The function InstanceBuilder::ProcessImports got long and hard to
understand. This CL is the second change of a series which aims at
extracting parts of ProcessImports into specialized functions.
This CL extracts the processing of imported tables into a separate
function. Aside from copying the code, I made the following changes:
* Rename {index} to {import_index}.
* Rename {table_num} to {table_index}.
R=clemensh@chromium.org
Bug: v8:8562
Change-Id: I37398f0c8feccae3647a7817d7d4d6d0d87fd5a9
Reviewed-on: https://chromium-review.googlesource.com/c/1382470
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58341}
Avoiding malloc and unique_ptr seems to have positive effects on a
representative facebook and cnn workload.
This makes arrow functions and eager functions potentially more
expensive since the DataGatheringScope is now always stack-allocated
and only the full initialization happens conditionally.
Change-Id: Ibf1c1308a7db464f7c5d2bafd61560e4cabf0ce9
Reviewed-on: https://chromium-review.googlesource.com/c/1382733
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58340}
Otherwise the error would have been dropped between the previous
accumulate and the subsequent ValidateExpression.
Bug: v8:8607
Change-Id: I29f5d5b6887b57f4b70369ba370fe0b44b1d6798
Reviewed-on: https://chromium-review.googlesource.com/c/1382744
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58339}
When we call ObjectToString on JSValues we only looked at string tags
on the prototype map of the JSValue's value type and do not check the
tags on the JSValue's prototype chain which may be non-trivial if
subclassing is involved. For ex: if we have a class Test extend Number,
we only looked for tags on the Number prototype and not on the Test
prototype. This cl fixes the builtin to also check for these cases.
Bug: v8:7706
Change-Id: I9f0e3bb6499646bf27b92bf4fb4e9014f6efa56b
Reviewed-on: https://chromium-review.googlesource.com/c/1378176
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58338}
gm.py has been careful to only use the "pty" module's functionality
on Linux, but as it turns out, the module is *so* strongly specific
to Linux that even importing it fails on Windows. Making the import
of "pty" conditional makes gm.py work on Windows.
Change-Id: I0c1fb8a9a0299fde50e252337551d9395039f14d
Reviewed-on: https://chromium-review.googlesource.com/c/1382738
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58335}
instead of Object* (which is deprecated) or ObjectPtr (which is
unsuitable for cases where we need to control the ABI exactly).
Callers in generated code expect a plain tagged value, so return
precisely that. Same for C++ Builtins.
Bug: v8:3770
Change-Id: Id12f0d9830f7caf2a16aa973b8297f70d65241f5
Reviewed-on: https://chromium-review.googlesource.com/c/1382466
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58334}
This is a reland of fac6f63eb8, after
adding initialization of unused element slots.
Original change's description:
> Use CopyElements (which uses memcpy) to copy FixedDoubleArray.
>
> This improves the performance of ExtractFixedArray and
> CloneFastJSArray for double arrays, which in turn improve the
> performance of cloning double arrays with slice() or spreading.
>
> This, however, does not improve performance of spreading holey
> double arrays, because spreading needs extra work to convert
> holes to undefined.
>
> Bug: v8:7980
> Change-Id: Ib8aed74abbb0b06982a3b754e134fa415cb7de2d
> Reviewed-on: https://chromium-review.googlesource.com/c/1280308
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Hai Dang <dhai@google.com>
> Cr-Commit-Position: refs/heads/master@{#56680}
Bug: v8:7980
Change-Id: I899af60c061b9cd6eb619c247c5fc515b92e9fd7
Reviewed-on: https://chromium-review.googlesource.com/c/1382735
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58333}
This changes how rewind upon preparser abort works. It now rewinds to the start
of the parameter scope. In the case of "function X(" it is before the "(". In
the case of arrow functions it's before the start of the arrow function. This
allows us to reparse the arrow function from the start so all parameters are
declared properly.
Bug: v8:2728, v8:7390
Change-Id: I1c40056a49ec198560e63cd73949a59221ee0401
Reviewed-on: https://chromium-review.googlesource.com/c/1382736
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58332}
The function InstanceBuilder::ProcessImports got long and hard to
understand. This CL is the first of a series which aims at extracting
parts of ProcessImports into specialized functions.
This CL extracts the processing of imported functions into a separate
function. Aside from copying the code, I made the following changes:
* Use {enabled_} instead of a newly created WasmFeatures object.
- I think this is more correct anyways.
* Rename {index} to {import_index}.
* Load {native_module} from {instance} for every function, instead of
loading it once for all imports.
R=clemensh@chromium.org
Bug: v8:8562
Change-Id: I9533f302929eedd395962253c340ba35324df631
Reviewed-on: https://chromium-review.googlesource.com/c/1382467
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58331}
Adds a flag to specify whether to disable the linter caching.
R=machenbach@chromium.org,sergiyb@chromium.org
CC=yangguo@chromium.org
Bug: v8:8482
Change-Id: I62a9b7cffb3adb50b136659568ad52078675ca4b
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1370029
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58329}
This is to fix the pointer compression bot, which tests only x64.
Other 64-bit architectures will need similar work in the future.
On x64 with pointer compression, smi-untagging can be folded into the
Operand calculation since the left-shift for multiplying by
kSystemPointerSize is greater than the right-shift for untagging.
Bug: v8:7777
Change-Id: I5c46e9d3f51580341cfc3c12a7e32d17cf0b63ee
Reviewed-on: https://chromium-review.googlesource.com/c/1381452
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58328}
After reducing the noise in jsfunfuzz output (1378177), we need to make sure
that the builders pick up the latest version of this repository.
Currently, because the builders haven't downloaded the repository after the
change landed, they're still using the previous version of the jsfunfuzz runner.
R=machenbach@chromium.orgCC=yangguo@chromium.org,sergiyb@chromium.org
Bug: v8:8493
Change-Id: I7629c592d1c455e8d39d41d11f8071a67eac371e
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1382464
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58326}
The SFI's flags can be changed by the mutator while the concurrent marker is checking
the flags for bytecode flushing. None of the flag bits checked for bytecode flushing
are changed, however since they are in an int32 field TSAN will complain if any of the
other flags are changed while reading from another flag. Fix this by making the flags
use the RELAXED_INT32_ACCESSORS.
BUG=v8:8592,v8:8395
Change-Id: I5fbb4fd381c2b288abf0cd36eb0b8256e1929af6
Reviewed-on: https://chromium-review.googlesource.com/c/1382458
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58325}
This skips one level of indirection by calling the off-heap entry
point directly instead of going through the on-heap Code trampoline.
Bug: v8:7777
Change-Id: If667ea6cd6138ab1c12aa861ef441109008e4fba
Reviewed-on: https://chromium-review.googlesource.com/c/1382459
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58324}
This CL introduces our own minimal SmallVector implementation and uses
it in several places (more might follow).
I measured that in the majority of cases, these vectors are quite small
(<= 8 elements), so we will avoid any heap allocation in those cases.
R=mstarzinger@chromium.orgCC=titzer@chromium.org
Bug: v8:8423
Change-Id: I93a26b3303a10fe1dc93186430e20333ea4970a8
Reviewed-on: https://chromium-review.googlesource.com/c/1378178
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58323}
The operation will be used for marking of descriptor arrays.
Bug: v8:8486
Change-Id: If73be030614e2c84c77eaeeff419c08ef34a76e9
Reviewed-on: https://chromium-review.googlesource.com/c/1382456
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58322}
Added tests for the existing FileContentsCache, and created a superclass
that removes the duplicated code from Torque and CPP linters
R=machenbach@chromium.org,sergiyb@chromium.org
CC=yangguo@chromium.org
NOTRY=true
Bug: v8:8482
Change-Id: Ic7a0b3d58c64f395e790d4ff668fa804c05478be
Reviewed-on: https://chromium-review.googlesource.com/c/1369949
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58321}
This CL implements the global.get and global.set instruction for anyref
globals. This includes:
* Properly decode anyref globals.
* Add a FixedArray to WasmInstanceObject to store anyref globals.
* Initialize the FixedArray.
* Generate code for global.get and global set.
This CL does not allow to import globals yet.
R=clemensh@chromium.org
Bug: v8:7581
Change-Id: I62617409271d9b6f2253a191681189865aa1f459
Reviewed-on: https://chromium-review.googlesource.com/c/1380112
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58318}
The parser object can now be created on a worker thread, therefore we shouldn't access
global FLAGs during the constructor. Instead move them to the ParseInfo constructor
and set the parser fields based on these. Also avoid accessing always_opt flags in
bytecode-flags - instead accessing it in ParseInfo and propagating to the bytecode
generator.
Also gets rid of unused kUntrustedCodeMitigations flag in UnoptimizedCompilationInfo
BUG=v8:8582
Change-Id: I6e6fdc8cc7865803cb5f334f652abc0e3e4cb3ce
Reviewed-on: https://chromium-review.googlesource.com/c/1375918
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58316}
Dropping the temporary StructPtr in the process.
Bug: v8:3770
Change-Id: I70784ede7b66b432d8438536ff0c70a51dfb7f83
Reviewed-on: https://chromium-review.googlesource.com/c/1377461
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58315}
During bootstrapping, both the kFreeSpaceMap root and the map of
actual FreeSpace objects can be nullptr, so the respective DCHECK
must be robust towards this.
Change-Id: Ic7b66b5ab40d7b1bf77c2de936e611e0836cd51f
Reviewed-on: https://chromium-review.googlesource.com/c/1382094
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58314}
Some frames have no name. gdb showed an error in these cases. This CL
avoids this by explicitly handling unnamed frames.
R=ahaas@chromium.org
No-Try: true
Change-Id: Id3918705fbfe66306b5d1c34c3638b67e037aa18
Reviewed-on: https://chromium-review.googlesource.com/c/1382211
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58313}
Since we always flatten the string upfront, we don't need to
implement the the UTF8 conversion as a string visitor anymore.
R=petermarshall@chromium.org
Bug: v8:6780, v8:8605
Change-Id: I27946551d7c3742f47ac36d5c909c19a7f2b0371
Reviewed-on: https://chromium-review.googlesource.com/c/1371828
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58312}
We don't need that complexity for initializing a static array.
R=cbruni@chromium.org
Bug: v8:8562, v8:8600
Change-Id: I35ba00dc7a11eeff6c6eadbcb8899a697ccfb415
Reviewed-on: https://chromium-review.googlesource.com/c/1380113
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58310}
Since it's explicit what we're tracking, we can immediately throw errors in
certain cases, and ignore irrelevant errors. We don't need to use the
classifier itself to track "let let", since we know whether we're parsing a
"let". Errors that were previously (almost) always accumulated are now
immediately pushed to the scopes that care (parameter initialization errors).
This CL drops avoiding allocation of classified errors, at least for now, but
that doesn't affect performance anymore since we don't aggressively blacklist
anymore. Classified errors are even less likely with the more precise approach.
ParseAssignmentExpression doesn't introduce its own scope immediately, but
reuses the outer scope.
Rather than using full ExpressionClassifiers + Accumulate to separate
expressions/patterns from each other while keeping track of the overall error
state, this now uses an explicit AccumulationScope.
When we parse (async) arrow functions we introduce new scopes
that track that they may be (async) arrow functions.
We track StrictModeFormal parameters in 2 different ways if it isn't
immediately certain that it is a strict-mode formal error: Either directly on
the (Pre)ParserFormalParameters, or on the NextArrowFunctionInfo in the case
we're not yet certain that we'll have an arrow function. In the latter case we
don't have a FormalParameter object yet, and we'll copy it over once we know
we're parsing an arrow function. The latter works because it's not allowed to
change strictness of a function with non-simple parameters.
Design doc:
https://docs.google.com/document/d/1FAvEp9EUK-G8kHfDIEo_385Hs2SUBCYbJ5H-NnLvq8M/
Change-Id: If4ecd717c9780095c7ddc859c8945b3d7d268a9d
Reviewed-on: https://chromium-review.googlesource.com/c/1367809
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58307}
This makes it less likely to break layout tests (and block rolling V8 to
Chromium) by accident.
BUG=v8:8595
NOTRY=true
Change-Id: Ie5d2fad72b5b6dc4e3101114068ad134add2e475
Reviewed-on: https://chromium-review.googlesource.com/c/1379882
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58305}
See errors like:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Fuzzer/28117
The logs only shows the tail of the stderr, in order to get information, huge logs
need to be downloaded.
Instead of using the tail end of the stderr logs, we get the head of the stderr logs,
which is the important part for us.
R=machenbach@chromium.org
CC=yangguo@chromium.org,sergiyb@chromium.org
gclient sync
cd v8
tools/jsfunfuzz/fuzz-harness.sh out/x64.debug/d8 fuzz-results.tar.bz2
```
Test: ```
Bug: v8:8493
Change-Id: Ia87c52f5b08ff9748cf2a81c9ca983d22fda650d
Reviewed-on: https://chromium-review.googlesource.com/c/1378177
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58302}
This adds a MicrotaskQueue parameter to Execution::RunMicrotasks, and
propagate it to Invoke(). Also, reorganizes the existing and newly added
parameters into a struct.
Change-Id: Ib98009b97681fdb554c0a8d469be962aea4138bd
Reviewed-on: https://chromium-review.googlesource.com/c/1373210
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58299}
Change the initial value of breakType to undefined
Store break type into bits
Change the algorithm
Bug: v8:6891
Change-Id: Id2cc1e90c28d92364318928fc8a377f172ebb339
Reviewed-on: https://chromium-review.googlesource.com/c/1374996
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58298}
This is a reland of 7b744e3ae8
I cannot reproduce the problem in this reland CL. I think
the origin breakage is just due to test flakiness.
Try to reland it without changes
TBR=jshin@chromium.org
Original change's description:
> [Intl] Replace uloc_(to|for)Language w/ Locale API
>
> Bug: v8:8468
> Change-Id: Id2f8d165e5f29f429821b44def2512fe760c0a51
> Reviewed-on: https://chromium-review.googlesource.com/c/1377989
> Reviewed-by: Jungshik Shin <jshin@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58260}
Bug: v8:8468
Change-Id: I5f34d061d630d07f5c9da07f9adb1efa040d66d5
Reviewed-on: https://chromium-review.googlesource.com/c/1378658
Reviewed-by: Frank Tang <ftang@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58297}
C++ introduces the {alignof} keyword, which evaluates to an integral
constant defining the alignment of the given type. This makes
{V8_ALIGNOF} redundant.
R=ulan@chromium.org
Bug: v8:8562
Change-Id: I15a4022c2c396afba96360f218d8a04b17a9a448
Reviewed-on: https://chromium-review.googlesource.com/c/1379938
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58292}
