79feaa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692923
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62612}
The current integration of crash keys into v8 got the dependencies wrong: it introduced into v8 a dependency on components and base. This change will allow moving the implementation into "gin" (via Platform's abstraction), which is ok to depend on components and base, while providing the default noop implementation for the embedders that don't care to collect crash keys. Gin's side: https://chromium-review.googlesource.com/c/chromium/src/+/1690003.
Bug: v8:9323
Change-Id: I7b6e3e2cdc4b5f14f61ad20d2c362344d53896c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1689834
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62579}
This reverts commit 31cd5d83d3.
Reason for revert: It breaks my heart to revert this, but it fails differently on several bots, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20debug/26671.
Original change's description:
> [arraybuffer] Rearchitect backing store ownership
>
> This CL completely rearchitects the ownership of array buffer backing stores,
> consolidating ownership into a {BackingStore} C++ object that is tracked
> throughout V8 using unique_ptr and shared_ptr where appropriate.
>
> Overall, lifetime management is simpler and more explicit. The numerous
> ways that array buffers were initialized have been streamlined to one
> Attach() method on JSArrayBuffer. The array buffer tracker in the
> GC implementation now manages std::shared_ptr<BackingStore> pointers,
> and the construction and destruction of the BackingStore object itself
> handles the underlying page or embedder-allocated memory.
>
> The embedder API remains unchanged for now. We use the
> v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
> keep the backing store alive properly, even in the case of aliases
> from live heap objects. Thus the embedder has a lower chance of making
> a mistake. Long-term, we should move the embedder to a model where they
> manage backing stores using shared_ptr to an opaque backing store object.
>
> R=mlippautz@chromium.org
> BUG=v8:9380,v8:9221
>
> Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62572}
TBR=ulan@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,titzer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org
Change-Id: Ib35788ba8c31192d90cbc72df3dbc41030f109de
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9380, v8:9221
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691034
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62578}
This CL completely rearchitects the ownership of array buffer backing stores,
consolidating ownership into a {BackingStore} C++ object that is tracked
throughout V8 using unique_ptr and shared_ptr where appropriate.
Overall, lifetime management is simpler and more explicit. The numerous
ways that array buffers were initialized have been streamlined to one
Attach() method on JSArrayBuffer. The array buffer tracker in the
GC implementation now manages std::shared_ptr<BackingStore> pointers,
and the construction and destruction of the BackingStore object itself
handles the underlying page or embedder-allocated memory.
The embedder API remains unchanged for now. We use the
v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to
keep the backing store alive properly, even in the case of aliases
from live heap objects. Thus the embedder has a lower chance of making
a mistake. Long-term, we should move the embedder to a model where they
manage backing stores using shared_ptr to an opaque backing store object.
R=mlippautz@chromium.org
BUG=v8:9380,v8:9221
Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62572}
The client API provides a much simpler interface so that we don't have
to deal with producers, consumers etc. directly. This CL removes all the
code that dealt with the more complex API used previously.
The architecture used here requires that the embedder call into
Tracing::Initialize() to set up the tracing backend. The tracing
controller then connects to this backend when calling
DataSource::Register() and Tracing::NewTrace(). This will ultimately
avoid the need for a virtual call (or two) for every trace event that
need to be dispatched over the API - chrome can provide a backend
and V8 will connect to it opaquely with the same code when tracing is
enabled.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I6b74fbb49ffcc89638caeb59ed3d5cc81238f3e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634916
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62568}
This is a reland of f23f644fb3
Fix the issue by wrap v8_executable("gen-regexp-special-case")
inside if (current_toolchain == v8_generator_toolchain) {
and change deps of action("run_gen-regexp-special-case")
to ":gen-regexp-special-case($v8_generator_toolchain)",
Original change's description:
> Speed up CharacterRange::AddCaseEquivalents
>
> By using the lexCss("color:") to measure the performance
> The change make the lexCss("color:")
> x21 - x40 times faster than trunk.
> x2.3 - x4.6 times faster than m74.
>
> Design Doc: http://shorturl.at/adfO5
>
> Measured by out/x64.release/d8 reg977003.js
> see reg977003.js attached to chromium:977003
>
> Also see another cl of benchmark in
> https://chromium-review.googlesource.com/c/v8/v8/+/1679651/
>
>
> Bug: chromium:977003
> Change-Id: Ie8518493d2c33df1594be1b4576bda715087b421
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674851
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62471}
Bug: chromium:977003
Change-Id: Ie690810f596e9551b5765f422665c9617391bcf8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1683706
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62486}
This reverts commit f23f644fb3.
Reason for revert: Breaks arm debug builder - https://ci.chromium.org/p/v8/builders/ci/V8%20Arm%20-%20debug%20builder/22390 - missing file?
Original change's description:
> Speed up CharacterRange::AddCaseEquivalents
>
> By using the lexCss("color:") to measure the performance
> The change make the lexCss("color:")
> x21 - x40 times faster than trunk.
> x2.3 - x4.6 times faster than m74.
>
> Design Doc: http://shorturl.at/adfO5
>
> Measured by out/x64.release/d8 reg977003.js
> see reg977003.js attached to chromium:977003
>
> Also see another cl of benchmark in
> https://chromium-review.googlesource.com/c/v8/v8/+/1679651/
>
>
> Bug: chromium:977003
> Change-Id: Ie8518493d2c33df1594be1b4576bda715087b421
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674851
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62471}
TBR=adamk@chromium.org,jkummerow@chromium.org,yangguo@chromium.org,jshin@chromium.org,gsathya@chromium.org,ftang@chromium.org
Change-Id: I780fac2cf5f4bae6846f8d5c8765cabd76637545
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:977003
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1684073
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62472}
By using the lexCss("color:") to measure the performance
The change make the lexCss("color:")
x21 - x40 times faster than trunk.
x2.3 - x4.6 times faster than m74.
Design Doc: http://shorturl.at/adfO5
Measured by out/x64.release/d8 reg977003.js
see reg977003.js attached to chromium:977003
Also see another cl of benchmark in
https://chromium-review.googlesource.com/c/v8/v8/+/1679651/
Bug: chromium:977003
Change-Id: Ie8518493d2c33df1594be1b4576bda715087b421
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674851
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62471}
This is a reland of 24ac9a9a72
Fixed an msvc warning.
Original change's description:
> [roheap] Enable shared ro-heap by default if ptr compression is disabled
>
> Shared read-only heap is currently incompatible with pointer compression.
> Enable sharing only if pointer compression is disabled.
>
> Bug: v8:7464
> Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Cr-Commit-Position: refs/heads/master@{#61963}
Bug: v8:7464
Change-Id: Ieb5fefe8be1f94e0ac8e769d73de21427559ccab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681128
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#62445}
This change is a partial implementation of Synthetic Module Record as specified here:
https://heycam.github.io/webidl/#synthetic-module-records
This includes:
- Introduce SyntheticModule class inheriting from Module.
- Extend v8::Module interface in v8.h to include Synthetic Module APIs, with corresponding
implementations in api.cc.
- Provide SyntheticModule implementations of PrepareInstantiate, FinishInstantiate, and SetExport.
- Provide cctest unit tests for the implementations in the preceding item.
We will follow up with further submissions to implement the remaining members of
SyntheticModule (ResolveExport and Evaluate).
Bug: v8:9292
Change-Id: I25b1b695b5d1c3004677cd685f0dfd95283438fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1626829
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62433}
This reverts commit a05bcc3afd.
Reason for revert: Still issues with maybe_assigned, blocking roll.
Original change's description:
> Reland "Enable lazy source positions by default"
>
> Second attempt to reland 69fafb5fe3
> now that the maybe_assigned bug is fixed.
>
> > Original change's description:
> > Enable lazy source positions by default
> >
> > Also adds a compile time flag which allows the default to be configured
> > so node can disable it since it hangs the node cpu profiler tests.
> >
> > Bug: v8:8510
> > Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Commit-Queue: Dan Elphick <delphick@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#62089}
>
> Bug: v8:8510
> Change-Id: Ia6d5d1d3a3c2b6a14c70ee67b02bec62a6a1a1d4
> Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679498
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62411}
TBR=rmcilroy@chromium.org,delphick@chromium.org
Change-Id: I52b2924e05ff87f6469be4723e5e13979d1aeffa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1680553
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62428}
This reverts commit 24ac9a9a72.
Reason for revert: compilation failures on windows. See https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20builder/29313
Original change's description:
> Reland "[roheap] Enable shared ro-heap by default if ptr compression is disabled"
>
> This is a reland of fb4d54802e
>
> Few test-serialize tests were not clearing the shared heap before using a
> new snapshot, breaking the noembed build. This is fixed now and a check
> has been added
> (https://chromium-review.googlesource.com/c/v8/v8/+/1667415) to make
> sure it doesn't happen again.
>
> Original change's description:
> > [roheap] Enable shared ro-heap by default if ptr compression is disabled
> >
> > Shared read-only heap is currently incompatible with pointer compression.
> > Enable sharing only if pointer compression is disabled.
> >
> > Bug: v8:7464
> > Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509
> > Reviewed-by: Dan Elphick <delphick@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> > Cr-Commit-Position: refs/heads/master@{#61963}
>
> Bug: v8:7464
> Change-Id: Ie7d09cebf897a3f0e4a6c103ad0c132c4faf6c6e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667418
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Cr-Commit-Position: refs/heads/master@{#62425}
TBR=delphick@chromium.org,goszczycki@google.com
Change-Id: Ia96e2f13b502f96315ac2ed3447373c7b5774c6a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1680659
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62426}
This is a reland of fb4d54802e
Few test-serialize tests were not clearing the shared heap before using a
new snapshot, breaking the noembed build. This is fixed now and a check
has been added
(https://chromium-review.googlesource.com/c/v8/v8/+/1667415) to make
sure it doesn't happen again.
Original change's description:
> [roheap] Enable shared ro-heap by default if ptr compression is disabled
>
> Shared read-only heap is currently incompatible with pointer compression.
> Enable sharing only if pointer compression is disabled.
>
> Bug: v8:7464
> Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Cr-Commit-Position: refs/heads/master@{#61963}
Bug: v8:7464
Change-Id: Ie7d09cebf897a3f0e4a6c103ad0c132c4faf6c6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667418
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#62425}
powered by a new function Execution::CallWasm and a corresponding,
Turbofan-generated CWasmEntry stub. This entirely sidesteps the
traditional Execution::Invoke -> JSEntryStub path.
Change-Id: If2b97825cca4ce927eecbddc248c64782d903287
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660618
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62424}
Second attempt to reland 69fafb5fe3
now that the maybe_assigned bug is fixed.
> Original change's description:
> Enable lazy source positions by default
>
> Also adds a compile time flag which allows the default to be configured
> so node can disable it since it hangs the node cpu profiler tests.
>
> Bug: v8:8510
> Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62089}
Bug: v8:8510
Change-Id: Ia6d5d1d3a3c2b6a14c70ee67b02bec62a6a1a1d4
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679498
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62411}
ObjectSetPrototypeOf and ReflectSetPrototypeOf are now Torque builtins (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously).
Perf improvement in micro-benchmark JSTests/Proxies
Before:
SetPrototypeOfWithoutTrap-Proxies(Score): 120
SetPrototypeOfWithTrap-Proxies(Score): 112
After:
SetPrototypeOfWithoutTrap-Proxies(Score): 131
SetPrototypeOfWithTrap-Proxies(Score): 127
Bug: v8:6664
Change-Id: I630096e1964c91d1ec39e19f380a2e9e948de4bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669787
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62402}
This is a reland of 02103b276b
Fix for the original build break: build android with noop crashkeys for now
Original change's description:
> Add Crash Keys support
>
> This adds crash keys containing the isolate address and addresses of
> the read_only, map, and code spaces to crash report minidumps.
> When not compiling V8 with Chrome, a noop implementation is used.
>
> Bug: v8:9323
> Change-Id: I8523630e7a4ff792855163c06bf76dab35b1b9e5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641326
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62059}
Bug: v8:9323
Change-Id: I6bb115ad14b2ce5865f4d8fb255245c38fb0cd14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658505
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62320}
Rework the implementation of non-external Torque classes to use
Struct machinery rather than FixedArray machinery. This allows
Torque-only defined 'internal' classes to the automatically generate
class verifiers and printers.
As part of this change, generate C++ boilerplate accessors for
internal Torque classes, since this is a pre-requisite for the
verifiers, printers and other Struct-based functionality.
Moreover, augment the header-generating functionality in Torque
to create separate header files for field offset definitions,
internal class C++ definitions and instance types.
Bug: v8:7793
Change-Id: I47d5f1570040c2b44d378f23b6cf95d3d132dacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607645
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62317}
v8memory.h does not have V8 specific definitions, and having it in base
makes it clear that every component may include the file. It also
ensures that including it does not create spurious dependencies on
v8_base.
Change-Id: I565f63b25f33a9ada19d7b2ac5990863ab17f4a7
Bug: v8:9183, v8:8855
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657923
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62309}
Introduce SourceTextModule as a subclass of Module. Move all the
JavaScript-module-specific code down from Module to
SourceTextModule, with all code applicable to other future
module types remaining in Module.
With this change, Module is roughly equivalent to the spec's
Abstract Module Record and SourceTextModule is roughly equivalent
to Source Text Module Record.
Bug: v8:9292
Change-Id: I6e9cd3ece9d0c1da57e52f8af8ed5848d87dd22d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1633154
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62296}
This reverts commit ccf0d80261.
Reason for revert: Breaks https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20debug/26472
Original change's description:
> Reland "Enable lazy source positions by default"
>
> This is a reland of 69fafb5fe3
> after fixing the in crash with
> https://chromium-review.googlesource.com/c/v8/v8/+/1664334
>
> Original change's description:
> > Enable lazy source positions by default
> >
> > Also adds a compile time flag which allows the default to be configured
> > so node can disable it since it hangs the node cpu profiler tests.
> >
> > Bug: v8:8510
> > Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Commit-Queue: Dan Elphick <delphick@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#62089}
>
> Bug: v8:8510
> Change-Id: I81b36dbba3cc7b9a99dc5cc4ea72040fabfec97e
> Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg,v8_linux64_gc_stress_custom_snapshot_dbg_ng
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660484
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Auto-Submit: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62288}
TBR=rmcilroy@chromium.org,delphick@chromium.org
Change-Id: Icbe93550850f79d1c29bed3e8084676c453cdf06
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667419
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62294}
This is a reland of 69fafb5fe3
after fixing the in crash with
https://chromium-review.googlesource.com/c/v8/v8/+/1664334
Original change's description:
> Enable lazy source positions by default
>
> Also adds a compile time flag which allows the default to be configured
> so node can disable it since it hangs the node cpu profiler tests.
>
> Bug: v8:8510
> Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62089}
Bug: v8:8510
Change-Id: I81b36dbba3cc7b9a99dc5cc4ea72040fabfec97e
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg,v8_linux64_gc_stress_custom_snapshot_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660484
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62288}
The last use of V8's SplayTree was in diagnostics and is now replaced
by std::map.
Bug: v8:9359
Change-Id: I7b79fe619eb734343579652058be4d2b81fd4a1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664060
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62276}
This class used to be based on DispatchTable, which itself uses an
interval tree to both categorize and canonicalize ranges
(i.e. such that no overlap and all immediately adjacent ranges are
merged). The produced ranges were then entered into lists for
{bmp,lead_surrogate,trail_surrogate,non_bmp} splits.
With this CL, we simplify to a plain loop over all character range
kinds instead. The dispatch table (and ZoneSplayList, perhaps
SplayList) can be removed in follow-ups.
Bug: v8:9359
Change-Id: I9c6b72f3bc44d1557af7c74419709ae5662611f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664053
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62260}
ObjectGetPrototypeOf and ReflectGetPrototypeOf are now Torque builtins (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously).
Perf improvement in micro-benchmark JSTests/Proxies
Before:
GetPrototypeOfWithoutTrap-Proxies(Score): 1876
GetPrototypeOfWithTrap-Proxies(Score): 857
After:
GetPrototypeOfWithoutTrap-Proxies(Score): 2810
GetPrototypeOfWithTrap-Proxies(Score): 3197
Bug: v8:6664
Change-Id: If60dda67d6e90c2d6f0ec743f6cb7c0fff54d607
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658717
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62256}
This CL renames jsregexp.{h,cc} to regexp.{h,cc}, hides all non-public
functions of RegExpImpl in the .cc file, and renames the public parts
of RegExpImpl to just RegExp. Include directives from outside the
src/regexp directory are limited to regexp.h, regexp-stack.h, and
regexp-utils.h. We also expose all result codes that can be returned
by irregexp code (including RETRY) on the public header since they
are needed elsewhere, e.g. in builtins.
Bug: v8:9359
Change-Id: Iae1a01ac9f6e1e4dc168f3fbe8fe8679cb6b1259
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662297
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62240}
This further reduces the number of things declared in the public
regexp API file, currently still named jsregexp.h.
* Move JSRegExp::Flags convenience functions to regexp-compiler.h.
* Set RegExpImpl methods private if possible (these will later be
moved to a new hidden impl class).
* Merge RegExpEngine::CompilationResult into RegExpCompileData.
* Move remaining RegExpEngine methods to RegExpImpl and delete
RegExpEngine.
* Extract RegExpGlobalCache.
* Document a few data structures.
Upcoming CLs will rename RegExpImpl to RegExp and jsregexp.h to
regexp.h. This should then be the only header included from other
directories.
Bug: v8:9359
Change-Id: I78c8f4cca495a2b95735a48b6181583bc3310bdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662294
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62218}
It will allow us to use knowledge about the type of field during value
decompression upon field read.
Use the new class for HeapObject::MapField.
Bug: v8:9353
Change-Id: I1368426ec2e25fcec3af8d5cccd7a78d80423e72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658150
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62184}
This is a reland of 811bfbbc56
Original change's description:
> [regexp] Move AST-to-Node code to a dedicated file
>
> Prior to this CL, jsregexp contains a bunch of things that are slightly
> related but would be cleaner in separate files, including: AST-to-Node
> transformations, the compiler implementation, and a debugging printer.
>
> This CL extracts AST-to-Node transformations.
>
> Bug: v8:9359
> Change-Id: I030cfca5c40cfd72e3a7abe2188e4654cfe2277c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655303
> Auto-Submit: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62148}
Tbr: yangguo@chromium.org
Bug: v8:9359
Change-Id: I68a16086dc56c9a059547033ca8bc1e9de1080db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658568
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62154}
This reverts commit 811bfbbc56.
Reason for revert: Breaks noi18n build (https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/27201)
Original change's description:
> [regexp] Move AST-to-Node code to a dedicated file
>
> Prior to this CL, jsregexp contains a bunch of things that are slightly
> related but would be cleaner in separate files, including: AST-to-Node
> transformations, the compiler implementation, and a debugging printer.
>
> This CL extracts AST-to-Node transformations.
>
> Bug: v8:9359
> Change-Id: I030cfca5c40cfd72e3a7abe2188e4654cfe2277c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655303
> Auto-Submit: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62148}
TBR=yangguo@chromium.org,jgruber@chromium.org,petermarshall@chromium.org
Change-Id: I079e15b02d73d81aef806992f324f08d7008e367
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658160
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62149}
Prior to this CL, jsregexp contains a bunch of things that are slightly
related but would be cleaner in separate files, including: AST-to-Node
transformations, the compiler implementation, and a debugging printer.
This CL extracts AST-to-Node transformations.
Bug: v8:9359
Change-Id: I030cfca5c40cfd72e3a7abe2188e4654cfe2277c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655303
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62148}
Refactor-only, this moves interrupt scopes and stack guard code into
their own dedicated files.
Change-Id: I5723a04786a04bba31a0da54622f3cd0b926ef07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655288
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62141}
ObjectPreventExtensions and ReflectPreventExtensions are now Torque builtins (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously).
Perf improvement in micro-benchmark JSTests/Proxies
Before:
PreventExtensionsWithoutTrap-Proxies(Score): 1978
PreventExtensionsWithTrap-Proxies(Score): 739
After:
PreventExtensionsWithoutTrap-Proxies(Score): 3017
PreventExtensionsWithTrap-Proxies(Score): 2044
Bug: v8:6664
Change-Id: I6505d730cea6b0d197f6f5d0540b39056c8b763d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1652688
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62130}
This adds regexp-macro-assembler-arch.h which contains the arch-specific
include dispatch.
Change-Id: Ibc2be8059d54b57afeed9b7ce244229ce1bd79bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655296
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62118}
This reverts commit 69fafb5fe3.
Reason for revert: V8 Linux64 GC Stress - custom snapshot
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/26291
Original change's description:
> Enable lazy source positions by default
>
> Also adds a compile time flag which allows the default to be configured
> so node can disable it since it hangs the node cpu profiler tests.
>
> Bug: v8:8510
> Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62089}
TBR=rmcilroy@chromium.org,delphick@chromium.org
Change-Id: I92a64ddc63e36ec326e6d8ba1a5b68af38e3134b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1653112
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62091}
Also adds a compile time flag which allows the default to be configured
so node can disable it since it hangs the node cpu profiler tests.
Bug: v8:8510
Change-Id: Idf4785036dc6242769410091518a67ac9179b718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62089}
This CL creates global-context.cc and moves the GlobalContext
constructor impl to this new file. Preparatory refactoring for import
syntax.
This CL also removes one unused static method from GlobalContext
and changes two use-sites where Get() was used together with a static
accessor.
Drive-by: "Include what you use" for global-context.h
Bug: v8:9183
Change-Id: Iafd877d03af9ad65b1c99ebd9743be64192f45c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649790
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62081}
This reverts commit 02103b276b.
Reason for revert: Speculative revert for breakage on roll:
https://chromium-review.googlesource.com/c/chromium/src/+/1650264
Failing build in breakpad:
https://ci.chromium.org/p/chromium/builders/try/linux_chromium_asan_rel_ng/298512
Original change's description:
> Add Crash Keys support
>
> This adds crash keys containing the isolate address and addresses of
> the read_only, map, and code spaces to crash report minidumps.
> When not compiling V8 with Chrome, a noop implementation is used.
>
> Bug: v8:9323
> Change-Id: I8523630e7a4ff792855163c06bf76dab35b1b9e5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641326
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62059}
TBR=jkummerow@chromium.org,tmrts@chromium.org,irinayat@microsoft.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9323
Change-Id: I29138292dd474cf60e2bf3cc9b0629a085abd31c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649787
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62077}
This is reland of Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
Just fix lint error for unused arguments in Torque.
> Original commit message:
> The fast path for IsExtensible proxy trap is already implemented, we just need to use this for ReflectIsExtensible.
Now, ReflectIsExtensible is now a Torque builtin (previously CPP). Other cases will fall back to runtime.
> Bug: v8:6664
> Change-Id: Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645438
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62031}
Bug: v8:6664
Change-Id: If44ac321ce712a969b3f5076411573eb3968cc14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1646900
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62070}
This adds crash keys containing the isolate address and addresses of
the read_only, map, and code spaces to crash report minidumps.
When not compiling V8 with Chrome, a noop implementation is used.
Bug: v8:9323
Change-Id: I8523630e7a4ff792855163c06bf76dab35b1b9e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641326
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62059}
Implements the addition of BigInts as a Torque builtin, which performs necessary
checks and then calls into C++. The core logic of MutableBigInt::AbsoluteAdd,
MutableBigInt::AbsoluteSub and MutableBigInt::AbsoluteCompare is now used by both
the runtime and the Torque generated builtin for best performance.
Bug: v8:9213
Change-Id: I5f6af4dd226f11e6287bd04272ccae6ee5c26498
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640211
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@google.com>
Cr-Commit-Position: refs/heads/master@{#62049}
This reverts commit 566233ae52.
Reason for revert: Breaks the build
Original change's description:
> Extend IsExtensible proxy trap fast path for Reflect.isExtensible
>
> The fast path for IsExtensible proxy trap is already implemented, we just need to use this for ReflectIsExtensible.
> Now, ReflectIsExtensible is now a Torque builtin (previously CPP). Other cases will fall back to runtime.
>
> Bug: v8:6664
> Change-Id: Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645438
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62031}
TBR=jgruber@chromium.org,mslekova@chromium.org,tmrts@chromium.org,duongn@microsoft.com
Change-Id: I92f83d8c9cbdca1a33ddd0e875551deb62d7de89
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6664
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648241
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62033}
The fast path for IsExtensible proxy trap is already implemented, we just need to use this for ReflectIsExtensible.
Now, ReflectIsExtensible is now a Torque builtin (previously CPP). Other cases will fall back to runtime.
Bug: v8:6664
Change-Id: Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645438
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62031}
The implementation is already quite trivial and in addition in case of
ptr-compr this implementation becomes even simpler and C++ compiler
gets the opportunity to hoist common computation of isolate root.
Tbr: yangguo@chromium.org
Bug: v8:7464, v8:7703
Change-Id: I6e59cd43253c9ade5a0e27025ea7fabecd5b7af7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1647171
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62024}
This is a reland of 81abe8f7b6
It also disables ro-heap sharing in nosnap builds
Original change's description:
> [roheap] Enable shared ro-heap by default if ptr compression is disabled
>
> Shared read-only heap is currently incompatible with pointer compression.
> Enable sharing only if pointer compression is disabled.
>
> Bug: v8:7464
> Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Cr-Commit-Position: refs/heads/master@{#61963}
Bug: v8:7464
Change-Id: I6b620152d380864db2a725c25f3c916d695d4f81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1639298
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62015}
ObjectIsExtensible is now a Torque builtin (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously).
Improvement in micro-benchmark
Before:
IsExtensibleWithoutTrap-Proxies(Score): 2228
IsExtensibleWithTrap-Proxies(Score): 917
After:
IsExtensibleWithoutTrap-Proxies(Score): 3683
IsExtensibleWithTrap-Proxies(Score): 3310
Bug: v8:6664
Change-Id: I1fbe1c51cb724a23d7a59fc8231bb3d1461a6add
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637444
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62006}
These were only used by test-log/EquivalenceOfLoggingAndTraversal,
which itself has been marked as failing since 2013. This CL removes
the test itself as well as the TEST natives kind.
Bug: v8:7624,v8:2857
Change-Id: Iedf2b1c94e31ccd1ea885d72bf1fac5d33defa90
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643467
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61984}
Shared read-only heap is currently incompatible with pointer compression.
Enable sharing only if pointer compression is disabled.
Bug: v8:7464
Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#61963}
Without this, asan (rightfully) complains about read-only space leaking.
Because pages are manually allocated using mmap, a few objects within
them need to be explicitly ignored in addition to the read-only heap
itself.
This change re-adds lsan.h, with tweaks to make the type checking a bit
more lenient.
Bug: v8:7464
Change-Id: I0e2809930f3674e3f891e755b568ebb5194da461
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622121
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#61942}
Add .exe to the produced executable for the protoc compiler.
Use include_dirs instead of -isystem. Remove some more warnings that
that causes.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: Ia6b0df63107470ec78f8038834205a0e4fe34b21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632069
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61893}
Due to bug chromium:893437, Torque has ASAN disabled on Windows, which
makes it impossible to run unittests for Torque with ASAN being enabled
in the unittests. To fix this, this skips Torque unittests in the
unsupported configuration.
Bug: chromium:893437
Change-Id: I6c8eee1448c63223af4d7336954190e649d125e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632214
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61891}
In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests",
powered by gtest/gmock (like unittests).
Also fix a bunch of issues that these tests uncovered, mostly to ensure
that the stack is walkable.
Change-Id: I1d5604eea85da078ebecd4ebb7383647595f16ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627539
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61885}
Instead of generating one CodeStubAssembler-like class per namespace,
Torque-generated macros are now free-standing functions not included
from CSA code, and explicitly exported macros become part of the new
TorqueGeneratedExportedMacrosAssembler, which CodeStubAssembler
inherits from, thus making them available to all CSA code.
Structs are now defined in a new header csa-types-tq.h as free-standing
types with the prefix "TorqueStruct".
This is a preparation for generating per Torque-file instead of per
namespace.
Change-Id: I60fadc493a63f85d1d340768ec6f11ae47be0cb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628787
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61865}
Add a new abstract class TraceEventListener which is just an interface
for consuming trace events. This separates the V8-specific stuff that
an actual perfetto consumer needs to do e.g. handling the has_more flag
and signalling back to the controller with a semaphore.
This is a change from the previous plan of making the PerfettoConsumer
class sub-classable to implement custom consumption of trace events.
This will be difficult when the consumer is created outside of the
PerfettoTracingController as we can't hook up the
consumer_finished_semaphore_ that belongs to the controller.
Now the PerfettoTracingController is responsible for the Consumer life-
cycle and hides it entirely from callers. We add the
AddTraceEventListener() method to allow callers to register a listener
either for testing or a JSON listener for real tracing.
This lets us write tests that can store all the trace events in memory
without first converting them to JSON, letting us write test more
easily. There's an example test add to test-tracing - more tests using
this style will follow.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I2d2b0f408b1c7bed954144163e1968f40d772c1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628789
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61854}
... which represent potentially compressed Object and MaybeObject
values respectively. They provide methods for checking the smi/weak
tags which don't require decompression and conversion to Smi/HeapObject
combined with tag checks.
The new classes should help to write a bit more efficient runtime (C++)
code for the cases when we don't need the full decompressed value
immediately.
Drive-by-fix: fix ptr-compr build after Object::operator->() removal.
Bug: v8:7703
Change-Id: I7a3d747ab6679120a2cca14e45b0d8bcf33fc496
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624786
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61804}
Split the JSONConsumer into a base case and subclass so that we can
implement different consumers without needing to repeat the code that
deals with the finished semaphore and endpoint setters/getters.
This makes it possible to add a test consumer that just holds the trace
events in memory in a later CL.
This CL re-uses the existing perfetto-consumer.h file to some extent,
but it was accidentally leftover from a previous CL where we stopped
using it and switched to the JSON consumer instead.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I56c305833c8937da76a8e6defbe7a52c59b25106
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621938
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61799}
These were added to support specific cross-compile scenarios that
should now be covered by the --target-os and --target-arch flags.
Bug: v8:9103
Change-Id: I848f4f39cecc83f9ec8529c4f8855662059e3dc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624219
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61787}
Split out embedded file writers for AIX, Windows, and macOS. These are
no longer selected by compile-time defines (e.g. V8_OS_WIN,
V8_TARGET_ARCH_X64) but by --target-os and --target-arch runtime
flags.
Bug: v8:9103
Change-Id: I5d5cac15e48b5c743d74f8a382606a6194ba7865
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624216
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61785}
This is in preparation for better cross-compile support in mksnapshot.
Specifically, this CL series will introduce runtime switches to select
the target platform for generated embedded.S assembly.
Each platform writer will derive from the abstract base class
PlatformEmbeddedFileWriterBase. Currently, the code remains
functionally unmodified and was just moved to
PlatformEmbeddedFileWriterGeneric. This will be split up in future
CLs.
Bug: v8:9103
Change-Id: Ie7e29bb60ba5a8ff6c0c1edec676943b80a1781b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622854
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61745}
The mksnapshot-specific runtime flag --target-arch, together with
--target-os, specifies the target platform for the generated embedded.S
file.
Bug: v8:9103
Change-Id: Icb03a381101e7ab0db4a5fbbf3be8e23ed0b1a1c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624165
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61739}
Bug: v8:9247
Change-Id: I9bcf2694b449f79cdbe03f5fde59cb21b8cad418
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619758
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61676}
Previously, compiling with perfetto would add 2.3 MiB to the d8 release
binary. With this change it's 472 KiB.
This is because trace:lite pulls in many more compiled proto classes
than we need, e.g. a bunch of stuff under ftrace/ which is only used
on Android.
Chrome uses a 'mirror proto' ChromeTrackPacket to only provide
compiled protos for the types of packets it will actually see, which on
non-android devices does not include anything under ftrace/.
We use the same trick here in the JSON consumer.
Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: Iae1f74eec3bd93b18e9f069701fc016440d3ce5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619759
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61662}
Code that is being moved primarily deal with layout of a JSObject,
accessing properties and elements, and map transitions.
NOTREECHECKS=true
NOTRY=true
Bug: v8:9247
Change-Id: Ibce5d5926ac4021c8d40c4dd109948775ce1da58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613994
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61638}
This reverts commit 5f28539599.
Reason for revert: presubmit failure
Original change's description:
> Move logging and diagnostics related source files
>
> This also introduces a COMMON_OWNERS file, which is derived from the
> current top-level OWNERS file. It is to be used for parts of the
> codebase that is not sensitive to domain-specific expertise.
>
> NOPRESUBMIT=true
> TBR=verwaest@chromium.org
>
> Bug: v8:9247
> Change-Id: I34a5eaa7cb1509a80d15094a2aceedd62665b17c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613987
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61600}
TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org
Change-Id: I3827c3af4fd63b18aa48c49617f318a01746e813
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9247
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617247
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61601}
This also introduces a COMMON_OWNERS file, which is derived from the
current top-level OWNERS file. It is to be used for parts of the
codebase that is not sensitive to domain-specific expertise.
NOPRESUBMIT=true
TBR=verwaest@chromium.org
Bug: v8:9247
Change-Id: I34a5eaa7cb1509a80d15094a2aceedd62665b17c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613987
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61600}
This is a reland of d61a9347c8
6th attempt. Relanding after fixing TSan/UBSan issues.
Original change's description:
> [ptr-compr][x64] Temporarily enable pointer compression on x64
>
> ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the full pointer mode.
>
> Bug: v8:7703
> Change-Id: Ib1498609603cb03be2464043658131d5a2f1e012
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559850
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61416}
Bug: v8:7703
Change-Id: I1fa0989aef9ea08e54fd6dfd32d6989367332ce3
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
Cq-Include-Trybots: luci.v8.try:v8_linux64_cfi_rel_ng
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607654
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61559}
Bug: v8:8996
Change-Id: I712f7eea934581f8d0889889a8737548ef8fa255
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1611752
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#61558}
This change adds a flag v8_enable_fast_torque, which follows the pattern
of v8_enable_fast_mksnapshot and can improve build times by running an
optimized Torque compiler during debug builds. On my machine, this
change improves rebuild time after changing a .tq file by about 7
seconds.
Change-Id: I7c91d1059c614fe34eefe7ee8c3cba7c931d5a50
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1612160
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61556}
All macros defined in "format-macros.h" are dead now (after
https://crrev.com/c/1613243). This CL removes this header, and includes
<cinttypes> instead wherever we use format macros for the types defined
in <cstdint>.
Plus some drive-by cleanup of includes.
R=mlippautz@chromium.org
Bug: v8:9183
Change-Id: Ic379759b79edb50e38833defb1577cc3af7c8150
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1611800
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61540}
