This is needed to trace objects found durinbg stack scanning.
Bug: chromium:1056170
Change-Id: I1280d98f2fe69281c514b3a7d4a57f909a2eed96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190425
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67788}
The AVX implementation does not have dst == input(0), so the vminps call
was wrong. The intention is to compare the 2 input operands.
Bug: chromium:1081030
Change-Id: Id54074327a6aca4b75988fc9d85beccfeabfc791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2194471
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67786}
... when one of the receivers is a JSArray that may have a read-only
length.
Bug: chromium:1069530
Change-Id: Idbaf1a9030bb5a0f9c25e30925f18f603a99832f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2196353
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67783}
This CL fixes a bug in Liftoff where stack parameters for builtins were
pushed in the reversed order.
CC=bbudge@chromium.orgR=clemensb@chromium.org
Bug: v8:10281
Change-Id: I51ab4f19b0dc3835140ca3c05c98cc82dfe9cac4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2196341
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67779}
We can't attach a meaningful stack trace to the AggregateError
Promise.any rejects with, but we can augment the individual errors'
stack traces with Promise.any and the index of the corresponding
Promise in the input.
Bug: v8:9808
Change-Id: I7ba754c9b043594decaac8b3a23be74f05c3dffd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2198983
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67778}
Add const Page iterators to Spaces, and add whichever const methods are
necessary for this to work. This and a couple more const methods allows
us to make Heap::Contains const.
Change-Id: I1b63a10575ccdb8a3979aef4fa63a97b288ff836
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2198975
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67776}
Fold distinct MUL and ADD (or SUB) instructions into a single MLA (or
MLS) instruction, mirroring what is being done for general purpose
registers.
SIMD wasm only uses the vectorized ADD and MUL instructions on quad
vectors (NEON Q), so only those cases are handled.
SIMD wasm only uses MUL by vectors, not by elements so there is no need
to check for an addition and shift reduction.
Change-Id: If07191dde9fb1dc37a5de27187800c15cc4325ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2184239
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#67770}
This is a reland of 902f48bdda, fixed
to avoid lock inversion problems detected by TSan.
Original change's description:
> [wasm][debug] Fix tier down for multiple isolates
>
> If multiple isolates are using the same module, we need to keep it
> tiered down as long as any isolate still has a debugger open.
> Also, we cannot short-cut the {NativeModule::TierDown} method, since the
> previously triggered tier down might not have finished yet.
> For now, each isolate starts an independent tier down (i.e. a full
> recompilation). We could optimize this later by skipping functions that
> are already tiered down, or are already scheduled for tier down, but we
> still need to wait for tier-down to finish on each isolate.
>
> R=thibaudm@chromium.org
>
> Bug: v8:10359
> Change-Id: I7ea6a6f5d3977e48718ac5bc94f9831541f6173f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190758
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67716}
Bug: v8:10359
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Change-Id: Ie98cf073fc79e5c6991df6d4466de7b560274070
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2194451
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67754}
Changes:
- Implement subtyping for eqref.
- (Driveby) Declare more functions as constexpr in ValueType.
- Make minor changes needed to handle ref.eq.
- Write an elementary test.
Bug: v8:7748
Change-Id: I11d54227798ce56de70f3a6f83305b2f80b2f57f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2193715
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67752}
This reverts commit 9d3cca1cd3.
Reason for revert: Only the test needs to be skipped on s390. Refer to this: https://crrev.com/c/1981505
Original change's description:
> s390: [arm] Add missing RELATIVE_CODE_TARGET iteration
>
> Port b766299d2c
> Port 9592b043ee
> Port d915b8d668
>
> Original Commit Message:
>
> Code object iteration was missing logic for RELATIVE_CODE_TARGET
> reloc entries. Garbage collection could thus miss objects that were
> referenced only as targets of pc-relative calls or jumps.
>
> RELATIVE_CODE_TARGETs are only used on arm, mips, and s390 and only
> at mksnapshot-time.
>
> This exposed another issue in that the interpreter entry trampoline
> copy we generate for profiling *did* contain relative calls in
> runtime-accessible code. This is a problem, since code space on arm is,
> by default, too large to be fully addressable through pc-relative
> calls. This CL thus also disables the related
> FLAG_interpreted_frames_native_stack feature on arm.
>
> objects.
>
> R=jgruber@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
> BUG=
> LOG=N
>
> Change-Id: Ifbcaed98d90a2730f0d6a8a7d32c621dab1ff5b2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2087693
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
> Cr-Commit-Position: refs/heads/master@{#66644}
TBR=michael_dawson@ca.ibm.com,mlippautz@chromium.org,jyan@ca.ibm.com,jgruber@chromium.org,joransiu@ca.ibm.com,miladfar@ca.ibm.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: Id645a9def23d278235ff77f25249d2187e8105ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2196521
Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#67751}
This CL adds 2 new values to the EmbedderStackState enum with more
explicit names. The old values are updated as aliases to the new
values and marked as soon to be deprecated. This CL also moves the
enum to v8-platform.h so that it can be reused by cppgc.
Depracating individual values in an enum is supported by GCC only
since version 6. Thus new macros were needed for the deprecation
(which delegate to the existing macros when supported). GCC versions
older than 6 are still used by the CQ bots.
Bug: chromium:1056170
Change-Id: Id1ea73edfbbae282b0d8a3bb103dbbbf8ebd417e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2188971
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67744}
This is a reland of 7f29c48ef6
After fixing TSAN failures in https://crrev.com/c/2192661 and https://crrev.com/c/2193712, this CL and be relanded without changes.
Original change's description:
> [heap] Remove sweeping state in incremental marking
>
> Remove the SWEEPING state from incremental marking. Sweeping is now
> always completed when starting incremental marking. Before this change
> there needed to be a safepoint each for starting marking and completing
> sweeping. Now both happens within a single safepoint.
>
> Bug: v8:10315
> Change-Id: Iad2835554865f2de24376372affe9a98992d1fa0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190419
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67678}
Bug: v8:10315
Change-Id: Ic949d125e72c4d17fd427d08d4b6f9056721eee9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2196182
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67741}
Prior to this CL we still implemented a HasProperty-GetProperty
sequence when accessing named captures in GetSubstitution. This was
briefly part of the spec (we also threw an exception when the property
was not present), but since late 2017 the GetProperty call has been
unconditional.
See https://tc39.es/ecma262/#sec-getsubstitution.
Bug: v8:10513
Change-Id: Id82c06958b0b0feffc6eede580b99ab8676a0dae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2195821
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67733}
There's no need for them to be in NativeContext.
This CL moves the rest of the Promise-related SFIs.
Bug: v8:10482
Change-Id: I7eb926be14bf44fb3cd01cb96b4769eff1c2911b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190752
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67732}
As discussed under https://crrev.com/c/1981505,
Test requires an executable CODE_SPACE and is thus incompatible with
jitless mode.
Change-Id: Icddad50a3484f0cfc5fb4abd7175058d50bc06d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2193911
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67726}
Same implementation as the one for x64 in https://crrev.com/c/2186630.
Bug: v8:10501
Change-Id: If2b6c0fdc649afba3449d9579452cf7047a55a54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2188556
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67721}
This reverts commit 902f48bdda.
Reason for revert: Made TSAN unhappy: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/9480
Original change's description:
> [wasm][debug] Fix tier down for multiple isolates
>
> If multiple isolates are using the same module, we need to keep it
> tiered down as long as any isolate still has a debugger open.
> Also, we cannot short-cut the {NativeModule::TierDown} method, since the
> previously triggered tier down might not have finished yet.
> For now, each isolate starts an independent tier down (i.e. a full
> recompilation). We could optimize this later by skipping functions that
> are already tiered down, or are already scheduled for tier down, but we
> still need to wait for tier-down to finish on each isolate.
>
> R=thibaudm@chromium.org
>
> Bug: v8:10359
> Change-Id: I7ea6a6f5d3977e48718ac5bc94f9831541f6173f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190758
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67716}
TBR=clemensb@chromium.org,thibaudm@chromium.org
Change-Id: Ibf650e8b6143471b44f2822c1737e7de5f8bdb20
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2194372
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67720}
This CL is pretty mechanical; I just iterated through some Torque
classes making the following changes:
- Use @generateCppClass if it seems easy to
- Use @generatePrint if the existing printer doesn't do anything special
- Fix up any imprecise field types
It also includes two minor changes to implementation-visitor:
- Add a new -inl.h file with the things needed for
torque-generated/class-definitions-tq.cc so we don't need to keep
changing the compiler when we add @generateCppClass.
- Avoid emitting incorrect accessors for ExternalPointers. This isn't
strictly necessary for correctness, as the accessors defined in C++
already hide the ones inherited from generated code, but it makes me
feel safer.
Change-Id: I4d5a8ba6f86ebff57a0d147619212a3993b087c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2185824
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#67719}
... when the element is read-only in one of the prototypes:
* the length should not be updated,
* in strict mode the store operation should throw TypeError.
Bug: chromium:1055138
Change-Id: I7fc08e22c83f8a9848053cfe20851dc1b82f0e3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172090
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67717}
If multiple isolates are using the same module, we need to keep it
tiered down as long as any isolate still has a debugger open.
Also, we cannot short-cut the {NativeModule::TierDown} method, since the
previously triggered tier down might not have finished yet.
For now, each isolate starts an independent tier down (i.e. a full
recompilation). We could optimize this later by skipping functions that
are already tiered down, or are already scheduled for tier down, but we
still need to wait for tier-down to finish on each isolate.
R=thibaudm@chromium.org
Bug: v8:10359
Change-Id: I7ea6a6f5d3977e48718ac5bc94f9831541f6173f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190758
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67716}
With bounds checks, null checks, and a test case.
Bug: v8:7748
Change-Id: I9e7d68ecd883bd0279f22d11c1dc73cc8716a4cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2192659
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67714}
Scripts aren't callable functions. Even though internally they were for a
while, they aren't anymore. We shouldn't return them to users as if they were.
We already remove strict-mode functions from CallSites, so we now do the same
for internal functions that are created for scripts.
Bug: v8:10508
Change-Id: I270c714524439fba9ad90dd29826bed4811ba2b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2193716
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67709}
Passing an isolate to {RecompileNativeModule} feels wrong, since
compilation and the generated code are totally isolate-independent. In
fact, the isolate is only used for updating counters.
Instead of passing the counters instead, this CL just refactors the code
to support a nullptr for the counters everywhere (some code paths
already supported that). The few recompilation would not make a
significant difference in the histograms anyway, and even have the risk
of skewing the data.
Drive-by 1: Rename {TierUp} to {StartTierUp} and update comments.
Drive-by 2: Remove non-actionable TODO.
R=thibaudm@chromium.org
Bug: v8:10359
Change-Id: Ic027f939bbc55398b90784922130fe1fe5573b0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187638
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67708}
Implement the instruction ref.as_non_null, as per the wasm gc extension.
Changes:
- Add the respective wasm opcode, move some asmjs opcodes around.
- Add a new type of wasm trap, IllegalCast.
- Modify wasm decoding and compilation pipeline.
- Add a minimal test.
- In wasm-compiler, generalize Unreachable to Trap.
- Optimize struct.get and struct.set for non-null types.
Bug: v8:7748
Change-Id: If2f794306c7cbfabc06e4f64988132346085d6dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187616
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67705}
In the existing code we used a register of the UseScratchRegisterScope
for the destination address. However, this register is needed for the
ParallelRegisterMove as well. With this CL we use fixed registers for
the destination address and the offset as well. The CL also changes the
implementation of CalculateActualAddress to allow to set an explicit
register for the result.
R=clemensb@chromium.org
Bug: v8:10108, chromium:1079449
Change-Id: I39c11b9ffa5f3e937ce4820b9991482ad711b4b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2192652
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67702}
This reverts commit 7f29c48ef6.
Reason for revert: Causing TSAN failures on test bots.
Original change's description:
> [heap] Remove sweeping state in incremental marking
>
> Remove the SWEEPING state from incremental marking. Sweeping is now
> always completed when starting incremental marking. Before this change
> there needed to be a safepoint each for starting marking and completing
> sweeping. Now both happens within a single safepoint.
>
> Bug: v8:10315
> Change-Id: Iad2835554865f2de24376372affe9a98992d1fa0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190419
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67678}
TBR=ulan@chromium.org,dinfuehr@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:10315
Change-Id: I5e76990155cf7aeee3ecefe5e37f9028cb188a00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2192658
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67699}
Also, rename the WASM_COMPILED frame type to just WASM.
R=jkummerow@chromium.org
Bug: v8:10389
Change-Id: I71f16f41a69f8b0295ba34bd7d7fad71729546f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187613
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67698}
This reverts commit 8374feed55.
Reason for revert: Breaking mjsunit/global-hash under the stress_snapshot variant, e.g.
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20debug%20-%20fyi/12560
Original change's description:
> [snapshot] rehash JSMap and JSSet during deserialization
>
> To rehash JSMap and JSSet, we simply replace the backing store
> with a new one created with the new hash.
>
> Bug: v8:9187
> Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67663}
TBR=cbruni@chromium.org,jgruber@chromium.org,verwaest@chromium.org,joyee@igalia.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9187
Change-Id: I4a89768c031cd3971eefd9f88528ddd52e1284c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2192657
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67696}
This CL adds use counters, as well as the callbacks needed to
register usage during the SIMD origin trial.
Change-Id: I35b7f48277b519b72136f86cf03508adbaa069b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2189334
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67690}
All wasm code is compiled now. Hence merge the
{WasmCompiledFrameSummary} into {WasmFrameSummary} and remove the
dispatch. Also, rename {IsWasmCompiled} to {IsWasm} and {AsWasmCompiled}
to {AsWasm}.
R=jkummerow@chromium.org
Bug: v8:10389
Change-Id: I33e413c7d0fa622249563091925b29631472b40c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187170
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67689}
This patch implements f32x4.pmin, f32x4.pmax, f64x2.pmin, and f64x2.pmax
for x64 and interpreter.
Pseudo-min and Pseudo-max instructions were proposed in
https://github.com/WebAssembly/simd/pull/122. These instructions
exactly match std::min and std::max in C++ STL, and thus have different
semantics from the existing min and max.
The instruction-selector for x64 switches the operands around, because
it allows for defining the dst to be same as first (really the second
input node), allowing better codegen.
For example, b = f32x4.pmin(a, b) directly maps to vminps(b, b, a) or
minps(b, a), as long as we can define dst == b, and switching the
instruction operands around allows us to do that.
Bug: v8:10501
Change-Id: I06f983fc1764caf673e600ac91d9c0ac5166e17e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2186630
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67688}
The visitor was removing pages while at the same time iterating them on
NormalPagedSpace.
Removing all pages at once is safe and should also be faster.
Bug: chromium:1056170
Change-Id: I56eedf6f09498f126cb09238e01962b48e75b657
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190427
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67687}
This changes the existing implementation that creates an unresolved reference for those cases to look at exactly what scopes are relevant so it can correctly handle catch scopes and avoid re-resolving later.
Variable through with aren't marked as assigning since this information isn't relevant for the with itself; and if the with is passed through, there's no need to mark the outer variable as assigned since it's either initialized or it isn't.
The catch variable is assigned since it is relevant for the catch variable.
The CL uses LookupLocal which wouldn't work for deserialized scopes, but this isn't relevant because 1) eval scopes are declaration scopes, and 2) eval causes all outer variables to be maybe_assigned anyway.
Bug: chromium:1074737
Change-Id: I3febca479ddd1f3c62eae299190b06c0b4cd3746
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187272
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67683}
... via a comment in the API and a CHECK in
Isolate::RunHostInitializeImportMetaObjectCallback.
Also restructure things a little bit such that
this function really just runs the callback and
doesn't deal with module internals. Memoization
now happens in the SourceTextModule class.
Bug: v8:7044
Change-Id: I5b850ae629c3638c4b30dfdeaa996642a33d14dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190413
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67682}
Remove the SWEEPING state from incremental marking. Sweeping is now
always completed when starting incremental marking. Before this change
there needed to be a safepoint each for starting marking and completing
sweeping. Now both happens within a single safepoint.
Bug: v8:10315
Change-Id: Iad2835554865f2de24376372affe9a98992d1fa0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190419
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67678}
Background threads can now start incremental marking when necessary. In
contrast to the main thread they always need to schedule a job and can't
start incremental marking right away. Background threads also use a
simpler heuristic for deciding whether to start incremental marking.
Bug: v8:10315
Change-Id: I2b94e8273c8be860157fe9670797048ed1c5c3da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2184149
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67675}
This reverts commit 6204768bab.
Reason for revert: A number of Clusterfuzz reports (e.g. https://bugs.chromium.org/p/chromium/issues/detail?id=1079474)
Original change's description:
> [turbofan] Improve equality on NumberOrOddball
>
> This CL cleans up CompareOperationFeedback by replacing it with a
> composable set of flags. The interpreter is changed to collect
> more specific feedback for abstract equality, especially if oddballs
> are involved.
>
> TurboFan is changed to construct SpeculativeNumberEqual operator
> instead of the generic JSEqual in many more cases. This change has
> shown a local speedup of a factor of 3-10, because the specific
> operator is way faster than calling into the generic builtin, but
> it also enables additional optimizations, further improving
> runtime performance.
>
> Bug: v8:5660
> Change-Id: I856752caa707e9a4f742c6e7a9c75552fb431d28
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162854
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67645}
TBR=rmcilroy@chromium.org,neis@chromium.org,mythria@chromium.org,nicohartmann@chromium.org
Change-Id: I3410310ed2b1ff2eaee70c1b91c3151d35866108
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:5660
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190414
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67673}
along with WASM_ARRAY_TYPE, a WasmArray class, and a very basic
test.
Bug: v8:7748
Change-Id: I1ad4ff78e428972be52130cc179a91c76fcdbdc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2185136
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67671}
This patch provides infrastructure to pin object types to specific
spaces. This allows embedders to create mutual exclusive arenas for
certain (base) types. In future, this will also be used to provide
sliding-window compaction on certain custom spaces.
We mainly preserve the existing infrastructure with the difference
that spaces are now slightly more dynamic than in Blink as they are
kept in a vector instead of a fixed-size array.
The mechanism differs from Blink in that it does not allow the user
object to call allocation methods directly but instead provides a
trait that can be overridden to specify a custom space.
The patch preserves templatization for objects that do not go into
custom spaces to safe a branch in the allocation hot path.
Change-Id: I08aa6932348e2d6258e19c4a32d189865f459f02
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187611
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67666}
To rehash JSMap and JSSet, we simply replace the backing store
with a new one created with the new hash.
Bug: v8:9187
Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67663}
Implement conversion of an i8x16 node to a f32x4 node.
Bug: v8:10507
Change-Id: Ifefffb779dbf25b57eae278afe41c11b41c949ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2185472
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67659}
Move them all into wasm-macro-gen.h, other opcodes have their macros
there as well. This will make reusing these macros easier when we have
other test files for SIMD. (An upcoming one is for scalar lowering
tests.)
Change-Id: I6c21100ce490abbc26f80a0d204815687fd62f00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2185471
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67658}
The code generated by TurboFan was incorrect when comparing to
non-oddball undetectables using abstract equality. In particular,
%GetUndetectable() == %GetUndetectable() did not return false.
Bug: chromium:1051008
Change-Id: Ib62adc72a20aa6cca9ef6499d5fe7429f04623cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187498
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67647}
This CL cleans up CompareOperationFeedback by replacing it with a
composable set of flags. The interpreter is changed to collect
more specific feedback for abstract equality, especially if oddballs
are involved.
TurboFan is changed to construct SpeculativeNumberEqual operator
instead of the generic JSEqual in many more cases. This change has
shown a local speedup of a factor of 3-10, because the specific
operator is way faster than calling into the generic builtin, but
it also enables additional optimizations, further improving
runtime performance.
Bug: v8:5660
Change-Id: I856752caa707e9a4f742c6e7a9c75552fb431d28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162854
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67645}
This CL introduces:
- Worklist
- MarkingHandler to manage gc marking phase
- Integration into CollectGarbage for atomic pause GC
- MarkingVisitor for main thread marking
Still missing from this CL:
- Proper handling for stack scanning
- Handling of previously not fully constructed objects
Bug: chromium:1056170
Change-Id: I70ac8534dfb898777cf3a06e3119cac8072174fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170526
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67642}
Currently WebAssembly breakpoint information survive disabling and
re-enabling the debugger. This is different from JavaScript, where
they are all removed. The frontend is expected to re-set the
breakpoint then.
Thus this CL remembers all wasm scripts where breakpoints have been set
in the Debug object, and clears them all when the debugger gets
disabled.
R=bmeurer@chromium.org
Bug: v8:10403
Change-Id: I5f8a8f3123727c954921920897ee7bf3b73f0ae8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2184969
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67639}
After sorting the work array but before writing the values back into
the actual receiver, we have an accessor check. This accessor check
needs to be stricter, in order to catch Array prototype protector
cell invalidations.
R=jgruber@chromium.org
Bug: chromium:1077508
Change-Id: I3c3bd4711f9019f9d4423701724319eee9d800a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2187171
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67638}
Returned LABs can be of size less than sizeof(FreeListEntry).
Bug: chromium:1056170
Change-Id: Ib4094701472ce7cb5ee20b9fe632651570832dc9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2183051
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67635}
Destructors are allowed to allocate without triggering recursive
garbage collections.
This changes NoGCScope to provide a soft-bailout for garbage
collections to avoid introducing yet another scope.
Bug: chromium:1056170
Change-Id: I0fe51a21977ae954221b6b64b2f6e938ff6d3264
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2185131
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67632}
Adds a public method that embedders can use to trigger garbage
collections. Such garbage collections are always required to have a
source and reason specifying which components calls it why.
Change-Id: I6ae983f99227febc1b7f0dd15c191d5b1eaaf3f3
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2181332
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67631}
RunSingleMicrotask calls Runtime::ReportMessage, but the implementation
of ReportMessage would unconditionally discard these exceptions. This
CL removes all of the intermediate logic and directly calls
MessageHandler::ReportMessage, restoring the ability of
RunSingleMicrotask to report exceptions that occur in microtasks.
Bug: v8:8326
Change-Id: I493de74383b2ab191d786611fb9eba9d27e7a243
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162121
Commit-Queue: Gus Caplan <me@gus.host>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67630}
On the PredictablePlatform, worker tasks were executed immediately
instead of posting them in a task queue first. This approach caused
problems because the execution of the worker task blocked progress of
the posting task, and the worker task was always executed in the
context of the posting task, e.g. with an already open HandleScope.
With this CL, worker tasks get posted into the foreground task queue
of the nullptr isolate instead of executing them immediately.
The tasks of the nullptr isolate are then executed after a task of
some other task queue is executed. As the worker tasks are thereby
executed on the same thread as foreground tasks, the behavior is
deterministic.
A consequence of this approach is that each pumping the message loop
of an Isolate may also execute other Isolate's background tasks.
This approach is needed because we don't have a BackgroundTaskRunner but
merely a CallOnWorkerThread method that doesn't know which Isolate the
task corresponds to.
R=clemensb@chromium.org, mlippautz@chromium.org
Bug: v8:9670
Change-Id: I6847ae042146431bc2376d27280be8829f529b95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182453
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67616}
Motivation:
There were three versions of type decoding for wasm in the codebase.
Not all of them decoded gc types with immediates (reference types)
correctly.
Changes:
- Refactor the wasm binary decoder for unify type decoding.
- Update BranchTypeImmediate and SelectTypeImmediate to handle
reference types.
Reference: https://github.com/WebAssembly/gcR=jkummerow@chromium.org
Bug: v8:7748
Change-Id: I33b38c911d366570ca6ef2723ded5205698e1979
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179003
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67614}
When the input to a speculative BigInt operation was an undefined
constant, no necessary type check was inserted by the
RepresentationChanger. This CL fixes this.
Bug: chromium:1077804
Change-Id: I3d4e15b1e018803d56e46c7b23b9d4b03832ba8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182455
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67610}
Move rewriting, scope analysis, and internalization, to be unconditional
operations done after parsing rather than a separate compile phase. This
removes some of the complexity about rememberering when to call
Compiler::Analyze, and makes these paths a bit more uniform.
Also, forbid allocating any more AST strings after AstValueFactory
internalization, by nulling out the Zone. Add an InternalizePartial
method which doesn't null out the zone for those cases where we do want
to be able to allocate after internalizing (e.g. internalization before
scope analysis).
Change-Id: Id444246d8362a1d169baf664fc37657d9576fd96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182458
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67608}
Upon deserialization, serialized references to the global proxy are
replaced by the actual global proxy object. We must do the same for
the global proxy map.
Drive-by: Updated other outdated test skips.
Bug: v8:10504,v8:10416
Change-Id: Ib47ae2d08bbea2ca916f53152e9d4f75bb0a0e15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2183913
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67596}
Fully remove the successor blocks when effect-control-linearization
reaches an unreachable node and is maintaining the schedule. Previously
we just updated the current_block_'s successor and removed any
unreachable predecessors from end, however if the current_block_ is not
an original block in the schedule, but a new one added due to control
flow from effect control linearization lowering, the removed successor
blocks could still be re-connected to the end block when they were
lowered. Instead, entirely remove these unreachable blocks from the
predecessor / successor chains, and have the effect-control-linearizer
avoid lowering these blocks entirely.
BUG=chromium:1076569,v8:9684
Change-Id: I4b4216019d55aef5363d88255726b85df8e7ada5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179842
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67595}
This CL implements all variants of CompareExchange on arm.
Implementing 64-bit CompareExchange on arm requires a lot of registers,
with the additional constraint that the low-word register of new_value
and result have to have an even register code, and that the corresponding
high-word registers have a register code that is by one higher than the
register code of the low-word register.
This register allocation is achieved by assigning fixed registers to
all values.
R=clemensb@chromium.org, v8-arm-ports@googlegroups.com
Bug: v8:10108
Change-Id: I2edfde15e80db0d45621a461793018d88e997431
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172791
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67592}
The serializer currently cannot handle a heap state containing
arbitrary compiled Code objects. As a quick fix for the
--stress-snapshot d8 flag, we clear compiled data from the isolate
prior to the serialize-deserialize-verify pass.
With this change, mjsunit tests pass on x64.
The %SerializeDeserializeNow() runtime function would require more
work, since it is not possible to mutate the heap to this extent while
still preserving a runnable host context and isolate. We will need
another solution there.
Drive-by: Skip the stress_snapshot variant except for the mjsunit
suite.
Tbr: machenbach@chromium.org
Bug: v8:10493,v8:10416
Change-Id: Ie110da8b51613fcd69c7f391d3cf8589d6b04dd8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182429
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67585}
The isolate snapshot must not contain context-dependent objects, thus
root visitation must not reach context-dependent objects. This CL
sanitizes the isolate around serialization by clearing & later
restoring two lists: 1. feedback vectors for profiling tools, 2.
detached contexts.
Drive-by: Set an array buffer allocator for
SerializeDeserializeAndVerify.
Drive-by: Allow serialization of *another* native context when
serializing a native context.
Bug: v8:10416,v8:10493
Change-Id: I1c49bda364eccd6d44f9499a9926f4bcd31f665d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179008
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67584}
This ports sweeper logic from Blink into a separate entity - Sweeper.
Concurrent sweeping is in a followup.
Bug: chromium:1056170
Change-Id: I41196225f0d882cb0ab5190d23e297ee2498df6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167858
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67581}
Marja pointed out that the following code causes a Torque crash:
Convert<Smi>(MessageTemplate::kFoo)
This change is a small fix to not crash in that case.
Bug: v8:7793, v8:10475
Change-Id: I7856366856a4cd7facdb19686a2d4c92b0d04516
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182175
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#67580}
This reverts commit 0c9a0072db.
Reason for revert: Breaks tests on the blink bots, will block roll.
https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/4465
Original change's description:
> [compiler,api] Pass non-strings to the modifying callback when unconditional codegen is on.
>
> In the current state, when unconditional compilation is on, strings are evaluated and other objects are passed through unchanged. After this, non-strings are passed to the modifying callback which could unwrap and eval them. eval(string) is not affected.
>
> If a non-modifying callback is set, it still takes the precedence, and the non-string object is returned as it would be currently (line 1933).
>
> Change-Id: I835b976b3420635baba245c08f8563a9e5b3b246
> Bug: chromium:1024786
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917147
> Commit-Queue: Stefano Sanfilippo <ssanfilippo@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67570}
TBR=vogelheim@chromium.org,mvstanton@chromium.org,ssanfilippo@chromium.org,verwaest@chromium.org
Change-Id: I75637347e92e805361f954be3515f84ca55d756b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1024786
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182178
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67577}
This function is always called right after creating the DefaultPlatform,
hence merge it into the constructor.
R=mlippautz@chromium.org
Change-Id: I4afb14c83740224056157665db6b854c659da0c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182635
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67573}
Wasm modules generated by emscripten today have two ways to point to
debug symbol files, the source mapping url and external debug info
custom sections. To support both, this CL extends CDP to appropriately
report the symbol type and location.
Bug: chromium:1064248
Change-Id: I9076034f6d73901d8a9c5cfd7c2988fb30bb14c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2116208
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67571}
In the current state, when unconditional compilation is on, strings are evaluated and other objects are passed through unchanged. After this, non-strings are passed to the modifying callback which could unwrap and eval them. eval(string) is not affected.
If a non-modifying callback is set, it still takes the precedence, and the non-string object is returned as it would be currently (line 1933).
Change-Id: I835b976b3420635baba245c08f8563a9e5b3b246
Bug: chromium:1024786
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917147
Commit-Queue: Stefano Sanfilippo <ssanfilippo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67570}
