When collecting JS block coverage, we track block execution counts on
so-called CoverageInfo objects. Generated bytecode and native code
contains inlined snippets of code to increment the appropriate
counters.
These used to be implemented as calls to the IncBlockCounter runtime
function. Each call incurred the entire CEntry overhead.
This CL reduces that overhead by moving logic over into a new
IncBlockCounter TFS builtin. The builtin is called directly from
bytecode, and lowered to the same builtin call for optimized code.
Drive-by: Tweak CoverageInfo layout to generate faster code.
Tbr: jarin@chromium.org
Bug: v8:9149, v8:6000
Change-Id: I2d7cb0db649edf7c56b5ef5a4683d27b1c34605c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571420
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60981}
The --run-count-multiplier flag was used to run an experiment and is not needed
anymore. It will be superceeded by another parameter that will run benchmarks as
many times as needed until needed confidence is achieved.
R=machenbach@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:880724
Change-Id: Iedd3d0f900a838f97cfa3339f582f6d02cce3e93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578504
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60980}
Bug: v8:8976
Change-Id: Idc896770fd0f448c37d8d83b7970e3f8e16f5f2e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1572682
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60979}
This fixes the bounds check for the 'in' operator to handle the negative
index case properly (by using the same machinery as the potentially
out-of-bounds loads/stores use).
Bug: chromium:952586
Change-Id: I2225acae8be7dcedbcde745e8ef202e789085041
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581179
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60978}
This extends the existing test coverage of interactions between the
exception handling and the reference type proposal. Now "any-func" and
"except-ref" can both be encoded as an exception value. Missing switch
cases have been added.
R=clemensh@chromium.org
TEST=mjsunit/wasm/exceptions-anyref[-interpreter]
BUG=v8:8091,v8:7581
Change-Id: Ie2e9819fe66b4daab623390f27bb19007131f619
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581600
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60977}
On Arm/64 the last return address is stored in a link register instead of
being pushed to the top-of-stack like on x64/ia32. Extend the support in the
tick sampler to check for samples in a frameless bytecode handler with support
for checking the link register if it exists instead of top-of-stack. In addition,
make the x64/ia32 check more robust by ensuring we only apply the change if the
pc is a bytecode handler and the top frame isn't a bytecode handler (stub) frame.
BUG=v8:9162
Change-Id: I89d2e80ea8a0b84ff6a265d0e0e73f9fdd1daca8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578464
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60976}
Use the existing {ArrayVector} method for this, which reads nicer. In
some places, I replaced a stack-allocated array by {EmbeddedVector} to
avoid the {ArrayVector} call.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: I5560c07f2775338fefd11acf67a540e003428e74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578899
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60975}
This is one step towards removing the {StrLength} helper and using
{size_t} consistently instead.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: Ibcdfd579531a259d490c39a8e8c96d469a5a4aac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578901
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60974}
This reverts commit fa6ec3cb08.
Reason for revert: v8:9169, v8:9170
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/31457https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64/31417https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20debug/19919
Original change's description:
> [cpu-profiler] Split out debug mode for CPU profiler naming
>
> Adds a new flag to CpuProfiler to control whether or not "debug" names
> (potentially inferred from scope) are used for captured frames
> associated with a SharedFunctionInfo instance.
>
> Bug: v8:9135
> Change-Id: I104f3246431dc6336de4e4688c0d98c86e0bb776
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566169
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60972}
TBR=ulan@chromium.org,alph@chromium.org,yangguo@chromium.org,petermarshall@chromium.org,acomminos@fb.com
Change-Id: I573194b5affd31fd0748b9ef3c45052e8ab420f5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9135
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581639
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60973}
Adds a new flag to CpuProfiler to control whether or not "debug" names
(potentially inferred from scope) are used for captured frames
associated with a SharedFunctionInfo instance.
Bug: v8:9135
Change-Id: I104f3246431dc6336de4e4688c0d98c86e0bb776
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566169
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60972}
The current logic sometimes skips the request for a code logging stack
guard request, even though no such request is pending. This happens if
the previous stack guard already executed, but a foreground task is
still pending.
This CL fixes this by re-requesting a stack guard interrupt when the
first code is added to the vector of outstanding code to be logged.
Plus minor drive-by fix.
R=mstarzinger@chromium.org
Bug: v8:9163
Change-Id: I4937f3983f15e7122141b04ddb1432cd1f78828b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578461
Auto-Submit: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60970}
This prepares removing the special timeout of 200 on the bots. First
we temporarily set 200 on v8 side to remove the flag on the infra side.
Afterwards we'll remove the v8-side code, tested in CQ.
TBR=tmrts@chromium.org
Bug: v8:9145
Change-Id: I61578da02ab8c101d0d6c916106ad5a8bc6841cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581259
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60962}
In the PerformPromise{All, Race, AllSettled} operations, the resolve
property of the constructor is looked up only once.
In the implementation, for the fast path, where the constructor's
resolve property is untainted, the resolve function is set to undefined.
Since undefined can't be a valid value for the resolve function,
we can switch on it (in CallResolve) to directly call the PromiseResolve
builtin. If the resolve property is tainted, we do an observable property
lookup, save this value, and call this property later (in CallResolve).
I ran this CL against the test262 tests locally and they all pass:
https://github.com/tc39/test262/pull/2131
Spec:
- https://github.com/tc39/ecma262/pull/1506
- https://github.com/tc39/proposal-promise-allSettled/pull/40
Bug: v8:9152
Change-Id: Icb36a90b5a244a67a729611c7b3315d2c29de6e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574705
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60957}
As a preparation of trusty -> xenial migration, let me specify os
dimension explicitly here.
I added os dimension for the linux builders having tests property.
I will change this dimension gradually with gradual swarming test bots
trusty -> xenial migration.
Currently this should not change ubuntu's version of bots running tests
because v8 recipe module has default Ubuntu-14.04 dimension for linux.
https://cs.chromium.org/chromium/build/scripts/slave/recipe_modules/v8/api.py?l=428&rcl=927948978a7a101fca66f07a784aeb3ddb6650c9
Bug: chromium:954890
Change-Id: Ib2404c5aaa54d6e8e47341394d6a757a9d99874a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578659
Commit-Queue: Takuto Ikuta <tikuta@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60951}
The {Vector} class stores the size in a {size_t} since a while, but
many accessors and constructors still accept an {int}. This CL removes
all {int} uses except for the explicit {length()} accessor. It also
adds a comment to avoid this accessor if possible.
The {StrLength} function still has several users outside of vector.h,
which I plan to remove in a follow-up CL.
R=mstarzinger@chromium.org
Bug: v8:8834
Change-Id: I33c5b0e8b8b2cb3531716c1d99e4516a13d6ba1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578480
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60950}
This CL fixes some issues with GC.
1) It removes dead code from the set of potentially dead code to avoid
considering the same code for GC again and again.
2) It resets the {new_potentially_dead_code_size_} counter to avoid
triggering too many GCs.
3) When code becomes dead after GC, do not unconditionally free it; just
decrement its ref count (there might still be {WasmCodeRefScope}s
holding the code alive).
4) Update the comment of the ref count to be more accurate.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: I28e5a1fed74411b8473bb66ddbad3ffe7643f266
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574518
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60949}
This adds two counters for collecting the absolute size of freed code,
and the percent of total generated code per module.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: Ia065081104fbff6459791c919e0b18677ba45cc3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1573698
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60948}
This is dead code as no benchmarks seem to be using it and removing this
additional logic will reduce maintenance cost for the perf infrastructure.
R=machenbach@chromium.org, tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Change-Id: I952af069d4d18d63624510b4c461fa1891703db9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570008
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60947}
This is part of the refactoring to allow exporting more information about test
execution to the recipes and upload this information to ChromePerf.
This fixes running secondary even after primary run fails, which will allow us
to differentiate between test and infra failures as latter ones will also affect
refbuilds and re-runs without patch.
R=machenbach@chromium.org, tmrts@chromium.org
Bug: chromium:841700
Change-Id: I29ce49d2f8c5e73158f1d41a73c51f2b35929f36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570006
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60946}
This is the next step to test the GC better: We zap the code region of
{WasmCode} objects which are detected to be unused. This is tested in
the future variant, so ClusterFuzz has a chance to catch missing
references.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: I75a63384a2a8e2ed68b9447e6ee4faa24037da93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571622
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60945}
This is part of the refactoring to allow exporting more information about
test execution to the recipes and upload this information to ChromePerf.
R=machenbach@chromium.org,tmrts@chromium.org
No-Try: true
No-Tree-Checks: true
Bug: chromium:841700
Change-Id: Iab400e8922231d8eac91a6fa22ce8f45053f7ac6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569442
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60944}
The WebAssembly JavaScript Interface specifies[1] that exported
functions are not constructors, hence do not have the "prototype"
property. This is not true for asm.js exported functions which are
expected to look like normal functions (or constructors).
[1] https://webassembly.github.io/spec/js-api/index.html#exported-function-exotic-objectsR=clemensh@chromium.org
TEST=mjsunit/regress/regress-crbug-935800
BUG=chromium:935800
Change-Id: Idecacfb7f5d4668540589af95fd59872334c21a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578499
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60943}
This CL implements the first set of diagnostic notifications.
When Torque compilation fails, the language server translates the
Torque error into a diagnostics notification and pushes it to the
client.
Note that per specification, the server is responsible to manage the
state of all published diagnostics. This means that the server is
also responsible for clearing out previous notifications if they
become stale.
Bug: v8:8880
Change-Id: Ief46dc1d94d1e5b7fa3e0048df494bfc05974031
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569434
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60942}
This prints the current v8-specific processes on linux whenever the
test driver emits a heart beat (i.e. no output for 30 seconds).
This is to investigate the cause of currently hanging tests on linux.
Bug: v8:9145
Change-Id: I857bb6d1c5f0b0917c64cdc0aa6076c6633f9dd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578438
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60941}
EmbeddedVector lives on the stack only, and should not be implicitly
copied or assigned.
This also removes remaining uses of the removed Vector::set_start
method.
R=sigurds@chromium.org
Bug: v8:9142
Change-Id: I829e6ffad6b1a30baa6c874265e92d615dd0c981
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578458
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60940}