With this CL we finally actually set the root register to the correct
value. Verification is still preserved by keeping a magic number in
IsolateData.
Bug: v8:6666
Change-Id: I89cb7cb36f977ac677ec33a814a2798baab4cec4
Reviewed-on: https://chromium-review.googlesource.com/c/1278277
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56627}
There were a lot of tweaks and optimizations to chromium's
{base::Optional} implementation. This CL brings us back in sync with
that.
Some changes were needed to make this compatible with C++11 and with
GCC 4.8:
1) Types like std::decay_t and std::enable_if_t were rewritten to
use std::decay and std::enable_if.
2) Some conditional no_except declarations were removed.
3) std::is_trivially_copy_constructible and
std::is_trivially_move_constructible are assumed to be false on
gcc 4 because it's unimplemented there.
R=neis@chromium.org
Bug: v8:8238
Change-Id: Ia0542c0d4d2fd43a2454f639ec5201ad8d8201cd
Reviewed-on: https://chromium-review.googlesource.com/c/1275824
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56625}
With the flag enabled, that phase runs in the background as part
of OptimizeGraph.
Bug: v8:7790
Change-Id: I313578c113be1fb76dfc315522906178bee1027d
Reviewed-on: https://chromium-review.googlesource.com/c/1268156
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56624}
There's no ambiguity and the shorter name makes things easier to read.
Bug: v8:7790
Change-Id: Ibcf3fd7f38a91e26a83cd335fad0ec80a5fe9be1
Reviewed-on: https://chromium-review.googlesource.com/c/1278392
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56623}
Properly handle the case where the CheckFloat64Hole becomes a
no-op after RETYPE (because the feedback type is already Number).
We always need to pass the Number restriction type here.
Bug: chromium:895199
Change-Id: I96a949ba35db1e6d35abedddc4507c101d95b716
Reviewed-on: https://chromium-review.googlesource.com/c/1278804
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56622}
This fixes the typing for the case when the call is not lowered to
the simplified operator.
Bug: chromium:880207
Change-Id: Icecf12de77ece0fe9ffec2777874f5f0004a1e97
Reviewed-on: https://chromium-review.googlesource.com/c/1278642
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56621}
- Adds embedder callback to notify fully tiered compilation is finished,
returning a WasmCompiledModule for serialization.
- Adds function to pass previously compiled bytes into WASM streaming
compilation, for deserialization.
- Plumbs this API through StreamingDecoder.
Bug: chromium:719172
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ibe376f3a8ccfa90fda730ef4ff6628a1532da45c
Reviewed-on: https://chromium-review.googlesource.com/c/1252884
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56617}
The dependency is not required to build V8 but Node.js needs it for
running mjsunit tests.
Refs: https://github.com/nodejs/node-v8/issues/83
Change-Id: Ieb37acb73e5e2fe417c7d9a16c498565839b7a45
Reviewed-on: https://chromium-review.googlesource.com/c/1278166
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56616}
This makes it possible for handles.h to #include objects.h, which
upcoming changes will need.
Bug: v8:3770
Change-Id: I4f500736028668749bb73fb24f9732df757e97d0
Reviewed-on: https://chromium-review.googlesource.com/c/1278487
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56615}
For the --async-stack-traces we can also look through initial parts of
the promise chain that were created by regular Promise#then() calls to
walk up to the first async function frame. This addresses the missing
support for aforementioned example
```js
(async function() {
await Promise.resolve().then(() =>
console.log(new Error().stack));
})();
```
which now also works.
Bug: v8:7522
Change-Id: I574943c1fc6ee4a1bd56f208dce78eb7506c5c4f
Reviewed-on: https://chromium-review.googlesource.com/c/1278276
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56613}
LockGuard is mostly used with Mutex. Since both are defined outside the
internal namespace, we often have to write
{base::LockGuard<base::Mutex>}. This CL shortens this to
{base::MutexGuard} across the code base
R=mlippautz@chromium.org
Bug: v8:8238
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I020d5933b73aafb98c4b72e3bb2dfd07c979ba73
Reviewed-on: https://chromium-review.googlesource.com/c/1278796
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56612}
When trying to print the scope information for the class fields
initializer function, the debugger asks the parser to parse the class
literal as a function literal (to get the scope info) ... which
doesn't quite work.
Instead of adding support for parsing the class literal, we just short
cicruit this parsing step by just returning an empty context.
This works fine because initializer function doesn't have any
variables in it's local scope.
The one caveat is that the objects in the scope above this function
(like the global) are now missing. This trade off is possibly fine
for now, as adding parsing support for class literal to only produce
would be a lot of code for not enough use.
As a follow up to this change, the devtools UI needs to be updated to
handle this empty context cleanly. Currently, it doesn't show the
`this` object if no context exists even if the `this` object is
correctly passed to the UI from the backend.
Bug: v8:5367, v8:8122
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I52965f26241bbf6abdc988783aa0fc44bb36901f
Reviewed-on: https://chromium-review.googlesource.com/c/1274268
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56611}
The memory pressure notification logic wasn't correct and given the current users of
the compiler dispatcher aren't posting speculative tasks, it isn't particularly useful.
After removing this, the abort logic can also be simplified significantly by removing the
non-blocking abort logic.
BUG=v8:8041
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I584533b58fb717fdca46cc620822914d6bdb28b8
Reviewed-on: https://chromium-review.googlesource.com/c/1278495
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56609}
Updated the test so that it uses assertPromiseResult, which makes sure that
a promise rejection is not swallowed. The change is reflected in the actual
async ids, checked in the test.
Bug: v8:8300
Change-Id: Ie227ca74a8cf4e0e079809b21c3abc5a5f87c11a
Reviewed-on: https://chromium-review.googlesource.com/c/1278388
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56608}
There was a small race where an idle task could be posted after the compiler dispatcher
had aborted and the CancellableTaskRunner had been cancelled. This was causing flakyness
on the bots. This fixes this by moving the idle task posting into the same lock block as
the notification to the main thread that the background task has completed.
BUG=v8:8041
Change-Id: I43ca4cea807bfdfeb13f6d1c4a67a4d8a4f6291f
Reviewed-on: https://chromium-review.googlesource.com/c/1278494
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56607}
We generally try to use the most specific type, but sometimes we still
used LiftoffRegister even though it's statically known that it always
holds a GP register. Make these uses use Register directly. Note that
the conversion between Register and LiftoffRegister is a noop in
Release builds.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: I1cf9aa727fb6fd71bbc1eed77df5e9d01e35ddee
Reviewed-on: https://chromium-review.googlesource.com/c/1278727
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56605}
This fixes a potential data race that can happen when a freshly
allocated layout descriptor is set on an existing map while the
concurrent marker is using the map to visit an object.
Change-Id: If8ff1c9368b24beb15fefe4a78a21e0f0784d2e8
Reviewed-on: https://chromium-review.googlesource.com/c/1278726
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56604}
Change-Id: Iec5e6baff16260317f693188b01230ab0c2bb86f
Reviewed-on: https://chromium-review.googlesource.com/c/1278809
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#56603}
This class was defined in function-body-decoder.cc, but it's not an
implementation of function body decoding, but rather the interface
between the decoder and the WasmGraphBuilder. Hence move it out to its
own file.
R=titzer@chromium.org, mstarzinger@chromium.org
Bug: v8:8238
Change-Id: Ib9bf47e90a3683f578b30b6de74d01da81b2be93
Reviewed-on: https://chromium-review.googlesource.com/c/1278391
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56602}
As part of the standard objects serialization, collect the identities of
the Array prototype and the Object prototype from all native contexts.
This information is then be consulted at compile time instead of having
to call Isolate::IsInAnyContext (which accesses the heap).
Bug: v8:7790
Change-Id: I26a8271afadfce243a8032e4a012f249ce3c2a60
Reviewed-on: https://chromium-review.googlesource.com/c/1275815
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56599}
Yesterday I added a call to memmove in CSA for pointer arrays when they
are in new space and the concurrent marker isn't running (protected by
mask kPointersFromHereAreInteresting, CL here:
https://chromium-review.googlesource.com/c/v8/v8/+/1243104/12). The bug
was that I didn't emit the check if dealing with a SMI array. However,
the GC subsystem at that point doesn't distinguish between SMI and
OBJECT FixedArrays. This fix brings the CSA code in line with that.
R=ulan@chromium.org
Bug: v8:8294
Change-Id: I9eb033c358911e8337562dbc91af8f0e6fbd2ed3
Reviewed-on: https://chromium-review.googlesource.com/c/1278386
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56598}
We were re-definining the FunctionSig typedef in several places. This
CL moves it to value-type.h, since it's a signature over ValueType.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: Id5e8a55c7e0f98d61235e32a5e6cd12e04d26947
Reviewed-on: https://chromium-review.googlesource.com/c/1278387
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56597}
This also adds support in the c1 visualizer output generator to resolve
splintered live ranges before they have been merged back in.
Bug: v8:8238
Change-Id: I61e5f6da2e8b77ca9b42fae9004c77163d11960f
Reviewed-on: https://chromium-review.googlesource.com/c/1270817
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56595}
The register allocator has an optimization that makes it try reuse
spill-slots between phi-inputs and assign the same spill slot to a phi
output, if possible.
Furthermore, if the phi has no immediate register use, the output is
kept spilled.
With this change, no longer require that a phi input was spilled in an
immediate predecessor. Instead, it is good enough if it was spilled
at definition.
Change-Id: I317b9d5f9a9dda6a47972cdf84dc2627b996f3db
Reviewed-on: https://chromium-review.googlesource.com/c/1273053
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56594}
Adds support for enqueuing parallel parse / compile tasks for eagerly
compiled IIFEs during parsing. If the --parallel-compile-tasks flag is
enabled, the parser will pre-parse eager top-level IIFEs and enqueue a
task on the compiler dispatcher to do the actual parsing / compilation
on a worker thread.
Currently we always enqueue the task, but we likely want to only
enqueue parallel tasks where the script has multiple IIFEs or a
substantial amount of top-level script code before the IIFE to avoid
the main thread having to immediately block on the parallel task. This
work will be done as a follow-up.
BUG=v8:8041
Change-Id: If68d7c374548cabd4ec32f1fb6752da7d6aaae6b
Reviewed-on: https://chromium-review.googlesource.com/c/1275354
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56593}
This will ensure that the Isolate tear-down sequence runs the
destructors even if the first callback already ran. The second callback
might never be executed, since it runs on a background thread which
might not be executed before tear-down of the Isolate.
R=titzer@chromium.org, mlippautz@chromium.org
Bug: v8:8208, chromium:893549
Change-Id: Ibc148e71bc06936033c5b0f0e70bbb2b5a8e8094
Reviewed-on: https://chromium-review.googlesource.com/c/1276629
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56592}
Change the way we start collecting async stack traces by storing the
current microtask as a root instead of trying to make sense of the
last frame we see. This makes it possible to use the zero cost async
stack traces in Node.js as well (where the last JavaScript frame we
see is not the actual async function, but some frame related to the
main event loop usually).
In addition to the benefit that it now works with Node.js, we can also
extend the new machinery to look through (almost arbitrary) promise
chains. For example this code snippet
```js
(async function() {
await Promise.resolve().then(() =>
console.log(new Error().stack));
})();
```
can be made to also show the async function frame, even though at the
point where the stack trace is collected we don't have any async
function on the stack. But instead there's a PromiseReactionJobTask
as "current microtask", and we can dig into the chained promise to
see where the async execution is going to continue and eventually
find the await promise in the chain.
This also removes the removes the need to allocate `.generator_object`
specially during scope resolution.
Bug: v8:7522
Ref: nodejs/node#11865
Tbr: ulan@chromium.org
Design-Document: bit.ly/v8-zero-cost-async-stack-traces
Change-Id: Ib96cb17c2f75cce083a24e5ba2bbb7914e20d203
Reviewed-on: https://chromium-review.googlesource.com/c/1277505
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56590}
If the outer classifier will end up parsing an arrow parameter list we'd only
be in an inner classifier if the outer was already known to be non-simple.
Change-Id: I9fdfb5539b3a7989869f7190f0919699fe8e5c90
Reviewed-on: https://chromium-review.googlesource.com/c/1276630
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56589}
This is a reland of c285380ca8
Original change's description:
> Create a fast path to get migration target when updating map
>
> During map updating, store the pointer to new map in the
> raw_transitions slot of the old map that is deprecated from map
> transition tree. Thus, we can get the migration target directly
> instead of TryReplayPropertyTransitions when updating map.
>
> This can improve Speedometer2.0 Elm-TodoMVC case by ~5% on ATOM
> Chromebook and ~9% on big-core Ubuntu.
>
> Change-Id: I56f9ce5183bbdd567b964890f623ef0ceed9b7db
> Reviewed-on: https://chromium-review.googlesource.com/1233433
> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56303}
Change-Id: Idf0b7716b92a6a15bfe58721c2c34dbd02b31137
Reviewed-on: https://chromium-review.googlesource.com/c/1270261
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/master@{#56588}
On ia32, we were pinning too many registers, resulting in no unpinned
byte registers left (we only have three byte registers since {ebx}
is reserved for the root register).
It turns out that on most paths, we don't actually need to pin any
registers, since {Store} is often the last call for an operation (like
any store or set_global). If registers need to be pinned, only pass
those that must be kept alive across the {Store}. This allows to
compute a more narrow set of pinned registers on demand inside {Store}.
Plus minor drive-by changes.
R=titzer@chromium.org
Bug: chromium:894374, chromium:894307, v8:6600
Change-Id: Ic4d7131784c193dc7a2abf0e504d9973f6d5c5f1
Reviewed-on: https://chromium-review.googlesource.com/c/1275819
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56587}
We don't need to store the native context explicitly anymore, the
broker already has it.
Bug: v8:7790
Change-Id: I1096953e3c56bed9d3a8d7d37b108888ef4ac7ec
Reviewed-on: https://chromium-review.googlesource.com/c/1270594
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56586}
The primary purpose of this is to untangle a circular dependency
objects.h -> handles.h -> objects.h. Most compilation units only
need message-template.h, without the rest of messages.h.
Bonus: change the enum to an enum class for improved type safety.
Bug: v8:3770
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I8102c55197a450811de2588a68a08e7f99ea6b9e
Reviewed-on: https://chromium-review.googlesource.com/c/1272193
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56583}
Port a63987a41a
Original Commit Message:
This JSAsyncFunctionObject represents the implicit generator object
inside of async functions, and also holds the outer promise for the
async functions. This in turn allows us to get rid of the .promise
in the Parser / BytecodeGenerator completely, and will make it
possible to build zero-cost async stack traces independent of the
concrete synchronous part of the stack frame (which currently breaks
in Node.js).
In the bytecode all the async function operations now take this new
JSAsyncFunctionObject instead of passing both the .generator_object
and the .promise, which further simplifies and shrinks the bytecode.
It also reduces the size of async function frames, potentially making
the suspend/resume cheaper.
This also changes `await` to use intrinsics instead of calling to
special JSFunctions on the native context, and thus reduces the size of
the native contexts.
to TurboFan.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ife0aa45b11580f316e657942485907cf78336e4b
Reviewed-on: https://chromium-review.googlesource.com/c/1276867
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#56581}
We only need to report once that we're in an invalid path for binding patterns
and arrow formals.
Change-Id: I8c7edc1c2a9f431c98e09725d0534e661db76634
Reviewed-on: https://chromium-review.googlesource.com/c/1276626
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56579}
