We had four files in git which used CRLF. After adding a .gitattributes
file with "* text=auto", we should not get any new ones. This CL
converts the four existing files to LF.
R=mathias@chromium.org
Bug: v8:7570
Change-Id: Ia9c92f4bed14c6669de7d60390627a11de6450b8
Reviewed-on: https://chromium-review.googlesource.com/1047611
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53046}
This API will be used by Node.js to provide output compatible with
Chrome devtools.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I265495f8af39bfc78d7fdbe43ac308f0920e817d
Reviewed-on: https://chromium-review.googlesource.com/1044491
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Eugene Ostroukhov <eostroukhov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53041}
The hard-coded timeout in the test is so near, that e.g., adding DCHECKs pushes
the test over the limit. The test is ran with dcheck_always_on=true.
We shouldn't do any performance testing with dcheck_always_on=true; this creates
the wrong incentive to not add DCHECKs (or in this case, CLs which add more
DCHECKs or cause more DCHECKs to be hit cannot land at all).
Change-Id: Ia4d1b2b17ce5a5330b929f984253c89ba273f661
Reviewed-on: https://chromium-review.googlesource.com/1046548
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53032}
The DCHECK was incorrect. This new API method can be called from any
debug mode since the embedder does not know which mode we are in.
It should only apply the side effect logic when the mode is
kSideEffects.
Bug: chromium:829571
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I11b0e5194b151a2b88171d6be21c3ccbba9cd408
Reviewed-on: https://chromium-review.googlesource.com/1046162
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53030}
Stubs and builtins are very similar. The main differences are that
stubs can be parameterized and may be generated at runtime, whereas
builtins are generated at mksnapshot-time and shipped with the snapshot
(or embedded into the binary).
My main motivation for these conversions is that we can generate
faster calls and jumps to (embedded) builtins callees from (embedded)
builtin callers. Instead of going through the builtins constants table
indirection, we can simply do a pc-relative call/jump.
This also unlocks other refactorings, e.g. removal of
CallRuntimeDelayed.
TBR=mlippautz@chromium.org
Bug: v8:6666
Change-Id: I4cd63477f19a330ec70bbf20e2af8a42fb05fabb
Reviewed-on: https://chromium-review.googlesource.com/1044245
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53027}
Define simple accessors in the header and give them lower case names.
R=mstarzinger@chromium.org
Bug: v8:7570
Change-Id: I2914013fdea2218189275bbaa9f98ea5de0ccd7c
Reviewed-on: https://chromium-review.googlesource.com/1046546
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53024}
These tests can be unskipped now that off-heap trampolines are packed
into the binary.
Bug: v8:6666
Change-Id: Ib8d55064a42da3b12fd940441298e5273181c601
Reviewed-on: https://chromium-review.googlesource.com/1047165
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53023}
ProfilerListener which holds CodeEntries has been moved from Logger to
CpuProfiler. This way we can clear entries when all the profiles
produced by a particular CpuProfiler are deleted.
BUG=v8:7719
Change-Id: I31d47dc7da44648c8fb8e87b47e2e6260d3dc5c3
Reviewed-on: https://chromium-review.googlesource.com/1043050
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53004}
Creating a new instance from a v8::Function will invoke its
constructor. If it is an API callback that has not been marked as
kHasNoSideEffect, this CL introduces a way to invoke it without
throwing.
Calls within the constructor are still checked for side effects.
Bug: chromium:829571
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ia4e410d487e2847bc511cb96f0be30a3563991f6
Reviewed-on: https://chromium-review.googlesource.com/1034116
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53003}
This makes {Script} objects created for WebAssembly no longer reference
a concrete instance object, but a module object instead. All uses of the
field in question only require module-wide information and the script is
meant to represent the set of all instances, not just one concrete
instance.
R=clemensh@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I751d4b75c8a970cffcb1a37b6c22ff69e9ee5489
Reviewed-on: https://chromium-review.googlesource.com/1043871
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53002}
This method is intended for use by code caching as follows:
1. The module is compiled (and perhaps instantiated).
2. The embedder fetches and stores the module's unbound script (i.e.
the shared function info).
3. Module evaluation, maybe triggering lazy compilation.
4. Generated code for the module (which hangs off the shared function
info) is inserted into the code cache.
Subsequent module loads can load from the code cache prior to
evaluation.
Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I80018cd921ab1a18323906a548b249e19d9f9509
Reviewed-on: https://chromium-review.googlesource.com/1041745
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52998}
On div and rem on ia32 and x64, we sometimes need to spill. If this
spilling code happens inside of a branch, the cache state will reflect
that the value was spilled, even though the actual spilling code might
not have executed.
R=titzer@chromium.org
Bug: v8:6600, chromium:839800
Change-Id: I93b681a23119f903feb54235d6d44a7cbd5815fe
Reviewed-on: https://chromium-review.googlesource.com/1044185
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52995}
Add binop tests for div and rem of i32 and i64. The test is extended to
handle traps, and to check that the value of local variables is not
affected by the operation.
R=titzer@chromium.org
Bug: v8:6600, chromium:839800
Change-Id: I1a4cbc40bd399666d9831d021afb96e0c53a9f64
Reviewed-on: https://chromium-review.googlesource.com/1044166
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52989}
In order to get more test coverage (also on ClusterFuzz), stage Liftoff
and tier up behind --future.
R=hablich@chromium.org
CC=titzer@chromium.org
Bug: v8:6600
Change-Id: I718e17957b26f60aa4c002333035f693344806e0
Reviewed-on: https://chromium-review.googlesource.com/1042385
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52987}
The Promoted* prefix was used to refer both to the total number of old
generation objects, and to the delta of objects moved from the new to
old generations.
PromotedTotalSize() is also renamed, to reflect the actual calculation
it performs
Bug: chromium:837583
Change-Id: Id27a0661618257ef64eb469a83bb49c0e8ce6923
Reviewed-on: https://chromium-review.googlesource.com/1042314
Commit-Queue: Wez <wez@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52986}
This is a reland of a0c57368a9
Original change's description:
> [wasm] Maintain link from Instance to Module.
>
> This moves the link from a {WasmInstanceObject} to its corresponding
> {WasmModuleObject} into the right place and also makes it strong. This
> ensures that an instance always keeps the underlying module alive and
> hence removes the situation of an "orphaned instance".
>
> R=clemensh@chromium.org
>
> Change-Id: Id59f6a49740af8ef0248679c3d2c696bb9776944
> Reviewed-on: https://chromium-review.googlesource.com/1041691
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52942}
Change-Id: I9854400bfc1d22bd258f17118fcb7460cdc3acd5
Reviewed-on: https://chromium-review.googlesource.com/1043786
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52985}
Instead rely on the scope info containing the name as well.
Change-Id: Ie1f96ea023a793b11209510566f6831b1dfd40ab
Reviewed-on: https://chromium-review.googlesource.com/1042567
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52983}
Side effect free whitelist now
- supports 'typeof' when it performs Load operations
- runtime checks for Array.p.splice
Bug: v8:7588
Change-Id: I45bcd705f8d3f2d2ee61f018566439bf56d1bcbc
Reviewed-on: https://chromium-review.googlesource.com/1037926
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52976}
Since 94ce16b704, when loading an iterator from null or undefined, we
generate the error message "x is not iterable" instead of the unwieldy
"Cannot read property 'Symbol(Symbol.iterator)' of undefined". However
Runtime::GetObjectProperty, which is used as slow path by LoadICs, did
not check for this case, leading to different messages being generated
depending on IC state.
Bug: chromium:823130
Change-Id: Ie98500b97efef401aac9880b9af47d58c3c2825d
Reviewed-on: https://chromium-review.googlesource.com/1042951
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52974}
Temporarily skip this test until it can be fixed.
TBR=machenbach@chromium.org
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7718
Change-Id: I04b6c47b72ed041b2b22669187b8afbcc0c05ff6
Reviewed-on: https://chromium-review.googlesource.com/1042398
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52960}
There are likely cleanups that can be done after this CL:
- context-related functions in the interpreter and compiler take ScopeInfo as
well as ScopeType and slot-count as input. The latter 2 should be directly
derived from the former. We should be able to drop FunctionContextParameters.
- ContextExtension is probably not needed anymore, since we now always have the
correct scope_info directly in the SCOPE_INFO_INDEX slot.
Bug: v8:7066
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ie1f6134c686a9f2183e54730d9cdd598a9e5ab67
Reviewed-on: https://chromium-review.googlesource.com/785151
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52952}
This reverts commit a0c57368a9.
Reason for revert: Speculative revert due to failures with custom
snapshot:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/19061
Local bisect also points to this change:
http://shortn/_IhVxU2FKLu
Original change's description:
> [wasm] Maintain link from Instance to Module.
>
> This moves the link from a {WasmInstanceObject} to its corresponding
> {WasmModuleObject} into the right place and also makes it strong. This
> ensures that an instance always keeps the underlying module alive and
> hence removes the situation of an "orphaned instance".
>
> R=clemensh@chromium.org
>
> Change-Id: Id59f6a49740af8ef0248679c3d2c696bb9776944
> Reviewed-on: https://chromium-review.googlesource.com/1041691
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52942}
TBR=mstarzinger@chromium.org,clemensh@chromium.org
Change-Id: I1830e6ce14314f06f918a0c428182bfd68354ad9
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/1041968
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52949}
This reverts commit 40f1aaf330.
Reason for revert:
https://luci-milo.appspot.com/buildbot/client.v8/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/21000
Original change's description:
> [heap] Mark RO_SPACE as read-only after deserialization
>
> Adds MarkAsReadOnly and MarkAsReadWrite to ReadOnlySpace. The latter
> is only usable with ReadOnlySpace::WritableScope to avoid the space
> being left writable). MarkAsReadOnly updates the high water mark and
> makes several previously mutating methods into no-ops.
>
> Moves some writes to immutable objects out of the bootstrapper to
> setup-heap-internal so they don't write to a read-only page.
>
> Also avoid writing hashes to strings that already have the value set as
> that invariably means writing to the "0" and "1" constant strings in
> RO_SPACE.
>
> Before serialization, it makes RO_SPACE writable again so that any
> padding can be cleared before writing it.
>
> Bug: v8:7464
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
> Change-Id: I22edc20dba7dde8943991a8fcaf87244af4490a3
> Reviewed-on: https://chromium-review.googlesource.com/1014128
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52943}
TBR=yangguo@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,delphick@chromium.org
Change-Id: Id4770c0fdb21cd9eea2f62a019f44a6bdea8f0a7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7464
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1041948
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52944}
Adds MarkAsReadOnly and MarkAsReadWrite to ReadOnlySpace. The latter
is only usable with ReadOnlySpace::WritableScope to avoid the space
being left writable). MarkAsReadOnly updates the high water mark and
makes several previously mutating methods into no-ops.
Moves some writes to immutable objects out of the bootstrapper to
setup-heap-internal so they don't write to a read-only page.
Also avoid writing hashes to strings that already have the value set as
that invariably means writing to the "0" and "1" constant strings in
RO_SPACE.
Before serialization, it makes RO_SPACE writable again so that any
padding can be cleared before writing it.
Bug: v8:7464
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I22edc20dba7dde8943991a8fcaf87244af4490a3
Reviewed-on: https://chromium-review.googlesource.com/1014128
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52943}
This moves the link from a {WasmInstanceObject} to its corresponding
{WasmModuleObject} into the right place and also makes it strong. This
ensures that an instance always keeps the underlying module alive and
hence removes the situation of an "orphaned instance".
R=clemensh@chromium.org
Change-Id: Id59f6a49740af8ef0248679c3d2c696bb9776944
Reviewed-on: https://chromium-review.googlesource.com/1041691
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52942}
If there is more then one agent accepts current pause, we should resume
only when last agent is disabled.
R=dgozman@chromium.org
Bug: chromium:834056
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I2904b3f4ab76117511e16450dd575ebf3e20a068
Reviewed-on: https://chromium-review.googlesource.com/1041207
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52931}
The tracker needs to maintain the byte length as there is no order guarantee
when sweeping pages and the byte length may be a HeapNumber that is stored on a
different page.
The abstraction for ArrayBuffers is left untouched. We distinguish between the
following cases:
1. Regular AB (backing_store and bye_length should be used)
2. AB allocated using kReservation but not part of wasm
3. AB allocated using kReservation and part of wasm
In practice, 2. does not exist, but we still maintain "allocation_base" and
"allocation_length" which fall back to backing_store and byte_length in this
case. The problematic part is that they look like innocent getters on the
object but actually refer to different data structures or on-heap objects.
Since 2. does not exist, and 3. looks up the bounds in its own tracker, it is
fine for ArrayBufferTracker to pass backing_store and tracked byte_length.
Bug: v8:7701
Change-Id: Ib89d5fe94fce5cef8e5d8343a5415a3b9ad0deba
Reviewed-on: https://chromium-review.googlesource.com/1039385
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52923}
This is a reland of ad221d144a
Original change's description:
> [wasm] Always enable guard regions on 64-bit platforms
>
> This change makes full 8 GiB guard regions always enabled on 64-bit
> platforms.
>
> Additionally, since all Wasm memory allocation paths have some form of
> guard regions, this removes and simplifies most of the logic around
> whether to enable guard regions.
>
> This is a reland of https://crrev.com/c/985142.
>
> Bug: v8:7619
> Change-Id: I8bf1f86d6f89fd0bb2144431c7628f15a6b00ba0
> Reviewed-on: https://chromium-review.googlesource.com/996466
> Reviewed-by: Brad Nelson <bradnelson@chromium.org>
> Commit-Queue: Eric Holk <eholk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52412}
Bug: v8:7619
Change-Id: I0f311305472ca2305ad2fa9163560ff54c1422c2
Reviewed-on: https://chromium-review.googlesource.com/999872
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52921}
This reverts commit 2df5e7a7b6.
Reason for revert: Mystery crashes https://bugs.chromium.org/p/chromium/issues/detail?id=838805
Original change's description:
> [parser] Slice the source string where possible
>
> When internalizing string literals (for quoted strings or property names),
> try to create a sliced string of the source string rather than allocating
> a copy of the bytes.
>
> This will not work for string literals that contain escapes (e.g. unicode
> escapes), and currently does not support two-byte strings.
>
> Bug: chromium:818642
> Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980
> Reviewed-on: https://chromium-review.googlesource.com/1010282
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52898}
TBR=marja@chromium.org,yangguo@chromium.org,jarin@chromium.org,mlippautz@chromium.org,leszeks@chromium.org,verwaest@chromium.org
Change-Id: I598b6668c43a3e843e2dd8e60852b2b2f3461954
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1039885
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52919}
test-serialize/SerializationMemoryStats does not actually create a new
Isolate from scratch. Instead, it deserializes from the snapshot and
we can simply piggy-back off existing output to measure
deserialization time.
Bug: v8:6666,v8:7693
Change-Id: I8f709ea834ff7f5e46f7ebfa9b0c35d96095bf26
Reviewed-on: https://chromium-review.googlesource.com/1039585
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52918}
The first element of a given iterable argument can be a hole. Thus,
normalize the first element so that we can correctly format the
exception message with "undefined" for a hole element, instead of "NaN".
Bug: v8:7715
Change-Id: I62edd09e361ebeebab642bb82db29b73a2c7b193
Reviewed-on: https://chromium-review.googlesource.com/1038951
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52917}
Original CL: https://crrev.com/c/1018468
During code generation, we generate self-references (i.e. references to
the Code object currently being generated) as references to a temporary
handle. When the final Code object has been allocated, the handle's
location is fixed up and RelocInfo iteration fixes up all references
embedded in the generated code.
This adds support for this mechanism to the builtins constants table
builder. CodeObject() is now a new handle pointing to a dedicated
self-reference marker in order to distinguish between self-references
and references to undefined. In Factory::NewCode, we patch up
the constants table.
TBR=yangguo@chromium.org,mlippautz@chromium.org
Bug: v8:6666
Change-Id: I3fa422c57de99c9851dc7a86394a8387c7c2b397
Reviewed-on: https://chromium-review.googlesource.com/1039366
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52916}
We incorrectly used a TurboFan typer check for {0,10,undefined} on the
radix argument on Number.parseInt, which was internally widened to the
checking whether radix is in range 0-10 or undefined. This CL introduces
two separate checks.
Bug: chromium:838766
Change-Id: I5ebfc1c82bad5b9794b4f844e79e4df01f541a83
Reviewed-on: https://chromium-review.googlesource.com/1039197
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52914}
This fixes a bug where we didn't run before/after hooks for await when
the debugger is not active, as reported downstream in
https://github.com/nodejs/node/issues/20274
Change-Id: I1948d1884c591418d87ffd1d0ccb2bebf4e908f1
Reviewed-on: https://chromium-review.googlesource.com/1039386
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52909}
When internalizing string literals (for quoted strings or property names),
try to create a sliced string of the source string rather than allocating
a copy of the bytes.
This will not work for string literals that contain escapes (e.g. unicode
escapes), and currently does not support two-byte strings.
Bug: chromium:818642
Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980
Reviewed-on: https://chromium-review.googlesource.com/1010282
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52898}
GetWorkerThreadsTaskRunner() was about to be phased out [1] but v8
r52818 landed ahead of it.
Add CallDelayedOnWorkerThread() to the new worker thread API to support
this use case before phasing out GetWorkerThreadsTaskRunner()
[1] https://chromium-review.googlesource.com/c/v8/v8/+/978443
Implemented it in d8+cctest+default-platform right away to avoid
requiring a non-null Isolate* (and yet another transitional API).
R=ahaas@chromium.org, kozyatinskiy@chromium.org
Bug: chromium:817421
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I2bee08fee08cf15a664d31cc6817e21cebe1d140
Reviewed-on: https://chromium-review.googlesource.com/1033584
Commit-Queue: Gabriel Charette <gab@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52892}
A stack overflow can be thrown by JSEntryStub, which means the
thread-in-wasm flag will not have the expected value. To accommodate
this, we now clear the flag during exceptional returns if it is set.
Bug: chromium:834624
Change-Id: I8359af79886ab98dfecc2fb39ca19118b7fa38eb
Reviewed-on: https://chromium-review.googlesource.com/1019570
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52891}
This includes the following changes:
- Limit code space to 128 MB.
- Use direct branches wherever possible.
- Where not possible, continue using load literal followed by an indirect
branch.
- Sort RelocInfo by target_address_address for the serializer, since mixing
load literal instructions and branch instructions messes up that order.
- Ensure we always wipe out targets in the serializer (not just for the
snapshot) in order to be able to distinguish between constant pool entries
and branch instructions.
Change-Id: I1a1029ce2a5f72a3a94802daf267d14a42c7c790
Reviewed-on: https://chromium-review.googlesource.com/939175
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#52885}
The idea is to mark all the branches and loads participating in array
bounds checks, and let them contribute-to/use the poisoning register.
In the code, the marks for array indexing operations now contain
"Critical" in their name. By default (--untrusted-code-mitigations),
we only instrument the "critical" operations with poisoning.
With that in place, we also remove the array masking approach based
on arithmetic.
Since we do not propagate the poison through function calls,
we introduce a node for poisoning an index that is passed through
function call - the typical example is the bounds-checked index
that is passed to the CharCodeAt builtin.
Most of the code in this CL is threads through the three levels of
protection (safe, critical, unsafe) for loads, branches and flags.
Bug: chromium:798964
Change-Id: Ief68e2329528277b3ba9156115b2a6dcc540d52b
Reviewed-on: https://chromium-review.googlesource.com/995413
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52883}
assertPromiseResult caused tests to timeout when the result of the
promise was unexpected, e.g. rejected instead of the expected
fulfillment. This CL cleans up the implementation of
assertPromiseResult, adds better stack traces, and adds tests for all
the important cases I can think of.
R=mathias@chromium.orgCC=clemensh@chromium.org
Bug: v8:7570
Change-Id: I6ecb94fd3e5151502edf73c3bcdeb518b80fc81c
Reviewed-on: https://chromium-review.googlesource.com/1032786
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52882}
This removes Type::operator-> which was used to split the change that
removed undefined misuse of Type* to represent integers.
Bug: v8:3770
Change-Id: I9a5bce5ccdc75461a7b939b4070cb58fe6040d99
Reviewed-on: https://chromium-review.googlesource.com/1033736
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52878}
Without this change, we could disable slow paths required when symbols
such as toStringTag are present on a receiver, but accessors or
interceptors are not (added in 31800120cc)
This change modifies this behaviour to not unset the previously set bit
if these forced slow path conditions are not met.
BUG=v8:7706
R=bmeurer@chromium.org
Change-Id: Id7bceb0e749da52e2dbcde0a310a865a89f24066
Reviewed-on: https://chromium-review.googlesource.com/1034210
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#52874}
This is part of the effort to decrease the amount of undefined behavior.
that v8 relies on.
The main change here is to represent types with class Type rather than
with pointer Type*. To make the CL smaller, I used an operator overload
hack to separate the change from `->` to `.`. I am working on a CL that
will remove the operator and change all those arrows to dots.
Bug: v8:3770
Change-Id: I71a197cb739a1467937bc95c2a757fab0469aa22
Reviewed-on: https://chromium-review.googlesource.com/1032551
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52872}
This finishes off the fixes and adds a DCHECK to make sure future tests
have page-sized memories. The one exception is for asm.js, because
asm.js does not have the same page size restriction.
Bug: v8:7704, v8:7570
Change-Id: I9f6d0f6c1744072fb1efa88abdfd2011938960df
Reviewed-on: https://chromium-review.googlesource.com/1033827
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52869}
* If the mutability of the global object doesn't match the module, then
it should throw a LinkError.
* There was a missing `return` when importing a Number as a mutable
global.
* All globals were being exported as immutable.
* Attempting to set the value of an immutable global should throw a
TypeError.
* The length of the setter function should be 1.
Bug: v8:7625
Change-Id: I08d6a428506a18db15eecadf4cbcee89e0658924
Reviewed-on: https://chromium-review.googlesource.com/1031626
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52865}
When WebAssembly.instantiate or WebAssembly.instantiateStreaming is
called in JavaScript, internally we transfrom it into
WebAssembly.compile(buffer).then(WebAssembly.instantiate). However,
modifying the prototype of WebAssembly.Module can change the result of
WebAssembly.compile(buffer). With this CL we make sure that even if the
result of WebAssembly.compile is modified, there is still no type
confusion. In the long term we have to do a refactoring and remove
this internal transformation.
R=mstarzinger@chromium.org
Bug: chromium:837417
Change-Id: I376068b8b8b01b991ec450162da6a62ae7030c62
Reviewed-on: https://chromium-review.googlesource.com/1032392
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52859}
This reverts commit 6379e2a464.
Reason for revert:
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fclient.v8%2FV8_Win64%2F23855%2F%2B%2Frecipes%2Fsteps%2FCheck%2F0%2Flogs%2Fmkgrokdump%2F0
Original change's description:
> [builtins] Patch self-references in constants table
>
> During code generation, we generate self-references (i.e. references to
> the Code object currently being generated) as references to a temporary
> handle. When the final Code object has been allocated, the handle's
> location is fixed up and RelocInfo iteration fixes up all references
> embedded in the generated code.
>
> This adds support for this mechanism to the builtins constants table
> builder. CodeObject() is now a new handle pointing to a dedicated
> self-reference marker in order to distinguish between self-references
> and references to undefined. In Factory::NewCode, we patch up
> the constants table.
>
> Bug: v8:6666
> Change-Id: If74ed91bb1c3b8abb20ff2f0a87d1bcd9a1b0511
> Reviewed-on: https://chromium-review.googlesource.com/1018468
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52854}
TBR=yangguo@chromium.org,mlippautz@chromium.org,jgruber@chromium.org
Change-Id: I8cf8c4b43f51285ea913c6c8fdd339bd9ea645df
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/1033092
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52856}
During code generation, we generate self-references (i.e. references to
the Code object currently being generated) as references to a temporary
handle. When the final Code object has been allocated, the handle's
location is fixed up and RelocInfo iteration fixes up all references
embedded in the generated code.
This adds support for this mechanism to the builtins constants table
builder. CodeObject() is now a new handle pointing to a dedicated
self-reference marker in order to distinguish between self-references
and references to undefined. In Factory::NewCode, we patch up
the constants table.
Bug: v8:6666
Change-Id: If74ed91bb1c3b8abb20ff2f0a87d1bcd9a1b0511
Reviewed-on: https://chromium-review.googlesource.com/1018468
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52854}
This removes the last reference from {NativeModule} that made it
specific to a concrete WebAssembly instance, by only referencing the
{WasmSharedModuleData} instead of a {WasmCompiledModule}. Note that
eventually we want to remove this reference completely to become even
independent of the underlying Isolate soon.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: I29b8cde8beadeef75c90e90fbff1830f2bf4e636
Reviewed-on: https://chromium-review.googlesource.com/1032433
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52853}
Linkage-related methods were declared in wasm-compiler.h and
implemented in wasm-linkage.cc. This required all users of e.g. wasm
call descriptors to include the whole wasm compiler header. Also, some
wasm linkage information is independent of turbofan and also used
outside of the compiler directory.
This CL splits off wasm-linkage.h (with minimal includes) and puts it
in src/wasm. This allows to use that information without including
compiler headers (will clean up several uses in follow-up CLs).
R=mstarzinger@chromium.org, titzer@chromium.org
Bug: v8:7570
Change-Id: Ifcae70b4ea7932cda30953b325c2b87c4176c598
Reviewed-on: https://chromium-review.googlesource.com/1013701
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52849}
Both macros currently call a function with individual CHECKs, which
makes error messages only show that one part of the equality check (and
not the the actual float values), and hides the actual location of the
check.
This CL refactors this such that the actual value is shown (just as
with other CHECK_EQ macros) and it shows the right file name and line
number.
R=ahaas@chromium.org
Bug: v8:7570
Change-Id: I198e73c053178a09f14330a18069463760693f81
Reviewed-on: https://chromium-review.googlesource.com/1027879
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52832}
In the case of an indirect call to an imported function, the target
instance stored in the IFT was actually wrong.
Bug: chromium:834619
Change-Id: Id2ac4158335ecf2b58e1983ce37df852a9ebd1b2
Reviewed-on: https://chromium-review.googlesource.com/1030174
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52831}
The test is flaky on arm in --optimize-for-size.
NOTRY=true
Bug: v8:7605
Change-Id: I6219442545244bb0c07f8b028668f41602a83b30
Reviewed-on: https://chromium-review.googlesource.com/1032331
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52827}
Not all 2 or 3 letter language codes are canonical. Some of them need
to be canonicalized.
Specifically, exclude {jw,ji,iw,in} and all three-letter codes from the
fast path except for 'fil'.
{jw,ji,iw,in} are deprecated ISO 639 codes for
{Javanese, Yiddish, Hebrew, Indonesian}. They should be
canonicalized to {jv,yi,he,id}. So, do not return early
in the fast path, but pass it down to the full canonicalization.
In addition, there are 70+ deprecated 3-letter codes that need to be
replaced by their modern equivalents. Instead of checking and replacing
in v8, just pass them to ICU to handle.
Along with the following ICU change, two more tests will pass.
https://chromium-review.googlesource.com/c/chromium/deps/icu/+/1026797
These two tests still fail because of the disagreement between ICU and the test
expectations about 5 grandfathered tags with no preferred value (e.g.
i-default, zh-min, cel-gaulish).
'intl402/Intl/getCanonicalLocales/canonicalized-tags'
'intl402/Intl/getCanonicalLocales/preferred-grandfathered'
Bug: v8:5693, v8:7669
Test: test262/intl402/language-tags-canonicalized.js
Test: test262/intl402/Intl/preferred-variants.js
Test: intl/general/language_tags_with_preferred_values.js
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ide7e9c90ac046859604c7b71c641f84ce9c64be5
Reviewed-on: https://chromium-review.googlesource.com/1023379
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52823}
The new spec has two arguments, the first is the global descriptor, and
the second is the initial value:
new WebAssembly.Global({type: i32}, 42);
If the initial value argument is omitted, the value is set to 0.
Bug: v8:7625
Change-Id: I679d4b7c49c69ec7ffcdfeb8ae506fa7ab9bba95
Reviewed-on: https://chromium-review.googlesource.com/1028847
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52822}
This CL simplifies and extends the implementation of Managed<T>
and now uses a std::shared_ptr<T> underneath in order to offer
cross-isolate management of C++ allocated memory.
R=mstarzinger@chromium.orgCC=ulan@chromium.org
Bug: v8:7424
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Id43a26f565677e8c9cdfd73810568d4f2b1871fe
Reviewed-on: https://chromium-review.googlesource.com/1028190
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52820}
This is a reland of f5d308510a
Original change's description:
> [builtins] Introduce further constant & external reference indirections
>
> This introduces further indirections for embedded constants and
> external references for builtins generated by the macro-assembler.
> The used mechanisms (LookupConstant and LookupExternalReference) are
> identical to what we already use in CSA.
>
> Almost all builtins are now isolate-independent in both release and
> debug modes. snapshot_blob.bin is roughly 670K smaller in embedded
> builds vs. non-embedded builds, while libv8.so is roughly 280K larger.
>
> Bug: v8:6666
> Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110
> Reviewed-on: https://chromium-review.googlesource.com/1006581
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52810}
TBR=mstarzinger@chromium.org
Bug: v8:6666
Change-Id: I73dfe207f2c5f79a9a06c165c75f5619e88a5a17
Reviewed-on: https://chromium-review.googlesource.com/1030550
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52819}
This introduces further indirections for embedded constants and
external references for builtins generated by the macro-assembler.
The used mechanisms (LookupConstant and LookupExternalReference) are
identical to what we already use in CSA.
Almost all builtins are now isolate-independent in both release and
debug modes. snapshot_blob.bin is roughly 670K smaller in embedded
builds vs. non-embedded builds, while libv8.so is roughly 280K larger.
Bug: v8:6666
Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110
Reviewed-on: https://chromium-review.googlesource.com/1006581
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52810}
When running this test locally, the OptimizeFunctionOnNextCall
call fails, because the line above has no semicolon, and automatic
insertion doesn't help, probably because of the % sign. The test still
runs, but the first call after level1() fails, meaning the inlining
does not happen.
Change-Id: Icd2d08e676ea3cade63d4e12277748a447e410fc
Reviewed-on: https://chromium-review.googlesource.com/1030210
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52808}
This adds support for the I32AtomicCompareExchange operations in the
interpreter. Also, the interpreter will now fail if it encounters
an unknown opcode from the atomic prefix.
Bug: chromium:826069
Change-Id: Iec1742271f4fdd83fcaa09ca72c24d1cf8c58835
Reviewed-on: https://chromium-review.googlesource.com/1029867
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52807}
This CL also removes the JSBuiltinReducer, which is no longer needed.
Bug: v8:7340, v8:7250
Change-Id: I28896f6ce0d352047ea1cb7ea6de490818840faf
Reviewed-on: https://chromium-review.googlesource.com/1027853
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52799}
Rolling ICU to include the following CLs will make the two tests
below pass unexpectedly.
https://chromium-review.googlesource.com/c/chromium/deps/icu/+/1026797
intl402/language-tags-canonicalized.js
intl402/Intl/preferred-variants.js
Mark them as skipped for now. Will remove from the status file when
the following v8 CL is submitted after ICU is rolled.
https://chromium-review.googlesource.com/c/v8/v8/+/1023379
Bug: v8:7669, v8:5693
Test: The above tests
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Iae2ab0076b3dfcf45b8940c0d294cb3371463654
Reviewed-on: https://chromium-review.googlesource.com/1028655
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52797}
https://github.com/tc39/ecma402/pull/194 requires that
TimeClip be called before formatting in Intl.DateTimeFormat.
Bug: v8:7471
Test: test262/intl402/DateTimeFormat/prototype/format/time-clip*
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Iad80376ae7598aab3e4df84a6cbbcd8691e16e09
Reviewed-on: https://chromium-review.googlesource.com/1027442
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52796}
The WasmInstanceObject stores two new arrays:
- imported_mutable_globals_buffers_: a FixedArray of all the imported
globals' array buffers.
- imported_mutable_globals: a calloc'd array of Addresses pointing to
the mutable global in its array buffer.
When accessing the global, the generated code looks up the address in
imported_mutable_globals to find where to load/store.
Bug: v8:7625
Change-Id: I60844c21a788fce28f346455f10f2283d1c152e9
Reviewed-on: https://chromium-review.googlesource.com/1020602
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52794}
When only_terminate_in_safe_scope flag is passed as CreateParams for
v8::Isolate, V8 does not trigger intrruption for termination if there
is no explicit SafeForTerminationeScope.
Scope enables termination only in direct v8 calls, any recursive calls
require explicit SafeForTerminationScope.
R=yangguo@chromium.org
Bug: chromium:820640
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Iac17e30a4b47aa84e70e9218ca0adca9d07f726e
Reviewed-on: https://chromium-review.googlesource.com/1025390
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52793}
This is is a preparatory CL to detach the JSFunction from the Context.
We mainly rewrite the DebugScopeInterator to no longer rely on the a
JSFunction to be around. Additionally the empty_function needs to have
a proper ScopeInfo now.
Drive-by-fix: Improve ScopeInfo debug printing
Bug: v8:7066
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I2f2fa0e78914a12e076384e0e1234c2322ad1ee8
Reviewed-on: https://chromium-review.googlesource.com/918721
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52791}
The mutable-globals proposal spec allows importing as Numbers or
WebAssembly.Global values, but always exports as WebAssembly.Global.
Since the value is always boxed, we can also import/export i64 values.
This CL also includes support for export of mutable globals. Since the
underlying ArrayBuffer that stores the global's value is shared between
the module and the WebAssembly.Global object, all that needs to be done
is remove the validation check.
Bug: v8:7625
Change-Id: I24d763e3bc193d229a7cc33b2f2690a473c6f2bc
Reviewed-on: https://chromium-review.googlesource.com/1018406
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52789}
