This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
make it spec compliant again. The design doc where the whole change is
discussed is available in the tracking bug. The tracking bug also
references prototype implementations of the whole change, which includes
the changes in this CL.
R=mstarzinger@chromium.org
Bug: chromium:860637
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I776c0f24959ab5663727d3dfee0248a9b0642a42
Reviewed-on: https://chromium-review.googlesource.com/1143187
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54834}
The test uses an incomplete native context, so the broker fails during
serialization.
Bug: v8:7790
Change-Id: I33e9e37df4e4acce62829123a8d16087d4fdc76d
Reviewed-on: https://chromium-review.googlesource.com/1156693
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54825}
The heap broker expects that handles get canonicalized.
R=jarin@chromium.org
Bug: v8:7790
Change-Id: If6162316bb2a256e783a8175ac7d4172d040b28b
Reviewed-on: https://chromium-review.googlesource.com/1155123
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54823}
MakeAssemblerBufferExecutable now flushes the i-cache, so we do
not need to do that again.
Change-Id: I46f5619167114cdb84064ef363106bee64282d1f
Reviewed-on: https://chromium-review.googlesource.com/1152813
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#54822}
Use sizeof of the C type instead.
Also fix a few #undef's that got reported after my changes.
R=jarin@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I30a43b3d93e6df04fb9fb33050b52988edd7fdb1
Reviewed-on: https://chromium-review.googlesource.com/1155108
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54817}
This new method only compares Strings and so doesn't need a Context. It
also can't throw so it returns bool. Can be used in place of the
deprecated Equals method and many Equals call currently taking a
Context.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I4cfe7747aa140e5a55d9513681ee4704414e1545
Reviewed-on: https://chromium-review.googlesource.com/1151321
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54812}
This avoids serializing and deserializing the sharable part of a module
when it is transferred via {TransferrableModule}, which is possible when
all Isolates run off the same engine via the --wasm-shared-engine flag.
This adds a new --wasm-shared-code flag to enable this feature.
R=ahaas@chromium.org
BUG=v8:7424
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I099d581d7ccc4d058a4646f545a011745fd84eb4
Reviewed-on: https://chromium-review.googlesource.com/1142144
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54806}
ReadFile returned a Vector with ownership transfer, i.e. the client
needed to call Dispose to free the memory. This CL changes the interface
to return a std::string instead, which manages ownership. As it turns
out, there is only one user of ReadString that sometimes calls an API
function which expects to take ownership of its Vector argument.
Bug: v8:7932
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ie624a7a65cf5814fddce7a57bc557e4b9876bc53
Reviewed-on: https://chromium-review.googlesource.com/1155115
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54805}
From the promotion code point of view, a ThinString being forwarded to
an ExternalString is exactly the same as an actual ExternalString being
forwarded to its promoted copy. These changes provide a way to disambiguate
both scenarios since they are different for external memory accounting.
Bug: chromium:867902
Change-Id: I6fd56ee5e0f8900318466108273ab26e936eb439
Reviewed-on: https://chromium-review.googlesource.com/1152975
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54790}
AdvanceUntil allows the Utf16CharacterStream to advance until a charater is found
that passes the check.
Bug: v8:7926
Change-Id: Iae39fb24194aa0ee2f544a55a7847956aa324b64
Reviewed-on: https://chromium-review.googlesource.com/1151303
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54783}
Now we can remove FixedArrayOfWeakCells (this was the last user).
BUG=v8:7308
Change-Id: I7b74f7833288b20d8f4d098a4afce640ea6db823
Reviewed-on: https://chromium-review.googlesource.com/1150170
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54776}
This CL changes the for-loop so all parts are optional, allowing
loops like:
for (;;) {}
for (;; ++i) {}
...
R=danno@chromium.org, tebbi@chromium.org
Bug: v8:7793
Change-Id: I7bf9ef9e59d55eb9ae9f38904a1c1106ae50df5a
Reviewed-on: https://chromium-review.googlesource.com/1152727
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54752}
Previously we used the start address of the AbstractCode object. This
doesn't make sense for off-heap builtins, where the code isn't contained
in the object itself. It also hides other potential problems - sometimes
the sample.pc is inside the AbstractCode object header - this is
never valid.
There were a few changes necessary to make this happen:
- Change the interface of CodeMoveEvent. Now 'to' and 'from' are both
AbstractCode objects, which is nice because many users were taking
'to' and adding the header offset to it to try and find the
instruction start address. This isn't valid for off-heap builtins.
- Fix a bug in CodeMap::MoveCode where we didn't update the CodeEntry
object to reflect the new instruction_start.
- Rename the 'start' field in all of the CodeEventRecord sub-classes
to make it clear that this is the address of the first instruction.
- Fix the confusion in RecordTickSample between 'tos' and 'pc' which
caused pc_offset to be calculated incorrectly.
Bug: v8:7983
Change-Id: I3e9dddf74e4b2e96a5f031d216ef7008d6f184d1
Reviewed-on: https://chromium-review.googlesource.com/1148457
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54749}
MIPS team has moved to new @wavecomp.com e-mail addresses.
This CL is not actually changing owners, it only renames the
owners to the new email addresses.
No-Presubmit: true
Change-Id: Ic334defa06a36d974de87e99ed6c30bdf021958f
Reviewed-on: https://chromium-review.googlesource.com/1151349
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54732}
This is a first step to make basic block profiling work in wasm. More
is needed, including eventually making the profiler thread safe.
Change-Id: Ic216c881a4ab5a633e147e5538bb405c32e687cd
Reviewed-on: https://chromium-review.googlesource.com/1150234
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54728}
Stack parameters on arm64 require padding. Since the stack areas for
parameters and returns should not overlap, we have to pad the parameters
already during the construction of the CallDescriptor so that we can set
the correct stack offset for returns.
R=mstarzinger@chromium.org
Bug: chromium:838098
Change-Id: I23389dc35037054b750e61ea6b1bfdfc4c5bc868
Reviewed-on: https://chromium-review.googlesource.com/1150178
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54716}
This CL depends on Reland^2 "Avoiding re-externalization of strings"
(Idb1b6d1b29499f66bf8cd704977c40b027f99dbd)..
Previously landed as Ied341ec6268000343d2a577b22f2a483460b01f5 and
I3fe2b294f6e038d77787cf0870d244ba7cc20550
Previously reviewed at https://chromium-review.googlesource.com/1121736 and
https://chromium-review.googlesource.com/1118164
Bug: chromium:845409
Change-Id: Ied50bbcaa22a90ecaf15dca19dbc9aaec1737223
Reviewed-on: https://chromium-review.googlesource.com/1147227
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#54712}
Use the isolate version instead.
BUG=v8:7754
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I5239192fe6d31e84028806127d21ac54ee0a8ef6
Reviewed-on: https://chromium-review.googlesource.com/1146181
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54702}
Mark/IsIndependent is marked V8_DEPRECATE_SOON, but is still needed in some
places. In order to allow us to warn on V8_DEPRECATE_SOON within V8, explicity
disable deprecation warnings on these calls temporarily.
BUG=v8:7754
Change-Id: I0a7f3aedc04412c120217ba83d2cf91aafff568d
Reviewed-on: https://chromium-review.googlesource.com/1147751
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54670}
- Eliminates less general forms of vmov between core and scalar
FP registers.
Bug: v8:7754
Change-Id: I3224c57e03dfd64ea6552b215017dacc357dda26
Reviewed-on: https://chromium-review.googlesource.com/1144126
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54663}
This is a reland of a462a7854a
Original change's description:
> [turboassembler] Introduce hard-abort mode
>
> For checks and assertions (mostly for debug code, like stack alignment
> or zero extension), we had two modes: Emit a call to the {Abort}
> runtime function (the default), and emit a debug break (used for
> testing, enabled via --trap-on-abort).
> In wasm, where we cannot just call a runtime function because code must
> be isolate independent, we always used the trap-on-abort behaviour.
> This causes problems for our fuzzers, which do not catch SIGTRAP, and
> hence do not detect debug code failures.
>
> This CL introduces a third mode ("hard abort"), which calls a C
> function via {ExternalReference}. The C function still outputs the
> abort reason, but does not print the stack trace. It then aborts via
> "OS::Abort", just like the runtime function.
> This will allow fuzzers to detect the crash and even find a nice error
> message.
>
> Even though this looks like a lot of code churn, it is actually not.
> Most added lines are new tests, and other changes are minimal.
>
> R=mstarzinger@chromium.org
>
> Bug: chromium:863799
> Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b
> Reviewed-on: https://chromium-review.googlesource.com/1142163
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54592}
Bug: chromium:863799
Change-Id: I7729a47b4823a982a8e201df36520aa2b6ef5326
Reviewed-on: https://chromium-review.googlesource.com/1146100
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54656}
TestHeapRootsNotReadOnly was mistakenly checking for exceptions to the
rule by comparing the value of the root rather than the address. Since
several roots point to UndefinedValue, this meant that only one of the
matching roots had to be in the list.
This fixes it by instead getting a Handle from Factory and using the
address() method to check whether the roots match the exception list.
Also adds detached_contexts, feedback_vectors_for_profiling_tools,
microtask_queue, serialized_global_proxy_sizes and serialized_objects to
the exception list now that the test is working properly.
Change-Id: I599d584f94797a256d1c8c24c0fa2848ca1ca1df
Reviewed-on: https://chromium-review.googlesource.com/1148331
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54647}
We'll soon start collecting data from the JS heap prior to the typed
lowering pass, and then refrain from reading the heap in that pass.
This CL prepares the broker machinery by introducing a hash table that
maps an object (handle) to the corresponding cached data. For the time
being, that cached data is essentially just the handle itself.
Bug: v8:7790
Change-Id: I830e9c72faafb7ae1d10e8a111636b3a3762bbc6
Reviewed-on: https://chromium-review.googlesource.com/1143405
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54618}
This is a reland of 9eca23e9ed
Adds a deopt continuation, which fixes JavaScript stack traces
to contain the number constructor after inlining.
Original change's description:
> [turbofan] Inline Number constructor in certain cases
>
> This CL adds inlining for the Number constructor if new.target is not
> present. The lowering is BigInt compatible, i.e. it converts BigInts to
> numbers.
>
> Bug: v8:7904
> Change-Id: If03b9f872d82e50b6ded7709069181c33dc44e82
> Reviewed-on: https://chromium-review.googlesource.com/1118557
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54454}
Bug: v8:7904
Change-Id: Ic416e5ba81fa3a0f59ae4afa80df83c46a759487
Reviewed-on: https://chromium-review.googlesource.com/1146581
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54609}