This is in preparation to the removal of the FullCodeGenerator, we no
longer need the ability to stress the underlying implementation.
R=rmcilroy@chromium.org
BUG=v8:6409
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Iad3177d6de4a68b57c12a770b6e85ed7a9710254
Reviewed-on: https://chromium-review.googlesource.com/584747
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47276}
Mutating the descriptor array and the layout descriptor of a map
races with the concurrent marking. This patch simply transfers
ownership of the descriptor array without mutating the map.
Since the old map is not going to be used anymore and there are
not transitions from the old map, this should be safe for trimming
the descriptor arrays during GC.
This patch also adds checks in IC code avoid caching of dummy
transitions from the abandoned prototype map.
Bug: chromium:752461
Change-Id: I7b44ba7c369199bdb3ff48235226fe504c7eb4a5
Reviewed-on: https://chromium-review.googlesource.com/602210
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47275}
The run_test.py tool test selection only expands asterisks at the end of
the test name. This CL introduces glob expansion in test selection
(asterisks are expanded anywhere in the path).
This is useful when tests that belong to the same area have different
prefixes. For example wasm cctests have two different prefixes:
'cctest/test-run-wasm*' and 'cctest/test-wasm*'. With this CL it is
possible to specify the selector 'cctest/*wasm*' to run them all.
R=machenbach@chromium.org
Change-Id: I1c7cc5136b21e71f3eaf69fb98d5dfd77d336e2a
Reviewed-on: https://chromium-review.googlesource.com/609000
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Cr-Commit-Position: refs/heads/master@{#47274}
This test started failing on arm64-debug-nosnap builds since we'd have
leftover NEVER_EVACUATE code-space pages from Isolate initialization.
Ensure that we exhaust all such pages and overflow into LO_SPACE before
continuing into the real test, and simply generate dummy code instead of
copying a fake CEntryStub.
Bug: v8:6690
Change-Id: I3889b5818e2467dcdce3485f1372f3b7383478f4
Reviewed-on: https://chromium-review.googlesource.com/608139
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47273}
The heuristic for deciding whether to normalize elements in a JSArray
should not depend on the current old generation size, for the sake of
predictability. This also wouldn't work when we start inlining this
into optimized code, where we'd bake in the max old generation size
value at the time of optimization.
Bug: v8:6399
Change-Id: Ie30d8855953b8fa97b86b18d9eac6e5de87e5aa9
Reviewed-on: https://chromium-review.googlesource.com/609013
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47272}
Previously we could not support these due to their unique memory layout
including off-heap backing store allocations. We now serialize these
allocations and then fix-up references to them in the PostProcess step
of deserialization.
Bug: v8:6691
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ic215049c06e6ee655bd17c11dfab0d8630568a84
Reviewed-on: https://chromium-review.googlesource.com/597709
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47271}
This reverts commit 48cee973c8.
Reason for revert: Including size of parent function in the inlining budget does not allow even small functions to be inlined into large functions. This causes regressions on some benchmarks: https://bugs.chromium.org/p/chromium/issues/detail?id=747247
Bug:747247
Original change's description:
> [Turbofan] Include size of parent function in inlining decisions.
>
> The size of parent function is not considered when taking decisions
> on which functions to inline. This cl, includes the size of the
> parent function to the cumulative count.
>
> Bug:
> Change-Id: Ib8f4ec684f8313f7c2e29237580bb3c0403930bd
> Reviewed-on: https://chromium-review.googlesource.com/506205
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46789}
TBR=mstarzinger@chromium.org,mythria@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: Ic8a5282f4f41474dc1608044a81920cdd794437d
Reviewed-on: https://chromium-review.googlesource.com/609780
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47270}
Original intention of longScript was to check how hashing works with long
script source. Current implementation calculates hash for longString function,
it's non reliable since Function.toString is still not specified and can return
different line endings on different architectures.
TBR=dgozman@chromium.org
Bug: none
Change-Id: I4c5b6f30c2849a1a2702c74665b86ced731f1b28
Reviewed-on: https://chromium-review.googlesource.com/609486
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47268}
On context destroyed we discard corresponded injected-script and won't be able to wrap async evaluation result, so we can resolve callback with an error right now.
R=dgozman@chromium.org
Bug: none
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib62f255297f306ad9f2c96a2a5b80e4b5aa33475
Reviewed-on: https://chromium-review.googlesource.com/604213
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47267}
This also changes logging of code address to Code::instruction_start rather
than Code::address().
Bug: v8:6239
Change-Id: I4ef975630574e23409123468a3f7fb8fe6ad39e7
Reviewed-on: https://chromium-review.googlesource.com/605887
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47266}
Most methods on runtime agent are available when agent is disabled, we compile
injected-script lazily and should not invalidate it on runtime.disable since it
will invalidate all related objectIds.
R=dgozman@chromium.org
Bug: none
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I86f3c5d6908862cd4c0847c433f35a6d83c6396b
Reviewed-on: https://chromium-review.googlesource.com/607153
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47265}
Invoking Object.freeze on either the Object.prototype or the
Array.prototype changes its elements backing store to
DICTIONARY_ELEMENTS kind, which is not properly checked in all
placeswhere we test for elements in the prototype chain, i.e. in
JSObject::PrototypeHasNoElements. This causes several Array
builtins to take the slow path, i.e. Array.prototype.splice.
Fix this for now by consistently checking for either empty_fixed_array
or empty_slow_element_dictionary in both C++ and CSA runtime.
Bug: v8:6689
Change-Id: I3f62643131b3a874b5c2a3d7ed054dd1e799bbaf
Reviewed-on: https://chromium-review.googlesource.com/608127
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47264}
This reverts commit b35a0789bc.
Reason for revert: Roll blocker for https://chromium-review.googlesource.com/c/607193
Original change's description:
> [heap, runtime] Fix conversion of large strings to thin strings.
>
> This patch removes creation of fillers in the middle of a large page and
> fixes assert in Heap::NotifyObjectLayoutChange.
>
> The fillers in large pages are useless since we do not sweep large
> object space.
>
> Bug: chromium:752426
> Change-Id: I01c230223f28d6d54b7362ee70e9d83de50678fd
> Reviewed-on: https://chromium-review.googlesource.com/601994
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47221}
TBR=ulan@chromium.org,jkummerow@chromium.org,mlippautz@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:752426
Change-Id: I58a632af37fa018d82693099a7a395ca5db5af0f
Reviewed-on: https://chromium-review.googlesource.com/609404
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47262}
This changes the DCHECK (which could correctly fail) to be part of the
conditional that checks if we're in an async function.
Bug: chromium:751789
Change-Id: I3b8c1239ac93190055622c41fa1122e83b69d255
Reviewed-on: https://chromium-review.googlesource.com/607356
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47261}
This reverts commit decf5750c6.
Reason for revert: broken layout tests
Original change's description:
> [runtime] Store hash code in length field
>
> Store the hash code in 21 bits of the length field.
>
> Change the GetIdentityHash API to be unhandlified, since there's no
> property lookup anymore.
>
> Update js/ and test/ to match new API and expections.
>
> Bug:
> Change-Id: I8dc75de4021f59e79b45f3f38ec997c3b3687b24
> Reviewed-on: https://chromium-review.googlesource.com/589688
> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47259}
TBR=ulan@chromium.org,jkummerow@chromium.org,mstarzinger@chromium.org,cbruni@chromium.org,gsathya@chromium.org
Change-Id: I32db9c20a51b2401464924cafea502628a0d0b92
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/609322
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47260}
Store the hash code in 21 bits of the length field.
Change the GetIdentityHash API to be unhandlified, since there's no
property lookup anymore.
Update js/ and test/ to match new API and expections.
Bug:
Change-Id: I8dc75de4021f59e79b45f3f38ec997c3b3687b24
Reviewed-on: https://chromium-review.googlesource.com/589688
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47259}
The signature of the method was changed in
implementation was not updated for those platforms.
https: //chromium-review.googlesource.com/c/558876 but the
Change-Id: I507d7877988287c352ee2690bac540f835c19ebf
Reviewed-on: https://chromium-review.googlesource.com/600194
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47258}
There are two reasons for Scopes to need information about eval calls
inside them:
- Eval in a scope, or any of its inner scopes, turns off a bunch of
scope analysis optimizations (e.g., all variables have to be treated
as "used" and context-allocated).
- Eval in a sloppy declaration scope means allows runtime addition
of var declarations.
This patch aims to make the code better-reflect this reality.
It's meant as a pure cleanup, with no expected change in behavior.
Change-Id: I744c5051bb7a90b11420930e9596e5d6c35eb440
Reviewed-on: https://chromium-review.googlesource.com/602848
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47257}
Port cb9402aa98
Original Commit Message:
The ConstructFunctionForwardVarargs and ConstructForwardVarargs
builtins, which are used when inlining the Reflect.construct
builtin into TurboFan optimized code, didn't properly check the
new.target parameter whether it's a constructor.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I9d006961e15bedadc98ca786fcb1f032755ec608
Reviewed-on: https://chromium-review.googlesource.com/608549
Reviewed-by: Jaideep Bajwa <bjaideep@ca.ibm.com>
Commit-Queue: Jaideep Bajwa <bjaideep@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#47256}
Currently, we do not inline recursive functions. This is in general a
good idea but could be useful in some cases. For example, in rayTrace
there is a class.create function to create new classes, which basically
calls the initialize function on the object. When there are classes which
instantiate other classes this leads to recursion. These are really small
functions (within the small function budget) and it is good to inline them.
Allowing such functions to inline improves the score on rayTrace by 12-16%
and box2d by 24-30%.
There is also an absolute limit on the maximum levels of inlining to avoid
any corner cases and to ensure inlining always terminates.
Bug: v8:6682
Change-Id: I6784f68d6395097d126c0850b1a1336b6583d958
Reviewed-on: https://chromium-review.googlesource.com/608235
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47255}
AsyncGenerators, when resumed with a "return" completion, Await the sent
value to provide consistency with syntactic return statements. This
moves the await to during AsyncGeneratorResumeNext, shrinking the number
of bytecodes.
There's a minor change to BytecodeGenerator which removes a
%_GeneratorClose() call, since it's inserted implicitly by the parser.
BUG=v8:5855
TBR=neis@chromium.org
Change-Id: I2965c610e5985ac24c713b481e62f6b97f96a3d8
Reviewed-on: https://chromium-review.googlesource.com/582218
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47253}
Because SizeFor only returns aligned values, when we check values
returned there against kMaxSize, they can be larger if they were
rounded up.
It wasn't possible to write a test for the 2-byte version that didn't
regularly OOM.
Bug: chromium:752764
Change-Id: Id2f387449e0fafe633a2fde1ac728be31487f62d
Reviewed-on: https://chromium-review.googlesource.com/607935
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47252}
Experimental run, just for getting data from RuntimeCallstats bots.
To be reverted soon - expected to break various things.
BUG=v8:5516
NOTREECHECKS=true
Change-Id: I6d235fddee36b0f0efe70065166d25ed40d6e163
Reviewed-on: https://chromium-review.googlesource.com/557863
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47248}
Splits out AttachOuterScopeInfo from DeclarationScope::Analyze and attaches
the outer scope info after parsing has completed (when parsing on the main
thread, which is the only time we have an outer scope info) instead of
during Compiler::Analyse().
BUG=v8:5203
TBR=yangguo@chromium.org
Change-Id: Idd8d2409fb20f09a9f6bbf5cff7e6edcf90077d7
Reviewed-on: https://chromium-review.googlesource.com/605889
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47243}
This fixes an old bug uncovered by
https://chromium-review.googlesource.com/591651
The bug is a race between the concurrent sweeper clearing slots and
the mutator adding slots and trimming fixed array:
1) The sweeper starts sweeping a page with an existing fixed array.
2) The sweeper pre-caches the slots clearing mode by checking if the
slot set pointer on the page is null or not. (This is the bug).
3) The mutator updates the fixed array such that new slots are added.
4) The mutator trims the fixed array such that the added slots are
now in free space.
5) The sweeper adds the trimmed part of the fixed array to free list,
but does not clear slots there because of the cached flag.
6) A new object is allocated from the free list entry and it has
a bogus slot entry recorded.
Bug: chromium:752750
TBR: mlippautz@chromium.org
Change-Id: I4f70514fa05b692a27d992954cb4c314ef4cac07
Reviewed-on: https://chromium-review.googlesource.com/608047
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47242}
- Previous fix is https://chromium-review.googlesource.com/c/583531 but it
diverges Scopes created by PreParser from Scopes created by Parser.
- This CL creates the inner block scope a bit earlier and (temporarily) pushes
it into the scope chain for parsing the variable declarations in a for
loop. The previous approach was to first parse the variable declarations and
then reparent the AST nodes / Scopes created while parsing it afterwards.
- This CL partially reverts https://chromium-review.googlesource.com/c/583531;
the new fix only touches parser-base.h (diff between patch sets 2 and 3 is the
fix).
- The Ignition golden changes are basically undoing the changes done in that CL
too.
Bug: chromium:740591
Change-Id: Iceff1383ef066317e754942bb5ff0c70a91bc937
Reviewed-on: https://chromium-review.googlesource.com/603787
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47241}
Revert CollectCallOrConstructFeedback to just CollectCallFeedback again
and provide a separate copy of the code for ConstructWithSpread, where
the idea is that this will be unified with the Construct bytecode
handler, once there's support for spreading the final argument _and_
passing the AllocationSite at the same time.
This is following up on discussion with rmcilroy@ at
https://goo.gl/Cxy5mD where the outcome was to keep Call and Construct
logic separate for the sake of clarity.
Bug: v8:5517, v8:6399, v8:6679
Change-Id: I20ebe1d5ed80986359742cf5411f4abaad8b6a60
Reviewed-on: https://chromium-review.googlesource.com/606469
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47240}
To speed up compilation times, jumbo allows files to be compiled
together. This is a well known method ("unity builds") to both
compile faster and create a poor man's "full program optimization".
We are only interested in compile times.
Background:
https://chromium.googlesource.com/chromium/src/+/master/docs/jumbo.md
Note that jumbo builds are not enabled by default. To try this out,
add use_jumbo_build=true to your GN args.
BUG=chromium:746958
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ieb9fdccb6c135e9806dbed91c09a29aa8b8bee11
Reviewed-on: https://chromium-review.googlesource.com/579090
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47239}
This fixes a bug affecting module namespace objects, which are currently
implemented using native accessors.
Bug: v8:6681, v8:1569
Change-Id: I6a678652573a332c47315497d927c390d9da0926
Reviewed-on: https://chromium-review.googlesource.com/606027
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47238}
Don't return NoChange when the new_target input to a JSConstruct node is
already a HeapConstant, but rather use that constant in the interesting
lowering below. This was introduced accidentally by
https://chromium-review.googlesource.com/604790
earlier. Also don't use ShouldUseCallICFeedback predicate here, as that
doesn't really make sense for JSConstruct, but is mostly interesting for
JSCall (hence the name).
Bug: v8:5517, v8:6399, v8:6679
Change-Id: I96201281cf1a10f2bfd2dc3859455161eb310ccf
Reviewed-on: https://chromium-review.googlesource.com/607887
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47237}
To avoid breaking Chromium we expose a stub method first, and will start
using it only when V8 rolls into Chromium and we implement it there.
Bug: chromium:751993
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ida1f96f2dfa833552e7adfa36a580a6ef1bdd1aa
Reviewed-on: https://chromium-review.googlesource.com/604812
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Sergei Datsenko <dats@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47233}
This reverts commit 649b1e70e7.
Reason for revert: A1 Jetstream bots are still failing.
Original change's description:
> [wasm] Reland "[wasm] redirect wasm calls to js functions through a GCed table"
>
> This reverts commit 25f03308a7.
>
> Reason for revert: Fix the cause of bot failure and reland
>
> Original change's description:
> > Revert "[wasm] redirect wasm calls to js functions through a GCed table"
> >
> > This reverts commit eb65f35e96.
> >
> > Reason for revert: Broke jetstream benchmark on android.
> >
> > BUG=chromium:750828
> >
> > Original change's description:
> > > [wasm] redirect wasm calls to js functions through a GCed table
> > >
> > > With this patch, rather than embedding the JSReceiver address directly
> > > in the WasmToJS wrappers, we put that in a fixed array with global handle
> > > scope and instead embed the location of the handle and the index in the
> > > wrapper. This ensures that the wrapper doesn't need to be patched if the
> > > GC kicks in. This is needed to get the WASM code off the GCed heap.
> > >
> > > R=mtrofin@chromium.org
> > >
> > > Bug:
> > > Change-Id: Ie5a77a78cdecec51b04f702c63b8e4285e6a2d8d
> > > Reviewed-on: https://chromium-review.googlesource.com/581682
> > > Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> > > Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#46884}
> >
> > TBR=mtrofin@chromium.org,aseemgarg@google.com,aseemgarg@chromium.org,clemensh@chromium.org
> >
> > # Not skipping CQ checks because original CL landed > 1 day ago.
> >
> > Change-Id: I26f49ee0a1fe73cc5d8852ded87b56638be39ebf
> > Reviewed-on: https://chromium-review.googlesource.com/596268
> > Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#47059}
>
> R=mtrofin@chromium.org,aseemgarg@google.com,aseemgarg@chromium.org,clemensh@chromium.org,sullivan@chromium.org
>
> Change-Id: I29ef35f6e612a706d9f571da3e7beb1da8b5052b
> Bug: chromium:750828
> Reviewed-on: https://chromium-review.googlesource.com/597010
> Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47177}
TBR=bradnelson@chromium.org,sullivan@chromium.org,mtrofin@chromium.org,aseemgarg@google.com,aseemgarg@chromium.org,clemensh@chromium.org
Bug: chromium:750828
Change-Id: I04b12c0eb0705ad809822a7d7461423be77d942a
Reviewed-on: https://chromium-review.googlesource.com/606867
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47231}
This CL consolidates ownership of parameters used to compile code (which
we always specialize) in 2 places:
- ModuleEnv for compile-time data
- WasmCompiledModule for runtime data
The parameters in question are: memory size and start; globals start;
address of indirect function tables (and their signatures, respectively);
and address to be used for wasm call sites.
Ideally, we'd collapse this down to one place, however, we need
specialization data to survive serialization. We can achieve this we get off
the GC heap and use a different wasm code serializer.
The CL:
- removes aliasing of parts of the specialization data, and moves
to using ModuleEnv as a token of passing around compile-time data, instead
of a mixture of ModuleEnv, WasmInstance, and some other structures. ModuleEnv
is responsible for providing a consistent view of the specialization data,
e.g. valid memory sizes (multiples of page size), and matching sized function
tables and signatures.
- removes WasmInstance, as its data is now contained by ModuleEnv.
- removes ModuleBytesEnv. We now pass the wire bytes explicitly. They can't
always be assumed as present (e.g. streaming compilation), and probably more
refactoring may need to happen once streaming compilation lands and we
better understand our dependencies.
Change-Id: Id7e6f2cf29e51b5756eee8b6f8827fb1f375e5c3
Reviewed-on: https://chromium-review.googlesource.com/592531
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47229}
We are only calling {checkAvailable} with uint32_t, thus the type
received should also be uint32_t. This also gives better error messages
for integers >kMaxInt.
R=titzer@chromium.org
Change-Id: I40655b80dcc601e05fbb0c92cedba72ca806e2b3
Reviewed-on: https://chromium-review.googlesource.com/605893
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47227}
