This is a reland of 0e006a15
Difference:
 * progress_total_ and progress_counter_ access are guarded by
   checking if control_ is set. If not, we do not report any progress
   and both are not set.

Original change's description:
> [heap-snapshot] Preventing overflow in progress counter
>
> This prevents an overflow to happen in the heap snapshot generator.
> Furthermore it changes the relation of progress_counter_ and
> progress_total_ to always adhere to:
> * progress_counter_ <= progress_total_,
> * if: progress_counter_ == progress_total_, then it is done.
>
> With this change, if progress_counter_ happens to be bigger
> than progress_total_ (latter is an estimate), it will continue
> to report the same progress (<100%) until it is done. Before,
> it would repeatedly report 100% until it is done.
>
> Fixed: chromium:1246860
> Change-Id: Iffd3f52355632f2b35abdbb3752912ba7b8bd821
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250310
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77589}

Bug: chromium:1246860
Change-Id: I7522c1fe011954dd18828bdef507abe3e0237d42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251170Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77608}

This reverts commit 0e006a15.

Reason for revert: MSan failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/41031/overview

Original change's description:
> [heap-snapshot] Preventing overflow in progress counter
>
> This prevents an overflow to happen in the heap snapshot generator.
> Furthermore it changes the relation of progress_counter_ and
> progress_total_ to always adhere to:
> * progress_counter_ <= progress_total_,
> * if: progress_counter_ == progress_total_, then it is done.
>
> With this change, if progress_counter_ happens to be bigger
> than progress_total_ (latter is an estimate), it will continue
> to report the same progress (<100%) until it is done. Before,
> it would repeatedly report 100% until it is done.
>
> Fixed: chromium:1246860
> Change-Id: Iffd3f52355632f2b35abdbb3752912ba7b8bd821
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250310
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77589}

Change-Id: I81e8bb563a48ce6b877e83e30a5f426bef0bb58d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250901
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Owners-Override: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77590}

This prevents an overflow to happen in the heap snapshot generator.
Furthermore it changes the relation of progress_counter_ and
progress_total_ to always adhere to:
* progress_counter_ <= progress_total_,
* if: progress_counter_ == progress_total_, then it is done.

With this change, if progress_counter_ happens to be bigger
than progress_total_ (latter is an estimate), it will continue
to report the same progress (<100%) until it is done. Before,
it would repeatedly report 100% until it is done.

Fixed: chromium:1246860
Change-Id: Iffd3f52355632f2b35abdbb3752912ba7b8bd821
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250310Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77589}

A test was overflowing on the progress counter when using int as type.
This CL is fixing the progress counter to use uint32_t, and re-enables
the test.

Why uint32_t instead of size_t?
In the referenced bug, the progress_counter_ (but not the
progress_total_) triggered an overflow; and since these two counters
should be relatively similar (the total count is an estimate, and can
be less than the actual progress count), we do not expect the
count to increase much more than we can already encode with int.


Bug: chromium:1246860
Change-Id: I9769884ef60d352b3787c2223e528ddf33b0b23e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245116
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77551}

- Check that we only store internalized strings for context-allocated
  function names
- Fix call to FunctionContextSlotIndex from V8HeapExplorer that could
  end up passing in a non-internalized string

Bug: chromium:1255105
Change-Id: Ie8bd5577bd0086241d47991fbe285f5d64ae3d4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245113Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77540}

... by explicitly passing pointer compression cage base value to various
IsXXX() and map() calls in order to avoid using incorrect auto-computed
cage base value when applied to objects allocated in external code space.

This CL also introduces IsCodeObject(HeapObject) predicate which checks
the IS_EXECUTABLE bit in the page header's flags.

Bug: v8:11880
Change-Id: Ib44398c3125392e46e939044a9bd27e09d7944d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229368Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77459}

... as a result of merging RelocInfo::target_object() with
RelocInfo::target_object_no_host(PtrComprCageBase),
where the cage base is used for accessing compressed embedded pointers.

There are two reasons for this change:
1) the parameterless version used to compute the cage base value from
   the host Code object, however, when external code space is enabled
   such a base value will not work for non-Code objects, since they
   require different cage base for decompressing,
2) when external code space is enabled, there must be no need to embed
   compressed Code objects at all because CodeDataContainers must be
   used instead.

In addition this CL introduces DCHECKs to enforce (2).

Bug: v8:11880
Change-Id: I5b504f91dea87c2bcaa1165d2dbfaada70cba7be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3211998Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77361}

Compiling Sparkplug on the heap saved 10% of the CompileBaseline
RCS metric, but that came with too much code complexity.
Since in the end that corresponds to < 1% of the entire compilation
time, we decided to revert this project.

This reverts:
commit e29b2ae4
commit d1f2a83b
commit 4666e182
commit a1147408
commit e0d4254f
commit 9ab8422d
commit a3b24ecc
commit 1eb87706
commit fe5c9dfd
commit 7ac3b55a
commit 7e95f30e
commit 323b5962
commit 6bf0b704
commit e82b368b
commit 5020d83e
commit 642a4673
commit ec7b99d5
commit fb4f89ae
commit 208854bb
commit 63be6dde

Bug: v8:12158
Change-Id: I9f2539be6c7d80c6e243c9ab173e3c5bb0dff97d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3136453
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77319}

IsActive is misleading as the current implementation forces to use
v8::Locker for all Isolate access once any Locker has been used in
the same process.

Bug: chromium:1240851
Change-Id: Ieb2cfa352313b6f2cbec1bafdbc94a3fc718f3d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3190093Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77243}

.. and refactor js-regexp.h.

- Hide the generic DataAt/SetDataAt accessors and replace them by
  dedicated accessors. Use the common lower_case naming scheme for
  these.
- Shuffle around definitions in js-regexp.h s.t. they are in a
  meaningful order.
- Dedupe the source/flags accessors - these fields are stored both
  on the instance and on the data array. We keep only accessors for
  the instance. Previously, these were disambiguated through naming
  oddities (e.g. Pattern() returned data->source).

Change-Id: I3d53c8b095f0d59621ff779608438f7fa5e8c92a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3193534
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77138}

Bug: v8:12244
Change-Id: I7ea68dd74a376221631d7f56b4a012207f68a1ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3182899Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77129}

... an ObjectVisitor subclass that takes care of caching values of
both the main pointer compression cage base and code cage base
(when the external code space is enabled).

Drive-by: this CL also changes signature of
RelocInfo::target_object_no_host(...) to accept PtrComprCageBase
instead of Isolate*.

Bug: v8:11880
Change-Id: I3fbb382e0a0170e28542bc495d8fecfd24da8a07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3182231
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77088}

... and move methods that use XXX::cast() there.
This will untangle the include cycle that'll happen in a follow-up CLs.

Bug: v8:11880
Change-Id: Iba46bc9b0e0df9530197f57d0469456eb9006e66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3164456Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76932}

Remove the BaselineData intermediate structure for baseline code, and
write the baseline Code object into the SharedFunctionInfo directly. We
still need a pointer to the BytecodeArray/InterpreterData, so re-use the
Code object's deoptimization data slot for this (baseline code doesn't
have deoptimization data).

A consequence of this is that the BytecodeArray pointer becomes
immutable when there is baseline code. This means that we cannot install
a debug BytecodeArray while baseline code is active (we have to flush it
first), and we can't tier-up code with debug BytecodeArray to baseline.

Change-Id: I53b93ec4d4c64b833603d7992f246982fcd97596
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3118548
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76675}

This is a reland of d1b27019

Fixes include:
Adding missing file to bazel build
Forward-declaring classing before friend-classing them to fix win/gcc
Add missing v8-isolate.h include for vtune builds

Original change's description:
> [include] Split out v8.h
>
> This moves every single class/function out of include/v8.h into a
> separate header in include/, which v8.h then includes so that
> externally nothing appears to have changed.
>
> Every include of v8.h from inside v8 has been changed to a more
> fine-grained include.
>
> Previously inline functions defined at the bottom of v8.h would call
> private non-inline functions in the V8 class. Since that class is now
> in v8-initialization.h and is rarely included (as that would create
> dependency cycles), this is not possible and so those methods have been
> moved out of the V8 class into the namespace v8::api_internal.
>
> None of the previous files in include/ now #include v8.h, which means
> if embedders were relying on this transitive dependency then it will
> give compile failures.
>
> v8-inspector.h does depend on v8-scripts.h for the time being to ensure
> that Chrome continue to compile but that change will be reverted once
> those transitive #includes in chrome are changed to include it directly.
>
> Full design:
> https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing
>
> Bug: v8:11965
> Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76424}

Cq-Include-Trybots: luci.v8.try:v8_linux_vtunejit
Bug: v8:11965
Change-Id: I99f5d3a73bf8fe25b650adfaf9567dc4e44a09e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113629Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76460}

This patchset introduces instrumentation of the memory usage of the
datatructures maintained by the CPU profiler.
It captures:
* The total size of the strings held in StringsStorage for CodeEntries
* Estimated size held by CodeMap's entries.

The target is to surface that metric through telemetry to get better
visibility into the memory profile of CpuProfiler.

For now, STL containers overhead is ignored as it is implementation
specific.

Change-Id: I8c6a0cd4f14348fe8832dec1f24861befc67d700
Bug: chromium:1241491
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101580
Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76438}

This reverts commit d1b27019.

Reason for revert: Broke vtune build, tsan build and possibly others

Original change's description:
> [include] Split out v8.h
>
> This moves every single class/function out of include/v8.h into a
> separate header in include/, which v8.h then includes so that
> externally nothing appears to have changed.
>
> Every include of v8.h from inside v8 has been changed to a more
> fine-grained include.
>
> Previously inline functions defined at the bottom of v8.h would call
> private non-inline functions in the V8 class. Since that class is now
> in v8-initialization.h and is rarely included (as that would create
> dependency cycles), this is not possible and so those methods have been
> moved out of the V8 class into the namespace v8::api_internal.
>
> None of the previous files in include/ now #include v8.h, which means
> if embedders were relying on this transitive dependency then it will
> give compile failures.
>
> v8-inspector.h does depend on v8-scripts.h for the time being to ensure
> that Chrome continue to compile but that change will be reverted once
> those transitive #includes in chrome are changed to include it directly.
>
> Full design:
> https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing
>
> Bug: v8:11965
> Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76424}

Bug: v8:11965
Change-Id: Id57313ae992e720c8b19abc975cd69729e1344aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113627
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76428}

This moves every single class/function out of include/v8.h into a
separate header in include/, which v8.h then includes so that
externally nothing appears to have changed.

Every include of v8.h from inside v8 has been changed to a more
fine-grained include.

Previously inline functions defined at the bottom of v8.h would call
private non-inline functions in the V8 class. Since that class is now
in v8-initialization.h and is rarely included (as that would create
dependency cycles), this is not possible and so those methods have been
moved out of the V8 class into the namespace v8::api_internal.

None of the previous files in include/ now #include v8.h, which means
if embedders were relying on this transitive dependency then it will
give compile failures.

v8-inspector.h does depend on v8-scripts.h for the time being to ensure
that Chrome continue to compile but that change will be reverted once
those transitive #includes in chrome are changed to include it directly.

Full design:
https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing

Bug: v8:11965
Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76424}

The heap snapshot view in the dev tools reports some incorrect retaining
paths involving weak references from relocation data in Code objects.
This change updates IndexedReferencesExtractor::VisitEmbeddedPointer to
better match the behavior in MarkingVisitorBase.

Drive-by cleanup: ObjectVisitor::VisitRelocInfo needn't be virtual
because there's only one implementation.

Bug: v8:12126
Change-Id: I669a7408e7a46e797b8c2b372235b4ea42ee22e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107214Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#76406}

The heap snapshot view in the dev tools reports a lot of incorrect
retaining paths involving weak references from FeedbackVectors. To fix,
when IndexedReferencesExtractor encounters a weak reference, it should
record a weak reference rather than a hidden reference. This way, the
forward reference is still visible when exploring in the summary view,
but weak references aren't reported as retainers.

Bug: v8:12112
Change-Id: Ib3bafc49482fb4f515877a90bae8707483d0a7a2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101266Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#76364}

Bug: v8:12008
Change-Id: I2e1d918a1370dae1e15919fbf02d69cbe48f63bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3089095Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76308}

Optimizing compilation can no longer collect source positions on demand
since it may now run concurrently without serialization.

Instead, we now collect full source positions when any component that
needs them is enabled (profiler, debugger).

Bug: v8:7790,v8:12030
Change-Id: I6a2a82eb2b0d3e92121e101b4d9bf330c1f6c065
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3067226Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76114}

If context filtration fails, ensure that we still include an empty
sample. This ensures that we can properly terminate stacks.

Bug: chromium:956688
Change-Id: I3edeb3434960c420e24827c209055f7c378361bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3058053Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#75980}

Use the result of scripts.find() instead of using operator[] when
looking up scripts. This avoids an ugly const_cast, and avoids doing the
lookup twice.

Change-Id: I7c1a6be28928e2e3d928c389328be8785be3cff7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3056989
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75974}

Previously we'd report all property edges with symbol names as <symbol>,
which was not very useful, especially with private class fields now
seeing more adoption.

Fixed: chromium:1232467
Change-Id: I53cf0811c4b83d016b988b687c6decbddd3c2fdd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3055309
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75962}

... which will update both the CodeObjectSlot contents and the cached
value of the code entry point when the pointed Code object is
evacuated.
This is done by introducing an OLD_TO_CODE remembered set which is
populated with the recorded slots containing pointers to Code objects.
CodeDataContainer is the only kind of holder that can contain Code
pointers, so having a CodeObjectSlot is enough to compute the holder
CodeDataContainer object and update the cached code entry point there.

This CL fixes the data race in the previous implementation which were
updating the code entry point during Code object migration.

Bug: v8:11880
Change-Id: I44aa46af4bad7eb4eaa922b6876d5f2f836e0791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035084
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75826}

... for visiting slots containing pointers to Code objects when
external code space mode is enabled.
These slots will require different handling once the code space is
moved out of the V8 heap cage.

This CL also introduces IsValidCodeObject() predicate similar to
IsValidHeapObject() for checking if given HeapObject is a valid Code
object.

Tbr: cbruni@chromium.org
Bug: v8:11880
Change-Id: I430940f4503cebfd2a6d387e44349810991a93e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032085Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75787}

Bug: v8:11872
Change-Id: I78c480e3266212adf1e71f728ca16b704c2e7d77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030702
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75738}

Now that code entries outlive our CodeMap, it's safe to avoid storing
CodeMap metadata after the last active profiler stops. This simplifies
lifecycle logic, and avoids retaining stale data.

Bug: v8:11054
Change-Id: If30fc0835e2033b5bcca204565e05a5cba7823ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000526
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75689}

This resolves an issue where an inlined CodeEntry may outlive its parent
when translated into a ProfileNode.

Bug: chromium:1223323
Change-Id: I0427fce6a667c16d825f534333d39e463b287e31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000682Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#75541}

There are still a few cases remaining that seem more controversial;
I'll upload those separately.

Bug: chromium:1066980
Change-Id: Iabbaf23f9bbe97781857c0c589f2b3db685dfdc2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2994804
Commit-Queue: Peter Kasting <pkasting@chromium.org>
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75494}

Moves VSNPrintf, SNPrintf and StrNCpy out of utils/utils.h into
base/strings.h.

Bug: v8:11879
Change-Id: I0e165cb27c42f89c9acd1c6378514b40a90cd18d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972732
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75308}

After a series of CLs per component, this removes all remaining NOLINT
annotations that my script identified as not needed (because removing
them does not cause a presubmit error).

R=mlippautz@chromium.org, jkummerow@chromium.org, leszeks@chromium.org
R=cbruni@chromium.org

Bug: v8:11879
Change-Id: Ia403c23588a0c2871b987931f6c26f85821e9e9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972733Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75296}

... and OPTIMIZED_CODE_LIST and DEOPTIMIZED_CODE_LIST slots of
NativeContext which serve as heads of respective weak lists of Code
objects.

Drive-by: trivial NativeContext methods are moved to contexts-inl.h
header.

Bug: v8:11880
Change-Id: I0f2ca967b2820f84c279fea702bab28829f65d0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968416Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75268}

The WasmEngine is shared across the whole process, so there is no need
to store it in every Isolate.
Instead, we can just get it from everywhere on any thread using
{wasm::GetWasmEngine()}, which is a simple read of a global.

R=jkummerow@chromium.org

Bug: v8:11879
Change-Id: I13afb8ca3d116aa14bfaec5a4bbd6d71faa9aa17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2969825Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75265}

The adding of base:: was mostly prepared using git grep and sed:
git grep -l <pattern> | grep -v base/vector.h | \
  xargs sed -i 's/\b<pattern>\b/base::<pattern>/
with lots of manual clean-ups due to the resulting
v8::internal::base::Vectors.

#includes were fixed using:
git grep -l "src/utils/vector.h" | \
  axargs sed -i 's!src/utils/vector.h!src/base/vector.h!'

Bug: v8:11879
Change-Id: I3e6d622987fee4478089c40539724c19735bd625
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968412Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75243}

To enable deallocation of CodeEntry objects after they're no longer
being referenced by an active profile or alive on the heap, replace the
|used| bit with a proper reference count maintained by a CodeMap.

Bug: v8:11054
Change-Id: I3016cdbcbd1b4e8a26c3b1689e968cb2eef8e6d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965493Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#75193}

This reverts commit 8e44ee5f.

Reason for revert: Reverting due to UBSan failures - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/16888.

Original change's description:
> [cpu-profiler] Reference counting for code entries
>
> To enable deallocation of CodeEntry objects after they're no longer
> being referenced by an active profile or alive on the heap, replace the
> |used| bit with a proper reference count maintained by a CodeMap.
>
> Bug: v8:11054
> Change-Id: Id3d5941e509504415692f833e406ecdd2553d426
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945541
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Andrew Comminos <acomminos@fb.com>
> Cr-Commit-Position: refs/heads/master@{#75164}

Bug: v8:11054
Change-Id: Iae3ae73014c7eafe20917cf088a569f370d9b53d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965489
Auto-Submit: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75165}

To enable deallocation of CodeEntry objects after they're no longer
being referenced by an active profile or alive on the heap, replace the
|used| bit with a proper reference count maintained by a CodeMap.

Bug: v8:11054
Change-Id: Id3d5941e509504415692f833e406ecdd2553d426
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945541Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#75164}

- Convert Builtin to enum class
- Change int-based builtin_index methods to use Builtin
- Change Builtins::builtin to Builtins::code

Change-Id: Id9e3bb83da97e8894ca7ca78e1e852da60675619
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949104
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75127}