ReadOnlyRoots means that some added Isolate parameters are no longer
needed. So, we can remove them.
This patch was generated mostly automatically with a bespoke tool.
Bug: v8:7786
Bug: v8:7754
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ia44fd2a66652253f780e3674bf7fb431caef0493
Reviewed-on: https://chromium-review.googlesource.com/1136305
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54526}
Ran GetIsolate/GetHeap removal script over all the header files included
into objects.cc. Affected classes include: ScriptContextTable
RuntimeCallTimerScope GlobalDictionaryShape Map LookupIterator
PrototypeIterator FixedArrayBuilder
Manually fixed up Map to mark its write operations as safe for
GetIsolate since they modify the object as so can't be done in RO_SPACE.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2fd0960f085d1bcb4cf54b3418899ac0217917ca
Reviewed-on: https://chromium-review.googlesource.com/1138076
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54488}
Deprecate String::Utf8Length in favor of a new, similar function that
takes the Isolate used for the String::Flatten call as an argument.
BUG: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icaf04b272679fd853e9cdbe6c7088f63e9aacb95
Reviewed-on: https://chromium-review.googlesource.com/1124724
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54476}
Heap::InNewSpace only needs to access the heap for a DCHECK and the part
that uses the heap only needs it if the object is in NEW_SPACE, in which
case getting it via pointer magic is fine.
Bug: v8:7786
Change-Id: Iaac237a3b8bcc9d55e436e3f972475e04b97f1f8
Reviewed-on: https://chromium-review.googlesource.com/1127798
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54345}
This extends the current Promise Rejection Hook with two new events
kPromiseRejectAfterResolved
kPromiseResolveAfterResolved
which are used to detect (and signal) misuse of the Promise constructor.
Specifically the common bug like
new Promise((res, rej) => {
res(1);
throw new Error("something")
});
where the error is silently swallowed by the Promise constructor without
the user ever noticing can be caught via this hook.
Doc: https://goo.gl/2stLUY
Bug: v8:7919
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I890a7e766cdd1be88db94844fb744f72823dba33
Reviewed-on: https://chromium-review.googlesource.com/1126099
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54309}
Replace Is<oddball>(GetIsolate()) calls with a no-parameter version
that goes through ReadOnlyRoots, and add a version that takes a
ReadOnlyRoots if that is available in the parent (but Isolate isn't).
Also opportunistically clean up a few places where ReadOnlyRoots are
available but we still pass in an Isolate parameter.
TBR=yangguo@chromium.org
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icc0b8a7d8f9c6b84c0ec8fe771fcfb75c9dc5468
Reviewed-on: https://chromium-review.googlesource.com/1126302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54245}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2f2c031c03d56d360ef940fc925e0583e6ae31dc
Reviewed-on: https://chromium-review.googlesource.com/1125720
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54202}
Provide a more complete BigInt API.
Bug: v8:7712
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ic8562d616f3125deabdf8b52c7019b191bef0e07
Reviewed-on: https://chromium-review.googlesource.com/1101198
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54122}
This reverts commit fdf69d53b6.
Reason for revert: Speculative revert for broken GPU bots:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/Linux%20V8%20FYI%20Release%20%28NVIDIA%29/1638https://ci.chromium.org/p/v8/builders/luci.v8.ci/Mac%20V8%20FYI%20Release%20%28Intel%29/1624
Original change's description:
> [heap] Adds a young generation large object space
>
> This CL adds the young generation lage object spaces and a flag
> --young-generation-large-objects that by default allocates all
> large objects in this space. This is a preparation CL. The space
> is not fully functional.
>
> Bug: chromium:852420
> Change-Id: Ib66d26fa52cda89bf04787084826aeb84b6ec1ac
> Reviewed-on: https://chromium-review.googlesource.com/1099164
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54056}
TBR=ulan@chromium.org,yangguo@chromium.org,hpayer@chromium.org
Change-Id: I175514f806a19c7837022795210625ca40e3c318
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:852420
Reviewed-on: https://chromium-review.googlesource.com/1118038
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54072}
This CL adds the young generation lage object spaces and a flag
--young-generation-large-objects that by default allocates all
large objects in this space. This is a preparation CL. The space
is not fully functional.
Bug: chromium:852420
Change-Id: Ib66d26fa52cda89bf04787084826aeb84b6ec1ac
Reviewed-on: https://chromium-review.googlesource.com/1099164
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54056}
Remove the one-argument Handle constructor and "handle" factory method,
replacing them with Isolates where available and GetIsolate() methods
otherwise.
TBR=verwaest@chromium.org
Bug: v8:7786
Change-Id: I8ee92ef727c05382c984a3e4c290198d0b312619
Reviewed-on: https://chromium-review.googlesource.com/1113542
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54025}
Pass Isolate directly into CallHandlerInfo methods so that calls to
GetHeap can be removed.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: If28fbbd65530b01b69786c3e743754cff3b1ba3a
Reviewed-on: https://chromium-review.googlesource.com/1107926
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53945}
Bump limit for isolate creation in cctest; the test started crashing recently
on nosnap.debug builds, hence we bump the limit.
Bug: v8:7856
Change-Id: I7c2396c7f112a2ed7fc189f0fa72658e0ed75050
Reviewed-on: https://chromium-review.googlesource.com/1104691
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53816}
As specified in https://tc39.github.io/ecma262/#sec-atomics-wait, the
critical section must occur before the load and comparison.
This slightly changes the `AtomicsWaitCallback` API, but in a
direction that arguably makes it more consistent.
As a drive-by fix, reset `node->waiting_` in case there
was an exception from the first callback.
Refs: https://chromium-review.googlesource.com/c/v8/v8/+/1095814
Bug: v8:7836
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I577cdf76cedfe39bc61f783203b543c7c68fc238
Reviewed-on: https://chromium-review.googlesource.com/1096236
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53673}
Add an inspection callback for embedders that allows tracking
of `Atomics.wait()` calls in order to enable diagnostic tooling
around it, as well as providing a way to break out of an
`Atomics.wait()` call without having to fully terminate execution.
The motivation here is that this allows embedders to perform
somewhat customizable deadlock detection.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib6346747aa3cbffb07cf6abd12645e2d98584f0f
Reviewed-on: https://chromium-review.googlesource.com/1080788
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53517}
This reverts 667555c6b8.
This is a short-term fix for NodeJS regression caused by Scavenger
not collecting weak handles that are marked as independent.
Bug: chromium:847863, chromium:780749
Change-Id: Ia1c02e042d0e593c6f5badb82c4ef20b923d3806
Reviewed-on: https://chromium-review.googlesource.com/1082442
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53502}
We use name of the function at the moment of first appearance of given
function in stack trace. Any further name changes would be ignored.
It gives us around 20% speedup.
Perf analysis: https://bit.ly/2wp99vtR=yangguo@chromium.org,jgruber@chromium.org
Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I9f21f0bd9cd923e5abaeffb9209df0be2f49afff
Reviewed-on: https://chromium-review.googlesource.com/1050984
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53446}
This extends the ScriptCompiler::CompileModule function with a
CompileOptions argument. Accepted values are kNoCompileOptions (in
which case, behavior remains unmodified) and kConsumeCodeCache. If the
latter is passed, we try to fetch the given module from the code
cache.
Since it is possible to compile the same source code as both a script
and a module (and different code is generated for the two cases), a
new is_module bit is added to the SerializedCodeData header to
disambiguate between the two cases.
Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I34b3642505577ed9ed0caedbee5876308c5a53ea
Reviewed-on: https://chromium-review.googlesource.com/1073327
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53432}
This adds a convenience overload for `EscapableHandleScope::Escape()`
which moves `MaybeLocal<T>`s into the outer scope, like a regular
`Local<T>`.
This basically moves the syntactic clutter of having to write
`maybe_local.FromMaybe(Local<Foo>())` instead of just `maybe_local`
to a central location.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1d87d75c6564b10e8ec34957bdd3eac46ffea917
Reviewed-on: https://chromium-review.googlesource.com/1056529
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53415}
Moving them away was a mistake. Fixing this enables getting rid of a bunch of
includes.
BUG=v8:5402
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I5482eab4281c7450350f058fe0a04a6f375ea082
Reviewed-on: https://chromium-review.googlesource.com/1070188
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53328}
Module and script SharedFunctionInfos can't be used interchangeably
(e.g.: it should not be possible to bind a Module's SFI to a Context).
The dedicated type disambiguates the two.
This also adds an overload for CreateCodeCache which takes an unbound
module script instead of an unbound script. Both are just a SFI
underneath, so their behavior is identical.
Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Iab519d0d50b6b41c95abdb6397f5622e292da4d8
Reviewed-on: https://chromium-review.googlesource.com/1047107
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53150}
The DCHECK was incorrect. This new API method can be called from any
debug mode since the embedder does not know which mode we are in.
It should only apply the side effect logic when the mode is
kSideEffects.
Bug: chromium:829571
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I11b0e5194b151a2b88171d6be21c3ccbba9cd408
Reviewed-on: https://chromium-review.googlesource.com/1046162
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53030}
Stubs and builtins are very similar. The main differences are that
stubs can be parameterized and may be generated at runtime, whereas
builtins are generated at mksnapshot-time and shipped with the snapshot
(or embedded into the binary).
My main motivation for these conversions is that we can generate
faster calls and jumps to (embedded) builtins callees from (embedded)
builtin callers. Instead of going through the builtins constants table
indirection, we can simply do a pc-relative call/jump.
This also unlocks other refactorings, e.g. removal of
CallRuntimeDelayed.
TBR=mlippautz@chromium.org
Bug: v8:6666
Change-Id: I4cd63477f19a330ec70bbf20e2af8a42fb05fabb
Reviewed-on: https://chromium-review.googlesource.com/1044245
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53027}
Creating a new instance from a v8::Function will invoke its
constructor. If it is an API callback that has not been marked as
kHasNoSideEffect, this CL introduces a way to invoke it without
throwing.
Calls within the constructor are still checked for side effects.
Bug: chromium:829571
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ia4e410d487e2847bc511cb96f0be30a3563991f6
Reviewed-on: https://chromium-review.googlesource.com/1034116
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53003}
This method is intended for use by code caching as follows:
1. The module is compiled (and perhaps instantiated).
2. The embedder fetches and stores the module's unbound script (i.e.
the shared function info).
3. Module evaluation, maybe triggering lazy compilation.
4. Generated code for the module (which hangs off the shared function
info) is inserted into the code cache.
Subsequent module loads can load from the code cache prior to
evaluation.
Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I80018cd921ab1a18323906a548b249e19d9f9509
Reviewed-on: https://chromium-review.googlesource.com/1041745
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52998}
This fixes a bug where we didn't run before/after hooks for await when
the debugger is not active, as reported downstream in
https://github.com/nodejs/node/issues/20274
Change-Id: I1948d1884c591418d87ffd1d0ccb2bebf4e908f1
Reviewed-on: https://chromium-review.googlesource.com/1039386
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52909}
ScavengeExternalString and ScavengeExternalOneByteString clear GC flags,
which confuses concurrent sweeping that was started from another test.
Tests that mutate flags should not be threaded.
Bug: v8:7671
Change-Id: I08656d06fe85ff45baca685ebe5982528aad774c
Reviewed-on: https://chromium-review.googlesource.com/1019102
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52690}
Since external strings are used for things like source strings, we
should tenure them from creation.
Change-Id: I226ab9036836d76d8c17ed168ad97d7f0f824278
Reviewed-on: https://chromium-review.googlesource.com/1006961
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52677}
Casting from a floating-point type to an integer type is undefined behavior
if the integral part of the float cannot be represented in the range of the
int.
Bug: v8:3770, chromium:831145
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2e85ea8b0f09bbeeb3e0dcc1135fc747fa312f6d
Reviewed-on: https://chromium-review.googlesource.com/1011651
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52631}
The embedder should not need to keep track of the source string.
R=jgruber@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie27df755a22fbcae7b6e87a435419d2d8f545558
Reviewed-on: https://chromium-review.googlesource.com/1013482
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52614}
The "Address" type is V8's general-purpose type for manipulating memory
addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
are undefined behavior except within the same array; since we generally
don't operate within a C++ array, our general-purpose type shouldn't be
a pointer type.
Bug: v8:3770
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
Reviewed-on: https://chromium-review.googlesource.com/988657
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52601}
This allows an embedder to check if a Value is a module namespace object.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idffceff451dd5f5c6a53d4cb3ce02c1c2c5b653c
Reviewed-on: https://chromium-review.googlesource.com/1011762
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52597}
Fixes a crash that happens when calling postMessage on an empty typed
array.
GetBuffer should only call MaterializeArrayBuffer for on-heap buffers,
but the on-heap check is slightly wrong. This CL moves the on-heap check
logic to the JSTypedArray class so that other parts of the codebase
don't need to worry about how that is determined.
Also add some dchecks to materialize itself. It should only receive
on-heap buffers and should always transform them to off-heap buffers.
There is also no reason for it to be static, so change that here too.
Bug: chromium:797588
Change-Id: Icd88a5b68e424d82c9f1f7889ca42a40a72a1bdc
Reviewed-on: https://chromium-review.googlesource.com/995898
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52388}
In order to clarify the difference between, e.g., InstructionStart and
instruction_start, rename as follows:
Code::instruction_start -> raw_instruction_start
Code::instruction_end -> raw_instruction_end
Code::instruction_size -> raw_instruction_size
The difference between the camel-case and raw_* function families is
in how they handle off-heap-trampoline Code objects. For example, when
called on an off-heap-trampoline: raw_instruction_start returns the
trampoline's entry point, while InstructionStart returns the off-heap
code's entry point (located in the .text section of the binary).
Some callsites were updated to call the camel-case function family as
appropriate.
Bug: v8:6666
Change-Id: I4a572f47c2d161a853599d7c17879e263b0d1a87
Reviewed-on: https://chromium-review.googlesource.com/997532
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52387}
This exposes new flags to allow embedders to whitelist callbacks as
side-effect-free during evaluation with throwOnSideEffect.
Accessors and Functions/FunctionTemplates can take a new param on:
- v8::Object::SetNativeDataProperty
- v8::Object::SetLazyDataProperty
- v8::Object::SetAccessor
- v8::FunctionTemplate::New
- v8::FunctionTemplate::NewWithCache
- v8::Function::New
While Interceptors can be created with an additional flag:
PropertyHandlerFlag::kHasNoSideEffect
Bug: v8:7515
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I14823316bdd6de6d362a1104b65f13504d0db056
Reviewed-on: https://chromium-review.googlesource.com/994550
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52367}
Makes CallHandlerInfo its own instance type, with an additional
map to distinguish side-effect-free handlers. In a followup, we
can expose an API flag to set the map.
This CL does not support whitelisting calls to ObjectTemplates
that use SetCallAsFunctionHandler().
Bug: v8:7515
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie32fe144046a9fae3e3b1ea5602b0da3db8a5616
Reviewed-on: https://chromium-review.googlesource.com/965741
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52328}
The embedder can get notification when V8 heap size approaches the heap limit
and can extend the heap limit if needed using
- v8::Isolate::AddNearHeapLimitCallback
- v8::Isolate::RemoveNearHeapLimitCallback
This generalizes the exiting v8::debug::SetOutOfMemoryCallback API.
Bug: chromium:824214
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ia444cb7efb6fe85c57fa3785e8fd1d8b654a5224
Reviewed-on: https://chromium-review.googlesource.com/979447
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52238}
The number of embedder fields grows dynamically, but reading these
fields do not perform bounds checks. The naming is taken from a similar
method on v8::Isolate.
Also changed the growing strategy for the backing store to not
over-allocate.
R=adamk@chromium.org, bmeurer@chromium.org
Bug: v8:7533
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I70beab124a32296c940ffabd897a7790bc8ff47a
Reviewed-on: https://chromium-review.googlesource.com/952923
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51822}
Previously the API allowed the embedder to re fulfill a non pending
promise. This was changed as part of
c041296189.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I53dc028fecdcc6ab05c05cfc7795e89519ed9633
Reviewed-on: https://chromium-review.googlesource.com/932968
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51536}
x86, arm, arm64: no change in behavior
mips, mips64: disasm-mips(64).cc grows an UNREACHABLE that's
maybe optimistic (but if it's not true, then that
looks like a current unintentional fallthrough at
that spot)
test-js-typed-lowering.cc: looks like a clear bug, but test-only code
Follow-up to https://chromium-review.googlesource.com/c/v8/v8/+/911731 which
did this for x64.
Doesn't turn on the warning yet.
Bug: chromium:812686
Change-Id: I7dd79c9885c90f41dd7e3a595256a954ab0ae643
Reviewed-on: https://chromium-review.googlesource.com/923528
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51437}
We don't use parser caches anymore and request code caches
explicitly using ScriptCompiler::CreateCodeCache. Hence
removing the support for both parser cache and code cache options.
They are still retained in CompileOptions for backwards
compatibility. Apart from the api.cc, no other part should see
this option.
Bug: chromium:779254, chromium:783124
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ic8ad9afe3fa44bbb5adc71bdde59c0b4057a523d
Reviewed-on: https://chromium-review.googlesource.com/916261
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51416}
Add TurboFan inlining support for the following V8 Extras:
- v8.createPromise
- v8.rejectPromise
- v8.resolvePromise
These are used by the streams implementation in Chrome currently, and
were previously not inlined into TurboFan, although TurboFan already
had all the necessary functionality (namely the JSCreatePromise,
JSRejectPromise and JSResolvePromise operators). We might eventually
want to use these functions in Node core as well (at least short-term
for Node 10), to replace the C++ internal API functions with the same
name that are currently being used by parts of Node core.
For this to work, the rejectPromise and resolvePromise builtins had
to be moved back to CSA, as for JavaScript builtins we still have the
policy that the optimizing compiler must not inline them. But that's
straight-forward since the CSA has all the necessary functionality
available anyways.
Bug: v8:7253
Change-Id: I39ab015c379956cd58ace866e17f8ec23b2257b2
Reviewed-on: https://chromium-review.googlesource.com/924146
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51332}
The idea here is that in case the `thenable` is a JSPromise and `then`
is the initial `Promise.prototype.then` method, and the @@species lookup
chain is intact, we can skip creating the temporary promise and the
closures (with the shared context), and instead directly call into our
PerformPromiseThen. This is sound since - given above mentioned
conditions - our short-cut
PerformPromiseThen(thenable, undefined, undefined, promise_to_resolve)
is not observably different from the actual
resolve, reject = CreateResolvingFunctions(promise_to_resolve)
result_capability = NewPromiseCapability(%Promise%)
PerformPromiseThen(thenable, resolve, reject, result_capability)
except through PromiseHooks (and potentially via the async stack
traces). So we disable the fast-path if either promise hooks are enabled
or the debugger is active for now.
This improves the performance on the wikipedia benchmark by 20-25% and
the bluebird-doxbee benchmark by around 20%.
Bug: v8:7253
Change-Id: I23c92ad365c2b71d65057573f2d8febe2afe00b0
Reviewed-on: https://chromium-review.googlesource.com/911800
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51261}
Most of the users of these api methods manually ensure that the returned
values are Strings. With an additional flag we can easily ensure that already
in V8 and avoid needless api roundtrips.
Bug: v8:7358
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I62165d44084abc9f07f5bdaace5105847edca60a
Reviewed-on: https://chromium-review.googlesource.com/901248
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51250}
When streaming compilation for WebAssembly gets aborted, we reject the
promise associated with the compilation. However, in some circumstances,
e.g. when streaming comilation gets aborted because the browser tab gets
refreshed, then we want to omit rejecting the promise. In an older CL
(https://crrev.com/c/876103) we omit rejecting the promise when the
exception value is null. With this CL the exception value is a MaybeLocal
so that we document properly that the value can be null. In addition, I
added documentation to say that in that case we do not reject the promise.
R=adamk@chromium.org
Bug: chromium:803838
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I6a093e61c8ec63f7ae385a7f77ae6178e7b34a06
Reviewed-on: https://chromium-review.googlesource.com/897647
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51211}
PromiseHooks can be called with a proxy which fails the cast and
crashes. This patch changes the runtime functions to
explicitly check for a JSPromise.
This has the side effect of removing the existing broken support for
catch prediction for non native promises.
Bug: v8:7398, v8:7190
Change-Id: I66dbe5f9935943a91afb7ee14919bd9248f9f7e4
Reviewed-on: https://chromium-review.googlesource.com/907677
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51182}
This reverts commit 14108f4c2e.
Reason for revert: Not the culprit for Canary microtask crashes
Original change's description:
> [builtins] Mega-revert to address the Dev blocker in crbug.com/808911.
>
> - Revert "[builtins] Save one word in contexts for Promise.all."
> This reverts commit 7632da067b.
> - Revert "[builtins] Also use the Promise#then protector for Promise#finally()."
> This reverts commit d4f072ced3.
> - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks."
> This reverts commit 6703dacdd6.
> - Revert "[debugger] Properly deal with settled promises in catch prediction."
> This reverts commit 40dd065823.
> - Revert "[builtins] Widen the fast-path for Promise builtins."
> This reverts commit db0556b7e8.
> - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan."
> This reverts commit a582199c5e.
> - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback."
> This reverts commit 6bf8885290.
> - Revert "[builtins] Turn NewPromiseCapability into a proper builtin."
> This reverts commit 313b490ddd.
> - Revert "[builtins] Inline InternalPromiseThen into it's only caller"
> This reverts commit f7bd6a2fd6.
> - Revert "[builtins] Implement Promise#catch by really calling into Promise#then."
> This reverts commit b23b098fa0.
> - Revert "[promise] Remove incorrect fast path"
> This reverts commit 0f6eafe855.
> - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field."
> This reverts commit 8a677a2831.
> - Revert "[builtins] Refactor promises to reduce GC overhead."
> This reverts commit 8e7737cb58.
>
> Tbr: hpayer@chromium.org
> Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
> Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Reviewed-on: https://chromium-review.googlesource.com/906991
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Adam Klein <adamk@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51158}
Change-Id: I09d958cbebd635a325809072a290f2f53df8c5d4
Tbr: adamk@chromium.org,yangguo@chromium.org,bmeurer@chromium.org
Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/908988
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51181}
- Revert "[builtins] Save one word in contexts for Promise.all."
This reverts commit 7632da067b.
- Revert "[builtins] Also use the Promise#then protector for Promise#finally()."
This reverts commit d4f072ced3.
- Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks."
This reverts commit 6703dacdd6.
- Revert "[debugger] Properly deal with settled promises in catch prediction."
This reverts commit 40dd065823.
- Revert "[builtins] Widen the fast-path for Promise builtins."
This reverts commit db0556b7e8.
- Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan."
This reverts commit a582199c5e.
- Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback."
This reverts commit 6bf8885290.
- Revert "[builtins] Turn NewPromiseCapability into a proper builtin."
This reverts commit 313b490ddd.
- Revert "[builtins] Inline InternalPromiseThen into it's only caller"
This reverts commit f7bd6a2fd6.
- Revert "[builtins] Implement Promise#catch by really calling into Promise#then."
This reverts commit b23b098fa0.
- Revert "[promise] Remove incorrect fast path"
This reverts commit 0f6eafe855.
- Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field."
This reverts commit 8a677a2831.
- Revert "[builtins] Refactor promises to reduce GC overhead."
This reverts commit 8e7737cb58.
Tbr: hpayer@chromium.org
Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/906991
Commit-Queue: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51158}
This only affects document.all, which is the only user of
|ObjectTemplate::SetCallAsFunctionHandler|, and will mean that
new document.all() will throw TypeError. There are tests for this:
//src/third_party/WebKit/LayoutTests/external/wpt/html/infrastructure/common-dom-interfaces/collections/htmlallcollection.html
(cherry picked from commit 7233447e4ac4587c81e91077857f8a30c4a6d2df)
Change-Id: Ibb39b3c61b688591c781158cf4abc0c2d74c908e
Reviewed-on: https://chromium-review.googlesource.com/882642
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Philip Jägenstedt <foolip@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/890496
Cr-Commit-Position: refs/heads/master@{#50943}
Before this, only the [[ProxyHandler]] was set to null during revocation
of the Proxy through either the v8::Proxy::Revoke() or the
Proxy.revocable() API. To be consistent with the spec, the Proxy's
target is set to null as well. This change should not be observable
through JS, since the check for if the Proxy is revoked should always
use the handler. But the changed value is exposed through the public
v8::Proxy::GetTarget() API, which is used by the inspector API and
Node.js.
Also included is a much more comprehensive test for Inspector's support
for Proxy, which prior to this commit did not work as intended.
Bug:
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I727607ec2b3cea8642cd636573932c1e6bb5cc07
Reviewed-on: https://chromium-review.googlesource.com/854676
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50476}
... or sometimes by FATAL(...) to give a better error message.
The benefit of UNREACHABLE() over CHECK(false) is that the compiler
knows that this macro will never return, hence we can omit the return
of a dummy value afterwards.
R=neis@chromium.org
Change-Id: I14e6a4f1d75f1338f481bd1520d841fd383d6202
Reviewed-on: https://chromium-review.googlesource.com/832431
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50214}
Eventually we should migrate to new new-style callbacks which take Names
instead of Strings as first arguments everywhere. Internally we don't really
handler NamedPropertyCallbackXX differently from the newer
GenericNamedPropertyCallbackXX.
Bug: v8:7109
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I827182f447427c222d5144f1a3e27bf543226e51
Reviewed-on: https://chromium-review.googlesource.com/803340
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49824}
This patch normalizes the casing of hexadecimal digits in escape
sequences of the form `\xNN` and integer literals of the form
`0xNNNN`.
Previously, the V8 code base used an inconsistent mixture of uppercase
and lowercase.
Google’s C++ style guide uses uppercase in its examples:
https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters
Moreover, uppercase letters more clearly stand out from the lowercase
`x` (or `u`) characters at the start, as well as lowercase letters
elsewhere in strings.
BUG=v8:7109
TBR=marja@chromium.org,titzer@chromium.org,mtrofin@chromium.org,mstarzinger@chromium.org,rossberg@chromium.org,yangguo@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I790e21c25d96ad5d95c8229724eb45d2aa9e22d6
Reviewed-on: https://chromium-review.googlesource.com/804294
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49810}
Hexadecimal escape sequences of the form `\xNN` are more readable
in the context of byte values, and are preferred per Google’s C++
style guide.
https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters
BUG=v8:7109
Change-Id: I6821ccb804388d99e5601e92fc392afdf496691e
Reviewed-on: https://chromium-review.googlesource.com/803057
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49799}
The "array protector" now guards the Object.prototype, the
Array.prototype and the String.prototype, so the name was a
bit misleading nowadays. So the new name "no elements protector"
was chosen.
Bug: v8:6936, v8:7014, v8:7027
Change-Id: I9a9d7caa2caf0ac9e78cc6658de2f0506970dfa2
Reviewed-on: https://chromium-review.googlesource.com/778162
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49471}
The existance of an `AllowJavascriptExecutionDebugOnly` scope in
`Isolate::ReportPendingMessages()` indicates that the API supports
running arbitrary JS code in a `AddMessageListener` callback.
Currently, this can fail in debug mode: The
`!isolate->external_caught_exception()` condition is checked when
entering API methods inside such a handler. However, if there is
a verbose `TryCatch` active when the exception occurs, this
check fails, and when calling `ToString()` on the exception object
leaves a pending exception itself, the flag is re-set to `true`.
Fix this problem by clearing the flag and the pending exception if
there was one during `ToString()`. This matches the code a few lines
up in `messages.cc`, so the exception state is now consistent
during the callback.
This currently makes a Node.js test fail in debug mode
(`parallel/test-error-reporting`).
Bug: node:7144
Bug: node:17016
Change-Id: I060d00fea3e9a497f4df34c6ff8d6e29ebe96321
Reviewed-on: https://chromium-review.googlesource.com/718096
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49466}
Persistent handles are always independent these days. Users should mark
weak handles as active using MarkActive if they want to keep weak
handles that are otherwise unreachable alive across scavenges.
Bug: chromium:780749
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I116e984ce14a035d1cef491d49f11a388fa8169d
Reviewed-on: https://chromium-review.googlesource.com/759794
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49456}
Removes the handling of the flag independent. The flag will be removed in a followup.
The patch changes handling of V8::PersistentBase that are set to Weak:
- The Scavenger ignores the flag independent.
- The Scavenger keeps alive anything that is marked as Active.
- The Scavenger is free to drop weak handles of non-Active object if they
are otherwise dead.
Active:
- Any JSObject will always be marked Active.
- Any JSApiObject will be marked Active if it has been modified (=has elements, properties, etc.)
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel
Bug: chromium:780749
Change-Id: If1f547f2419930ad9400bd3b11bdbf609cb57649
Reviewed-on: https://chromium-review.googlesource.com/741801
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49277}
These tests are currently failing on TSAN bot with OOM when running
with the stress-incremental-marking flag.
Bug: v8:6924
Change-Id: I50b9a7142b2e8759f4bc327516f8c06ce1779777
Reviewed-on: https://chromium-review.googlesource.com/723427
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48693}
This CL fixes all occurences that don't require special OWNER reviews,
or can be reviewed by Michi.
After this one, we should be able to reenable the readability/check
cpplint check.
R=mstarzinger@chromium.org
Bug: v8:6837, v8:6921
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Ic81d68d5534eaa795b7197fed5c41ed158361d62
Reviewed-on: https://chromium-review.googlesource.com/721120
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48670}
New code should use nullptr instead of NULL.
This patch updates existing use of NULL to nullptr where applicable,
making the code base more consistent.
BUG=v8:6928,v8:6921
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I4687f5b96fcfd88b41fa970a2b937b4f6538777c
Reviewed-on: https://chromium-review.googlesource.com/718338
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48557}
This is a reland of ed6f00fb8e
Original change's description:
> [modules] Implement import.meta proposal
>
> Rewrites references to import.meta to a new GetImportMetaObject runtime
> call. Embedders can define a callback for creating the meta object using
> v8::Isolate::SetHostGetImportMetaObjectCallback. If no callback has been
> provided, an empty object with null prototype is created.
>
> This adds an example implementation to d8 that sets meta.url.
>
> Bug: v8:6693
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I6871eec79da45bba81bbbc84b1ffff48534c368d
> Reviewed-on: https://chromium-review.googlesource.com/707902
> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48433}
TBR=adamk@chromium.org
Bug: v8:6693
Change-Id: Ie2d746ad996a56ed6ff50b832f320fe44e02f231
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/712834
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48468}
This reverts commit ed6f00fb8e.
Reason for revert: tree is broken
NOTRY=true
NOTREECHECKS=true
Original change's description:
> [modules] Implement import.meta proposal
>
> Rewrites references to import.meta to a new GetImportMetaObject runtime
> call. Embedders can define a callback for creating the meta object using
> v8::Isolate::SetHostGetImportMetaObjectCallback. If no callback has been
> provided, an empty object with null prototype is created.
>
> This adds an example implementation to d8 that sets meta.url.
>
> Bug: v8:6693
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I6871eec79da45bba81bbbc84b1ffff48534c368d
> Reviewed-on: https://chromium-review.googlesource.com/707902
> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48433}
TBR=adamk@chromium.org,gsathya@chromium.org,jan.krems@groupon.com
Change-Id: I908a508d5db84cc8ae60d4fd4a0446bb570c1492
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6693
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/710760
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48434}
Rewrites references to import.meta to a new GetImportMetaObject runtime
call. Embedders can define a callback for creating the meta object using
v8::Isolate::SetHostGetImportMetaObjectCallback. If no callback has been
provided, an empty object with null prototype is created.
This adds an example implementation to d8 that sets meta.url.
Bug: v8:6693
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I6871eec79da45bba81bbbc84b1ffff48534c368d
Reviewed-on: https://chromium-review.googlesource.com/707902
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48433}
Previously, we would first fire the PromiseRejectCallback before
fulfilling the promise. This patch changes the behavior to first
fulfill the promise. This behavior is more intuitive.
This patch also merges the check for PromiseHook callback with the
debug callback, since they use the same boolean bit on the isolate.
Bug: v8:6880
Change-Id: Ia04867e16423a1d6006f0f3f93a14fa6026e17ed
Reviewed-on: https://chromium-review.googlesource.com/700980
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48298}
Follow up to https://chromium-review.googlesource.com/671020
We still didn't return the correct amount of invalid characters, according to
the Encoding spec ( https://encoding.spec.whatwg.org/#utf-8-decoder ), when we
saw a byte sequence which was as start of an overlong / invalid sequence, but
there weren't enough continuation bytes.
A more rigorous test will follow in
https://chromium-review.googlesource.com/c/v8/v8/+/681217
BUG=chromium:765608
Change-Id: I535670edc14d3bae144e5a9ca373f12eec78a934
Reviewed-on: https://chromium-review.googlesource.com/681674
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48165}
This fix is two-fold:
1) Incremental UTF-8 decoding: Unify incorrect UTF-8 handling between V8 and
Blink.
Incremental UTF-8 decoding used to allow some overlong sequences / invalid code
points which Blink treated as errors. This caused the decoder and the Blink
UTF-8 decoder to produce a different number of bytes, resulting in random
failures when scripts were streamed (especially, this was detected by the
skipping inner functions feature which adds CHECKs against expected function
positions).
2) Non-incremental UTF-8 decoding: return the correct amount of invalid characters.
According to the encoding spec ( https://encoding.spec.whatwg.org/#utf-8-decoder
), the first byte of an overlong sequence / invalid code point generates an
invalid character, and the rest of the bytes are not processed (i.e., pushed
back to the byte stream). When they're handled, they will look like lonely
continuation bytes, and will generate an invalid character each.
As a result, an overlong 4-byte sequence should generate 4 invalid characters
(not 1).
This is a potentially breaking change, since the (non-incremental) UTF-8
decoding is exposed via the API (String::NewFromUtf8). The behavioral difference
happens when the client is passing in invalid UTF-8 (containing overlong /
surrogate sequences).
However, afaict, this doesn't change the semantics of any JavaScript program:
according to the ECMAScript spec, the program is a sequence of Unicode code
points, and there's no way to invoke the UTF-8 decoding functionalities from
inside JavaScript. Though, this changes the behavior of d8 when decoding source
files which are invalid UTF-8.
This doesn't change anything related to URI decoding (it already throws
exceptions for overlong sequences / invalid code points).
BUG: chromium:765608, chromium:758236, v8:5516
Bug:
Change-Id: Ib029f6a8e87186794b092e4e8af32d01cee3ada0
Reviewed-on: https://chromium-review.googlesource.com/671020
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48105}
This can be useful when there may be multiple callbacks attached by
code that's not directly tied to a single isolate, e.g. working
on a per-context basis.
This also allows rephrasing the global non-isolate APIs in terms
of this new API, rather than working around it inside `src/heap`.
TBR=hpayer@chromium.org
Bug:
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2e490ec40d1a34ea812f25f41ef9741d2116d965
Reviewed-on: https://chromium-review.googlesource.com/647548
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47923}
This patch introduces a new container type ScriptOrModule which
provides the name and the host defined options of the script/module.
This patch also introduces a new PrimitivesArray that can hold
Primitive values, which the embedder can use to store metadata.
The HostDefinedOptions is passed to V8 through the ScriptOrigin, and
passed back to the embedder through HostImportModuleDynamically for
module loading.
Bug: v8:5785, v8:6658, v8:6683
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I56c26fc9a680b273ac0a6691e5ad75f15b8dc80a
Reviewed-on: https://chromium-review.googlesource.com/622158
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47724}
Introduce a proper empty_descriptor_array, which has the proper layout
(length is 2 and the two fields are set properly). Also add a special
EnumCache class and a matching empty_enum_cache. The contract now is
that we only need to check the EnumLength on the map to know whether we
are allowed to use the enum cache. This greatly simplifies the handling
of the enum cache (and also the descriptor arrays), especially for the
future work on optimizing keyed access via the enum cache indices.
Bug: v8:6702
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5ef517a3041163cd65ef003f691139ea52233e83
Reviewed-on: https://chromium-review.googlesource.com/641030
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47697}
As part of J2V8 development (https://github.com/eclipsesource/J2V8),
we realized that we had a subtle bug in how Isolate scope was created
and it's lifetime managed, see:
https://github.com/eclipsesource/J2V8/issues/313.
Mentioned above bug was fixed, however, what we also noticed is that
V8 API has been constantly and slowly moving to such an API, in which
one has to pass Isolate explicitly to methods and/or constructors. We
found two more places that might have been overlooked. This contribution
adds passing of Isolate pointer explicitly to constructors of
String::Utf8Value and String::Value classes.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I61984285f152aba5ca922100cf3df913a9cb2cea
Reviewed-on: https://chromium-review.googlesource.com/593309
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47656}
This removes dangerous accessors method from the arguments object
accessor classes. The shape of an arguments object might transition,
turning the fields into dictionary mode, making the accessors invalid.
It also fixes a bug in the reported number of embedder fields on the
arguments object.
R=ishell@chromium.org
TEST=cctest/test-api/InternalFieldsOfRegularObjects
Change-Id: Ib7a73608c6236fe8864434e0cfdcb754ae012a75
Reviewed-on: https://chromium-review.googlesource.com/636368
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47643}
