A WasmModuleObject represents an instance of WebAssembly.Module. It is
called WasmModuleObject internally, so also use that name externally.
We still have a typedef for WasmCompiledModule which will be deprecated
once chromium has been updated to use WasmModuleObject.
R=titzer@chromium.org, adamk@chromium.org
Bug: v8:8238, chromium:912031
Change-Id: I2d7708d4dc183cb4f4714f741b1ea0c153014430
Reviewed-on: https://chromium-review.googlesource.com/c/1362048
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58055}
Make sure WebAssembly's js-api exposes the correct attributes: writable,
enumerable and configurable.
Bug: v8:8319
Change-Id: I427533159d7975a42c0c5cb1babdc8a61f8198b5
Reviewed-on: https://chromium-review.googlesource.com/c/1351002
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58053}
A fancy new stdlib addition for creating JSObjects from a collection of
key/value pairs, coming soon to a javascript runtime near you.
BUG=v8:8021
R=gsathya@chromium.org, adamk@chromium.org
Change-Id: I5eb1dea75bfef009281eef9864c8c0226af4f1fc
Reviewed-on: https://chromium-review.googlesource.com/c/1363293
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58051}
Even though descriptor arrays are references by maps in the old
generation, they seems to be short living in benchmarks.
This fixes perf regressions introduced in 1ad0cd5.
Bug:chromium:911073,chromium:910567,chromium:910443,
Change-Id: Iaf933d409e72c6c26df48f6435f9543224ea7d67
Reviewed-on: https://chromium-review.googlesource.com/c/1363146
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58050}
Intrinsic changes:
- Rename %RawCast to %RawObjectCast and add error checking so that it
only applies to subtypes of Objects.
- Add %RawPointerCast, which is similar to %RawObjectCast but must be
used for all subtypes of RawPtr.
- Add %RawConstexprCast, which allows one constexpr to be be cast to
another at compile time. It translate to an appropriate static_cast
in the generated code
- Add %FromConstexpr, which handles most of the standard cases of
generating XXXConstant CSA nodes from constexpr constants. It uses
either SmiConstant, NumberConstant, StringConstant, IntPtrConstant
or Int32Constant, depending on the cast-to type generic <To> type.
- Add support for intrinsics that return constexpr results.
Cleanup:
- Turn FromConstexpr into a generic with two generic types, a <To> and
a <From> type. Most FromConstexpr can use the new %FromConstexpr
intrinsic rather than provide an explicit implementation.
Bug: v8:7793
Change-Id: Icab5db16d203034ec157fa3ad5157d10c7dc8464
Reviewed-on: https://chromium-review.googlesource.com/c/1357049
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58049}
This implementation uses mutex to implement those instructions.
I will add 32-bit version LL/SC after review.
Change-Id: I7b0e2b42527bc21060a84eb5e27099e129f2858f
Reviewed-on: https://chromium-review.googlesource.com/c/1354462
Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58048}
Large code objects are allocated in CODE_LO_SPACE on the heap instead of
CODE_SPACE. Add a test that checks that these objects are still
considered 'InV8' according to the unwinder API.
Bug: v8:8116
Change-Id: I65968913cd92858fac2b1a689df2904d0574641f
Reviewed-on: https://chromium-review.googlesource.com/c/1363134
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58047}
If the size of a large code object is larger than
kMaxRegularHeapObjectSize, then it should be allocated in the large code
space. Currently if the size is > kMaxRegularHeapObjectSize but <
512000, then it can still be allocated in the normal code space.
Change-Id: I72dbd38803c3d5d414bae85e9e0b15482e50e1c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363137
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58046}
We currently compute this value from the size of the external table,
which we get from the Isolate. This size is isolate-independent though,
so it can just be a constant.
R=mstarzinger@chromium.org
Bug: chromium:912043
Change-Id: If1c09a56b1a985b855f5b65818322979c194d772
Reviewed-on: https://chromium-review.googlesource.com/c/1362954
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58045}
The existing implementation embedded an isolate-specific pointer to the
thread-in-wasm flag in the wrapper code. However, when the module code
is shared among multiple workers, this can mean that the workers
share the same thread-in-wasm flag.
With this change we load the pointer to the flag at runtime from the
current isolate. Thereby the correct flag is used even when the same
code is executed on different workers.
Note that we could access the right flag address by going through the
root register. However, changing the code generation to use the root
register requires some inconvenient steps:
* Pass the isolate to the pipeline again, which we don't want.
* Change the WasmCallDescriptor to allow the use of the root register
for wrappers but not for other code.
To avoid these issues, and allow the CL to be easy to merge back, we
got for the changes proposed here.
R=mstarzinger@chromium.org, ishell@chromium.org
Bug: v8:8533
Change-Id: If15565a7ad7cba835cfc1628e7a4d3fdef90a5c0
Reviewed-on: https://chromium-review.googlesource.com/c/1358518
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58044}
If the input memory index into an atomic operation is a constant, we can
statically check if the {index+offset} is aligned.
R=herhut@chromium.org
Change-Id: Ia830d7c7df10d50ed4ee3382acfef776306f249c
Reviewed-on: https://chromium-review.googlesource.com/c/1362872
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58043}
We checked against kNotFound twice; once in
TransitionsAccessor::SearchTransitions and once in TransitionArray::Search. It's
unnecessary to check twice.
In local tests, this speeds up searching for a non-existent transition in a
2-element TransitionArray by ~20%.
BUG=v8:8547
Change-Id: Ic220c4c0bfeeacd9b81953efad212ed15168437e
Reviewed-on: https://chromium-review.googlesource.com/c/1361167
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58038}
Drive-by: Replace uses in CallApi* with a direct call now that they've
been converted to builtins themselves and are thus immovable.
Bug: v8:7777
Change-Id: I660b5788bdac4f5e45cc5c5677b86be17474cd83
Reviewed-on: https://chromium-review.googlesource.com/c/1361161
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58037}
This reverts commit a6669bdce7.
Reason for revert: Regresses Speedometer 2 (EmberJS-Debug-TodoMVC)
Original change's description:
> [constant-tracking] Track constants by default.
>
> It is possible this CL results in various regressions, the idea
> is to get some data on where constant tracking helps and where
> it regresses.
>
> Bug: v8:8361
> Change-Id: I2f291788a8bea03e6eaac9f51564c1da02734d1a
> Reviewed-on: https://chromium-review.googlesource.com/c/1347474
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58008}
TBR=jarin@chromium.org,ishell@chromium.org
Change-Id: I1e2b18c34829e1f53ea287aae0ef7fcf88980341
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8361
Reviewed-on: https://chromium-review.googlesource.com/c/1362047
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58035}
The fix need to be cherrypick from ICU.
Fix in https://github.com/unicode-org/icu/pull/286
Adds regression test for 8469.
Bug: v8:8469
Change-Id: If173058dd1113782fcf2ff5a55f962721f46aba5
Reviewed-on: https://chromium-review.googlesource.com/c/1340733
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58032}
The memory.init and memory.drop instructions have a data segment index
that can only be validated by knowing the number of data segments. This
information is provided by the new DataCount section.
Bug: v8:7747
Change-Id: Ie04d57584fe028637f6e931ab53d00abc5b998a4
Reviewed-on: https://chromium-review.googlesource.com/c/1355624
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58031}
Port c6b0e12e4e
Original Commit Message:
This is the first (and major) step towards converting CallApiCallback
and CallApiGetter stubs into builtins.
The CallApiCallbackStub was parameterized with the number of arguments
passed on the stack. This CL converts the compile-time parameter into
an explicit runtime parameter, and removes all uses of the stub
parameter.
(kCallData and kHolder are now passed on the stack).
R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I171fbb7d37525c2087e5dd9d7ff8fb5f959f2a7a
Reviewed-on: https://chromium-review.googlesource.com/c/1362163
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58030}
This reverts commit ed3d647284.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20noi18n%20-%20debug/24178
Original change's description:
> Reland "[code-comments] Put code comments into the code object"
>
> This is a reland of e774cffe2b
>
> This reland disables a test as v8:8548 is blocking it, which was
> broken by a recent CL. CQ did not catch this because the merge-base
> CQ used did not yet contain the CL that caused v8:8548.
>
> Original change's description:
> > [code-comments] Put code comments into the code object
> >
> > Code comments in the snapshot can now be enabled with gn
> > arg 'v8_enable_snapshot_code_comments'
> >
> > Bug: v8:7989
> > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#58020}
>
> TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
>
> Bug: v8:7989, v8:8548
> Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
> Reviewed-on: https://chromium-review.googlesource.com/c/1361166
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58028}
TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org
Change-Id: I1075bb09de7cb8dad71e31ff51a4e7bb6a200a8b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7989, v8:8548
Reviewed-on: https://chromium-review.googlesource.com/c/1362043
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58029}
This is a reland of e774cffe2b
This reland disables a test as v8:8548 is blocking it, which was
broken by a recent CL. CQ did not catch this because the merge-base
CQ used did not yet contain the CL that caused v8:8548.
Original change's description:
> [code-comments] Put code comments into the code object
>
> Code comments in the snapshot can now be enabled with gn
> arg 'v8_enable_snapshot_code_comments'
>
> Bug: v8:7989
> Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58020}
TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
Bug: v8:7989, v8:8548
Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
Reviewed-on: https://chromium-review.googlesource.com/c/1361166
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58028}
%RunMicrotasks() call used to cause a nested RunMicrotasks if it's
called from a microtask, and that breaks its invariants.
This CL fixes it by disabling the nested loop.
Change-Id: I2f4a81be0dbf0554abf6eb41b62c25465338f29a
Reviewed-on: https://chromium-review.googlesource.com/c/1358036
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58026}
Port 6c8b410261
Original Commit Message:
This is a reland of d5f4a33eb8
Landing with test disabled for now.
Original change's description:
> [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
>
> Before fast C calls, store the current FP and PC on the isolate. When
> iterating frames in SafeStackFrameIterator, check if these fields are
> set and start iterating at the calling frame's FP instead of the current
> FP, which will be in C++ code. We need to do this because c_entry_fp is
> not set on the Isolate for Fast-C-Calls because we don't build an exit
> frame.
>
> This change makes stack samples that occur within 'Fast-C-Calls'
> iterable, meaning we can properly attribute ticks within the JS caller.
>
> Fast-C-Calls can't call back into JS code, so we can only ever have one
> such call on the stack at a time, allowing us to store the FP on the
> isolate rather than the stack.
>
> TBR=v8-mips-ports@googlegroups.com
>
> Bug: v8:8464, v8:7202
> Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
> Reviewed-on: https://chromium-review.googlesource.com/c/1340241
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57896}
R=petermarshall@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ie82eaa08ba6ceeb0c0a5bb4de251540becf1f05e
Reviewed-on: https://chromium-review.googlesource.com/c/1361422
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58025}
This is a reland of c2aaf0a6fa
Original change's description:
> [wasm][liftoff] Optimize one-armed ifs
>
> Do not implement one-armed ifs by emulating an empty else branch. In
> Liftoff, we can generate better code and save compile time by handling
> this specially. If the merge point at the end of the if is not reached
> by the if-branch, we do not need to generate any merge code.
>
> R=titzer@chromium.org
>
> Bug: v8:6600, v8:8423
> Change-Id: Ie8ea69dd7491f225605a8e1b986d275d869aa90b
> Reviewed-on: https://chromium-review.googlesource.com/c/1356508
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57968}
Bug: v8:6600, v8:8423
Change-Id: I6d5eea9f860486768779a33bf6bd7b87cbfc2af0
Reviewed-on: https://chromium-review.googlesource.com/c/1361040
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58024}
Improve readability by avoiding a helper method. Just read from the
stack directly.
R=titzer@chromium.org
Change-Id: I38c944fac45c721f328a2b7bec3a3f4602f05c05
Reviewed-on: https://chromium-review.googlesource.com/c/1360572
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58023}
Building on https://chromium-review.googlesource.com/c/v8/v8/+/1349243,
which asserted on calls to GetChars() that weren't in a
DisallowHeapAllocation scope, this CL takes a reference to the scope
in order to provide static protection in all builds.
Bug: v8:8238
Change-Id: I481a1dbbd3ae57eb35c5f828c5e242691635be27
Reviewed-on: https://chromium-review.googlesource.com/c/1354038
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58022}
Code comments in the snapshot can now be enabled with gn
arg 'v8_enable_snapshot_code_comments'
Bug: v8:7989
Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
Reviewed-on: https://chromium-review.googlesource.com/c/1329173
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58020}
The flakiness of this test was fixed by
https://chromium-review.googlesource.com/c/v8/v8/+/1280436 which removed
calls to StartTickSample() and FinishTickSample() from tests as this
causes a race.
Bug: v8:6133, v8:5193
Change-Id: Ia6bcfa75cce64547b00a185343ada803d082a12e
Reviewed-on: https://chromium-review.googlesource.com/c/1361163
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58019}
It's possible that we encounter incorrect SP or FP values while
unwinding the stack. One reason is that third-party code like virus
protection may change the stack. If we encounter values for SP or FP
that don't make sense, we should bail out of unwinding and return false.
Bug: v8:8116, chromium:909957
Change-Id: I630fef3f619382c7035be50b86072be349ed185c
Reviewed-on: https://chromium-review.googlesource.com/c/1358514
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58018}
This reverts commit c2aaf0a6fa.
Reason for revert: Benchmarks fail, and ClusterFuzz is not happy (issue 911406, issue 911271)
Original change's description:
> [wasm][liftoff] Optimize one-armed ifs
>
> Do not implement one-armed ifs by emulating an empty else branch. In
> Liftoff, we can generate better code and save compile time by handling
> this specially. If the merge point at the end of the if is not reached
> by the if-branch, we do not need to generate any merge code.
>
> R=titzer@chromium.org
>
> Bug: v8:6600, v8:8423
> Change-Id: Ie8ea69dd7491f225605a8e1b986d275d869aa90b
> Reviewed-on: https://chromium-review.googlesource.com/c/1356508
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57968}
TBR=titzer@chromium.org,clemensh@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6600, v8:8423
Change-Id: I5cb3b069f40e34f34da4013e666f6ff293752567
Reviewed-on: https://chromium-review.googlesource.com/c/1360633
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58012}
This CL improves typed optimization more:
ChangePlainPrimitiveToNumber is only omitted if it is not required.
Change-Id: I5d81537a046c5a5a0c730fcd1e17bbdfda887687
Bug: v8:910562
Reviewed-on: https://chromium-review.googlesource.com/c/1357058
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58009}
It is possible this CL results in various regressions, the idea
is to get some data on where constant tracking helps and where
it regresses.
Bug: v8:8361
Change-Id: I2f291788a8bea03e6eaac9f51564c1da02734d1a
Reviewed-on: https://chromium-review.googlesource.com/c/1347474
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58008}
