Three issues were fixed:
* In debug state, only publish debug code.
* When entering debugging in an isolate, only delete the code of
those NativeModules that aren't in debug state already.
* When async compilation finishes, only throw away code if the debug
state changed during compilation.
Original message:
Currently V8 recompiles all functions of a WebAssembly module when a
debugging session starts. This is outdated behavior and
causes OOMs for developers. With this CL all compiled code just gets
removed when a debugging session starts, and debugging code gets
compiled lazily.
This behavior may lead to small delays whenever a new function gets
entered by the debugger. However, developers are used to debugging code
being slightly slower, and the small delays should be in the order of
few milliseconds. On the other hand, debug modules can be big,
sometimes even more than 1'000'000 functions, and developers reported
OOMs when debugging.
R=clemensb@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel
Bug: v8:13541, chromium:1372621, v8:13224
Change-Id: Ie27388a287cd16a67a483e14fc22c2ab4180962e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4079190
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84873}
This reverts commit 7b138dd30d.
Reason for revert: Causes multiple flakes:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/22932/overviewhttps://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/41934/overview
Original change's description:
> [wasm] Compile debug code lazily
>
> Currently V8 recompiles all functions of a WebAssembly module when a
> debugging session starts. This is outdated behavior and
> causes OOMs for developers. With this CL all compiled code just gets
> removed when a debugging session starts, and debugging code gets
> compiled lazily.
>
> This behavior may lead to small delays whenever a new function gets
> entered by the debugger. However, developers are used to debugging code
> being slightly slower, and the small delays should be in the order of
> few milliseconds. On the other hand, debug modules can be big,
> sometimes even more than 1'000'000 functions, and developers reported
> OOMs when debugging.
>
> R=clemensb@chromium.org
>
> Bug: v8:13541, chromium:1372621, v8:13224
> Change-Id: Ia36d9b8743523b1c89221c59f989268e27f6ce98
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4067302
> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84662}
Bug: v8:13541, chromium:1372621, v8:13224
Change-Id: Ic5442462d158618f2d43b8e0ebdfb90017ed378a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4080034
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84665}
Currently V8 recompiles all functions of a WebAssembly module when a
debugging session starts. This is outdated behavior and
causes OOMs for developers. With this CL all compiled code just gets
removed when a debugging session starts, and debugging code gets
compiled lazily.
This behavior may lead to small delays whenever a new function gets
entered by the debugger. However, developers are used to debugging code
being slightly slower, and the small delays should be in the order of
few milliseconds. On the other hand, debug modules can be big,
sometimes even more than 1'000'000 functions, and developers reported
OOMs when debugging.
R=clemensb@chromium.org
Bug: v8:13541, chromium:1372621, v8:13224
Change-Id: Ia36d9b8743523b1c89221c59f989268e27f6ce98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4067302
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84662}
This CL implements the heavy lifting for re-using block lists:
- On local debug-evaluate, we check if the paused function already
has a block list. If not, we do a full re-parse, calculate the
block lists and stash them in the global map.
- On a context lookup, we do the lookup slightly differently. The
block lists now store "outer" locals, so we need to check the
block list before we advance to the next context, not before we
do the lookup in the current context.
The CL also duplicates the debugger test that checks most of these
shadowing edge cases. While we keep working on the new feature
we still want to check both configurations, but the feature is too
small to warrant a separate bot. Note that the file with the flag
enabled has one additional test case that fails with the old
implementation. Unfortunately it's non-trivial to fix in the old
implementation.
This CL drastically improves performance for conditional breakpoints
as they use local debug-evaluate under the hood. The worst case
example (https://crbug.com/1072939#c15) improves from 6.5 seconds
to 100ms.
R=jarin@chromium.org
Bug: chromium:1363561
Change-Id: I85f3d908d246f0d2e31ed272f4db6a852b9dbc39
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3941584
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83665}
Following up on https://crrev.com/c/3916453, we also remove the
confusing breakable and steppable positions from spreads in array
literals. These positions provide no meaningful advdantage for
developers, but just makes it annoying to step through code that
contains spreads.
Drive-by: Add similar inspector tests to ensure that the positions in
the stack are correctly inferred when stopped in the Symbol.iterator or
the next methods.
Before: https://imgur.com/jVf2JeB.png
After: https://imgur.com/u8SfNhy.png
Fixed: chromium:1368971
Change-Id: Ibf791167936c1ed28ac3240acb7c0846b11ebecb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3925200
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83469}
This change removes the confusing statement positions that were
previously emitted for every binding identifier within both array
and object destructurings. These statement positions were reported as
breakable positions to the debugger front-end, and during stepping, the
debugger would also stop on them. This is confusing and very different
from how other expressions work (we don't emit statement positions
within expressions normally).
Instead we emit expression positions for the binding identifiers, which
are used to construct the source positions for stack traces. As a drive
by we also add the missing position (and test cases) for sub-patterns.
In particular this aligns the stepping and breakpoint behavior around
destructuring expressions with that of Firefox DevTools.
We also remove the original test cases, introduced with
https://codereview.chromium.org/1542813003 and
https://codereview.chromium.org/1533313002, which were written as
debugger tests, with new inspector tests that also ensure that the
call positions are correct.
Fixed: chromium:1368444
Bug: v8:811
Doc: http://go/chrome-devtools:destructuring-breakpoints-design
Change-Id: I4d53ad059b5eede73abd01d9bc9fdf8263c55c9d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3916453
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83455}
This CL adds a test that checks the block list for outer functions is
also correctly calculated when pausing in inner functions.
R=kimanh@chromium.org
Bug: chromium:1363561
Change-Id: I2d7c1671475759b977e4e41c7e09856b3b2e7daf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3904308
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83319}
We currently use 1 test case per file for tests that check that
debug-evaluate correctly blocks the lookup of stack-allocated
variables.
This CL adapts a similar approach to `debug-scopes.js`, making it
easier to add new test cases in the future.
R=kimanh@chromium.org
Bug: chromium:1363561
Change-Id: I8ff8cfe7d59f0b9808dc02c5579e058f490553eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3904544
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83315}
This is a reland of commit 3297ccca23
This is a straight-up reland of the original CL. The failing test
was flaky and removed with https://crrev.com/c/3868727. We replaced
the test with a proper DevTools e2e test: https://crrev.com/c/3867522
Original change's description:
> [debug] Immediately step-in for 'stack check triggered' debug breaks
>
> This CL changes debug breaks that are triggered via interrupts (i.e.
> via stack check). One client of this behavior is the `Debugger.pause`
> CDP method.
>
> The problem is that when we pause so early, the JSFunction didn't have
> time yet to create and push it's context. This requires special
> handling in the ScopeIterator and makes an upcoming change unnecessary
> complex.
>
> Another (minor) problem is that local debug-evaluate can't change
> context-allocated local variables (see changed regression bug). Since
> the context is not yet created and pushed, variables are written to
> the DebugEvaluateContext that goes away after the evaluation.
>
> The solution is to mirror what `BreakOnNextFunction` does. Instead
> of staying paused in the middle of the function entry, we trigger
> a "step in" and pause at the first valid breakable position instead.
> This ensures that the function context is already created and pushed.
>
> Note that we do this only in case for JSFunctions. In all other cases
> we keep the existing behavior and stay paused in the entry.
>
> R=jgruber@chromium.org
>
> Fixed: chromium:1246907
> Change-Id: I0cd8ae6e049a3b55bdd44858e769682a1ca47064
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854501
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82817}
Change-Id: I1938ccb5979fd80dff530b2ffe3f18714b7eff3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867727
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82901}
This reverts commit 3297ccca23.
Reason for revert: V8 roll is failing https://luci-milo.appspot.com/ui/inv/build-8804330987023399745/test-results?q=DevToolsTest.TestPauseWhenScriptIsRunning
Original change's description:
> [debug] Immediately step-in for 'stack check triggered' debug breaks
>
> This CL changes debug breaks that are triggered via interrupts (i.e.
> via stack check). One client of this behavior is the `Debugger.pause`
> CDP method.
>
> The problem is that when we pause so early, the JSFunction didn't have
> time yet to create and push it's context. This requires special
> handling in the ScopeIterator and makes an upcoming change unnecessary
> complex.
>
> Another (minor) problem is that local debug-evaluate can't change
> context-allocated local variables (see changed regression bug). Since
> the context is not yet created and pushed, variables are written to
> the DebugEvaluateContext that goes away after the evaluation.
>
> The solution is to mirror what `BreakOnNextFunction` does. Instead
> of staying paused in the middle of the function entry, we trigger
> a "step in" and pause at the first valid breakable position instead.
> This ensures that the function context is already created and pushed.
>
> Note that we do this only in case for JSFunctions. In all other cases
> we keep the existing behavior and stay paused in the entry.
>
> R=jgruber@chromium.org
>
> Fixed: chromium:1246907
> Change-Id: I0cd8ae6e049a3b55bdd44858e769682a1ca47064
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854501
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82817}
Change-Id: I0c34b7b4a788572a73ca380b3d767223fb6e7ea1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867311
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82855}
This CL changes debug breaks that are triggered via interrupts (i.e.
via stack check). One client of this behavior is the `Debugger.pause`
CDP method.
The problem is that when we pause so early, the JSFunction didn't have
time yet to create and push it's context. This requires special
handling in the ScopeIterator and makes an upcoming change unnecessary
complex.
Another (minor) problem is that local debug-evaluate can't change
context-allocated local variables (see changed regression bug). Since
the context is not yet created and pushed, variables are written to
the DebugEvaluateContext that goes away after the evaluation.
The solution is to mirror what `BreakOnNextFunction` does. Instead
of staying paused in the middle of the function entry, we trigger
a "step in" and pause at the first valid breakable position instead.
This ensures that the function context is already created and pushed.
Note that we do this only in case for JSFunctions. In all other cases
we keep the existing behavior and stay paused in the entry.
R=jgruber@chromium.org
Fixed: chromium:1246907
Change-Id: I0cd8ae6e049a3b55bdd44858e769682a1ca47064
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854501
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82817}
Adapted from https://crrev.com/c/3862264.
Add a new teardown trampoline for the case where a Sparkplug function is
deoptimized during its function entry stack check. In these cases, the
stack is in an incomplete setup state, so instead of forwarding to
interpreter re-entry, we undo the partial stack setup and forward to
the standard interpreter entry.
R=leszeks@chromium.org
Bug: chromium:1246907, chromium:1357554
Change-Id: I0795b20cdc60d3ba28bc32cd55bdf82d72f83aac
Also-by: leszeks@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865144
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82811}
This CL adjusts a DCHECK that verifies a bytecode offset when looking
for the closest breakpoint given that offset. When we pause on
function entry via interrupt, then the offset is
kFunctionEntryBytecodeOffset (-1), which is still a valid offset.
R=jarin@chromium.org
Fixed: chromium:1357554
Change-Id: I5b25b58f02be0e605191c38e9d1d93e334664c63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3862265
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82805}
This CL shuffles around some code in `ScopeIterator` to better reflect
the two (internal) iteration modes:
- While "inside" the paused function we iterate based on lexical
scopes.
- Once we move past the paused function we iterate based on runtime
contexts.
This CL renames the advancing functions to `AdvanceScope` and
`AdvanceContext` respectively which operate in the following way:
- `AdvanceScope` first checks if the current lexical scope requires
a context. If so, we move one context up the chain, since the next
lexical scope belongs to that next context. Then we move up one
lexical scope.
- `AdvanceContext` moves one context up the context chain. Then we
we move up through all the lexical scopes until we find the next
lexical scope that requires a context.
The tricky bit is the transition from scope iteration mode to context
iteration mode. This is where the bug fix comes in. After doing one
standard `AdvanceScope` from the `closure_scope_` to the next
lexical scope, we need to keep moving up through the lexical scope
until we find the next lexical scope that requires a context.
The CL also changes how we collect the locals blocklist. The
locals blocklist is always put on the current context. So every
time we move up one context we reset the locals blocklist and
every time we move up the lexical scope we collect the scope
locals into the blocklist.
R=bmeurer@chromium.org, jarin@chromium.org
Fixed: chromium:1354464
Change-Id: I7b37687a8827c20d0660a25413d2c9117b5fe5ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3842158
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82615}
To be consistent with the all the other tiers and avoid confusion, we
rename --opt to ---turbofan, and --always-opt to --always-turbofan.
Change-Id: Ie23dc8282b3fb4cf2fbf73b6c3d5264de5d09718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610431
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80336}
For background and reasoning, see
https://docs.google.com/document/d/1jvSEvXFHRkxg4JX-j6ho3nRqAF8vZI2Ai7RI8AY54gM/edit
This is the first step towards pulling the DefineNamedOwn operation out
of StoreIC.
Summary of the renamed identifiers:
Bytecodes:
- StaNamedProperty -> SetNamedProperty: calls StoreIC and emitted for
normal named property sets like obj.x = 1.
- StaNamedOwnProperty -> DefineNamedOwnProperty: calls
DefineNamedOwnIC (previously StoreOwnIC), and emitted for
initialization of named properties in object literals and named
public class fields.
- StaKeyedProperty -> SetKeyedProperty: calls KeyedStoreIC and emitted
for keyed property sets like obj[x] = 1.
- StaKeyedPropertyAsDefine -> DefineKeyedOwnProperty: calls
DefineKeyedOwnIC (previously KeyedDefineOwnIC) and emitted for
initialization of private class fields and computed public class
fields.
- StaDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral: calls
DefineKeyedOwnPropertyInLiteral runtime function (previously
DefineDataPropertyInLiteral) and emitted for initialization of keyed
properties in object literals and static class initializers. (note
that previously the StoreDataPropertyInLiteral runtime function name
was taken by object spreads and array literal creation instead)
- LdaKeyedProperty -> GetKeyedProperty, LdaNamedProperty ->
GetNamedProperty, LdaNamedPropertyFromSuper ->
GetNamedPropertyFromSuper: we drop the Sta prefix for the property
store operations since the accumulator use is implicit and to make
the wording more natural, for symmetry the Lda prefix for the
property load operations is also dropped.
opcodes:
- (JS)StoreNamed -> (JS)SetNamedProperty: implements set semantics for
named properties, compiled from SetNamedProperty (previously
StaNamedProperty) and lowers to StoreIC or Runtime::kSetNamedProperty
- (JS)StoreNamedOwn -> (JS)DefineNamedOwnProperty: implements define
semantics for initializing named own properties in object literal and
public class fields, compiled from DefineNamedOwnProperty (previously
StaNamedOwnProperty) and lowers to DefineNamedOwnIC
(previously StoreOwnIC)
- (JS)StoreProperty -> (JS)SetKeyedProperty: implements set semantics
for keyed properties, only compiled from SetKeyedProperty(previously
StaKeyedProperty) and lowers to KeyedStoreIC
- (JS)DefineProperty -> (JS)DefineKeyedOwnProperty: implements define
semantics for initialization of private class fields and computed
public class fields, compiled from DefineKeyedOwnProperty (previously
StaKeyedPropertyAsDefine) and calls DefineKeyedOwnIC (previously
KeyedDefineOwnIC).
- (JS)StoreDataPropertyInLiteral ->
(JS)DefineKeyedOwnPropertyInLiteral: implements define semantics for
initialization of keyed properties in object literals and static
class initializers, compiled from DefineKeyedOwnPropertyInLiteral
(previously StaDataPropertyInLiteral) and calls the
DefineKeyedOwnPropertyInLiteral runtime function (previously
DefineDataPropertyInLiteral).
Runtime:
- DefineDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral:
following the bytecode/opcodes change, this is used by
DefineKeyedOwnPropertyInLiteral (previously StaDataPropertyInLiteral)
for object and class literal initialization.
- StoreDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral_Simple:
it's just a simplified version of DefineDataPropertyInLiteral that
does not update feedback or perform function name configuration.
This is used by object spread and array literal creation. Since we
are renaming DefineDataPropertyInLiteral to
DefineKeyedOwnPropertyInLiteral, rename this simplified version with
a `_Simple` suffix. We can consider merging it into
DefineKeyedOwnPropertyInLiteral in the future. See
https://docs.google.com/document/d/1jvSEvXFHRkxg4JX-j6ho3nRqAF8vZI2Ai7RI8AY54gM/edit?disco=AAAAQQIz6mU
- Other changes following the bytecode/IR changes
IC:
- StoreOwn -> DefineNamedOwn: used for initialization of named
properties in object literals and named public class fields.
- StoreOwnIC -> DefineNamedOwnIC
- StoreMode::kStoreOwn -> StoreMode::kDefineNamedOwn
- StoreICMode::kStoreOwn -> StoreICMode::kDefineNamedOwn
- IsStoreOwn() -> IsDefineNamedOwn()
- DefineOwn -> DefineKeyedOwn: IsDefineOwnIC() was already just
IsDefineKeyedOwnIC(), and IsAnyDefineOwn() includes both named and
keyed defines so we don't need an extra generic predicate.
- StoreMode::kDefineOwn -> StoreMode::kDefineKeyedOwn
- StoreICMode::kDefineOwn -> StoreICMode::kDefineKeyedOwn
- IsDefineOwn() -> IsDefineKeyedOwn()
- IsDefineOwnIC() -> IsDefineKeyedOwnIC()
- Removing IsKeyedDefineOwnIC() as its now a duplicate of
IsDefineKeyedOwnIC()
- KeyedDefineOwnIC -> DefineKeyedOwnIC,
KeyedDefineOwnGenericGenerator() -> DefineKeyedOwnGenericGenerator:
make the ordering of terms more consistent
- IsAnyStoreOwn() -> IsAnyDefineOwn(): this includes the renamed and
DefineNamedOwn and DefineKeyedOwn. Also is_any_store_own() is
removed since it's just a duplicate of this.
- IsKeyedStoreOwn() -> IsDefineNamedOwn(): it's unclear where the
"keyed" part came from, but it's only used when DefineNamedOwnIC
(previously StoreOwnIC) reuses KeyedStoreIC, so rename it accordingly
Interpreter & compiler:
- BytecodeArrayBuilder: following bytecode changes
- StoreNamedProperty -> SetNamedProperty
- StoreNamedOwnProperty -> DefineNamedOwnProperty
- StoreKeyedProperty -> SetKeyedProperty
- DefineKeyedProperty -> DefineKeyedOwnProperty
- StoreDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral
- FeedbackSlotKind:
- kDefineOwnKeyed -> kDefineKeyedOwn: make the ordering of terms more
consistent
- kStoreOwnNamed -> kDefineNamedOwn: following the IC change
- kStoreNamed{Sloppy|Strict} -> kSetNamed{Sloppy|Strict}: only
used in StoreIC for set semantics
- kStoreKeyed{Sloppy|Strict} -> kSetKeyed{Sloppy|Strict}: only used
in KeyedStoreIC for set semantics
- kStoreDataPropertyInLiteral -> kDefineKeyedOwnPropertyInLiteral:
following the IC change
- BytecodeGraphBuilder
- StoreMode::kNormal, kOwn -> NamedStoreMode::kSet, kDefineOwn: this
is only used by BytecodeGraphBuilder::BuildNamedStore() to tell the
difference between SetNamedProperty and DefineNamedOwnProperty
operations.
Not changed:
- StoreIC and KeyedStoreIC currently contain mixed logic for both Set
and Define operations, and the paths are controlled by feedback. The
plan is to refactor the hierarchy like this:
```
- StoreIC
- DefineNamedOwnIC
- SetNamedIC (there could also be a NamedStoreIC if that's helpful)
- KeyedStoreIC
- SetKeyedIC
- DefineKeyedOwnIC
- DefineKeyedOwnICLiteral (could be merged into DefineKeyedOwnIC)
- StoreInArrayLiteralIC
- ...
```
StoreIC and KeyedStoreIC would then contain helpers shared by their
subclasses, therefore it still makes sense to keep the word "Store"
in their names since they would be generic base classes for both set
and define operations.
- The Lda and Sta prefixes of bytecodes not involving object properties
(e.g. Ldar, Star, LdaZero) are kept, since this patch focuses on
property operations, and distinction between Set and Define might be
less relevant or nonexistent for bytecodes not involving object
properties. We could consider rename some of them in future patches
if that's helpful though.
Bug: v8:12548
Change-Id: Ia36997b02f59a87da3247f20e0560a7eb13077f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3481475
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#79409}
... to reduce compilation overhead on the main thread for OSR
Bug: v8:12161
Change-Id: I54ca5fa6201405daf92dac9cf51d5de4b46577b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3369361
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
Cr-Commit-Position: refs/heads/main@{#79188}
This is a reland of 91f08378bc
When the class scope does not need a context, the deserialized
outer scope of the initializer scope would not be the class scope,
and we should not and do not need to use it to fix up the allocation
information of the context-allocated variables. The original patch
did not consider this case and resulted in a regression when we
tried to reparse the initializer function to look for destructuring
assignment errors. This fixes the regression by not deserializing
the class scope that's going to be reparsed, and using the positions
of the scopes to tell whether the scope info matches the reparsed
scope and can be used to fix up the allocation info.
Original change's description:
> [class] implement reparsing of class instance member initializers
>
> Previously, since the source code for the synthetic class instance
> member initializer function was recorded as the span from the first
> initializer to the last initializer, there was no way to reparse the
> class and recompile the initializer function. It was working for
> most use cases because the code for the initializer function was
> generated eagarly and it was usually alive as long as the class was
> alive, so the initializer wouldn't normally be lazily parsed. This
> didn't work, however, when the class was snapshotted with
> v8::SnapshotCreator::FunctionCodeHandling::kClear,
> becuase then we needed to recompile the initializer when the class
> was instantiated. This patch implements the reparsing so that
> these classes can work with FunctionCodeHandling::kClear.
>
> This patch refactors ParserBase::ParseClassLiteral() so that we can
> reuse it for both parsing the class body normally and reparsing it
> to collect initializers. When reparsing the synthetic initializer
> function, we rewind the scanner to the beginning of the class, and
> parse the class body to collect the initializers. During the
> reparsing, field initializers are parsed with the full parser while
> methods of the class are pre-parsed.
>
> A few notable changes:
>
> - Extended the source range of the initializer function to cover the
> entire class so that we can rewind the scanner to parse the class
> body to collect initializers (previously, it starts from the first
> field initializer and ends at the last initializer). This resulted
> some expectation changes in the debugger tests, though the
> initializers remain debuggable.
> - A temporary ClassScope is created during reparsing. After the class
> is reparsed, we use the information from the ScopeInfo to update
> the allocated indices of the variables in the ClassScope.
>
> Bug: v8:10704
> Change-Id: Ifb6431a1447d8844f2a548283d59158742fe9027
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2988830
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Cr-Commit-Position: refs/heads/main@{#78299}
Bug: chromium:1278086, chromium:1278085, v8:10704
Change-Id: Iea4f1f6dc398846cbe322adc16f6fffd6d2dfdf3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3325912
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#78745}
This reverts commit 91f08378bc.
Reason for revert: It's a fairly big change, and the clusterfuzz
found some bugs. Will reland with the fix after M98 branch point.
Original change's description:
> [class] implement reparsing of class instance member initializers
>
> Previously, since the source code for the synthetic class instance
> member initializer function was recorded as the span from the first
> initializer to the last initializer, there was no way to reparse the
> class and recompile the initializer function. It was working for
> most use cases because the code for the initializer function was
> generated eagarly and it was usually alive as long as the class was
> alive, so the initializer wouldn't normally be lazily parsed. This
> didn't work, however, when the class was snapshotted with
> v8::SnapshotCreator::FunctionCodeHandling::kClear,
> becuase then we needed to recompile the initializer when the class
> was instantiated. This patch implements the reparsing so that
> these classes can work with FunctionCodeHandling::kClear.
>
> This patch refactors ParserBase::ParseClassLiteral() so that we can
> reuse it for both parsing the class body normally and reparsing it
> to collect initializers. When reparsing the synthetic initializer
> function, we rewind the scanner to the beginning of the class, and
> parse the class body to collect the initializers. During the
> reparsing, field initializers are parsed with the full parser while
> methods of the class are pre-parsed.
>
> A few notable changes:
>
> - Extended the source range of the initializer function to cover the
> entire class so that we can rewind the scanner to parse the class
> body to collect initializers (previously, it starts from the first
> field initializer and ends at the last initializer). This resulted
> some expectation changes in the debugger tests, though the
> initializers remain debuggable.
> - A temporary ClassScope is created during reparsing. After the class
> is reparsed, we use the information from the ScopeInfo to update
> the allocated indices of the variables in the ClassScope.
>
> Bug: v8:10704
> Change-Id: Ifb6431a1447d8844f2a548283d59158742fe9027
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2988830
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Cr-Commit-Position: refs/heads/main@{#78299}
Bug: v8:10704
Change-Id: I039cb728ebf0ada438a8f26c7d2c2547dbe3bf2d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3325328
Auto-Submit: Joyee Cheung <joyee@igalia.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78315}
Previously, since the source code for the synthetic class instance
member initializer function was recorded as the span from the first
initializer to the last initializer, there was no way to reparse the
class and recompile the initializer function. It was working for
most use cases because the code for the initializer function was
generated eagarly and it was usually alive as long as the class was
alive, so the initializer wouldn't normally be lazily parsed. This
didn't work, however, when the class was snapshotted with
v8::SnapshotCreator::FunctionCodeHandling::kClear,
becuase then we needed to recompile the initializer when the class
was instantiated. This patch implements the reparsing so that
these classes can work with FunctionCodeHandling::kClear.
This patch refactors ParserBase::ParseClassLiteral() so that we can
reuse it for both parsing the class body normally and reparsing it
to collect initializers. When reparsing the synthetic initializer
function, we rewind the scanner to the beginning of the class, and
parse the class body to collect the initializers. During the
reparsing, field initializers are parsed with the full parser while
methods of the class are pre-parsed.
A few notable changes:
- Extended the source range of the initializer function to cover the
entire class so that we can rewind the scanner to parse the class
body to collect initializers (previously, it starts from the first
field initializer and ends at the last initializer). This resulted
some expectation changes in the debugger tests, though the
initializers remain debuggable.
- A temporary ClassScope is created during reparsing. After the class
is reparsed, we use the information from the ScopeInfo to update
the allocated indices of the variables in the ClassScope.
Bug: v8:10704
Change-Id: Ifb6431a1447d8844f2a548283d59158742fe9027
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2988830
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#78299}
- Remove flag --block-concurrent-recompilation and its implementation,
including %UnblockConcurrentCompilation.
- Rewrite tests that used it in terms of the primitives introduced in
my previous CL:
https://chromium-review.googlesource.com/c/v8/v8/+/3071400/
- Remove "sync"/"no sync" arguments from %GetOptimizationStatus,
assertOptimized, etc. These are now always "no sync": they don't
do any magic.
- Remove "if %IsConcurrentRecompilationSupported then quit" from some
tests in favor of --concurrent-recompilation in their Flags line.
Bug: v8:12041, v8:7790
Change-Id: I966aae4fec85e6f9e7aeed2ba2c12e9198a3991f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077149
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76298}
Add support to flush only baseline code. FLAG_flush_baseline_code
controls if baseline code is flushed or not and FLAG_flush_bytecode
controls if bytecode is flushed or not. With this CL it is possible
to control if we want to flush only bytecode / only baseline code / both.
This also lets us have different heuristics for bytecode and baseline
code flushing.
Bug: v8:11947
Change-Id: Ibdfb9d8be7e7d54196db7890541fa0b5d84f037e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3060481
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76075}
stress_flush_bytecode controls stress flushing of both bytecode and
baseline code. So rename the flag to better reflect its functionality
Bug: v8:11947
Change-Id: Ie6c124a476c3a7c6eabd1d75de030ee15fe78e32
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3062567
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76043}
This is a reland of 819c3ae2f8
Original change's description:
> Reland "Reland "Improve error messages for property access on null/undefined""
>
> This is a reland of 8b18c5e6a5
>
> Original change's description:
> > Reland "Improve error messages for property access on null/undefined"
> >
> > This is a reland of 24c626c1f7
> >
> > Original change's description:
> > > Improve error messages for property access on null/undefined
> > >
> > > Only print the property name when accessing null/undefined if we can
> > > convert it to a string without causing side effects.
> > > If we can't, omit the property name in the error message.
> > > This should avoid confusion when the key is an object with toString().
> > > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > > Object]' anymore, which was misleading since the property accessed would
> > > be 'a', but we can't evaluate the key without side effects.
> > >
> > > Bug: v8:11365
> > > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#75250}
> >
> > Bug: v8:11365
> > Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75571}
>
> Bug: v8:11365
> Change-Id: I90360641ecd870bd93247aa6d91dfb0ad049cfb8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008219
> Auto-Submit: Patrick Thier <pthier@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75604}
Bug: v8:11365
Change-Id: I002b537144f328ccbbdcd655e26e5dc87c49c6f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3013935
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75645}
This reverts commit 819c3ae2f8.
Reason for revert: Sorry Patrick, still failing on some layout tests :( https://test-results.appspot.com/data/layout_results/mac-rel/726365/blink_web_tests%20%28retry%20shards%20with%20patch%29/layout-test-results/results.html
Original change's description:
> Reland "Reland "Improve error messages for property access on null/undefined""
>
> This is a reland of 8b18c5e6a5
>
> Original change's description:
> > Reland "Improve error messages for property access on null/undefined"
> >
> > This is a reland of 24c626c1f7
> >
> > Original change's description:
> > > Improve error messages for property access on null/undefined
> > >
> > > Only print the property name when accessing null/undefined if we can
> > > convert it to a string without causing side effects.
> > > If we can't, omit the property name in the error message.
> > > This should avoid confusion when the key is an object with toString().
> > > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > > Object]' anymore, which was misleading since the property accessed would
> > > be 'a', but we can't evaluate the key without side effects.
> > >
> > > Bug: v8:11365
> > > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#75250}
> >
> > Bug: v8:11365
> > Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75571}
>
> Bug: v8:11365
> Change-Id: I90360641ecd870bd93247aa6d91dfb0ad049cfb8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008219
> Auto-Submit: Patrick Thier <pthier@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75604}
Bug: v8:11365
Change-Id: I7d7c0f201288384c2aa38a51418b582a64213ae0
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3013352
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75626}
This is a reland of 8b18c5e6a5
Original change's description:
> Reland "Improve error messages for property access on null/undefined"
>
> This is a reland of 24c626c1f7
>
> Original change's description:
> > Improve error messages for property access on null/undefined
> >
> > Only print the property name when accessing null/undefined if we can
> > convert it to a string without causing side effects.
> > If we can't, omit the property name in the error message.
> > This should avoid confusion when the key is an object with toString().
> > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > Object]' anymore, which was misleading since the property accessed would
> > be 'a', but we can't evaluate the key without side effects.
> >
> > Bug: v8:11365
> > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75250}
>
> Bug: v8:11365
> Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75571}
Bug: v8:11365
Change-Id: I90360641ecd870bd93247aa6d91dfb0ad049cfb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008219
Auto-Submit: Patrick Thier <pthier@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75604}
This reverts commit 8b18c5e6a5.
Reason for revert: Still failing: https://test-results.appspot.com/data/layout_results/V8_Blink_Linux/12469/blink_web_tests%20%28retry%20shards%20with%20patch%29/layout-test-results/results.html
Original change's description:
> Reland "Improve error messages for property access on null/undefined"
>
> This is a reland of 24c626c1f7
>
> Original change's description:
> > Improve error messages for property access on null/undefined
> >
> > Only print the property name when accessing null/undefined if we can
> > convert it to a string without causing side effects.
> > If we can't, omit the property name in the error message.
> > This should avoid confusion when the key is an object with toString().
> > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > Object]' anymore, which was misleading since the property accessed would
> > be 'a', but we can't evaluate the key without side effects.
> >
> > Bug: v8:11365
> > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75250}
>
> Bug: v8:11365
> Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75571}
Bug: v8:11365
Change-Id: Ic4137f0d70fa9b10ca70fa921b98ea7e1499f11b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008217
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75577}
This is a reland of 24c626c1f7
Original change's description:
> Improve error messages for property access on null/undefined
>
> Only print the property name when accessing null/undefined if we can
> convert it to a string without causing side effects.
> If we can't, omit the property name in the error message.
> This should avoid confusion when the key is an object with toString().
> E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> Object]' anymore, which was misleading since the property accessed would
> be 'a', but we can't evaluate the key without side effects.
>
> Bug: v8:11365
> Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75250}
Bug: v8:11365
Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75571}
This reverts commit 24c626c1f7.
Reason for revert: Blocks V8 roll into Chromium (changed error messages cause tests to fail):
https://ci.chromium.org/p/chromium/builders/try/linux-rel/724109?
Original change's description:
> Improve error messages for property access on null/undefined
>
> Only print the property name when accessing null/undefined if we can
> convert it to a string without causing side effects.
> If we can't, omit the property name in the error message.
> This should avoid confusion when the key is an object with toString().
> E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> Object]' anymore, which was misleading since the property accessed would
> be 'a', but we can't evaluate the key without side effects.
>
> Bug: v8:11365
> Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75250}
Bug: v8:11365
Change-Id: Ic63f34033254f55b3871041633d84ea48586a75d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2977374
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75282}
Only print the property name when accessing null/undefined if we can
convert it to a string without causing side effects.
If we can't, omit the property name in the error message.
This should avoid confusion when the key is an object with toString().
E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
Object]' anymore, which was misleading since the property accessed would
be 'a', but we can't evaluate the key without side effects.
Bug: v8:11365
Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75250}
This isn't used outside of tests, so let's just remove it.
Change-Id: I06b7ec11911fd8ebc3bbabcba16d0c2a3fafddab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968413
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75220}
In the Chrome DevTools Protocol, the step actions are named StepOut,
StepOver, and StepInto, but internally we used StepOut, StepNext, and
StepIn instead. This change adjusts the naming to be consistent.
Bug: chromium:901814, chromium:1162229
Change-Id: Id3502a1b0a4aadd94734ec3d1fef73c1782fa220
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928510
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74877}
This change adds support for `const` redeclaration on REPL mode with
the semantincs recommended in the design doc:
1) REPL scripts should not be able to reassign bindings to `const`
variables.
2) Re-declaring `const` variables of page scripts is not allowed in
REPL scripts.
3) Re-declearing `const` variables is not allowed in the same REPL
script.
4) `const` re-declaration is allowed across separate REPL scripts.
5) Old references to previously declared variables get updated with the
new value, even those references from within optimized functions.
Design doc: https://goo.gle/devtools-const-repl
Bug: chromium:1076427
Change-Id: Ic73d2ae7fcfbfc1f5b58f61e0c3c69e9c4d85d77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865721
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#74510}
This changes the names reported in stack traces via the Chrome DevTools
protocol to follow the WAT naming convention for functions. This aligns
the behavior here with the rest of DevTools (i.e. the disassembly in the
Sources panel and the Scope sidebar, as well as the Console REPL) to use
one consistent naming scheme.
Fixed: chromium:1159307
Doc: http://bit.ly/devtools-wasm-entities
Bug: chromium:1162229, chromium:1164241, chromium:1071432
Change-Id: Ibe543f39c775944072073fe5f0959412529aa19b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2878734
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74456}
The "Restart frame" feature was implemented as part of LiveEdit and
primarily used to support LiveEdit of active functions, but that was
previously disabled as part of https://crrev.com/c/2846892 because it's
too brittle and causes crashes when using seemingly unrelated features.
The "Restart frame" feature was also available as a context menu item
separately in the DevTools front-end, but that was also already removed
as part of https://crrev.com/c/2854681 earlier. So all uses are gone
now.
This change works by marking Debugger.restartFrame as deprecated and
having it respond with a ServerError all the time. It thus allows us to
remove a whole bunch of machinery that was essentially just put in
various places to support the restart_fp_ magic. In particular the
debugger no longer needs any machine specific builtins now.
Bug: chromium:1195927
Change-Id: I1153ba6b00e979620af57dd9f58aa1c035ec4484
Fixed: chromium:1203606
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854750
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74276}
Previously we'd allow to replace the source of functions that are on the
current execution stack under certain conditions, but this has resulted
in an endless stream of bugs due to weird edge cases, and so we're now
limiting LiveEdit to functions that don't have any activation (including
not a suspended generator / async function activation).
We might eventually add the ability to LiveEdit functions with
activations and have them "upgrade upon next invocation", but that
doesn't seem to be an extremely important use case right now.
Fixed: chromium:1195927
Change-Id: I87a45ba4d0ddcfbf867bd4e73738d76b2d789e04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2846892
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74249}
This changes the behavior of SetBreakpointForScript to find more
accurate break positions.
Previously, setting a breakpoint would only consider the shared
function info that contained the requested position for setting a
breakpoint. More intuitively, a breakpoint should not necessarily
be set in a function that contains the position, but in the closest
breakable location that comes after the position we requested.
To achieve this we:
1. find the shared function info of the inner most function
that contains the requested_position.
This function's end position is used to find other shared function
infos in step 2.
2. search for all shared function infos that intersect with the
range [requested_position, inner_most_function.break_position[.
3. From the shared function infos extracted in 2, find the one
that has the closest breakable location to requested_position.
Also-By: bmeurer@chromium.org
Fixed: chromium:1137141
Change-Id: I4f4c6c3aac1ebea50cbcad9543b539ab1ded2b05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742198
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73392}
Liftoff is not fully feature complete yet. To test that Liftoff can
bailout to TurboFan also for debugging, this CL adds
* an opcode that is only implemented in TurboFan
* a flag that allows that opcode to be compiled with TurboFan
* a bailout for this opcode to Liftoff.
R=clemensb@chromium.org
Bug: v8:7581
Change-Id: Ie4b4654d0d36ab937a7dfe9b1bb6a187b17615fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2629284
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72113}
While working on C++ debug evaluate, we found that several builtins and
intrinsics aren't marked as side effect free, although they are clearly
side effect free, and that breaks the C++ side effect free evaluation.
- %DefineClass() and %TypedArray%.of(), and
- various WebAssembly getters ("buffer", "exports" and "length") as
well as the C++ functions for the debug proxy.
Also-By: pfaffe@chromium.org
Bug: chromium:1137514
Change-Id: Iebd333dc2014f1ad218908f64c9199c157dc08b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565135
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71498}
This specific case was not implemented or tested before. Implementing it
actually simplifies some of the existing logic, since StepOut can now
reuse the generic logic in debug.cc for all cases (Wasm->Wasm, Wasm->JS,
JS->Wasm).
Drive-by:
1) Fix typo ("skip" -> "step").
2) Move the check for Liftoff code from debug.cc to wasm-debug.cc, where
it fits better.
3) Remove a TODO which is done already.
R=thibaudm@chromium.org, szuend@chromium.org
Bug: chromium:1145176
Change-Id: I415ca1d8bacef5b21bf1dafd9e16417ec2d12c7c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560719
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71428}
