The serializer currently cannot handle a heap state containing
arbitrary compiled Code objects. As a quick fix for the
--stress-snapshot d8 flag, we clear compiled data from the isolate
prior to the serialize-deserialize-verify pass.
With this change, mjsunit tests pass on x64.
The %SerializeDeserializeNow() runtime function would require more
work, since it is not possible to mutate the heap to this extent while
still preserving a runnable host context and isolate. We will need
another solution there.
Drive-by: Skip the stress_snapshot variant except for the mjsunit
suite.
Tbr: machenbach@chromium.org
Bug: v8:10493,v8:10416
Change-Id: Ie110da8b51613fcd69c7f391d3cf8589d6b04dd8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182429
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67585}
The output generated by --wasm-fuzzer-gen-test did not pass the
presubmit check:
* There was a trailing whitespace after "body";
* There was a trailing newline at the end;
Additionally the signature of addElementSegment changed at some point
and now also takes a table-index parameter.
R=thibaudm@chromium.org
Bug: v8:10155
Change-Id: I77481b0ac810a0e3ff06df24afa3ae22beaebb77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172744
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67476}
- Add template specialization for DataRange::get<bool> to avoid undefined behavior of the template DataRange::get<T> which uses memcpy to assign the result variable
Change-Id: I129773251c063ea6863c4b2318dbc18574588d99
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165728
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67387}
Move the persistent compilation state and Isolate inputs (such as the
allocator, shared AST constants, hash seed, logger, etc.) which survives
across both parse and compile, out of ParseInfo and into a new
UnoptimizedCompileState class. Also add UnoptimizedCompilePerThreadState
for per-thread state such as stack limit and RCS.
In particular, this new state survives the ParseInfo being destructed,
which means it is available after off-thread finalization. This allows a
followup to access the PendingCompilationErrorHandler after finalization
and report errors on merge.
Bug: v8:10314
Change-Id: Ia186bc0f267c704efd771aa1895f50a4525a8364
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2105636
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67329}
This is a reland of e1b93a4ff5
which was a reland of 313d4844d9
which was a reland of 0a59e0cb08
which was a reland of 146f5375da
which was a reland of d91679bf3a
Give up on using C++ bitfields, go back to having base::BitField and
getters/setters.
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
TBR=ulan@chromium.org,szuend@chromium.org
Bug: v8:10314
Change-Id: I54bcd107a0e85cf1a2ddeef0759100547eb65652
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157378
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67309}
This reverts commit e1b93a4ff5.
Reason for revert: MSVC failing https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/13274
Original change's description:
> Reland^4 "[parser] Introduce UnoptimizedCompileFlags"
>
> This is a reland of 313d4844d9
> which was a reland of 0a59e0cb08
> which was a reland of 146f5375da
> which was a reland of d91679bf3a
>
> Manually zero out flags with memset, since GCC appears not to initialize
> the bitfield values to zero even with a default constructor.
>
> Original change's description:
> > [parser] Introduce UnoptimizedCompileFlags
> >
> > UnoptimizedCompileFlags defines the input flags shared between parse and
> > compile (currently parse-only). It is set initially with some values, and
> > is immutable after being passed to ParseInfo (ParseInfo still has getters
> > for the fields, but no setters).
> >
> > Since a few of the existing flags were output flags, ParseInfo now has a
> > new output_flags field, which will eventually migrate to a ParseOutputs
> > structure.
> >
> > Bug: v8:10314
> > Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Simon Zünd <szuend@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#66782}
>
> TBR=ulan@chromium.org,szuend@chromium.org,rmcilroy@chromium.org
>
> Bug: v8:10314
> Change-Id: I23bd6f9f14e9d0bbdde91aad46be1a646fd9647d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157372
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67271}
TBR=ulan@chromium.org,rmcilroy@chromium.org,leszeks@chromium.org,szuend@chromium.org
Change-Id: I0f41e847d4edae67e131cc6d0f782137ab73bac2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157377
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67275}
This is a reland of 313d4844d9
which was a reland of 0a59e0cb08
which was a reland of 146f5375da
which was a reland of d91679bf3a
Manually zero out flags with memset, since GCC appears not to initialize
the bitfield values to zero even with a default constructor.
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
TBR=ulan@chromium.org,szuend@chromium.org,rmcilroy@chromium.org
Bug: v8:10314
Change-Id: I23bd6f9f14e9d0bbdde91aad46be1a646fd9647d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157372
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67271}
This reverts commit 313d4844d9.
Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20gcc/6354
Original change's description:
> Reland^3 "[parser] Introduce UnoptimizedCompileFlags"
>
> This is a reland of 0a59e0cb08
> which was a reland of 146f5375da
> which was a reland of d91679bf3a
>
> Initializes the BackgroundCompileTasks's language_mode in the
> constructor (previously only initialized after successful parse) in case
> the parse failed. We still need to reset it after parse in case the
> language mode changed (because we encountered "use strict").
>
> Original change's description:
> > [parser] Introduce UnoptimizedCompileFlags
> >
> > UnoptimizedCompileFlags defines the input flags shared between parse and
> > compile (currently parse-only). It is set initially with some values, and
> > is immutable after being passed to ParseInfo (ParseInfo still has getters
> > for the fields, but no setters).
> >
> > Since a few of the existing flags were output flags, ParseInfo now has a
> > new output_flags field, which will eventually migrate to a ParseOutputs
> > structure.
> >
> > Bug: v8:10314
> > Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Simon Zünd <szuend@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#66782}
>
> TBR=ulan@chromium.org,szuend@chromium.org,rmcilroy@chromium.org
>
> Bug: v8:10314
> Change-Id: Ieee0bbfade4fe0b56de03bff47a7364959608d6a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157367
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67265}
TBR=leszeks@chromium.org
Change-Id: I90ac035caa76d4c4baf5ce207247d1ce5169fb2f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157370
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67266}
This is a reland of 0a59e0cb08
which was a reland of 146f5375da
which was a reland of d91679bf3a
Initializes the BackgroundCompileTasks's language_mode in the
constructor (previously only initialized after successful parse) in case
the parse failed. We still need to reset it after parse in case the
language mode changed (because we encountered "use strict").
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
TBR=ulan@chromium.org,szuend@chromium.org,rmcilroy@chromium.org
Bug: v8:10314
Change-Id: Ieee0bbfade4fe0b56de03bff47a7364959608d6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157367
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67265}
This reverts commit 0a59e0cb08.
Reason for revert: Still causing UBSAN issues:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10729
Original change's description:
> Reland^2 "[parser] Introduce UnoptimizedCompileFlags"
>
> This is a reland of d91679bf3a
> which was a reland of d91679bf3a
>
> Fixes missing initialization of ParserBase::allow_eval_cache_
>
> Original change's description:
> > [parser] Introduce UnoptimizedCompileFlags
> >
> > UnoptimizedCompileFlags defines the input flags shared between parse and
> > compile (currently parse-only). It is set initially with some values, and
> > is immutable after being passed to ParseInfo (ParseInfo still has getters
> > for the fields, but no setters).
> >
> > Since a few of the existing flags were output flags, ParseInfo now has a
> > new output_flags field, which will eventually migrate to a ParseOutputs
> > structure.
> >
> > Bug: v8:10314
> > Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Simon Zünd <szuend@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#66782}
>
> TBR=rmcilroy@chromium.org,ulan@chromium.org,szuend@chromium.org
>
> Bug: v8:10314
> Change-Id: I470de963bdedad31fe7dd149c610f9a89bffa162
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157030
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67245}
TBR=rmcilroy@chromium.org,leszeks@chromium.org
Change-Id: I1c5f58cc5608217a149b04aa6f50bb3d7606c26d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157657
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67250}
This is a reland of d91679bf3a
which was a reland of d91679bf3a
Fixes missing initialization of ParserBase::allow_eval_cache_
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
TBR=rmcilroy@chromium.org,ulan@chromium.org,szuend@chromium.org
Bug: v8:10314
Change-Id: I470de963bdedad31fe7dd149c610f9a89bffa162
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157030
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67245}
This reverts commit 146f5375da.
Reason for revert: UBSan (https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10726?)
Original change's description:
> Reland "[parser] Introduce UnoptimizedCompileFlags"
>
> This is a reland of d91679bf3a
>
> This reland adds initializers for the output flags.
>
> Original change's description:
> > [parser] Introduce UnoptimizedCompileFlags
> >
> > UnoptimizedCompileFlags defines the input flags shared between parse and
> > compile (currently parse-only). It is set initially with some values, and
> > is immutable after being passed to ParseInfo (ParseInfo still has getters
> > for the fields, but no setters).
> >
> > Since a few of the existing flags were output flags, ParseInfo now has a
> > new output_flags field, which will eventually migrate to a ParseOutputs
> > structure.
> >
> > Bug: v8:10314
> > Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Simon Zünd <szuend@chromium.org>
> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#66782}
>
> Bug: v8:10314
> Change-Id: Ibade9658d99fa928709b3d56762c4c002ffff0dc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2111213
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67241}
TBR=ulan@chromium.org,rmcilroy@chromium.org,leszeks@chromium.org,szuend@chromium.org
Change-Id: I204eb9e4d0a5bfaeeefeb6b0f1c82856b57cb175
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157029
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67242}
This is a reland of d91679bf3a
This reland adds initializers for the output flags.
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
Bug: v8:10314
Change-Id: Ibade9658d99fa928709b3d56762c4c002ffff0dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2111213
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67241}
This reverts commit d91679bf3a.
Reason for revert: Seems to cause UBSan errors
Original change's description:
> [parser] Introduce UnoptimizedCompileFlags
>
> UnoptimizedCompileFlags defines the input flags shared between parse and
> compile (currently parse-only). It is set initially with some values, and
> is immutable after being passed to ParseInfo (ParseInfo still has getters
> for the fields, but no setters).
>
> Since a few of the existing flags were output flags, ParseInfo now has a
> new output_flags field, which will eventually migrate to a ParseOutputs
> structure.
>
> Bug: v8:10314
> Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66782}
TBR=ulan@chromium.org,rmcilroy@chromium.org,leszeks@chromium.org,szuend@chromium.org
Change-Id: Ica139e8862e00cd0560638a0236bbaccd7b2188c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2108548
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66783}
UnoptimizedCompileFlags defines the input flags shared between parse and
compile (currently parse-only). It is set initially with some values, and
is immutable after being passed to ParseInfo (ParseInfo still has getters
for the fields, but no setters).
Since a few of the existing flags were output flags, ParseInfo now has a
new output_flags field, which will eventually migrate to a ParseOutputs
structure.
Bug: v8:10314
Change-Id: If3890a5fad883bca80a97bf9dfe44d91797dc286
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2096580
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66782}
s128.store should be in the list for generating kStmt, not kWasmS128.
No regression test added because the generated JS file is not helpful
for this bug - the failed assertion is in the fuzzer, not the engine.
Bug: chromium:1061049
Change-Id: I44092fa10c57aeeb34f1c6c5a7d655def31a7363
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2101927
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66692}
In preparation for adding reference types, which need an additional
parameter to indicate the referenced type.
Bug: v8:7748
Change-Id: If4023f3d9c7f42ed603b69c43356d2e8b81a0daa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2091471
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66687}
In https://crrev.com/c/2084321 I added s128 load store to the fuzzer,
and updated the memop generator to use IsPrefixOpcode check. But it was
used wrongly. IsPrefixOpcode checks a 1 byte opcode and see if it is a
prefix opcode, but if memory_op is already a 2 byte opcode, it will fail
the IsPrefixOpcode check.
Bug: chromium:1059899
Change-Id: I4caadfb2feaf42ebb9f5578cb790ef8a1d08d173
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2095681
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66638}
String::NewFromLiteral is a templated function that takes a char[N]
argument that can be used as an alternative to String::NewFromUtf8 and
returns a Local<String> rather than a MaybeLocal<String> reducing the
number of ToLocalChecked() or other checks.
Since the string length is known at compile time, it can statically
assert that the length is less than String::kMaxLength, which means that
it can never fail at runtime.
This also converts all found uses of NewFromUtf8 taking a string literal
or a variable initialized from a string literal to use the new API. In
some cases the types of stored string literals are changed from const
char* to const char[] to ensure the size is retained.
This API does introduce a small difference compared to NewFromUtf8. For
a case like "abc\0def", NewFromUtf8 (using length -1 to infer length)
would treat this as a 3 character string, whereas the new API will treat
it as a 7 character string.
As a drive-by fix, this also fixes all redundant uses of
v8::NewStringType::kNormal when passed to any of the String::New*
functions.
Change-Id: Id96a44bc068d9c4eaa634aea688e024675a0e5b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2089935
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66622}
Make sure the "initial pages" memory limit is enforced correctly and
throws a CompileError when exceeded.
Bump the "maximum pages" memory limit to 65536.
The --wasm-max-mem-pages flag now controls the "initial pages" limit;
the "maximum pages" limit is always 65536 as spec'ed.
This CL depends on https://github.com/WebAssembly/spec/pull/1121.
Bug: v8:7881, v8:8633
Change-Id: I68d07cef56633b8b8ce3b3d047c14e1096daf547
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2035876
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66400}
In the spec, WeakRefs that are dereferenced are kept alive until there's
no JS on the stack, and then the host is expected to call
ClearKeptObjects to clear those strong references [1]. HTML calls
ClearKeptObjects at the end of a PerformMicrotaskCheckpoint [2].
In V8, leaving this up to the embedder is error prone in the same way
the deprecated FinalizationGroup callback APIs were error prone: it
depends on the embedder doing the right thing. This CL moves the call to
ClearKeptObjects to be after running of microtasks within V8.
However, the Isolate::ClearKeptObjects API should not be removed or
deprecated in case an embedder uses an entirely custom MicrotaskQueue
implementation and invokes MicrotaskQueue::PerformCheckpoint manually.
[1] https://tc39.es/proposal-weakrefs/#sec-clear-kept-objects
[2] https://github.com/whatwg/html/pull/4571
Bug: v8:8179
Change-Id: Ie243804157b56241ca69ed8fad300e839a0c9f75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2055967
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66327}
This is still very limited, but we will have some simd instructions.
We add 2 kinds of instructions:
- any_true to generate i32 from v128
- add to generate v128 from v128 and v128
- extract_lane to generate v128 from all other types
We do not add v128 to the list of types returned by GetValueType, since
that is used in a couple of places, like generating globals, which
requires v128.const but is not implemented yet.
Special case to enable the experimental-wasm-simd flag since simd is not
included in wasm-staging yet.
Bug: v8:10180
Change-Id: Ifd86f55bdd49cae9514b061965de81ff6d579934
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2040514
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66326}
This is mostly used for regression tests which don't need that function.
If we want to wrap it for inclusion in an existing test file, we can
easily add a function around it, and name it properly.
R=ahaas@chromium.org
Bug: v8:10177
Change-Id: I2aedcdfad09fe1fe07af9f0caa2b8bd45da902f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2036077
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66102}
I also fixed one issue in the wasm interpreter.
R=clemensb@chromium.org
Bug: v8:10180
Change-Id: Ie30e908ad051a27fa611e8d36134b67aaf4c830c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000741
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65764}
Remove the explicit script handle from ParseInfo, and make it either
a Handle that is passed around where needed, or one inferred from the
SharedFunctionInfo.
This will be useful for compilation finalization using the off-thread
factory, which will not generate real Handles since it has no access
to the Isolate.
Bug: chromium:1011762
Change-Id: I5d9564009ec83bb9fc74191b4aa69735d132c2f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977861
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65629}
This is a reland of c509bb8c55
Original change's description:
> Cache native modules in the wasm engine by their wire bytes. This is to
> prepare for sharing {Script} objects between multiple {WasmModuleObject}
> created from the same bytes. This also saves unnecessary compilation
> time and memory.
>
> R=clemensb@chromium.org
>
> Bug: v8:6847
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916603
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65296}
R=clemensb@chromium.org
Bug: v8:6847
Change-Id: I8839c9ec96dc4141cf3c30916a62ccf86f5463ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1960287
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65500}
This reverts commit c509bb8c55.
Reason for revert: Breaks arm64 - sim - MSAN, see https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/30050
Original change's description:
> [wasm] Share native modules compiled from the same bytes
>
> Cache native modules in the wasm engine by their wire bytes. This is to
> prepare for sharing {Script} objects between multiple {WasmModuleObject}
> created from the same bytes. This also saves unnecessary compilation
> time and memory.
>
> R=clemensb@chromium.org
>
> Bug: v8:6847
> Change-Id: Iad5f70efbfe3f0f134dcb851edbcec50691677e0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916603
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65296}
TBR=clemensb@chromium.org,thibaudm@chromium.org
Change-Id: I908b0f59bce26678d0b5d7fddc986384c40b4709
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946334
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65297}
Cache native modules in the wasm engine by their wire bytes. This is to
prepare for sharing {Script} objects between multiple {WasmModuleObject}
created from the same bytes. This also saves unnecessary compilation
time and memory.
R=clemensb@chromium.org
Bug: v8:6847
Change-Id: Iad5f70efbfe3f0f134dcb851edbcec50691677e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916603
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65296}
Make WasmFeatures a proper class which uses an EnumSet under the hood.
This way, it inherits all behaviour of EnumSet like comparison, merge,
etc.
Accesses change from being simple field access into the struct to
actually bit tests in the EnumSet.
R=mstarzinger@chromium.org
Bug: v8:10019
Change-Id: I768f92b90ac0294156f4482defba5ce00bc70165
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1934334
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65184}
This fixes a simple error in the parser fuzzer, where we accessed the
{parentheses} vector without checking that it is non-empty.
Drive-by: Some formatting cleanup, and switch to {vector} for
performance.
R=mstarzinger@chromium.org
Bug: chromium:1027132
Change-Id: I5faa39885801953f2fb698b1131eab1f138a524d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1936472
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65179}
This makes the {code_size_estimate} computation explicit in the caller,
and removes one of the two {NewNativeModule} constructors. It turns out
that the calculation is totally off in the streaming calculation phase,
since no function bodies have been parsed yet. So all
{WasmFunction::code} fields are still empty, and we compute an estimate
that is way too low.
This CL prepares the actual fix for that (by computing a better estimate
at specific call sites).
R=ahaas@chromium.org
Bug: v8:9950
Change-Id: I68a891c97e5f65a9c7e73e21684bdfa7e261e216
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1901273
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64845}
Embedded builtins are now unconditionally enabled, which removes the
need to differentiate between enabled/disabled embedded builtins.
This Cl removes the 'embedded_builtins' variant and related
*.status entries.
R=machenbach@chromium.org
Bug: v8:8519
Change-Id: I55d0dd54735b7cc437832af6fa2836fd6c14a317
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864936
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64464}
Change-Id: I1c20a5c756394528af1e9f2bb720393d3045e926
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1865719
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64359}
"alternates" should be "alternatives".
Drive-by: Rename "generate_fn" to "GenerateFn".
R=ahaas@chromium.org
Change-Id: I09de4678dddcc4a8949dd9589e4dddd0c1c0661c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1866509
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64344}
This brings our constants back in line with the changed spec text. We
already use kExprTableGet and kExprTableSet, but for locals and globals
we still use the old wording.
This renaming is mostly mechanical.
PS1 was created using:
ag -l 'kExpr(Get|Set)Global' src test | \
xargs -L1 sed -E 's/kExpr(Get|Set)Global\b/kExprGlobal\1/g' -i
PS2 contains manual fixes.
R=mstarzinger@chromium.org
Bug: v8:9810
Change-Id: I064a6448cd95bc24d31a5931b5b4ef2464ea88b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1847355
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64163}
This brings our constants back in line with the changed spec text. We
already use kExprTableGet and kExprTableSet, but for locals and globals
we still use the old wording.
This renaming is mostly mechanical.
PS1 was created using:
ag -l 'kExpr(Get|Set|Tee)Local' src test | \
xargs -L1 sed -E 's/kExpr(Get|Set|Tee)Local\b/kExprLocal\1/g' -i
PS2 contains manual fixes.
R=mstarzinger@chromium.org
Bug: v8:9810
Change-Id: I1617f1b2a100685a3bf56218e76845a9481959c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1847354
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64161}
After https://crrev.com/c/1800575 and https://crrev.com/c/1803343,
which tried to fix this on occuring compile errors, this CL
systematically adds the <memory> include to each header that uses
{std::unique_ptr}.
R=sigurds@chromium.orgTBR=mlippautz@chromium.org,alph@chromium.org,rmcilroy@chromium.org,verwaest@chromium.org
Bug: v8:9396
Change-Id: If7f9c3140842f9543135dddd7344c0f357999da0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803349
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63767}
Since we switched to C++14 now, we can use {std::make_unique} instead
of our own {base::make_unique} from {template-utils.h}.
R=mstarzinger@chromium.org, yangguo@chromium.org
Bug: v8:9687
No-Try: true
Change-Id: I660eb30038bbb079cee93c7861cd87ccd134f01b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789300
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63642}
I don't know if there is another problem, but this change fixes all
problems in the test case. The fuzzer will eventually tell us if there
is another problem.
R=clemensh@chromium.org
Bug: chromium:1000503
Change-Id: I2f3ca9132e1b9e3f01e9b32604fb39b2272723f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784278
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63547}
This reverts commit bf78435b2c.
Reason for revert: This CL is not what I wanted to land. I mixed up my local branches.
Original change's description:
> [wasm] Stage wasm-bigint
>
> The implementation on wasm-bigint has been done, as far as I can tell.
> There are no spec tests yet, only an out-dated copy of the original
> spec tests which don't pass anymore. Therefore I disabled all the tests
> for now and created a tracking bug at https://crbug.com/v8/9673.
>
> R=adamk@chromium.org
>
> Bug: v8:7741, v8:9673
> Change-Id: I015846cc6008ad266402b6835e634723a1a076da
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781050
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63541}
TBR=adamk@chromium.org,ahaas@chromium.org
Change-Id: I5e8a42ad01200c01446efe4ea50f8ae6fef2c174
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7741, v8:9673
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784279
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63546}
The implementation on wasm-bigint has been done, as far as I can tell.
There are no spec tests yet, only an out-dated copy of the original
spec tests which don't pass anymore. Therefore I disabled all the tests
for now and created a tracking bug at https://crbug.com/v8/9673.
R=adamk@chromium.org
Bug: v8:7741, v8:9673
Change-Id: I015846cc6008ad266402b6835e634723a1a076da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781050
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63541}
In https://crrev.com/c/1768581 I only enabled the --wasm-staging flag,
but that is useless without the implications defined in
flag-definitions.h. With this CL I now just set each flag one by one.
R=clemensh@chromium.org
Bug: v8:9601
Change-Id: Ie0e16f9516aa32b8c958cf58c8c9d4d6cb6f3b22
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781060
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63516}
When regexp match indices are enabled, we stash required data in the JSRegExpResult object,
and then build a JSRegExpResultIndices object lazily when the 'indices' property is
accessed.
This cl simply checks that fast and slow paths produce the same values for
result.indices and result.indices.groups.
Change-Id: I6322d8eaef4c6e5a0ed3a5aef8b2ff05ac2b2c7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763249
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63301}
This allows to return bool values from Torque macros and branch on them
without performance penalty, reconstructing good control flow.
Drive-by cleanup: Delete EnsureDeferredCodeSingleEntryPoint(), since
it's no longer needed. Constructing a graph and then re-inferring
deferred blocks based on branch hints achieves this effect
automatically.
Bug: v8:7793
Change-Id: Idb6802372b407549e4760f290933d5b8f1e9d952
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681132
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62979}
Cpplint usually checks for non-const reference arguments. They are
forbidden in the style guide, and v8 does not explicitly make an
exception here.
This CL re-enables that warning, and fixes all current violations by
adding an explicit "NOLINT(runtime/references)" comment. In follow-up
CLs, we should aim to remove as many of them as possible.
TBR=mlippautz@chromium.org
Bug: v8:9429
Change-Id: If7054d0b366138b731972ed5d4e304b5ac8423bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687891
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62551}
Just the low-hanging fruit. There is more to do.
Bug: v8:2487
Change-Id: Ia9afa32797960f6c4c7c4fa0f39c70efc63663e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669698
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62397}
There's no reason to use the API RegExp type instead of the internal
JSRegExp type. In fact, the parsed flags end up in
Runtime_CreateRegExpLiteral, which assumes them to be of type
JSRegExp::Flags.
Drive-by: Additional asserts and helper functions in JSRegExp.
Bug: v8:9359
Change-Id: I5c12aba7d4e39a4891fb23d8b47c55fc480a28d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667004
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62376}
We have a global test/OWNERS that has "file://COMMON_OWNERS".
This CL removes redundant OWNERS files in test/ subdirectories and
removes redundant entries from OWNERS files we need to keep for
special per-file entries.
R=yangguo@chromium.org, machenbach@chromium.org
CC=jkummerow@chromium.org
Bug: v8:9247
Change-Id: Ic2e8cbe8e379d7d23c86c6164305e65807f28ed3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674024
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62336}
v8memory.h does not have V8 specific definitions, and having it in base
makes it clear that every component may include the file. It also
ensures that including it does not create spurious dependencies on
v8_base.
Change-Id: I565f63b25f33a9ada19d7b2ac5990863ab17f4a7
Bug: v8:9183, v8:8855
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657923
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62309}
This CL renames jsregexp.{h,cc} to regexp.{h,cc}, hides all non-public
functions of RegExpImpl in the .cc file, and renames the public parts
of RegExpImpl to just RegExp. Include directives from outside the
src/regexp directory are limited to regexp.h, regexp-stack.h, and
regexp-utils.h. We also expose all result codes that can be returned
by irregexp code (including RETRY) on the public header since they
are needed elsewhere, e.g. in builtins.
Bug: v8:9359
Change-Id: Iae1a01ac9f6e1e4dc168f3fbe8fe8679cb6b1259
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662297
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62240}
Bug: v8:9247
Change-Id: Id6860e7b0f932990ac3cda39e369b0809e4f6a2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632072
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61928}
The newly introduced select-with-type instruction is only available when
anyref is enabled.
R=clemensh@chromium.org
Bug: chromium:967998
Change-Id: Idcb9ab447eedb93fe5374726da162ca1c79b3f16
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634927
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61919}
The instruction is the same as the existing {select} instruction with
type. Both inputs must be in a sub-type relationship with the type
specified in the type instruction.
R=clemensh@chromium.org
Bug: v8:7581
Change-Id: Ibead6cd0253210828c8114336ea0942e6cbd6126
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631413
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61886}
This fixes the error message generated for compile errors during
asynchronous instantiation. It shows "WebAssembly.instantiate()" now
instead of "WebAssembly.compile()".
R=mstarzinger@chromium.org
Bug: v8:9266
Change-Id: Ieae478d1c4f6843fbc17e15debb6c49f72059d99
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617940
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61654}
FATAL() calls with more than one argument are preserved.
The rest of chrome does this as well. Stack traces and minidumps should
be sufficient for analyzing the reason for crashes.
This saves 110kb for Android arm32.
Bug: chromium:958807
Change-Id: I88a1ec82f1ed7bd5e7dbccf6d645d5584f16de82
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598159
Commit-Queue: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61426}
Our {Vector} template provides both {start} and {begin} methods. They
return exactly the same value. Since the {begin} method is needed for
iteration, and is also what standard containers provide, this CL
switches all uses of the {start} method to use {begin} instead.
Patchset 1 was auto-generated by using this clang AST matcher:
callExpr(
callee(
cxxMethodDecl(
hasName("start"),
ofClass(hasName("v8::internal::Vector")))
),
argumentCountIs(0))
Patchset 2 was created by running clang-format. Patchset 3 then
removes the now unused {Vector::start} method.
R=jkummerow@chromium.orgTBR=mstarzinger@chromium.org,yangguo@chromium.org,verwaest@chromium.org
Bug: v8:9183
Change-Id: Id9f01c92870872556e2bb3f6d5667463b0e3e5c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587381
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61081}
Using the Isolate's allocator when creating the WasmModule can lead to
use-after-free situations when the NativeModule is shared across
Isolates.
R=mstarzinger@chromium.org
Bug: v8:9079
Change-Id: I5a564852179cc5b9d4cbad2a002d3b6e14b01968
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1550404
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60605}
All standard containers provide a method named {empty} to check whether
the container is empty. On {base::Vector}, that method is named
{is_empty}, while {empty} is an unused factory method for creating an
empty {Vector}.
This CL renames {is_empty} to {empty} and removes the unused factory
method.
R=leszeks@chromium.org
Bug: v8:8834
Change-Id: I686bd07527801fbe783c412bc241221d8ec3660a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1547862
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60584}
This CL adds all the necessary {WasmCodeRefScope}s in the code base, or
at least a good approximation. A follow-up CL will enable a check that
a {WasmCodeRefScope} exists whenever a pointer to a {WasmCode} object
is returned from the {NativeModule}. This should flush out any missing
scopes.
R=titzer@chromium.org
Bug: v8:8217
Change-Id: I54c7eb39aeb1acde38273c399396e6b1390a4cb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533860
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60566}
Even though both are allowed in the style guide, it recommends to use
'using', as its syntax is more consistent with the rest of C++.
This CL turns all typedefs in wasm code to 'using' declarations.
R=ahaas@chromium.org
Bug: v8:8834
Change-Id: Ibdce88a5cc31e0785cbc1b34088bd39aa3ec84b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1545890
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60519}
This asserts that we run e.g. GC finalization tasks. Without that, we
might run ouf of memory.
R=ahaas@chromium.org
Bug: chromium:938739
Change-Id: Ic80074f877183bcabb3353fbeff94842a534efab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526007
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60266}
We need to ensure that the NativeModule stays alive while any
{BackgroundCompileScope} exists, because during that time we hold
shared ownership of the mutex in the {BackgroundCompileToken}. If the
{NativeModule} dies during that period, we would need to get exclusive
ownership of the mutex and deadlock.
This change requires holding a {std::weak_ptr<NativeModule>} in the
BackgroundCompileToken instead of a raw pointer, hence it can only be
initialized after the NativeModule was created. This is done via a
separate {InitCompilationState} method.
R=ahaas@chromium.org
Bug: v8:8979
Change-Id: Ia14bd272ea0bc47aec547024da6020608418c9d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518178
Auto-Submit: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60203}
My standard procedure for debugging regexp builtin fuzzer finds is to
turn on verbose mode and run the repro. This extends verbose output to
include the generated script which contains e.g. the regexp pattern,
the subject string, and the actual function call.
Tbr: yangguo@chromium.org
Bug: v8:8968
Change-Id: I0c7e930f4cbd34014f2781ca280919c5b002b049
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511276
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60120}
This is a reland of 81eec150f6
Original change's description:
> Reland "[test] refactor testsuite configuration"
>
> This is a reland of 7f92ad0ab6
>
> Original change's description:
> > [test] refactor testsuite configuration
> >
> > Every testsuite configuration consist of at least 30% code duplication.
> >
> > The code age ranges from 10 years old to 5 years old. Implementing anything that
> > touches the testsuite code becomes a technical fight to the death.
> >
> > This CL removes all the duplication by refactoring the common functionality.
> >
> > This CL contains structural changes without any logical changes % small bug
> > fixes.
> >
> > R=machenbach@chromium.org
> > CC=yangguo@chromium.org,sergiyb@chromium.org
> >
> > Bug: v8:8174, v8:8769
> > Change-Id: Iee299569caa7abdc0307ecf606136669034a28a2
> > Reviewed-on: https://chromium-review.googlesource.com/c/1445881
> > Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#59361}
>
> Bug: v8:8174, v8:8769
> Change-Id: I8e7078cfb875ceb3777e57084e6f8dfac09693e7
> Reviewed-on: https://chromium-review.googlesource.com/c/1454485
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59369}
Bug: v8:8174, v8:8790
Change-Id: I38ab9d37bca76057441a970f26e2102e4387a857
Reviewed-on: https://chromium-review.googlesource.com/c/1454724
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59387}
This reverts commit 81eec150f6.
Reason for revert: windows mozilla test failures
Original change's description:
> Reland "[test] refactor testsuite configuration"
>
> This is a reland of 7f92ad0ab6
>
> Original change's description:
> > [test] refactor testsuite configuration
> >
> > Every testsuite configuration consist of at least 30% code duplication.
> >
> > The code age ranges from 10 years old to 5 years old. Implementing anything that
> > touches the testsuite code becomes a technical fight to the death.
> >
> > This CL removes all the duplication by refactoring the common functionality.
> >
> > This CL contains structural changes without any logical changes % small bug
> > fixes.
> >
> > R=machenbach@chromium.org
> > CC=yangguo@chromium.org,sergiyb@chromium.org
> >
> > Bug: v8:8174, v8:8769
> > Change-Id: Iee299569caa7abdc0307ecf606136669034a28a2
> > Reviewed-on: https://chromium-review.googlesource.com/c/1445881
> > Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#59361}
>
> Bug: v8:8174, v8:8769
> Change-Id: I8e7078cfb875ceb3777e57084e6f8dfac09693e7
> Reviewed-on: https://chromium-review.googlesource.com/c/1454485
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59369}
TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org
Change-Id: I8f5650b5f46be299c004e2fa8b708fa2c17a4dc2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8174, v8:8769
Reviewed-on: https://chromium-review.googlesource.com/c/1454607
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59370}
This is a reland of 7f92ad0ab6
Original change's description:
> [test] refactor testsuite configuration
>
> Every testsuite configuration consist of at least 30% code duplication.
>
> The code age ranges from 10 years old to 5 years old. Implementing anything that
> touches the testsuite code becomes a technical fight to the death.
>
> This CL removes all the duplication by refactoring the common functionality.
>
> This CL contains structural changes without any logical changes % small bug
> fixes.
>
> R=machenbach@chromium.org
> CC=yangguo@chromium.org,sergiyb@chromium.org
>
> Bug: v8:8174, v8:8769
> Change-Id: Iee299569caa7abdc0307ecf606136669034a28a2
> Reviewed-on: https://chromium-review.googlesource.com/c/1445881
> Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59361}
Bug: v8:8174, v8:8769
Change-Id: I8e7078cfb875ceb3777e57084e6f8dfac09693e7
Reviewed-on: https://chromium-review.googlesource.com/c/1454485
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59369}
This reverts commit 7f92ad0ab6.
Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win32/19148
Original change's description:
> [test] refactor testsuite configuration
>
> Every testsuite configuration consist of at least 30% code duplication.
>
> The code age ranges from 10 years old to 5 years old. Implementing anything that
> touches the testsuite code becomes a technical fight to the death.
>
> This CL removes all the duplication by refactoring the common functionality.
>
> This CL contains structural changes without any logical changes % small bug
> fixes.
>
> R=machenbach@chromium.org
> CC=yangguo@chromium.org,sergiyb@chromium.org
>
> Bug: v8:8174, v8:8769
> Change-Id: Iee299569caa7abdc0307ecf606136669034a28a2
> Reviewed-on: https://chromium-review.googlesource.com/c/1445881
> Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59361}
TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org,v8-reviews@chromium.org
Change-Id: I473f0d4c6b9c0239923b8c03699dbc38b7f85030
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8174, v8:8769
Reviewed-on: https://chromium-review.googlesource.com/c/1454599
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59362}
Every testsuite configuration consist of at least 30% code duplication.
The code age ranges from 10 years old to 5 years old. Implementing anything that
touches the testsuite code becomes a technical fight to the death.
This CL removes all the duplication by refactoring the common functionality.
This CL contains structural changes without any logical changes % small bug
fixes.
R=machenbach@chromium.orgCC=yangguo@chromium.org,sergiyb@chromium.org
Bug: v8:8174, v8:8769
Change-Id: Iee299569caa7abdc0307ecf606136669034a28a2
Reviewed-on: https://chromium-review.googlesource.com/c/1445881
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59361}
This is a reland of 0befa6d4c3
Original change's description:
> [nojit] Check that --jitless is disabled when creating wasm code
>
> Drive-by: Amend wasm test skips for lite mode.
>
> Bug: v8:7777
> Change-Id: I23e13b65e548c19d6b24a26e0b962a9978f54ed7
> Reviewed-on: https://chromium-review.googlesource.com/c/1449616
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59314}
Tbr: mstarzinger@chromium.org
Bug: v8:7777
Change-Id: I0a076b36bb2e69b612df89b0f35067f299f27a7e
Reviewed-on: https://chromium-review.googlesource.com/c/1451819
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59325}
We noticed that almost every call site were loading both files,
the split isn't necessary anymore.
In some message tests, removed the absolute line number to allow future
changes.
Bug: v8:8726
Change-Id: I8527f0a1ecfa685aa01a5e2f5f47ddf1cb13a545
Reviewed-on: https://chromium-review.googlesource.com/c/1446452
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59220}
The WasmCodeManager held a list of all Isolates that use the
WasmEngine/WasmCodeManager (those two are 1:1).
Since we want to move all isolate-specific tasks (like code logging and
compilation callbacks) to the WasmEngine, this CL moves this management
from the WasmCodeManager to the WasmEngine. We now have a bidirectional
mapping from NativeModules to the Isolates that use them, and from an
Isolate to all the NativeModules it uses (n:n).
The IsolateData struct will be extended in follow-up CLs to hold things
like the ForegroundTaskRunner. The Isolate* in the NativeModule /
CompilationState will eventually be removed.
R=mstarzinger@chromium.org
Bug: v8:8689
Change-Id: Ic2c003c3949f73ce3264dd9dac96884a5c0b9896
Reviewed-on: https://chromium-review.googlesource.com/c/1433793
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59092}
Everything was including log.h through heap-inl.h, so remove that
include by moving the one user into heap.cc, and then fix all the
include errors.
This reduces the log.h include ball from ~550 to ~100.
Change-Id: I6d09bc2f365b48645fcfdc695a68ea12539a745d
Reviewed-on: https://chromium-review.googlesource.com/c/1424198
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58981}
--jitless -> --no-opt
-> --no-validate-asm
-> --wasm-interpret-all -> --no-asm-wasm-lazy-compilation
-> --no-wasm-lazy-compilation
Note that wasm still isn't supported in jitless mode since it generates
code at runtime even with --wasm-interpret-all.
Drive-by: Fail early when trying to compile irregexp code in jitless
mode.
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Bug: v8:7777
Change-Id: I7f0421f71efeaaeb030ed9ec268d12a659667acf
Reviewed-on: https://chromium-review.googlesource.com/c/1406677
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58820}
This matches the terminology that is used throughout the spec.
R=clemensh@chromium.org
Change-Id: I62445e750415e6048b805110c7306f3bdbf9da60
Reviewed-on: https://chromium-review.googlesource.com/c/1408988
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58774}
The fuzzers were already removed on the chrome side and therefore
inactive, see https://crrev.com/c/1194228.
R=machenbach@chromium.org
Bug: v8:8562
Change-Id: I0cf5ec6d07e07452c5168ea952f45028bcea1c85
Reviewed-on: https://chromium-review.googlesource.com/c/1406678
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58750}
This avoids having to update either the source code or the generated
test cases each year.
R=ahaas@chromium.org
Change-Id: I33fb85dc4ae7d45f8d05d982e0285d6fd3008a26
Reviewed-on: https://chromium-review.googlesource.com/c/1405032
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58725}
This CL disables RX (read and execute) permissions for Code memory
when in jitless mode. All memory that was previously allocated RX
is now read-only.
Bug: v8:7777
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Change-Id: I52d6ed785d244ec33168a02293c5506d26f36fe8
Reviewed-on: https://chromium-review.googlesource.com/c/1390122
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58692}
For indirect calls, we need to set up the tables correctly. This CL
adds this to the test case generation logic.
R=ahaas@chromium.org
Change-Id: I18a5a8e0659c46daec00d46d02fe50d5d94638d6
Reviewed-on: https://chromium-review.googlesource.com/c/1349985
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57838}
Indirect calls rely on fixed signature indexes. Thus make test case
generation output the signatures exactly like they appear in the module.
R=ahaas@chromium.org
Change-Id: I80b088024da759ec87695363aeefb28685e1d704
Reviewed-on: https://chromium-review.googlesource.com/c/1350831
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57837}
Instead of returning 0xDEADBEEF, return a struct with proper
information. Otherwise a function returning 0xDEADBEEF would be
misidentified as trapping in the interpreter.
R=ahaas@chromium.org
Bug: chromium:906997
Change-Id: I92fc3a9972d76d2f8a5b313bf6be6eb027cfc1e9
Reviewed-on: https://chromium-review.googlesource.com/c/1344111
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57658}
For short inputs (<= size of the type we want to generate), we fell back
to just generating constants. This CL changes that to only fall back to
constants once a single byte remains, and adds options to use constants
already before that.
R=ahaas@chromium.org
Bug: v8:894307
Change-Id: Ic4bf05d06090f52b67de2b322a9d5dcab6bbbe39
Reviewed-on: https://chromium-review.googlesource.com/c/1337739
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57573}
This CL splits the backend of TurboFan off into its own directory,
without changing namespaces. This makes ownership management a bit
more fine-grained with a logical separation.
R=mstarzinger@chromium.org,jarin@chromium.org,adamk@chromium.org
Change-Id: I2ac40d6ca2c4f04b8474b630aae0286ecf79ef42
Reviewed-on: https://chromium-review.googlesource.com/c/1308333
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57437}
The "grow_memory" opcode was renamed to "memory.grow", and the spec
repo was updated to use kExprMemoryGrow internally instead of
kExprGrowMemory (https://github.com/WebAssembly/spec/pull/720).
This CL does the same change for v8.
Drive-by: Rename "current_size" to "memory.size", and a minor cleanup
in wasm-graph-builder.js to bring it in line with the version in the
js-api tests in the spec repo.
R=titzer@chromium.org
Change-Id: If525dba898b2c248890a616d3392c22b45f698ef
Reviewed-on: https://chromium-review.googlesource.com/c/1302057
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57089}
The "max_len" argument for fuzzer targets is deprecated. We need to
enforce the limit internally.
R=ahaas@chromium.org
Bug: chromium:894939
Change-Id: I2206bc63d5e39f1aa189e11042a6a0bbcca31b0d
Reviewed-on: https://chromium-review.googlesource.com/c/1299020
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56998}
Instead, create it when needed and pass it down to the actual
compilation.
This saves memory by making the WasmCompilationUnit smaller and will
eventually allow us to implement the trap handler fallback correctly by
using an updated ModuleEnv in background compilation and tier up.
R=mstarzinger@chromium.org
Bug: v8:5277, v8:8343
Change-Id: I0dc3a37fb88e54eb4822dc99d58ff024f4b2a367
Reviewed-on: https://chromium-review.googlesource.com/c/1293953
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56896}
Previously, this was just a field on the WasmResult, which is not
allowed according to the style guide.
A special r-value accessor for the value is needed for the cases where
the contained type is not copyable, e.g. unique_ptr.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: Ia3c14c4c62c3c2e07f1dc4594f1bc9d1da88f91e
Reviewed-on: https://chromium-review.googlesource.com/c/1290974
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56823}
If `out` is empty accessing `out.back()` is invalid.
TBR=yangguo@chromium.org
Bug: chromium:894934
Change-Id: I7286c5b6a9857f1cdb2bcaf383094bee65bac393
Reviewed-on: https://chromium-review.googlesource.com/c/1282565
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56669}
This also makes the {AddCodeCopy} method more specific to only apply to
import wrappers, otherwise the use of {set_code} would be unprotected.
R=clemensh@chromium.org
BUG=v8:8015
Change-Id: I62561560f57e4cc235a338c0e769e50ff55ec42d
Reviewed-on: https://chromium-review.googlesource.com/1238477
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56137}
The problem was that in AsyncCompileJob::FinishModule we allocate a
handle, but when this function is called from streaming compilation, then
there was no HandleScope around AsyncCompileJob::FinishModule. This issue
was fixed in another CL, https://crrev.com/c/1172357. This CL is just a
rebase of the original CL.
Original change's description:
> [wasm] Implement the new API for WebAssembly.instantiateStreaming
> This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
> make it spec compliant again. The design doc where the whole change is
> discussed is available in the tracking bug. The tracking bug also
> references prototype implementations of the whole change, which includes
> the changes in this CL.
R=starzinger@chromium.org
Bug: chromium:860637
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib0cb25488654d2b325b4f529d33b76b846c64436
Reviewed-on: https://chromium-review.googlesource.com/1172429
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55106}
This CL introduces a set of configuration options implemented as
a struct of booleans that together comprise the set of enabled
or detected features. The configuration options replace command-line
flags that were checked deep in the implementation. As such, it is
necessary to plumb them through multiple levels of abstraction.
R=ahaas@chromium.orgCC=mstarzinger@chromium.org
BUG=chromium:868844
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1b82f5826e4fd263f68e8cafcd923bac5818a637
Reviewed-on: https://chromium-review.googlesource.com/1163670
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55018}
In Liftoff, bugs often happen only if specific cache states are
constructed. For this, longer sequences of instructions are needed.
Thus, add a few rules to increase the chance of generating longer
sequences.
R=ahaas@chromium.org
Change-Id: I8f112edf0280282bf275585e8a15772013c25245
Reviewed-on: https://chromium-review.googlesource.com/1158695
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54927}
This reverts commit b556c9eaa6.
Reason for revert: Flakes in layout tests: https://crbug.com/870187
Original change's description:
> [wasm] Implement the new API for WebAssembly.instantiateStreaming
>
> This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
> make it spec compliant again. The design doc where the whole change is
> discussed is available in the tracking bug. The tracking bug also
> references prototype implementations of the whole change, which includes
> the changes in this CL.
>
> R=mstarzinger@chromium.org
>
> Bug: chromium:860637
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
> Change-Id: I776c0f24959ab5663727d3dfee0248a9b0642a42
> Reviewed-on: https://chromium-review.googlesource.com/1143187
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54834}
TBR=mstarzinger@chromium.org,ahaas@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:860637
Change-Id: Icbf2603143068a49c61de162aa7185a753703e5d
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1160261
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54872}
Refactoring the code base to use noexcept for their move constructors and move
assignment operators.
Bug: v8:7999
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I13d24eddba3bfa601cff26fd680a040cf4e71426
Reviewed-on: https://chromium-review.googlesource.com/1152817
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#54841}
This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
make it spec compliant again. The design doc where the whole change is
discussed is available in the tracking bug. The tracking bug also
references prototype implementations of the whole change, which includes
the changes in this CL.
R=mstarzinger@chromium.org
Bug: chromium:860637
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I776c0f24959ab5663727d3dfee0248a9b0642a42
Reviewed-on: https://chromium-review.googlesource.com/1143187
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54834}
Stack parameters on arm64 require padding. Since the stack areas for
parameters and returns should not overlap, we have to pad the parameters
already during the construction of the CallDescriptor so that we can set
the correct stack offset for returns.
R=mstarzinger@chromium.org
Bug: chromium:838098
Change-Id: I23389dc35037054b750e61ea6b1bfdfc4c5bc868
Reviewed-on: https://chromium-review.googlesource.com/1150178
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54716}
The WebAssembly spec is not fully deterministic: the sign bit of NaN
can be arbitrary. This sign bit can be observed by several WebAssembly
opcodes. In the testcase the sign bit of NaN makes the difference
between terminating code and an infinite loop.
In the libfuzzer fuzzer we have to prevent infinite loops ourselves.
At the moment we do this by only execute generated code of WebAssembly
modules for which the interpretation of the code ends in a limited
number of steps. With the non-determinism described above we cannot
guarantee the absence of infinite loops with this method. Therefore
we stop now to execute generated code of WebAssembly modules for which
we observe possible non-determinism in the interpreter.
R=clemensh@chromium.org
Bug: chromium:863829
Change-Id: I461d67df87d672bed25d6c915ba7ea5134cb5890
Reviewed-on: https://chromium-review.googlesource.com/1141945
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54541}
All auto-generated with some fix-ups including marking the following
classes as NeverReadOnlySpaceObject so their GetIsolate/GetHeap methods
are safe to use:
Code, CodeDataContainer, AbstractCode, DeoptimizationData,
CompilationCacheTable, NormalizedMapCache, Script, SharedFunctionInfo
TBR=yangguo@chromium.org
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I6cb5dcca88a0bc99b5afe80f553e06a661b5da3c
Reviewed-on: https://chromium-review.googlesource.com/1135306
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54439}
The code under test is handling of multi-return values in TurboFan and
hence actually independent of WebAssembly. The only reason to generate
WasmCode is in order to use the WebAseembly linkages. This changes the
generated code to have {STUB} kind instead of {WASM_FUNCTION} kind to
avoid having stack checks in the generated code which would require a
proper WasmInstanceObject to be allocated.
R=ahaas@chromium.org
BUG=chromium:862508
Change-Id: I4feb7bff1a42bbf59cfc5f249f2e0585ce7011ad
Reviewed-on: https://chromium-review.googlesource.com/1136438
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54436}
Currently the fuzzer only tests Turbofan and Liftoff in isolation. In
order to test that both tiers use the same ABI, it should also test
calls from one tier to the other.
This CL introduces a new flag which controls which function will be
compiled by which tier, and uses that in the fuzzer.
R=ahaas@chromium.org
Bug: chromium:862931, v8:6600
Change-Id: I450b906700972cfdb496b1734faed9f8208d652f
Reviewed-on: https://chromium-review.googlesource.com/1134775
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54409}
Instead of passing {uint8_t*, size_t} pairs as arguments, pass
{Vector<uint8_t>}. This is less error prone and {Vector} provides some
helpful methods.
R=ahaas@chromium.org
Bug: v8:7754
Change-Id: I7469054774618e0bd5c9d38501759b1b2c51d104
Reviewed-on: https://chromium-review.googlesource.com/1134773
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54406}
This CL surfaces AssemblerOptions to CodeAssembler::GenerateCode and
to pipeline methods. To allow forward declaring AssemblerOptions,
AssemblerBase::Options was moved out of the AssemblerBase class.
Bug: v8:6666
Change-Id: If9fc50d3d4767bb5dd39a0c3b6e094021f4cae2b
Reviewed-on: https://chromium-review.googlesource.com/1127039
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54286}
In the WebAssembly fuzzers we detect infinite loops with the
interpreter: if the interpreter does not finish after a finite number
of steps, we do not execute the compiled code. However, we cannot
redirect the start function to the interpreter in the fuzzer, and
therefore we cannot detect infinite loops in the start function. With
this CL we avoid the problem completely by not instantiating a module
in the fuzzer which has a start function. Note that the module still
gets compiled.
R=clemensh@chromium.org
Bug: chromium:858914
Change-Id: Icbbe9a003544918d5267cdd1d9405b21bb681133
Reviewed-on: https://chromium-review.googlesource.com/1126766
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54246}
The current output of release builds is not very helpful, as it does
not contain the line number, nor the values of {expect_exception} or
{i_isolate->has_pending_exception()}.
R=ahaas@chromium.org
Bug: chromium:854011
Change-Id: I0bc1b8be6151d5420310eb67b2ebd0dc866fc9a6
Reviewed-on: https://chromium-review.googlesource.com/1122869
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54164}
Instead of storing both the {NativeModule} and the {WasmModule} in a
{Managed} object, just store the {WasmModule} in the {NativeModule}
directly. This fixes crashes that happen if the {Managed<WasmModule>}
dies before the {Managed<NativeModule>}.
R=mstarzinger@chromium.org
Bug: chromium:854794, v8:7879, v8:7889
Change-Id: I6b11729943fe7a03d225138782655ee5dafd26a6
Reviewed-on: https://chromium-review.googlesource.com/1118171
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54090}
Before flipping the flag, some tests need to be adapted. This CL
prepares these tests, such that the flag flip CL really just flips a
flag.
R=titzer@chromium.org, hablich@chromium.org
Bug: v8:6600, chromium:787421
Change-Id: I8030df69cda5f3fb81354350a37f65c0d1c669bd
Reviewed-on: https://chromium-review.googlesource.com/1110363
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53959}
Other fuzzers already have this ability. This CL adds it to the fuzzer.
The input has to be valid bytes, otherwise we cannot generate the text
representation.
R=titzer@chromium.orgCC=gdeepti@chromium.org
Change-Id: If1ba8accc707bee3b042e93f4201949f0233c90e
Reviewed-on: https://chromium-review.googlesource.com/1109794
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53926}
TurboFan returned null handles if compilation did not succeed. This CL
changes that to a MaybeHandle to make it explicit that client code needs
to handle the error.
Bug: v8:7856
Change-Id: I6087e6263faa1150b9788213dd22c398b4a2fc2d
Reviewed-on: https://chromium-review.googlesource.com/1104688
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53824}
