SharedFunctionInfos store their original function literal's id. This is
also their index in the Script's SFI list.
The function literal id is only needed for lazy compilation and live edit,
and access only has to be fast in the former. So, we can move the SFI
function literal id field to UncompiledData, and if patching with live
edit, or discarding compiled code, we can perform a slower linear search
through the Script's SFI list.
This is a reland of
1) https://chromium-review.googlesource.com/1082480 and
2) https://chromium-review.googlesource.com/1128854
the differences being:
1) caching the literal id on UncompiledData rather than always linearly
searching the SFI list, and removing the unused runtime-liveedit.cc
file instead of fixing it to support this change.
2) clearing padding on UncompiledData now that it has 3 int32 fields,
making its end unaligned on x64.
TBR=yangguo@chromium.org,marja@chromium.org,ulan@chromium.org,cbruni@chromium.org
Bug: chromium:818642
Change-Id: I58dcb12a2a60a680f662568da428e01189c62638
Reviewed-on: https://chromium-review.googlesource.com/1138325
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54473}
This reverts commit 1d4a1172f5.
Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/21989
Original change's description:
> [sfi] Remove SFI function literal id field
>
> SharedFunctionInfos store their original function literal's id. This is
> also their index in the Script's SFI list.
>
> The function literal id is only needed for lazy compilation and live edit,
> and access only has to be fast in the former. So, we can move the SFI
> function literal id field to UncompiledData, and if patching with live
> edit, or discarding compiled code, we can perform a slower linear search
> through the Script's SFI list.
>
> This is a reland of
> https://chromium-review.googlesource.com/c/v8/v8/+/1082480
> but caching the literal id on UncompiledData rather than always linearly
> searching the SFI list. Also, removes the unused runtime-liveedit.cc file
> instead of fixing it to support this change.
>
> Bug: chromium:818642
> Change-Id: I977bcca0dc72903ca476a7079d156cc8bbe88fde
> Reviewed-on: https://chromium-review.googlesource.com/1128854
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54464}
TBR=ulan@chromium.org,marja@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,cbruni@chromium.org,leszeks@chromium.org,verwaest@chromium.org
Change-Id: Icee5ee3ab7688b93e2963f91debed65a58164534
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1138276
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54466}
SharedFunctionInfos store their original function literal's id. This is
also their index in the Script's SFI list.
The function literal id is only needed for lazy compilation and live edit,
and access only has to be fast in the former. So, we can move the SFI
function literal id field to UncompiledData, and if patching with live
edit, or discarding compiled code, we can perform a slower linear search
through the Script's SFI list.
This is a reland of
https://chromium-review.googlesource.com/c/v8/v8/+/1082480
but caching the literal id on UncompiledData rather than always linearly
searching the SFI list. Also, removes the unused runtime-liveedit.cc file
instead of fixing it to support this change.
Bug: chromium:818642
Change-Id: I977bcca0dc72903ca476a7079d156cc8bbe88fde
Reviewed-on: https://chromium-review.googlesource.com/1128854
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54464}
With ReadOnlyRoots and GetIsolate on JSReceiver, we can remove almost
every isolate parameter from <Object>::Print. The remaining ones, like
Map, are special-caseable for read-only maps, and as a result we can
remove isolate parameters from <Object>::Print entirely.
This patch also opportunistically cleans up a few places where isolates
were only needed for Object::Print, such as TransitionAccessors and
DescriptorArrays.
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Bug: v8:7786
Change-Id: Id44bd53b9893e679eea5f37b9548257595a1bfd9
Reviewed-on: https://chromium-review.googlesource.com/1133385
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54401}
When live edit patches a script, it distinguishes between 'changed' and
'unchanged' functions, and unchanged functions have their position and
source script patched to the new script instead of being replaced by a
new SFI.
However, if a 'changed' function has an inner 'unchanged' function, it
also holds a pointer to the inner function in its bytecode constant
pool. This constant pool entry was not being updated for changed
functions (it was for unchanged), and therefore the outer changed
function would compile the redundant new function instead of the old,
patched, unchanged function.
This patch fixes this by patching 'changed' functions' bytecode constant
pools. This is done by swapping the script and script function list
position of the old new and old 'unchanged' function, rather than just
setting the script (and position) on the old one, and using the new
function (now pointing at the old script) to read off the old function
literal id. This could also be done by reading the function_literal_id
off the new function, but we are soon removing that field anyway.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib22078c06539c795b418d29a493d8224ecea182e
Reviewed-on: https://chromium-review.googlesource.com/1127941
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54321}
Add new types for function data for SharedFunctionInfo, for uncompiled
functions. UncompiledData holds start/end positions, allowing us to
remove these fields from SFI. Uncompiled functions with pre-parsed
scope data now hold an UncompiledDataWithScope that has a pointer to
PreParsedScopeData -- this allows us to also remove the start/end pos
from PreParsedScopeData.
Bug: chromium:818642
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I56f3c4e62cbf38929babac734a332709f12a8202
Reviewed-on: https://chromium-review.googlesource.com/1126381
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54319}
After liveedit removed - we do not need this context any more.
R=yangguo@chromium.orgTBR=clemensh@chromium.org
Bug: v8:5530
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idb43d016d51b8048f6cd2ca590fd7510abcacb49
Reviewed-on: https://chromium-review.googlesource.com/1106802
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54273}
Replace Is<oddball>(GetIsolate()) calls with a no-parameter version
that goes through ReadOnlyRoots, and add a version that takes a
ReadOnlyRoots if that is available in the parent (but Isolate isn't).
Also opportunistically clean up a few places where ReadOnlyRoots are
available but we still pass in an Isolate parameter.
TBR=yangguo@chromium.org
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icc0b8a7d8f9c6b84c0ec8fe771fcfb75c9dc5468
Reviewed-on: https://chromium-review.googlesource.com/1126302
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54245}
Changes SharedFunctionInfo to store a function_token_offset, relative
to the start_position, instead of the full function_token_position.
This enables us to reduce both FunctionTokenPosition and
ExpectedNofProperties to 16 bits each, saving 32 bits per SFI.
BUG=chromium:818642,chromium:783853
TBR=yangguo@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I45aefcec605c1da502053c23c73564ceaed6c9b5
Reviewed-on: https://chromium-review.googlesource.com/1122982
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54220}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I631fa1e44d2b9998a5567c96c6977955ac86d5a1
Reviewed-on: https://chromium-review.googlesource.com/1125931
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54215}
This is a reland of 3dfaf8264f
Original change's description:
> [debug] liveedit in native
>
> Liveedit step-by-step:
> 1. calculate diff between old source and new source,
> 2. map function literals from old source to new source,
> 3. create new script for new_source,
> 4. mark literals with changed code as changed, all others as unchanged,
> 5. check that for changed literals there are no:
> - running generators in the heap,
> - non droppable frames (e.g. running generator) above them on stack.
> 6. mark the bottom most frame with changed function as scheduled for
> restart if any.
> 7. for unchanged functions:
> - deoptimize,
> - remove from cache,
> - update source positions,
> - move to new script,
> - reset feedback information and preparsed scope information if any,
> - replace any sfi in constant pool with changed one if any.
> 8. for changed functions:
> - deoptimize
> - remove from cache,
> - reset feedback information,
> - update all links from js functions to old shared with new one.
> 9. swap scripts.
>
> TBR=ulan@chromium.org
>
> Bug: v8:7862,v8:5713
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
> Reviewed-on: https://chromium-review.googlesource.com/1105493
> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54146}
TBR=dgozman@chromium.org
Bug: v8:7862, v8:5713
Change-Id: I163ed2fd2ca3115ba0de74cb35a6fac9e40fdd94
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1124879
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54187}
This CL is a manual revert of the Array.p.sort Torque QuickSort
implementation.
The plan is to ship TimSort in either Chromium 69 or 70 and not ship
Torque-QuickSort at all (to keep disruption to a minimum). For this
reason we revert back to the implementation in array.js.
R=jgruber@chromium.org
Bug: chromium:859809, v8:7382
Change-Id: I92eb70408883f51d98311e78642f554316bc1e76
Reviewed-on: https://chromium-review.googlesource.com/1124334
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54166}
This reverts commit 3dfaf8264f.
Reason for revert: Failures - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20gcc%204.8/20394
Original change's description:
> [debug] liveedit in native
>
> Liveedit step-by-step:
> 1. calculate diff between old source and new source,
> 2. map function literals from old source to new source,
> 3. create new script for new_source,
> 4. mark literals with changed code as changed, all others as unchanged,
> 5. check that for changed literals there are no:
> - running generators in the heap,
> - non droppable frames (e.g. running generator) above them on stack.
> 6. mark the bottom most frame with changed function as scheduled for
> restart if any.
> 7. for unchanged functions:
> - deoptimize,
> - remove from cache,
> - update source positions,
> - move to new script,
> - reset feedback information and preparsed scope information if any,
> - replace any sfi in constant pool with changed one if any.
> 8. for changed functions:
> - deoptimize
> - remove from cache,
> - reset feedback information,
> - update all links from js functions to old shared with new one.
> 9. swap scripts.
>
> TBR=ulan@chromium.org
>
> Bug: v8:7862,v8:5713
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
> Reviewed-on: https://chromium-review.googlesource.com/1105493
> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54146}
TBR=dgozman@chromium.org,ulan@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org
Change-Id: I45df5b6f3abaf29e593c6ac11edefbd0177d0109
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7862, v8:5713
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1124159
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54151}
Liveedit step-by-step:
1. calculate diff between old source and new source,
2. map function literals from old source to new source,
3. create new script for new_source,
4. mark literals with changed code as changed, all others as unchanged,
5. check that for changed literals there are no:
- running generators in the heap,
- non droppable frames (e.g. running generator) above them on stack.
6. mark the bottom most frame with changed function as scheduled for
restart if any.
7. for unchanged functions:
- deoptimize,
- remove from cache,
- update source positions,
- move to new script,
- reset feedback information and preparsed scope information if any,
- replace any sfi in constant pool with changed one if any.
8. for changed functions:
- deoptimize
- remove from cache,
- reset feedback information,
- update all links from js functions to old shared with new one.
9. swap scripts.
TBR=ulan@chromium.org
Bug: v8:7862,v8:5713
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
Reviewed-on: https://chromium-review.googlesource.com/1105493
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54146}
Adds the builtin Trace and IsTraceCategoryEnabled functions
exposed via extra bindings. These are intended to use by
embedders to allow basic trace event support from JavaScript.
```js
isTraceCategoryEnabled('v8.some-category')
trace('e'.charCodeAt(0), 'v8.some-category',
'Foo', 0, { abc: 'xyz'})
```
Bug: v8:7851
Change-Id: I7bfb9bb059efdf87d92a56a0aae326650730c250
Reviewed-on: https://chromium-review.googlesource.com/1103294
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54121}
Merges DebugInfo field into the function_identifier field, storing the function
identifier in the DebugInfo. Also moves some debugging_hints bits to the SFI flags,
and others to the DebugInfo. Finally, changes the logic to store debugger patched
bytecode array on the SFI instead of the DebugInfo, simplifying the logic in the
InterpreterEntryTrampoline.
BUG=chromium:818642,chromium:783853
TBR=hpayer@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: If440080c0f08fac4fb96f5e18dcc0eb9b86d4821
Reviewed-on: https://chromium-review.googlesource.com/1115819
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54081}
All Object::Print functions now take an Isolate* parameter. Various
XX::XXPrint functions now take an Isolate if it's needed rather than
calling GetIsolate(). Such method use DECL_PRINTER_WITH_ISOLATE rather
than DECL_PRINTER.
The _v8_internal_Print_ function (intended for use in gdb) now uses
Isolate::Current() to get hold of an Isolate.
Reduces the GetIsolate and GetHeap count by 9 and 5 respectively.
Also removes unneeded gdb/lldb macros (along with their support
functions), jfv, jfm, jda and jta, since job does the same thing.
Bug: v8:7786
Change-Id: Ib93ebca6ca47c4db9c85cc6d9ff8004da5942dec
Reviewed-on: https://chromium-review.googlesource.com/1112001
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54029}
Remove the one-argument Handle constructor and "handle" factory method,
replacing them with Isolates where available and GetIsolate() methods
otherwise.
TBR=verwaest@chromium.org
Bug: v8:7786
Change-Id: I8ee92ef727c05382c984a3e4c290198d0b312619
Reviewed-on: https://chromium-review.googlesource.com/1113542
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54025}
Change the ScriptIterator to:
a) construct its script list handle using the given isolate, and
b) take the Script (which it doesn't store) by pointer instead of
by Handle, to avoid callers needing to allocate a handle.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I72c1ee13f1b72fe962f4b1bccba69ae4e97088a7
Reviewed-on: https://chromium-review.googlesource.com/1113316
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54018}
Migrate the Object.getOwnPropertyNames to the CodeStubAssembler and use the enum cache backing store when
1) the enum cache is avaible
2) the {object} has no elements
3) all own properties are enumerable
This makes a speedup of 10x when using Object.getOwnPropertyNames with fast-path. It improves Speedometer2.0 Inferno case by ~9% on ATOM platform.
Change-Id: I05e1df0e7d9d53d97664c322248cedb106a7b1d0
Reviewed-on: https://chromium-review.googlesource.com/1004434
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/master@{#53992}
It looks like we do not need live_edit flag.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: v8:7862
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2b635f7d24138894b7a0f94fc90293d50e40f22c
Reviewed-on: https://chromium-review.googlesource.com/1108386
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53980}
Pass Isolate directly into CallHandlerInfo methods so that calls to
GetHeap can be removed.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: If28fbbd65530b01b69786c3e743754cff3b1ba3a
Reviewed-on: https://chromium-review.googlesource.com/1107926
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53945}
After this CL all liveedit tests call the same LiveEdit::PatchScript
method. This method will be updated later.
As well some new liveedit cctests added, unfortunately part of them
do not work with current implementation.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: v8:7862
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I3521af12b0f95b39d13aaafb1d1cf60f3f642a97
Reviewed-on: https://chromium-review.googlesource.com/1108382
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53936}
If the isolate is available via another object (including JSReceivers
and Contexts), grab it through that rather than HeapObject::GetIsolate.
As a drive-by, fix up places where this looked like it would work but
didn't because of null or uninitialized objects.
Bug: v8:7786
Change-Id: I3454840073d1455b3738e0ac34ccaa3c9a220896
Reviewed-on: https://chromium-review.googlesource.com/1104170
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53876}
This removes several GetIsolate calls from Map:: methods and instead
passes the Isolate in. This is a very noisy change but mostly it is just
adding Isolate to method declarations and forwarding it on.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I159505e50a9462d01066f14da0fcc29762bd5531
Reviewed-on: https://chromium-review.googlesource.com/1075267
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53826}
This is a step towards avoiding materializing function_ altogether if we deoptimize. Typically we only need the SharedFunctionInfo.
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Idee78f02d1afe3d2cb70e93a6d96a5a33907f892
Reviewed-on: https://chromium-review.googlesource.com/1100474
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53789}
This CL moves the remaining runtime DataView getters to Torque,
namely DataViewGetBigInt64/BigUint64, and removes the associated
runtime code that is now unneeded.
All of the DataView getters are now implemented in Torque, which brings
a nice performance improvement over the former C++ builtin code.
Change-Id: I35cf2eabce3c79cc0d3200e7f24dbe0c3e5c2804
Reviewed-on: https://chromium-review.googlesource.com/1092736
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53765}
This reverts commit 9e27d4735f.
Reason for revert: Layout Test failures: https://ci.chromium.org/buildbot/client.v8.fyi/V8-Blink%20Linux%2064/24123
Original change's description:
> [debugger] Rewrite the ScopeIterator/DebugEvaluate to use Scope rather than ScopeInfo for inner scopes.
>
> This CL also bottlenecks all current scope handling in the ScopeIterator, and cleans up frame handling in debug-frames and the deoptimizer.
>
> Change-Id: I061922a356ce17794262f8d77d5d7c824558fc50
> Reviewed-on: https://chromium-review.googlesource.com/1095094
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53741}
TBR=yangguo@chromium.org,jarin@chromium.org,neis@chromium.org,jgruber@chromium.org,verwaest@chromium.org
Change-Id: I892856056258e3c68b36409b8b2d69e7686fc385
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/1102377
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53756}
This is a reland of 9e27d4735f
Original change's description:
> [debugger] Rewrite the ScopeIterator/DebugEvaluate to use Scope rather than ScopeInfo for inner scopes.
>
> This CL also bottlenecks all current scope handling in the ScopeIterator, and cleans up frame handling in debug-frames and the deoptimizer.
>
> Change-Id: I061922a356ce17794262f8d77d5d7c824558fc50
> Reviewed-on: https://chromium-review.googlesource.com/1095094
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53741}
Change-Id: I05262fef66d852876b9bb2869339053629c9b51d
Reviewed-on: https://chromium-review.googlesource.com/1102297
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53751}
This reverts commit 9e27d4735f.
Reason for revert: Fails MSan (use of uninitialized value): https://ci.chromium.org/buildbot/client.v8/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/21562
Original change's description:
> [debugger] Rewrite the ScopeIterator/DebugEvaluate to use Scope rather than ScopeInfo for inner scopes.
>
> This CL also bottlenecks all current scope handling in the ScopeIterator, and cleans up frame handling in debug-frames and the deoptimizer.
>
> Change-Id: I061922a356ce17794262f8d77d5d7c824558fc50
> Reviewed-on: https://chromium-review.googlesource.com/1095094
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53741}
TBR=yangguo@chromium.org,jarin@chromium.org,neis@chromium.org,jgruber@chromium.org,verwaest@chromium.org
Change-Id: Ief87c1e79fa2ec40f52fd747ec4ebbacf0da798b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/1101377
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53743}
This CL also bottlenecks all current scope handling in the ScopeIterator, and cleans up frame handling in debug-frames and the deoptimizer.
Change-Id: I061922a356ce17794262f8d77d5d7c824558fc50
Reviewed-on: https://chromium-review.googlesource.com/1095094
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53741}
This is a reland of 0909dbe3d6.
Added missing V8_EXPORT_PRIVATE to AndroidLogStream.
TBR=mstarzinger@chromium.org
Original change's description:
> Introduce StdoutStream which prints to Android log or stdout
>
> The often used construct {OFStream(stdout)} does not work on Android.
> This CL introduces an {StdoutStream} which behaves exactly like
> {OFStream(stdout)} on non-android platforms, and redirects to the
> Android log on appropriate systems and configurations.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:7820
> Change-Id: Ia682fdf6d064e37c605c19b032f5a10b96ac825b
> Reviewed-on: https://chromium-review.googlesource.com/1088911
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53692}
Bug: v8:7820
Change-Id: I8164bad78a401dbe4246c9ffcacd050fe511ed58
Reviewed-on: https://chromium-review.googlesource.com/1100636
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53733}
This reverts commit 0909dbe3d6.
Reason for revert: Blocks roll:
https://chromium-review.googlesource.com/c/chromium/src/+/1099143
Original change's description:
> Introduce StdoutStream which prints to Android log or stdout
>
> The often used construct {OFStream(stdout)} does not work on Android.
> This CL introduces an {StdoutStream} which behaves exactly like
> {OFStream(stdout)} on non-android platforms, and redirects to the
> Android log on appropriate systems and configurations.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:7820
> Change-Id: Ia682fdf6d064e37c605c19b032f5a10b96ac825b
> Reviewed-on: https://chromium-review.googlesource.com/1088911
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53692}
TBR=mstarzinger@chromium.org,jarin@chromium.org,jgruber@chromium.org,clemensh@chromium.org,bmeurer@chromium.org
Change-Id: Iadadd9a0df10dca0fad647138a83db50148e864d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7820
Reviewed-on: https://chromium-review.googlesource.com/1100635
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53725}
The often used construct {OFStream(stdout)} does not work on Android.
This CL introduces an {StdoutStream} which behaves exactly like
{OFStream(stdout)} on non-android platforms, and redirects to the
Android log on appropriate systems and configurations.
R=mstarzinger@chromium.org
Bug: v8:7820
Change-Id: Ia682fdf6d064e37c605c19b032f5a10b96ac825b
Reviewed-on: https://chromium-review.googlesource.com/1088911
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53692}
Whenever an Isolate is available on a variable, field, or method
parameter, use that instead of GetIsolate(). Also convert simple
cases of the one-argument handle constructor to either use an
available Isolate, or use GetIsolate() if their first parameter
is a variable.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I52805905a9ca8729615ead78859f43d5e8f605f1
Reviewed-on: https://chromium-review.googlesource.com/1092853
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53629}
This CL moves the DataViewGetFloat32 and DataViewGetFloat64
getters from runtime to Torque.
Change-Id: Ic85ec7bcb4e48f679c24e28121b7c543454e7cde
Reviewed-on: https://chromium-review.googlesource.com/1088919
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Théotime Grohens <theotime@google.com>
Cr-Commit-Position: refs/heads/master@{#53606}
This reverts commit ceb9c8127f.
Reason for revert: Tanks compile time
Original change's description:
> [sfi] Remove SFI function literal id field
>
> SharedFunctionInfos store their original function literal's id. This is
> also their index in the Script's SFI list.
>
> Since the function literal id is only needed for lazy compilation and live
> edit, we can calculate it on-the-fly by linear search in the Script SFI list,
> and save a field on the SFI.
>
> If this regresses compile performance, we could alternatively store the
> function literal id on the preparsed scope data as future work.
>
> Bug: chromium:818642
> Change-Id: I5468cea0e115921f1c864d94e567d749a4349882
> Reviewed-on: https://chromium-review.googlesource.com/1082480
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53523}
TBR=hpayer@chromium.org,leszeks@chromium.org,verwaest@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:818642
Bug: chromium:850417
Change-Id: If2fd21331b7062532c04004a51e705f7e9d0a151
Reviewed-on: https://chromium-review.googlesource.com/1090494
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53573}
This CL fully implements the DataView getters for the Uint8, Int8,
Uint16, Int16, Uint32 and Int32 types in Torque, and removes
the runtime implementation that is not needed anymore.
There should be a light but visible performance increase compared to
the former runtime implementation.
Change-Id: I7d85097fd5953b9629f3ac6bed93b068889712b2
Reviewed-on: https://chromium-review.googlesource.com/1078349
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53553}
DevTools may process another protocol message during API interrupt this
API may lead to createInjectedScript reentrance and will fail.
Let's postpone interrupts.
Bug: chromium:846099
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ia06e034a6287087e4674559d8911d2f4a0b1b459
Reviewed-on: https://chromium-review.googlesource.com/1086372
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53531}
Currently we enable instrumentation if debugger is active. With this
approach we can not:
- capture async stack when debugger is disabled,
- avoid async instrumentation overhead when debugger is enabled and
async stacks are disabled.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: none
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I19400c4c4e12b6c9b5a980fb6bd3293bac6e6a64
Reviewed-on: https://chromium-review.googlesource.com/1081494
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53530}
SharedFunctionInfos store their original function literal's id. This is
also their index in the Script's SFI list.
Since the function literal id is only needed for lazy compilation and live
edit, we can calculate it on-the-fly by linear search in the Script SFI list,
and save a field on the SFI.
If this regresses compile performance, we could alternatively store the
function literal id on the preparsed scope data as future work.
Bug: chromium:818642
Change-Id: I5468cea0e115921f1c864d94e567d749a4349882
Reviewed-on: https://chromium-review.googlesource.com/1082480
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53523}
Removes most[1] explicit calls to GetIsolate() in parsing/ by passing
it through calling function functions and implicit calls via the single
argument Handle constructor and handle function.
[1] One remains in preparsed-scope-data.cc:
data_->GetIsolate()->PushStackTraceAndDie()
Bug: v8:7786
Change-Id: I4c445995a73c19bdf4649b65487b7443d56ddd2a
Reviewed-on: https://chromium-review.googlesource.com/1085057
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53513}
This is a reland of df1676e616
Original change's description:
> [array] Implement Array.p.sort in Torque
>
> This CL implements a generic baseline version and 3 fastpaths, for
> various elements kinds, of Array.p.sort in Torque. Details can be found
> in the Design Doc: https://goo.gl/Ge321G.
>
> Performance impact on micro benchmarks depends on the element kind
> and whether the user provides a comparison function.
> For HoleySmi/HoleyElement we have a speedup between 1.5-1.8 across
> the board. For Dictionary we are slower in all micro benchmarks (0.7).
> For PackedSmi it depends on the call site and whether or not a
> comparison function is used.
>
> Detailed numbers: https://goo.gl/mTyPSb
>
> Bug: v8:7382
> Change-Id: I50acabd2032af0bc01d36b0de0f555d66be56a7e
> Reviewed-on: https://chromium-review.googlesource.com/1061523
> Commit-Queue: Simon Zünd <szuend@google.com>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53481}
Bug: v8:7382,v8:7806,chromium:849293
Change-Id: I176cb660d92eb174bd91685cb0a39f50c4cbaa69
Reviewed-on: https://chromium-review.googlesource.com/1086827
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#53511}
This reverts commit df1676e616.
Reason for revert: https://crbug.com/v8/7382#c26
Original change's description:
> [array] Implement Array.p.sort in Torque
>
> This CL implements a generic baseline version and 3 fastpaths, for
> various elements kinds, of Array.p.sort in Torque. Details can be found
> in the Design Doc: https://goo.gl/Ge321G.
>
> Performance impact on micro benchmarks depends on the element kind
> and whether the user provides a comparison function.
> For HoleySmi/HoleyElement we have a speedup between 1.5-1.8 across
> the board. For Dictionary we are slower in all micro benchmarks (0.7).
> For PackedSmi it depends on the call site and whether or not a
> comparison function is used.
>
> Detailed numbers: https://goo.gl/mTyPSb
>
> Bug: v8:7382
> Change-Id: I50acabd2032af0bc01d36b0de0f555d66be56a7e
> Reviewed-on: https://chromium-review.googlesource.com/1061523
> Commit-Queue: Simon Zünd <szuend@google.com>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53481}
TBR=cbruni@chromium.org,jgruber@chromium.org,szuend@google.com
Change-Id: I4c1b32a434d49caba67c80bccb068390607f90a2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7382
Reviewed-on: https://chromium-review.googlesource.com/1085407
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53494}
This CL implements a generic baseline version and 3 fastpaths, for
various elements kinds, of Array.p.sort in Torque. Details can be found
in the Design Doc: https://goo.gl/Ge321G.
Performance impact on micro benchmarks depends on the element kind
and whether the user provides a comparison function.
For HoleySmi/HoleyElement we have a speedup between 1.5-1.8 across
the board. For Dictionary we are slower in all micro benchmarks (0.7).
For PackedSmi it depends on the call site and whether or not a
comparison function is used.
Detailed numbers: https://goo.gl/mTyPSb
Bug: v8:7382
Change-Id: I50acabd2032af0bc01d36b0de0f555d66be56a7e
Reviewed-on: https://chromium-review.googlesource.com/1061523
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53481}
Port 53d4dfc377
Original Commit Message:
Compress the parameter count (and function length) stored in
SharedFunctionInfo to a uint16_t. This limits us to 2^16 - 1 parameters
per function, minus one for the "don't adapt arguments" sentinel value,
which is one fewer than Code::kMaxArguments was already. Anyway, 65534
arguments should be enough for anyone!
This drops SFI size by 4 bytes.
R=leszeks@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I23db04fd41ad577949cd8d45bab82c77019d9350
Reviewed-on: https://chromium-review.googlesource.com/1081450
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53464}
This is another step to remove a huge amount of legacy code from v8.
R=dgozman@chromium.org
Bug: v8:5530
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I634bda41c53a49dc4912291eb52f02847f56f4f3
Reviewed-on: https://chromium-review.googlesource.com/1080398
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53459}
Compress the parameter count (and function length) stored in
SharedFunctionInfo to a uint16_t. This limits us to 2^16 - 1 parameters
per function, minus one for the "don't adapt arguments" sentinel value,
which is one fewer than Code::kMaxArguments was already. Anyway, 65534
arguments should be enough for anyone!
This drops SFI size by 4 bytes.
Bug: chromium:818642
Change-Id: I126bfb24453dcdc5087a104d3a12cf195a56fa9f
Reviewed-on: https://chromium-review.googlesource.com/1076627
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53447}
New intstrumentation consists of:
- kAsyncFunctionSuspended when async function is suspended on await
(called on each await),
- kAsyncFunctionFinished when async function is finished.
Old instrumentation was based on reusing async function promise.
Using this promise produces couple side effects:
- for any promise instrumentation we first need to check if it is
special case for async function promise or not - it requires
expensive reading from promise object.
- we capture stack for async functions even if it does not contain
awaits.
- we do not properly cancel async task created for async function.
New intsrumntation resolved all these problems as well as provide
clear mapping between async task and generator which we can use later
to fetch scope information for async functions on pause.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ifdcec947d91e6e3d4d5f9029bc080a19b8e23d41
Reviewed-on: https://chromium-review.googlesource.com/1043096
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53445}
With this CL we use interrupt for pause in two cases:
- when we process Debugger.pause on interruption,
- when we would like to break as soon as possible after OOM.
In all other cases, e.g. for async step into we use break
on function call by calling StepIn debugger action.
In mentioned cases we should not actually use interrupt as well:
- Debugger.pause in this case scheduled using interrupt and we
may just break right now without requesting another interrupt,
unfortunately blink side is not ready,
- we should use more reliable way to break right after near OOM
callback, otherwise we can get this callback, increase limit,
request break on next interrupt, before interrupt get another
huge memory allocation and crash.
There are couple advantages:
- we get much better break locations for async stepping
(see inspector tests expectations),
- we can remove DEBUG_BREAK interruption
(it should speedup blackboxing with async tasks, see
removed todo in debug.cc for details)
- it is required preparation step for async step out,
(see https://chromium-review.googlesource.com/c/v8/v8/+/1054618)
Bug: v8:7753
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iabd7627dbffa9a0eab1736064caf589d02591926
Reviewed-on: https://chromium-review.googlesource.com/1054155
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53439}
Its contents are now inlined into the one remaining call site.
Bug: v8:6666
Change-Id: Icfcf89013506fec880ffd84eaa88b91e818e28c0
Reviewed-on: https://chromium-review.googlesource.com/1073311
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53363}
Removes use of HeapObject::GetIsolate() from Object::BooleanValue in
preparation for removing the method.
Requires adding Isolate parameter to CommonOperatorReducer constructor.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: If735e71df3288bf1eb11576605c2d95a19472181
Reviewed-on: https://chromium-review.googlesource.com/1071653
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53361}
Moving them away was a mistake. Fixing this enables getting rid of a bunch of
includes.
BUG=v8:5402
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I5482eab4281c7450350f058fe0a04a6f375ea082
Reviewed-on: https://chromium-review.googlesource.com/1070188
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53328}
Currently, we context allocate all parameters for generators.
With this CL, we keep arguments on stack (unless they escape to inner
closure) and copy them between the stack and the generator's register
file on suspend/resume. This will save context allocation in most cases.
Note: There is an asymmetry between suspend and resume.
- Suspend copies arguments and registers to the generator.
- Resume copies only the registers from the generator, the arguments
are copied by the ResumeGenerator trampoline.
Bug: v8:5164
Change-Id: I6333898c60abf461b1ab1b5c6d3dc7188fa95649
Reviewed-on: https://chromium-review.googlesource.com/1063712
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53327}
Instead use the canonical empty fixed array. Some code assumes
that this is the only fixed array of length 0.
Bug: chromium:843062
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: If780acf50147c061a81f2ff2b31779fbd1c78559
Reviewed-on: https://chromium-review.googlesource.com/1064052
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53320}
This CL adds a baseline Torque implementation of the DataView getters
and setters.
Right now, the Torque code just calls the C++ implementation, which
has moved to runtime.
Change-Id: Ic96fde7ea908c628af9586e84511037c237c4d3b
Reviewed-on: https://chromium-review.googlesource.com/1061520
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Théotime Grohens <theotime@google.com>
Cr-Commit-Position: refs/heads/master@{#53312}
Turn `debug::EntriesPreview` into a public API.
This is a straightforward approach to addressing
https://github.com/nodejs/node/issues/20409
(not relying on functionality behind `--allow-natives-syntax`)
in Node.js.
Refs: https://github.com/nodejs/node/issues/20409
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I7021e5846012a55a82c488408ded6591f6b139e7
Reviewed-on: https://chromium-review.googlesource.com/1057467
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53226}
This CL consolidates CopyFromPrototype and RemoveArrayHoles into a
single runtime function. It also creates two small helper functions
that are needed in both pre-processing steps.
Additionally it removes the return value from CopyFromPrototype since
it is no longer needed (it was previously used by a sort post-
processing step that no longer exists).
Bug: v8:7382
Change-Id: I7f9b00c1bc639d2118fdecef9c3b45c2cf010310
Reviewed-on: https://chromium-review.googlesource.com/1051887
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53199}
This CL re-implements CopyFromPrototype, that is used during sorting,
as a runtime function, in preparation to move Array.p.sort to CSA.
CopyFromPrototype is called for sparse non-arrays, where elements
might be available on the prototype chain. For compatibility with
JSC, we copy them to the object itself and sort only own properties.
Bug: v8:7382
Change-Id: I4f5c14995cf9769c4f9f1d62b3a5bfde6d386556
Reviewed-on: https://chromium-review.googlesource.com/1044205
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53061}
Creating a new instance from a v8::Function will invoke its
constructor. If it is an API callback that has not been marked as
kHasNoSideEffect, this CL introduces a way to invoke it without
throwing.
Calls within the constructor are still checked for side effects.
Bug: chromium:829571
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ia4e410d487e2847bc511cb96f0be30a3563991f6
Reviewed-on: https://chromium-review.googlesource.com/1034116
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53003}
This makes {Script} objects created for WebAssembly no longer reference
a concrete instance object, but a module object instead. All uses of the
field in question only require module-wide information and the script is
meant to represent the set of all instances, not just one concrete
instance.
R=clemensh@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I751d4b75c8a970cffcb1a37b6c22ff69e9ee5489
Reviewed-on: https://chromium-review.googlesource.com/1043871
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53002}
Instead rely on the scope info containing the name as well.
Change-Id: Ie1f96ea023a793b11209510566f6831b1dfd40ab
Reviewed-on: https://chromium-review.googlesource.com/1042567
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52983}
Side effect free whitelist now
- supports 'typeof' when it performs Load operations
- runtime checks for Array.p.splice
Bug: v8:7588
Change-Id: I45bcd705f8d3f2d2ee61f018566439bf56d1bcbc
Reviewed-on: https://chromium-review.googlesource.com/1037926
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52976}
There are likely cleanups that can be done after this CL:
- context-related functions in the interpreter and compiler take ScopeInfo as
well as ScopeType and slot-count as input. The latter 2 should be directly
derived from the former. We should be able to drop FunctionContextParameters.
- ContextExtension is probably not needed anymore, since we now always have the
correct scope_info directly in the SCOPE_INFO_INDEX slot.
Bug: v8:7066
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ie1f6134c686a9f2183e54730d9cdd598a9e5ab67
Reviewed-on: https://chromium-review.googlesource.com/785151
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52952}
This reverts commit 2df5e7a7b6.
Reason for revert: Mystery crashes https://bugs.chromium.org/p/chromium/issues/detail?id=838805
Original change's description:
> [parser] Slice the source string where possible
>
> When internalizing string literals (for quoted strings or property names),
> try to create a sliced string of the source string rather than allocating
> a copy of the bytes.
>
> This will not work for string literals that contain escapes (e.g. unicode
> escapes), and currently does not support two-byte strings.
>
> Bug: chromium:818642
> Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980
> Reviewed-on: https://chromium-review.googlesource.com/1010282
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52898}
TBR=marja@chromium.org,yangguo@chromium.org,jarin@chromium.org,mlippautz@chromium.org,leszeks@chromium.org,verwaest@chromium.org
Change-Id: I598b6668c43a3e843e2dd8e60852b2b2f3461954
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1039885
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52919}
When internalizing string literals (for quoted strings or property names),
try to create a sliced string of the source string rather than allocating
a copy of the bytes.
This will not work for string literals that contain escapes (e.g. unicode
escapes), and currently does not support two-byte strings.
Bug: chromium:818642
Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980
Reviewed-on: https://chromium-review.googlesource.com/1010282
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52898}
This is is a preparatory CL to detach the JSFunction from the Context.
We mainly rewrite the DebugScopeInterator to no longer rely on the a
JSFunction to be around. Additionally the empty_function needs to have
a proper ScopeInfo now.
Drive-by-fix: Improve ScopeInfo debug printing
Bug: v8:7066
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I2f2fa0e78914a12e076384e0e1234c2322ad1ee8
Reviewed-on: https://chromium-review.googlesource.com/918721
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52791}
Embedder may implement any non trivial logic using embedder fields,
e.g. creates wrappers lazily and store native pointer to native object
inside embedder fields.
R=yangguo@chromium.org
Bug: v8:7588
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Id14eb6e686f8945cb350cfe77e8a4b3c52c5ec5b
Reviewed-on: https://chromium-review.googlesource.com/1013404
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52741}
There are various situations where we explicitly compare a SMI against
another SMI (e.g., BuildIndexedJump). This is also a common pattern for
generated code (e.g., comparing a loop variable with an integer). Instead
of using the generic equality/strict-equality stub for this, which is
expensive, this CL offers a simple comparison stub, repurposing the
TestEqualStrictNoFeedback bytecode to TestReferenceEqual
Bug: v8:5310
Change-Id: Ib2b47cd24d5386cf0d20d3bd794776dc6e3a02a5
Reviewed-on: https://chromium-review.googlesource.com/1007542
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Christian O. Andersson <cricke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52655}
The "Address" type is V8's general-purpose type for manipulating memory
addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
are undefined behavior except within the same array; since we generally
don't operate within a C++ array, our general-purpose type shouldn't be
a pointer type.
Bug: v8:3770
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
Reviewed-on: https://chromium-review.googlesource.com/988657
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52601}
Port 077205be55
Original Commit Message:
This CL allows SetPrototypeAdd and ArrayIteratorPrototypeNext
to be called on temporary objects during side effect free evaluation.
R=kozyatinskiy@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I4f6d4e885c19a032723ea8fe39976780900ba922
Reviewed-on: https://chromium-review.googlesource.com/1008634
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#52554}
This CL allows SetPrototypeAdd and ArrayIteratorPrototypeNext
to be called on temporary objects during side effect free evaluation.
Bug: v8:7588
Change-Id: Id77848e48d98c243de91bc6c0fae5a0877e693d4
Reviewed-on: https://chromium-review.googlesource.com/998439
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52548}
Before Turbofan/Ignition it was possible to use external profilers to
sample running V8/Node.js processes and generate reports/FlameGraphs
from that. It's still possible to do so, but non-optimized JavaScript
functions appear in the stack as InterpreterEntryTrampoline. This commit
adds a runtime flag which makes interpreted frames visible on the
process' native stack as distinguishable functions, making the sampled
data gathered by external profilers such as Linux perf and DTrace more
useful.
R=bmeurer@google.com, franzih@google.com, jarin@google.com, yangguo@google.com
Bug: v8:7155
Change-Id: I3dc8876aa3cd9f1b9766624842a7cc354ccca415
Reviewed-on: https://chromium-review.googlesource.com/959081
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52533}
This whitelists Function-related builtins used by Blink callbacks at
the DOM wrapping stage, and other BigInt methods.
Bug: chromium:810176
Change-Id: If036114cd7f133f2c30247dff836698c2eb16a51
Reviewed-on: https://chromium-review.googlesource.com/1004000
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52530}
There is no good reason to have the meat of most objects' initialization
logic in heap.cc, all wrapped by the CALL_HEAP_FUNCTION macro. Instead,
this CL changes the protocol between Heap and Factory to be AllocateRaw,
and all object initialization work after (possibly retried) successful
raw allocation happens in the Factory.
This saves about 20KB of binary size on x64.
Original review: https://chromium-review.googlesource.com/c/v8/v8/+/959533
Originally landed as r52416 / f9a2e24bbc
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Id072cbe6b3ed30afd339c7e502844b99ca12a647
Reviewed-on: https://chromium-review.googlesource.com/1000540
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52492}
MUST_USE_RESULT was deprecated for some time. This removes it and
replaces all uses by the equivalent V8_WARN_UNUSED_RESULT.
R=mstarzinger@chromium.org
Bug: v8:7570
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I86883218638e64eeeb7a5891904319ed0844a004
Reviewed-on: https://chromium-review.googlesource.com/999533
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52486}
Merge the outer_scope_info and feedback_metadata fields on
SharedFunctionInfo. outer_scope_info is only used during parsing,
and feedback_metadata is only available after compilation, so the
two never exist at the same time. Thus, they can share a field slot.
The exception is un-compiling and re-compiling a function, where we
need the outer_scope_info again. Fortunately, the outer_scope_info
can be re-calculated from the SFI's scope_info.
Bug: v8:7606
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I6b97fefe859e89df75ad870da4a0bfa4b869772a
Reviewed-on: https://chromium-review.googlesource.com/992432
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52454}
Inlines nameOrSourceURL and locationFromPosition of the Script object
at call sites.
R=jgruber@chromium.org
Bug: v8:7624
Change-Id: If217d4c1412fa22aaa856a017f73be4c803e70ac
Reviewed-on: https://chromium-review.googlesource.com/997741
Commit-Queue: Simon Zünd <szuend@google.com>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52427}
This reverts commit f9a2e24bbc.
Reason for revert: gc stress failures not all fixed by follow up.
Original change's description:
> [cleanup] Refactor the Factory
>
> There is no good reason to have the meat of most objects' initialization
> logic in heap.cc, all wrapped by the CALL_HEAP_FUNCTION macro. Instead,
> this CL changes the protocol between Heap and Factory to be AllocateRaw,
> and all object initialization work after (possibly retried) successful
> raw allocation happens in the Factory.
>
> This saves about 20KB of binary size on x64.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Icbfdc4266d7be8b48d2fe085f03411743dc6a0ca
> Reviewed-on: https://chromium-review.googlesource.com/959533
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52416}
TBR=jkummerow@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,hpayer@chromium.org
Change-Id: Idbbc53478742f3e9525eee83342afc6aedae122f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/999414
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52420}
There is no good reason to have the meat of most objects' initialization
logic in heap.cc, all wrapped by the CALL_HEAP_FUNCTION macro. Instead,
this CL changes the protocol between Heap and Factory to be AllocateRaw,
and all object initialization work after (possibly retried) successful
raw allocation happens in the Factory.
This saves about 20KB of binary size on x64.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Icbfdc4266d7be8b48d2fe085f03411743dc6a0ca
Reviewed-on: https://chromium-review.googlesource.com/959533
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52416}
This is a reland of 7a2c371383
Original change's description:
> [debug] introduced runtime side effect check
>
> This CL demonstrates minimum valuable addition to existing debug evaluate
> without side effects mechanism.
> With this CL user can evaluate expressions like:
> [a,b] // create any kind of temporary array literals
> [a,b].reduce((x,y) => x + y, 0); // use reduce method
> [1,2,3].fill(2); // change temporary arrays
>
> The core idea: any change of the object created during evaluation without
> side effects is side effect free. As soon as we try to store this temporary
> object to object existed before evaluation we will terminate execution.
>
> Implementation:
> - track all objects allocated during evaluation and mark them as temporary,
> - patch all bytecodes which change objects.
>
> A little more details (including performance analysis): [1].
>
> [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
>
> Bug: v8:7588
> Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
> Reviewed-on: https://chromium-review.googlesource.com/972615
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52370}
Bug: v8:7588
Change-Id: Ibc92bf19155f2ddaedae39b0c576b994e84afcf8
Reviewed-on: https://chromium-review.googlesource.com/996760
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52373}
This reverts commit 7a2c371383.
Reason for revert: msan is broken
Original change's description:
> [debug] introduced runtime side effect check
>
> This CL demonstrates minimum valuable addition to existing debug evaluate
> without side effects mechanism.
> With this CL user can evaluate expressions like:
> [a,b] // create any kind of temporary array literals
> [a,b].reduce((x,y) => x + y, 0); // use reduce method
> [1,2,3].fill(2); // change temporary arrays
>
> The core idea: any change of the object created during evaluation without
> side effects is side effect free. As soon as we try to store this temporary
> object to object existed before evaluation we will terminate execution.
>
> Implementation:
> - track all objects allocated during evaluation and mark them as temporary,
> - patch all bytecodes which change objects.
>
> A little more details (including performance analysis): [1].
>
> [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
>
> Bug: v8:7588
> Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
> Reviewed-on: https://chromium-review.googlesource.com/972615
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52370}
TBR=ulan@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,leszeks@chromium.org
Change-Id: Ied1739c6308b13a4981189e0999f5912316cf456
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7588
Reviewed-on: https://chromium-review.googlesource.com/996135
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52371}
This CL demonstrates minimum valuable addition to existing debug evaluate
without side effects mechanism.
With this CL user can evaluate expressions like:
[a,b] // create any kind of temporary array literals
[a,b].reduce((x,y) => x + y, 0); // use reduce method
[1,2,3].fill(2); // change temporary arrays
The core idea: any change of the object created during evaluation without
side effects is side effect free. As soon as we try to store this temporary
object to object existed before evaluation we will terminate execution.
Implementation:
- track all objects allocated during evaluation and mark them as temporary,
- patch all bytecodes which change objects.
A little more details (including performance analysis): [1].
[1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
Bug: v8:7588
Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
Reviewed-on: https://chromium-review.googlesource.com/972615
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52370}
Before reporting coverage data, we attempt to reduce clutter by
merging nested and consecutive ranges. Nested ranges are merged, if
the child range has the same execution count as the parent range.
Sibling ranges are merged, if one sibling begins where the other ends
and execution counts are identical.
This allowed an invalid transformation in which a range with an
execution count of 1 would be merged into the parent change, but the
sibling range with identical start and end points and a count of 0
would remain, effectively deleting the covered range.
For example:
{start: 0, end: 10, count: 1},
{start: 5, end: 8, count: 1}, // It's invalid to remove this.
{start: 5, end: 8, count: 0}
The fix is to separate the parent and sibling merge passes, and
removing duplicate ranges in-between.
Bug: chromium:827530
Change-Id: Ic35eae1d4a106746570ce9cb412ed6710ef6da53
Reviewed-on: https://chromium-review.googlesource.com/992114
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52352}
Makes CallHandlerInfo its own instance type, with an additional
map to distinguish side-effect-free handlers. In a followup, we
can expose an API flag to set the map.
This CL does not support whitelisting calls to ObjectTemplates
that use SetCallAsFunctionHandler().
Bug: v8:7515
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie32fe144046a9fae3e3b1ea5602b0da3db8a5616
Reviewed-on: https://chromium-review.googlesource.com/965741
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52328}
We need to bypass shortcuts when executing accessors defined via FunctionTemplate
if we have break points at function entry.
R=ishell@chromium.org, jgruber@chromium.org
Bug: v8:7596
Change-Id: I0e1bdbbba0f7dcd0fb7fe90d35b18234d073fe94
Reviewed-on: https://chromium-review.googlesource.com/980316
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52276}
The embedder can get notification when V8 heap size approaches the heap limit
and can extend the heap limit if needed using
- v8::Isolate::AddNearHeapLimitCallback
- v8::Isolate::RemoveNearHeapLimitCallback
This generalizes the exiting v8::debug::SetOutOfMemoryCallback API.
Bug: chromium:824214
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ia444cb7efb6fe85c57fa3785e8fd1d8b654a5224
Reviewed-on: https://chromium-review.googlesource.com/979447
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52238}
We don't want to run into the situation of breaking inside of
debug-evaluate. That would get even more confusing with throw-on-side-effect.
R=kozyatinskiy@chromium.org
Bug: v8:7592
Change-Id: I93f5de63d8943792ff000dbf7c6311df655d3793
Reviewed-on: https://chromium-review.googlesource.com/978164
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52227}
This is a reland of d8f564eac6TBR=mstarzinger@chromium.org,yangguo@chromium.org,jgruber@chromium.org
Original change's description:
> Reland: Remove SFI code field
>
> Remove the SharedFunctionInfo code field, inferring the code object
> from the function_data field instead. In some cases, the function_data
> field can now hold a Code object (e.g. some WASM cases).
>
> (Reland of https://chromium-review.googlesource.com/952452)
>
> TBR=mstarzinger@chromium.org
>
> Bug: chromium:783853
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
> Change-Id: I10ea5be7ceed1b51362a2fad9be7397624d69343
> Reviewed-on: https://chromium-review.googlesource.com/970649
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52136}
Bug: chromium:783853
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I5187851b923e9a92f43daf8cb99e662786cbb839
Reviewed-on: https://chromium-review.googlesource.com/975942
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52159}
Remove the SharedFunctionInfo code field, inferring the code object
from the function_data field instead. In some cases, the function_data
field can now hold a Code object (e.g. some WASM cases).
(Reland of https://chromium-review.googlesource.com/952452)
TBR=mstarzinger@chromium.org
Bug: chromium:783853
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I10ea5be7ceed1b51362a2fad9be7397624d69343
Reviewed-on: https://chromium-review.googlesource.com/970649
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52136}
Remove the SharedFunctionInfo code field, inferring the code object
from the function_data field instead. In some cases, the function_data
field can now hold a Code object (e.g. some WASM cases).
Bug: chromium:783853
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1219a4d6aa5abaa9fee54dda883da7a3186e347a
Reviewed-on: https://chromium-review.googlesource.com/952452
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52064}
In order to remove the construct_stub field of the SFI we need all
construct stubs to be the same, and do any branching at runtime
instead. For builtins we don't need to set the construct stub because
the builtins construct stub will call into it for us.
There should only be two builtins left without the builtins construct
stub: Array and InternalArray, which are special cases that need to
be dealt with in another CL.
Bug: v8:7503
Change-Id: If0d419399a9ee22c09cf2a5a3d3dbea7a04dee77
Reviewed-on: https://chromium-review.googlesource.com/968862
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52046}
With this CL the name of an SFI is either stored directly on the SFI
itself (for uncompiled ones) or on the related ScopeInfo if present.
- Combine scope_info and name field on SFI into name_or_scope_info field
- Change the name of a couple of SFI accessors: name => Name,
has_shared_name => HasSharedName, set_name => SetName
- Add Runtime::kGetFunctionName due to more complex SFI name accessing
Bug: v8:7066
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idcce158446c9447b92d9a15125d086952c6e0824
Reviewed-on: https://chromium-review.googlesource.com/964201
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52001}
This CL ads a StartPosition and EndPosition accessors on SFI and
ScopeInfo to facilitate future refactoring. In a future CL the
start and end position are no longer stored directly on SFIs.
This CL will temporarily increase memory since the position info
is duplicated on the SFI and the ScopeInfo.
Drive-by-fix: Clean up some constants in ScopeInfo
Bug: v8:7066
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1a8c5dd4e2156c007e04d92e72e478b915516e0d
Reviewed-on: https://chromium-review.googlesource.com/955629
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51987}
Adds a flag onto InterceptorInfo to mark an interceptor's getter,
query, and enumerator callbacks as side-effect-free.
Bug: v8:7515
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Iafc5d2fa554d6d9a38604e179ea5b884c3b77af0
Reviewed-on: https://chromium-review.googlesource.com/957870
Commit-Queue: Erik Luo <luoe@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51969}
Annotate global handle with label to identify the context held alive for
debugging in DevTools
Bug: chromium:811842
Change-Id: I24f08b4d01939421ba1b7ec7b03982f00ebbdd1a
Reviewed-on: https://chromium-review.googlesource.com/962788
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51936}
- Add a new bytecode for the ToString operation, replacing the old
intrinsic call (currently does not collect type feedback).
- Add a new AST node to represent TemplateLiterals, and avoid
generating unnecessary ToString operations in some simple cases.
- Use a single feedback slot for each string addition, because the
type feedback should always be the same for each addition
This seems to produce a very slight improvement on JSTests benchmarks
and bench-ruben.js from v8:7415, and it's possible that type feedback
for the ToString bytecode could provide more opportunities to eliminate
the runtime call in TurboFan.
Doesn't touch tagged templates
[esnext] fix OOB read in ASTPrinter::VisistTemplateLiteral
Fixes an error where TemplateLiteral printing in --print-ast
would try to read an element beyond the length of a vector.
BUG=v8:7415, chromium:820596
R=adamk@chromium.org, gsathya@chromum.org, rmcilroy@chromium.org, ishell@chromium.org, bmeurer@chromium.org
Change-Id: Ie56894f73a6445550a5f95f42160c4e29ab1da42
Reviewed-on: https://chromium-review.googlesource.com/958408
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#51933}
This reverts commit 8ae19e08b1.
Reason for revert:
Speculative revert for layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/22215
See:
https://github.com/v8/v8/wiki/Blink-layout-tests
Original change's description:
> [esnext] re-implement template strings
>
> - Add a new bytecode for the ToString operation, replacing the old
> intrinsic call (currently does not collect type feedback).
> - Add a new AST node to represent TemplateLiterals, and avoid
> generating unnecessary ToString operations in some simple cases.
> - Use a single feedback slot for each string addition, because the
> type feedback should always be the same for each addition
>
> This seems to produce a very slight improvement on JSTests benchmarks
> and bench-ruben.js from v8:7415, and it's possible that type feedback
> for the ToString bytecode could provide more opportunities to eliminate
> the runtime call in TurboFan.
>
> Doesn't touch tagged templates
>
> BUG=v8:7415
> R=rmcilroy@chromium.org, ishell@chromium.org, bmeurer@chromium.org
>
> Change-Id: If5a8c68558431f058db894d65776324abf54218e
> Reviewed-on: https://chromium-review.googlesource.com/945408
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Caitlin Potter <caitp@igalia.com>
> Cr-Commit-Position: refs/heads/master@{#51853}
TBR=rmcilroy@chromium.org,caitp@igalia.com,ishell@chromium.org,bmeurer@chromium.org
Change-Id: Id0529b065493ffc20c8f2b1abacc4c1484c3c046
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7415
Reviewed-on: https://chromium-review.googlesource.com/958163
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51862}
- Add a new bytecode for the ToString operation, replacing the old
intrinsic call (currently does not collect type feedback).
- Add a new AST node to represent TemplateLiterals, and avoid
generating unnecessary ToString operations in some simple cases.
- Use a single feedback slot for each string addition, because the
type feedback should always be the same for each addition
This seems to produce a very slight improvement on JSTests benchmarks
and bench-ruben.js from v8:7415, and it's possible that type feedback
for the ToString bytecode could provide more opportunities to eliminate
the runtime call in TurboFan.
Doesn't touch tagged templates
BUG=v8:7415
R=rmcilroy@chromium.org, ishell@chromium.org, bmeurer@chromium.org
Change-Id: If5a8c68558431f058db894d65776324abf54218e
Reviewed-on: https://chromium-review.googlesource.com/945408
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#51853}
This patch removes the TypedArrayConstructor_ConstructStub builtin,
merging its functionality into the refactored TypedArrayConstructor
TurboFan builtin.
This brings us closer to our goal of deprecating the `construct_stub`
field in `SharedFunctionInfo`.
Bug: v8:7503, v8:7518
Change-Id: I264aa0933b3c80814e021b05033636196dc289da
Reviewed-on: https://chromium-review.googlesource.com/956044
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51843}
Previously we used a FixedArray for the FeedbackMetadata, packing bits
of information into Smi fields. On 64-bit platforms, we waste at least
half of the available memory by using the Smi representation.
Given that this is just raw data (no pointers), we can just use a new
type that uses the existing packing scheme to store the data in int32
format instead.
This CL changes FeedbackMetadata to a new subclass of HeapObject. This
is to reduce the API surface exposed, in comparison to extending/using
a more general purpose data structure like ByteArray, which is also just
raw data.
FeedbackMetadata only exposes general purpose methods for accessing
slots, but hides the implementation detail of packing bits into int32
fields.
This CL also introduces a sentinal EmptyFeedbackMetadata, because there
are ~750 empty FeedbackMetadata objects when running an empty program in
V8. These are probably for builtins.
Bug: v8:7500
Change-Id: Ic85563153abbd71a22854cee8519260c32b1e9ab
Reviewed-on: https://chromium-review.googlesource.com/945730
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51842}
The next CL will add an actual WeakFixedArray which contains in-place weak
references.
Also removes FLAG_trace_weak_arrays which is not super useful.
BUG=v8:7308
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I016880ecc66b03b406f7184b7f72ab514cb65428
Reviewed-on: https://chromium-review.googlesource.com/951730
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51789}
Instead of computing the disassmebly and offset tables eagerly on
registering a WASM function with a debugger agent, only generate
it when the source or offset tables are actually required. This is
implemented using a lazy, memoizing supplier that is shared
between the debugger agent and wasm translator.
Bug: chromium:794941
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I1a2f7dd71ab65c80f91ddee4f7babbdf33d2e74b
Reviewed-on: https://chromium-review.googlesource.com/918641
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51762}
Instead of a hard-coded list of function addresses, we now use a flag
on the AccessorInfo object to annotate whether the getter can cause any
side effect.
Future changes will extend this to InterceptorInfo, CallHandlerInfo, and
expose this through the API.
R=jgruber@chromium.org, luoe@chromium.org
Bug: v8:7515
Change-Id: Id0fedf03493c3bd81913557a5681f8f63660f6a4
Reviewed-on: https://chromium-review.googlesource.com/945909
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51756}
This changes the encoding of the {HandlerTable} from an array of Smi
values to a byte array. It allows embedding of said array into the
instruction stream of {Code} objects (similar to how safepoint tables
work). For interpreted bytecode the table is attached as a {ByteArray}
to the bytecode.
The advantage of this approach is a more compact encoding and also the
ability to move such tables easily off the GC'ed heap if needed (as is
done for WebAssembly code for example).
R=jarin@chromium.org
Change-Id: I3320415dff69b3d1053825bda0d667a28232bf6d
Reviewed-on: https://chromium-review.googlesource.com/934642
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51589}
The list of runtime function use counts was generated with:
$ grep -o '^ *F(\w*' src/runtime/runtime.h | sed 's/^ *F(//' | sort | while read f; do USE_COUNT=$(git grep "\(Runtime::k\|Runtime::kInline\|%\|%_\)$f" | wc -l); echo $USE_COUNT $f; done
This reduces libv8.so size by 59K on an x64 release build.
Bug: v8:7310
Change-Id: Ib4d097e63ed065f41bf73e9529e4354575be5229
Reviewed-on: https://chromium-review.googlesource.com/934272
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51526}
Adding the StringSubstring simplified operator is a precursor to
improve inlining of String.p.{substr,substring,slice}.
This also contains a drive-by renaming to normalize different
spellings of 'Substring'.
Bug: v8:7250, v8:7340
Change-Id: I89e0fbafeab80f5d2f3ef348a5303d32c0abfe0a
Reviewed-on: https://chromium-review.googlesource.com/919084
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51522}
Originally reviewed at https://chromium-review.googlesource.com/929429
and landed as r51486 / d50c7731e8.
Update in reland: whitelisted new builtins as side effect free.
Bug: v8:6791
Change-Id: Iff45700c8a4eca23f3ee6fc9c0cb340dc027cbc6
Reviewed-on: https://chromium-review.googlesource.com/932802
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51491}
This is preparatory cleanup work for eventually tracking the functions
(rather than concrete closures) in the CALL_IC, also for builtins like
the default PromiseCapability [[Resolve]] and [[Reject]] functions. It
adds a new FeedbackCell type, which is used by JSFunctions consistently
now to reference the feedback vector (or undefined if not the function
is not compiled yet or is a native/asm.js function).
This also changes the calling convention for FastNewClosure builtin and
the JSCreateClosure operator in TurboFan to carry the FeedbackCell here
instead of the parent FeedbackVector and the slot index. In addition we
eliminate the now unused %InterpreterNewClosure runtime function.
Bug: v8:2206, v8:7253, v8:7310
Change-Id: Ib4ce456e276e0273e57c163dcdd0b33abf863656
Reviewed-on: https://chromium-review.googlesource.com/928403
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51474}
Unifies GetSharedFunctionForStreamedScript with GetSharedFunctionForScript
so that both share a more similar API and some common code can be moved to
common helpers.
Introduces a Compiler::ScriptDetails struct to hold script meta-data
used to build new script objects.
BUG=v8:5203
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I3e6b4cd50da9bb92ef5a2bfd666a09b3619c34a4
Reviewed-on: https://chromium-review.googlesource.com/924189
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51438}
This CL removes a GC invocation which might not be needed anymore.
Change-Id: I27c57936677ba2ec0bc32588c485a2c3b6ffed01
Reviewed-on: https://chromium-review.googlesource.com/928241
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51428}
This ensures that breaking on inlined builtins works, even when
compiling concurrently. This CL also introduces the member
Isolate::AbortConcurrentOptimization.
R=sigurds@chromium.org
Bug: v8:178
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ie6cbb48ebde18036888af2dd715862e7a14ddf9d
Reviewed-on: https://chromium-review.googlesource.com/912468
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51384}
This doesn't enable the warning yet, but adds V8_FALLTHROUGH annotations
in enough places so that v8 can build with the warning on on my linux box.
Found one real bug
(in effect-control-linearizer.cc,
https://chromium-review.googlesource.com/c/v8/v8/+/850392/3/src/compiler/effect-control-linearizer.cc#825
).
Bug: chromium:812686
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I3542550b9c24b545641d0f0fc43f28f2780b0ab3
Reviewed-on: https://chromium-review.googlesource.com/911731
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51322}
instance_class_name takes up space unnecessarily, and %_ClassOf and
class_name implement [[Class]] which isn't part of ES2015+ anymore.
Bug:
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I3a73f732ad83a616817fde9992f4e4d584638fa8
Reviewed-on: https://chromium-review.googlesource.com/776683
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51309}
The description will be used to annotate roots in the heap snapshot.
Bug: chromium:811842
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ic5c9a89d1921cabddb06783f08ba63740e72820d
Reviewed-on: https://chromium-review.googlesource.com/916564
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51286}
We reuse most of the infrastructure to set break points, with minor
differences when we encounter functions where we can only break on entry:
- PrepareFunctionForBreakPoints simply deopts all functions.
- Break point objects have the canonical source position 0.
- Break point is set/checked/cleared via bit on the DebugInfo.
- Debug::Break do not continue stepping since stepping is implemented via
regular break points and therefore do not interfere with break on entry.
I promise to add more tests.
Bug: v8:178
Change-Id: Ifc8231995c771286db0b848b811e1c3ad3b12494
Reviewed-on: https://chromium-review.googlesource.com/906245
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51152}
Cleanup CL that removes unnecessary builtins that were just wrapping
the throwing of errors. Use the ThrowTypeError and ThrowRangeError
helpers more consistently from CSA.
Change-Id: I2d0c3647340c88c457b27e16c0a81567869b7ec7
Reviewed-on: https://chromium-review.googlesource.com/906769
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51150}
Break points are cleared to empty fixed array, not undefined.
R=jgruber@chromium.org
Change-Id: Id8dcd08ed0aebc5c4f7745982cde48d562af9772
Reviewed-on: https://chromium-review.googlesource.com/904202
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51117}
Report an error during scope analysis if we're unable to find a
variable proxy for the given private field. This can happen if we try
to access a private field that was not defined or if we're outside
the class scope.
This doesn't correctly throw an early error when pre parsing a top
level function because we don't track it's variables.
Bug: v8:5368
Change-Id: I0a1193fe0ae213c0732fae5d435e150852a8d87d
Reviewed-on: https://chromium-review.googlesource.com/892093
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51082}
This check verifies that all .h files in the src/ directory have an
include guard of the form
#ifndef V8_PATH_TO_FILE_H_
#define V8_PATH_TO_FILE_H_
// ...
#endif // V8_PATH_TO_FILE_H_
The check can be skipped with a magic comment:
// PRESUBMIT_INTENTIONALLY_MISSING_INCLUDE_GUARD
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I0a7b96abec289ad60f64ba8418f1892a6969596d
Reviewed-on: https://chromium-review.googlesource.com/897487
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51079}
The FeedbackNexus classes initially were one-to-one with IC classes,
but over time this got out of date. We also found Nexus' useful, so
we made more classes even for cases that weren't ICs.
The inheritence and polymorphism became confusing and led to
duplication. Better, to just talk about a (single) FeedbackNexus.
Bug: v8:7344
Change-Id: I509dc9657895d56c3859de6e6589695cdff9e73e
Reviewed-on: https://chromium-review.googlesource.com/890452
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50997}
Some tests need to ensure all builtins are deserialized. This adds a
helper to make that easier.
Drive-by-refactoring: Centralize lazy-deserialization tracing.
TBR=rmcilroy@chromium.org
Bug: v8:6624
Change-Id: I1f7caa6c539b12aabcba5b7b28c50ad40355848b
Reviewed-on: https://chromium-review.googlesource.com/891822
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50959}
As part of the effort to despecialize WASM code, convert many uses of
WasmInstanceObject which were simply indirecting through to either
the compiled module or the shared module data with helpers on
the respective Frame objects.
R=mstarzinger@chromium.org
Bug:
Change-Id: I05bd1a18b1d81cceef8a80d9f6988e4f5d537e66
Reviewed-on: https://chromium-review.googlesource.com/876125
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50798}
Instead of requiring the pattern that a SuspendGenerator must be
followed by a Return, make SuspendGenerator return directly. This can,
in the future, simplify some of the reasoning around generator suspends.
Change-Id: I94c0156a89dc0e1c0bc306bc57acf766f3b4deb5
Reviewed-on: https://chromium-review.googlesource.com/857463
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50748}
This reverts commit 03e9d415c2.
Reason for revert: Correctness issues, see https://crbug.com/804159.
Bug: chromium:804159
Original change's description:
> Reland: Reimplement Object.entries/values as CSA to optimize performance.
>
> Add Object.entries/values builtins to debug-evaluate.cc whitelist macro.
> This fix revert commit of https://chromium-review.googlesource.com/c/v8/v8/+/859937
> Original is https://chromium-review.googlesource.com/c/v8/v8/+/810504
> >> Reimplements Object.entries/values as CSA to optimize performance. See more detail about https://bugs.chromium.org/p/v8/issues/ Issue 6804.
>
> This reverts commit 1b49f725ac.
>
> Bug: v8:6804
> Change-Id: I57e8b66e1c4ece2abb52e1630a97fbfd4070d810
> Reviewed-on: https://chromium-review.googlesource.com/860679
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50492}
TBR=yangguo@chromium.org,cbruni@chromium.org,jgruber@chromium.org,ishell@chromium.org,brn@b6n.ch
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6804
Change-Id: I39b1854ca7c2f57819ba377f84560356d3756bfb
Reviewed-on: https://chromium-review.googlesource.com/877886
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50746}
Until now, String.prototype.{trimLeft,trimRight} were non-standard
language extensions, required for Web compatibility.
The proposal at https://github.com/tc39/proposal-string-left-right-trim
standardizes this functionality as String.prototype.{trimStart,trimEnd},
and defines String.prototype.{trimLeft,trimRight} as aliases for
backwards compatibility.
This patch implements that proposal behind the --harmony-string-trimming
flag.
Bug: v8:6530
Change-Id: Id21e624c12a79e6b782efb049a48901b9da7db71
Reviewed-on: https://chromium-review.googlesource.com/867044
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50717}
This adds a new simplified operator NumberToString, which just lowers to
a call to the NumberToString builtin, and hooks that up to the typed
lowering (addressing a long-standing TODO).
Drive-by-fix: Also remove the %NumberToString runtime entry, and just
always use the %NumberToStringSkipCache entry from CSA, since we only
go there if the cache lookup already failed.
Bug: v8:5267, v8:7109
Change-Id: I5ca698c98679653813088a404f1fd38903a73c0e
Reviewed-on: https://chromium-review.googlesource.com/779099
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50636}
Instead of bailing out and assuming everything will be fine if a builtin
hasn't been deserialized yet, deserialize eagerly and perform the full
check.
Change-Id: I60b0d33786a266e124358e2eebe926d8f785881d
Reviewed-on: https://chromium-review.googlesource.com/859998
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50529}
This changes the names of the builtins on the Promise.prototype to match
the general naming convention and make it easier to tell what the
builtin is about just by looking at its name.
Bug: v8:7253
Change-Id: I906cc6fc14a6b9d8ffe9c0dcfd94b50439c4cfcf
Reviewed-on: https://chromium-review.googlesource.com/850698
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50367}
This patch breaks out bailout reasons into two enum classes.
This helps save 3 bits on the SharedFunctionInfo as we don't have to
track the abort reasons.
Change-Id: Ic2e7e7e32b0fa31491f1c6f0003a61390d68fd97
Reviewed-on: https://chromium-review.googlesource.com/848244
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50364}
This reverts commit 2a8e1e4a94.
Reason for revert: Time outs were caused by infra issues.
Original change's description:
> Revert "[debugger] do not try to find saved context before DebugEvaluate::Local"
>
> This reverts commit ea7499df6d.
>
> Reason for revert: Speculative, but this CL seems correlated with a bunch of timeouts on Linux:
>
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/19540
>
> Original change's description:
> > [debugger] do not try to find saved context before DebugEvaluate::Local
> >
> > Current implementation produces crashes since sometimes saved context
> > is empty. It looks like we do not need to restore saved context since
> > we do not set debug context as current, at least all tests are passed.
> >
> > R=yangguo@chromium.org
> >
> > Bug: chromium:797573,chromium:792838
> > Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
> > Reviewed-on: https://chromium-review.googlesource.com/844979
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#50327}
>
> TBR=yangguo@chromium.org,kozyatinskiy@chromium.org
>
> Change-Id: I543201698c96c9762c481c1f6012cc13cb712842
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: chromium:797573, chromium:792838
> Reviewed-on: https://chromium-review.googlesource.com/846205
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50331}
TBR=bbudge@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org
Change-Id: I44e916c796b935c372ce418a3fad44aa25d6f863
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:797573, chromium:792838
Reviewed-on: https://chromium-review.googlesource.com/848132
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50332}
This reverts commit ea7499df6d.
Reason for revert: Speculative, but this CL seems correlated with a bunch of timeouts on Linux:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/19540
Original change's description:
> [debugger] do not try to find saved context before DebugEvaluate::Local
>
> Current implementation produces crashes since sometimes saved context
> is empty. It looks like we do not need to restore saved context since
> we do not set debug context as current, at least all tests are passed.
>
> R=yangguo@chromium.org
>
> Bug: chromium:797573,chromium:792838
> Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
> Reviewed-on: https://chromium-review.googlesource.com/844979
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50327}
TBR=yangguo@chromium.org,kozyatinskiy@chromium.org
Change-Id: I543201698c96c9762c481c1f6012cc13cb712842
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:797573, chromium:792838
Reviewed-on: https://chromium-review.googlesource.com/846205
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50331}
Current implementation produces crashes since sometimes saved context
is empty. It looks like we do not need to restore saved context since
we do not set debug context as current, at least all tests are passed.
R=yangguo@chromium.org
Bug: chromium:797573,chromium:792838
Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
Reviewed-on: https://chromium-review.googlesource.com/844979
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50327}
We were passing a pointer to an object allocated as
{InterpretedFrameImpl} in an {std::unique_ptr<InterpretedFrame>}.
The default deleter then called {delete ptr;} on a ptr of type
{InterpretedFrame*}, even though that object was allocated as
{InterpretedFrameImpl}. This error might caught by validators.
Fix this by passing a custom deleter on the unique_ptr.
R=ahaas@chromium.org, ulan@chromium.org
Bug: v8:7231
Change-Id: Ia18114236384813c4878319209ae4535fda56c41
Reviewed-on: https://chromium-review.googlesource.com/834510
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50226}
This changes the implementation of
v8::ScriptCompiler::CompileFunctionInContext
See design doc: https://goo.gl/ppkK6QR=adamk@chromium.org, marja@chromium.org, mstarzinger@chromium.org
Bug: v8:7172, chromium:70895
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Iab0b6e879c1a3b33b623bfa2af9c706643c06fa7
Reviewed-on: https://chromium-review.googlesource.com/810946
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50148}
This separates common logic that applies to both coverage/type profiling
(i.e. collecting feedback vectors into the list) from work that's only
required by coverage (resetting SFI::has_reported_binary_coverage and
FeedbackVector::invocation_count).
Bug: v8:6000
Change-Id: Icb36a8a6af34b3a425814d69653e331ca8f76cd5
Reviewed-on: https://chromium-review.googlesource.com/813922
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49956}
- Removes JS implementation and InnerArrayFind/InnerArrayFindIndex
- Adds TFJ, with TFS for slow continuation path
Some quick benchmarks show ~2x improvement for unoptimized code
and up to 16% improvement against optimized code (diminishes with
larger arrays as iterating dominates).
https://github.com/peterwmwong/v8-perf/blob/master/array-find-findIndex/README.md
Bug: chromium:791045, v8:1956, v8:5049, v8:7165
Change-Id: Ie16252ed495bbd91fe548b16d5ef6764de791a50
Reviewed-on: https://chromium-review.googlesource.com/804704
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49851}
This fixes debug-evaluate in the presence of a de-materialized function
object. The creation of an arguments object is now requested based on a
given frame (potentially inlined) instead of a target function. It makes
sure that multiple calls to {StandardFrame::Summarize} don't cause any
confusion when they give back non-identical function objects.
R=jgruber@chromium.org
TEST=debugger/debug/debug-evaluate-arguments
BUG=chromium:788647
Change-Id: I575bb6cb20b4657dc09019e631b5d6e36c1b5189
Reviewed-on: https://chromium-review.googlesource.com/796474
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49721}
Prior to this change, the exponentiation operator was rewritten by the
parser to a call of the Math.pow builtin. However, Math.pow does not
accept BigInt arguments, while the exponentiation operator must accept
them.
This CL
- removes the parser's special treatment of ** and **=, treating them
like any other binary op instead.
- adds a TFC builtin Exponentiate that does the right thing for
all inputs.
- adds interpreter bytecodes Exp and ExpSmi whose handlers call the
Exponentiate builtin. For simplicity, they currently always collect
kAny feedback.
- adds a Turbofan operator JSExponentiate with a typed-lowering to
the existing NumberPow and a generic-lowering to the Exponentiate
builtin. There is currently no speculative lowering.
Note that exponentiation for BigInts is actually not implemented yet,
so we can't yet test it.
Bug: v8:6791
Change-Id: Id90914c9c3fce310ce01e715c09eaa9f294f4f8a
Reviewed-on: https://chromium-review.googlesource.com/785694
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49696}
Sometimes we need to capture stack trace on one debugger and use it
later as a parent stack on another debugger (e.g. worker.postMessage).
This CL includes following addition to our protocol and v8-inspector.h:
- added Runtime.StackTraceId, this id represents stack trace captured
on debugger with given id,
- protocol client can fetch Runtime.StackTrace by
Runtime.StacKTraceId using Debugger.getStackTrace method,
- externalParent field is added to Debugger.paused event, it may
contain external parent stack trace,
- V8Inspector::storeCurrentStackTrace captures current stack trace
and returns V8StackTraceId for embedder this id can be used as
argument for V8Inspector::externalAsyncTaskStarted and
V8Inspector::externalAsyncTaskFinished method. Any async stack
trace captured between these calls will get passed external stack
trace as external parent. These methods are designed to be called
on different debuggers. If async task is scheduled and started on
one debugger user should continue to use asyncTask* API,
- Debugger.enable methods returns unique debuggerId.
TBR=dgozman@chromium.org,jgruber@chromium.org
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2c1a2b2e30ed69ccb61d10f08686f4edb09f50e4
Reviewed-on: https://chromium-review.googlesource.com/786274
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49591}
This reverts commit 3a41b697cd.
Reason for revert: Break msvc: https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20msvc/builds/250
Original change's description:
> [inspector] introduced stackTraceId and externalAsyncTask API
>
> Sometimes we need to capture stack trace on one debugger and use it
> later as a parent stack on another debugger (e.g. worker.postMessage).
>
> This CL includes following addition to our protocol and v8-inspector.h:
> - added Runtime.StackTraceId, this id represents stack trace captured
> on debugger with given id,
> - protocol client can fetch Runtime.StackTrace by
> Runtime.StacKTraceId using Debugger.getStackTrace method,
> - externalParent field is added to Debugger.paused event, it may
> contain external parent stack trace,
> - V8Inspector::storeCurrentStackTrace captures current stack trace
> and returns V8StackTraceId for embedder this id can be used as
> argument for V8Inspector::externalAsyncTaskStarted and
> V8Inspector::externalAsyncTaskFinished method. Any async stack
> trace captured between these calls will get passed external stack
> trace as external parent. These methods are designed to be called
> on different debuggers. If async task is scheduled and started on
> one debugger user should continue to use asyncTask* API,
> - Debugger.enable methods returns unique debuggerId.
>
> Bug: chromium:778796
> Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I16aba0d04bfcea90f3e187e635a0588c92354539
> Reviewed-on: https://chromium-review.googlesource.com/754183
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49582}
TBR=dgozman@chromium.org,pfeldman@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,jgruber@chromium.org
Change-Id: I9b52354fa0841e5148596cf594317f2e5fe508ea
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/786152
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49584}
Sometimes we need to capture stack trace on one debugger and use it
later as a parent stack on another debugger (e.g. worker.postMessage).
This CL includes following addition to our protocol and v8-inspector.h:
- added Runtime.StackTraceId, this id represents stack trace captured
on debugger with given id,
- protocol client can fetch Runtime.StackTrace by
Runtime.StacKTraceId using Debugger.getStackTrace method,
- externalParent field is added to Debugger.paused event, it may
contain external parent stack trace,
- V8Inspector::storeCurrentStackTrace captures current stack trace
and returns V8StackTraceId for embedder this id can be used as
argument for V8Inspector::externalAsyncTaskStarted and
V8Inspector::externalAsyncTaskFinished method. Any async stack
trace captured between these calls will get passed external stack
trace as external parent. These methods are designed to be called
on different debuggers. If async task is scheduled and started on
one debugger user should continue to use asyncTask* API,
- Debugger.enable methods returns unique debuggerId.
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I16aba0d04bfcea90f3e187e635a0588c92354539
Reviewed-on: https://chromium-review.googlesource.com/754183
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49582}
Old instrumentation was designed to collect promise creation stack and
promise scheduled stack together. In DevTools for last 6 months we
show only creation stack for promises. We got strong support from users
for new model. Now we can drop support for scheduled stacks and
simplify implementation.
New promise instrumentation is straightforward:
- we send kDebugPromiseThen when promise is created by .then call,
- we send kDebugPromiseCatch when promise is created by .catch call,
- we send kDebugWillHandle before chained callback and kDebugDidHandle
after chained callback,
- and we send separate kDebugAsyncFunctionPromiseCreated for internal
promise inside async await function.
Advantages:
- we reduce amount of captured stacks (we do not capture stack for
promise that constructed not by .then or .catch),
- we can consider async task related to .then and .catch as one shot
since chained callback is executed once,
- on V8 side we can implement required instrumentation using only
promise hooks,
Disadvantage:
- see await-promise test, sometimes scheduled stack was useful since we
add catch handler in native code,
Implementation details:
- on kInit promise hook we need to figure out why promise was created.
We analyze builtin functions until first user defined function on
current stack. If there is kAsyncFunctionPromiseCreate function then
we send kDebugAsyncFunctionPromiseCreated event. If there is
kPromiseThen or kPromiseCatch then only if this function is bottom
builtin function we send corresponded event to inspector. We need it
because Promise.all internally calls .then and in this case we have
Promise.all and Promise.then on stack at the same time and we do not
need to report this internally created promise to inspector.
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I53f47ce8c5c4a9897655c3396c249ea59529ae47
Reviewed-on: https://chromium-review.googlesource.com/765208
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49553}
Currently the SourcePositionTableBuilder requires a Zone because it
holds a ZoneVector<byte> of the encoded entries. Since ZoneVector is a
suboptimal data structure anyway, and for Liftoff we don't even have a
Zone allocated currently, this CL replaces the ZoneVector by
std::vector.
R=mstarzinger@chromium.org
Bug: v8:6600
Change-Id: I8010143e917e2351664e2b53746753b597f4407a
Reviewed-on: https://chromium-review.googlesource.com/779181
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49534}
This removes support for optimized frame which lack deoptimization
information. All optimized JavaScript frames now imply that the
underlying bytecode is available too.
R=rmcilroy@chromium.org
BUG=v8:6409
Change-Id: Ie73c0a376002466884388f1da9e1ec2741884596
Reviewed-on: https://chromium-review.googlesource.com/612162
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49442}
The backing store fixed array for collections needs to be allocated
in LOS if it exceeds the maximum regular heap object size.
Drive-by-fix: Only store fixed array map once as per TODO.
Bug: chromium:784862
Change-Id: I6b4dd2e45153ae107171e21bc7448e0d9b54b0ed
Reviewed-on: https://chromium-review.googlesource.com/771150
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49378}
This CL fixes uses of HandleSlackTracking which previously would write
fields twice. Additional checks ensure that only proper initial maps are
used with slack tracking.
Change-Id: Ifb03297635ed6b873eb8b27fec9794c9d36b71b6
Reviewed-on: https://chromium-review.googlesource.com/664810
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49331}
MIPS team has recently migrated to @mips.com e-mail address.
Dusan Simicic is no longer part of MIPS V8 team, therefore
his name is removed from OWNERS.
TBR=mstarzinger@chromium.org
NOTRY=true
Bug:
Change-Id: I67fde24a5b9214fa3fca05c0399888b8d18fc699
Reviewed-on: https://chromium-review.googlesource.com/758639
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49299}
This is in preparation for wasm on the native heap. All the
aforementioned API needs is the address where the JIT-ed code starts.
This refactoring reduces the dependency of the API to just that.
Bug: v8:6876
Change-Id: I00bbb171398f581db41b8a74ab719e8ea4db52c4
Reviewed-on: https://chromium-review.googlesource.com/755624
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49204}
In current implementation Object.getOwnPropertyDescriptor calls native
getter. It can produce side effects. We can avoid calling it.
DevTools frontend will show clickable dots and on click returns value.
This CL does not affect Blink and only affect several Node.js
properties, e.g. process.title.
R=yangguo@chromium.org
Bug: v8:6945
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5764c779ceed4d50832edf68b2b4c6ee2c2dd65c
Reviewed-on: https://chromium-review.googlesource.com/754223
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49152}
It is preparation step for step-into-worker. There are few changes:
- added breakOnAsyncCall flag for Debugger.stepInto. When flag is set
and async task is scheduled before step-into finished, we pause
execution with additional Debugger.paused event. This event contains
additional scheduledAsyncTaskId field.
- added Debugger.pauseOnAsyncTask. This method will pause execution as
soon as given async task is started.
This mechanism is replacement for Debugger.scheduleStepIntoAsync which
can not be used between multiple targets.
As result we can split async task scheduling in one target and
requesting break for this async task running in another target.
R=pfeldman@chromium.org
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I77be0c880d91253d333c54a23a4c084e7b8549e9
Reviewed-on: https://chromium-review.googlesource.com/750071
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49127}
DebugBreak bytecode fetches current return value from debugger prior
dispatching original handler. So we can change its value on break.
R=leszeks@chromium.org,rmcilroy@chromium.org
Bug: chromium:656150
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I82d0bc82ff49923a748c0084d252d0fd214a2db8
Reviewed-on: https://chromium-review.googlesource.com/731679
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49122}
We have a check on maximum number of levels that can be inlined. This
in some cases causes performance cliffs, when we cannot inline a small
function because it has exceeded the number of levels. This cl removes
that check. The intuition is that, having gone down several levels in
a particular line stopping inlining that chain and exploring a new
call site may not be beneficial. This cl also introduces a absolute
limit on the number of nodes that can be inlined (including the small
functions).
Bug: v8:6871, chromium:779509
Change-Id: Id29639ff2fd85b84d8746da3fb78a82d4e9852e8
Reviewed-on: https://chromium-review.googlesource.com/743727
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49050}
This reverts commit ecd3a2ea3e.
Reason for revert: Bug 779509, a crash with chrome.
Original change's description:
> [TurboFan] Remove maximum inlining levels check from inlining heuristics
>
> We have a check on maximum number of levels that can be inlined. This
> in some cases causes performance cliffs, when we cannot inline a small
> function because it has exceeded the number of levels. This cl removes
> that check. The intuition is that, having gone down several levels in
> a particular line stopping inlining that chain and exploring a new
> call site may not be beneficial.
>
> Bug: v8:6871
> Change-Id: I120056db38e78ce48dff010b6cf994259238582a
> Reviewed-on: https://chromium-review.googlesource.com/741705
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49009}
TBR=mythria@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6871
Change-Id: I4766f911cb326c224af110be5c0dd7a44362a880
Reviewed-on: https://chromium-review.googlesource.com/743785
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49037}
We have a check on maximum number of levels that can be inlined. This
in some cases causes performance cliffs, when we cannot inline a small
function because it has exceeded the number of levels. This cl removes
that check. The intuition is that, having gone down several levels in
a particular line stopping inlining that chain and exploring a new
call site may not be beneficial.
Bug: v8:6871
Change-Id: I120056db38e78ce48dff010b6cf994259238582a
Reviewed-on: https://chromium-review.googlesource.com/741705
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49009}
Previously, V8's slice was implemented in a combination of C++ and a
Javascript fallback. The disadvantage of this approach was that the
fast-path required a call through the CEntryStub, which introduced
considerable overhead for small arrays with fast elements kinds.
Now the implementation primarily uses the CSA to generate both the
full spec-complaint implementation as well as fast paths for argument
objects and arrays with fast elements kinds. The CSA implementation
uses a C++ implementation fallback in select situations where the the
complexity of a CSA implementation would be too great and the
CEntryStub overhead is not decisive (e.g. slices of dictionary
elements arrays).
Performance results on semi-random arrays with small number of
elements (old vs. new):
smi copy: 48.7 ms vs. 12 ms
smi slice: 43.5 ms 14.8 ms
object copy: 35.5 ms 7.7 ms
object slice: 38.7 ms 8.8 ms
dictionary slice: 2398.3 ms vs. 5.4 ms
fast sloppy arguments slice: 9.6 ms vs. 7.2 ms
slow sloppy arguments slice: 28.9 ms vs. 8.5 ms
As a bonus, the new implementation is fully spec-compliant and fixes
at least one existing bug.
The design document for Array.prototype builtin rework can be found
at https://goo.gl/wFHe2n
Bug: v8:1956,v8:6601,v8:6710,v8:6978
Change-Id: Ia0155bedcf39b4577605ff754f416c2af938efb7
Reviewed-on: https://chromium-review.googlesource.com/574710
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48853}
Currently we incorrectly show global object as arrow function receiver.
With this CL:
- if this is used inside of function we show correct this value,
- if this is unused and V8 optimizes it out - we show undefined.
Second is known issue which we should address separately.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: chromium:552753
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iac88a07fe622eb9b2f8af7ecbc4a32a56c8cdfaa
Reviewed-on: https://chromium-review.googlesource.com/723840
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48839}
The information that such functions must be parsed in module mode
didn't get properly propagated.
Also refactor some related code to make it more robust. In particular,
set parsing_module_ at parser construction time only.
Bug: v8:1569, v8:6919
Change-Id: Id136fb15c240373cad07c82025b778d0c0c43148
Reviewed-on: https://chromium-review.googlesource.com/716478
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48811}
This allocates and populates potential source position table before the
underlying {Code} objects is allocated. It essentially makes the field
holding said table immutable after allocation.
R=verwaest@chromium.org
BUG=v8:6792
Change-Id: If35462688a1b502f28ae84f73b82b5df5005735f
Reviewed-on: https://chromium-review.googlesource.com/727895
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48781}
Instead of re-iterating over the heap all the time, use the
list of feedback vectors on the isolate. This also avoids GC of vectors.
Bug: v8:5935
Change-Id: I0bb96fcf2b0feb9856e9806f812188de1fc7b37e
Reviewed-on: https://chromium-review.googlesource.com/668396
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48643}
Remove unused macros, and move macro definitions used only in a single
file into the file itself.
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: If62107816ad1e6addf58705a075d3eba4f23bf08
Reviewed-on: https://chromium-review.googlesource.com/721381
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48625}
This is a reland of 61292f0b60
Original change's description:
> [inspector] breakpoint after last break position should not jump to first line
>
> R=jgruber@chromium.org
>
> Bug: chromium:730177
> Change-Id: I0f3666a333604cb80bb51410c5edf2aceb0c6ef5
> Reviewed-on: https://chromium-review.googlesource.com/717717
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48556}
TBR=jgruber@chromium.org
Bug: chromium:730177
Change-Id: I564cc5d7778f9d79780eae9dbe2d9aafaad4f466
Reviewed-on: https://chromium-review.googlesource.com/721468
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48615}
- Extract core StringPrototypeRepeat code into a TFS builtin (StringRepeat)
- Assumes arguments are a string and smi (no range checks)
- Add StringPrototypePadStart and StringPrototypePadEnd TFJ builtins
- Added StringPadAssembler to ensure common behavior
- Removed functionality from string.js
A quick benchmark shows significant performance gains for unoptimized
code (2.1x to 2.46x) and optimized code (1.03x - 1.56x).
https: //github.com/peterwmwong/v8-perf/blob/master/string-pad/README.md
Bug: v8:5049
Change-Id: I6e4fe99fb62a3edb3d6906fd4f78b3576b5b0d13
Reviewed-on: https://chromium-review.googlesource.com/720067
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48595}
New OWNERS jbarboza and mmallick and remove bjaideep.
Bug:
Change-Id: I3d7b8d13cad441bd60b1d598e5553716799ef739
Reviewed-on: https://chromium-review.googlesource.com/714136
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#48559}
New code should use nullptr instead of NULL.
This patch updates existing use of NULL to nullptr where applicable,
making the code base more consistent.
BUG=v8:6928,v8:6921
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I4687f5b96fcfd88b41fa970a2b937b4f6538777c
Reviewed-on: https://chromium-review.googlesource.com/718338
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48557}
In Debug mode, V8 disallows executing JavaScript during
`ScriptCompiler::CompileUnbound()` calls. This restriction
makes sense during compilation, but not really for the post-compile
notification, and currently at least one Node.js test
(`test/inspector/test-contexts.js`) fails because of this in debug mode.
Bug:
Change-Id: I930b5f06083c0e87f1613414da3dfe2bcdf0f386
Reviewed-on: https://chromium-review.googlesource.com/706943
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48421}
We use the naming convention <Constructor>Prototype<Method> for builtins
that implement methods on a certain builtin constructors prototype. Fix
the collection builtins (Map and Set) to match this naming convention.
Bug: v8:5049
Change-Id: I8ced50c2ac9ebc8f4390bcbbc6aec426a0026813
Reviewed-on: https://chromium-review.googlesource.com/707318
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48403}
Change the default to false. Block coverage will need to be
enabled explicitly via inspector protocol, which is already
being done.
R=franzih@chromium.org
Bug: v8:6738
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I08684ce7b501981bc376a6bc6181fabac9628a63
Reviewed-on: https://chromium-review.googlesource.com/689234
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48235}
And some refactoring to the existing code for LiveEdit.
R=jarin@chromium.org
Change-Id: Ic1d626db9722b39cbcd83bf6878fc24d6094e612
Reviewed-on: https://chromium-review.googlesource.com/687014
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48233}
Note that this also makes it possible to move several classes
into the module-compiler.cc file and inline their implementations.
This also allows removing several uses of wasm-module.h from
other places in V8 that include wasm-objects.h.
R=yangguo@chromium.org,clemensh@chromium.org,ahaas@chromium.org
Bug:
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I303ee2bb49dc53c951d377a1b65699c1e0e91da7
Reviewed-on: https://chromium-review.googlesource.com/687494
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48204}
Use the (D)CHECK_{EQ,NE,GT,...} macros instead of (D)CHECK with an
embedded comparison. This gives better error messages and also does the
right comparison for signed/unsigned mismatches.
This will allow us to reenable the readability/check cpplint check.
R=yangguo@chromium.org
Bug: v8:6837
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I88e5afea1ad0fdf23a81b380e64ff356bbc20112
Reviewed-on: https://chromium-review.googlesource.com/681374
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48138}
I noticed that ScopeIterator::CurrentContext returns an empty Handle
whereas functions like ScopeIterator::CurrentScopeInfo call
Handle<Context>::null() instead. This commit suggests changing this for
consistency.
Bug:
Change-Id: I8735d655a8c0affeb6a18e74efe0d33bf6d5e899
Reviewed-on: https://chromium-review.googlesource.com/668440
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48057}
It's quite possible for DebugInfos to exist without the presence of a
bytecode array, since DebugInfos are created for all functions for which
we have a CoverageInfo. Free such objects properly.
Also move the corresponding deletion of CoverageInfos on unload up
before the early exit.
Bug: v8:6000
Change-Id: Idde45b222290aa8b6828b61ff2251918b8ed2aed
Reviewed-on: https://chromium-review.googlesource.com/664811
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48024}
If TypeProfile goes out of scope, ScriptData and Entry still rely on
TypeProfiles's type_profile_. Make type_profile_ a shared_ptr owned by all
three classes to prevent use after free.
Bug: v8:5933
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ida7d66dadc17a816cf4439a25e6f714edccffa2c
Reviewed-on: https://chromium-review.googlesource.com/659937
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48013}
Some API functions have no context and debug::ScopeIterator::
CreateForFunction is crashing on attempt to get context.
R=jgruber@chromium.org
Bug: chromium:759913
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I0a9861ea2d19bceff97c4394b34a8dda45222b78
Reviewed-on: https://chromium-review.googlesource.com/661789
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47981}
This continues to move the "desugaring" of unary operators further
down the pipeline, in this case into the bytecode handlers for new
bytecodes `Negate` and `BitwiseNot` and the corresponding TF code
in BytecodeGraphBuilder.
Bug: v8:6971
Tbr: yangguo@chromium.org
Change-Id: If6b5d6b239a09ef8b4dbde49321614503c0f5beb
Reviewed-on: https://chromium-review.googlesource.com/661146
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47980}
BigInt is a new primitive type of arbitrary precision integers,
proposed in https://tc39.github.io/proposal-bigint.
This CL introduces a corresponding instance type, map, and C++
class to V8 and adds BigInt support to a few operations (see the
test file). Much more is to come. Also, the concrete representation
of BigInts is not yet fixed, currently a BigInt is simply a wrapped
Smi.
Bug: v8:6791
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ia2901948efd7808f17cfc945f0d56e23e8ae0b45
Reviewed-on: https://chromium-review.googlesource.com/657022
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47956}
Since we don't have a full-codegen compiler anymore, we no longer
generate Code::FUNCTION kind. Nice! Here is some cleanup.
Bug: v8:6409
Change-Id: I05634e4ca85c4037b49a4346f4e8bae8042b8762
Reviewed-on: https://chromium-review.googlesource.com/657817
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47951}
