and non-recursive in order to let Clang inline it.
Bonus: Drop IsTwoByteRepresentationUnderneath, which was dead code
except for one test, and is semantically redundant.
Bug: chromium:910573
Change-Id: I86f1c312e93ab875b4b42101ac65ddc94b1c9518
Reviewed-on: https://chromium-review.googlesource.com/c/1369086
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58171}
This change makes the SFI to bytecode link pseudo-weak. The marking visitors
check whether the bytecode is old, and if so, don't mark it and instead
push the SFI onto a bytecode_flushing_candidates worklist. Once marking
is complete, this list is walked, and for any of the candidates who's bytecode
has not been marked (i.e., is only referenced by the shared function info),
the bytecode is flushed and the SFI has the function data replaced with
an UncompiledData (which overwrites the flushed bytecode array).
Since we don't track JSFunctions, these can still think the underlying
function is compiled, and so calling them will invoke
InterpreterEntryTrampoline. As such, logic is added to
InterpreterEntryTrampoline to detect flushed functions, and enter
CompileLazy instead.
BUG=v8:8395
Change-Id: I4afba79f814ca9a92dec45d59485935845a6669d
Reviewed-on: https://chromium-review.googlesource.com/c/1348433
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58158}
This was done via {managed_native_module()->get()}. Add a simple getter
for that.
R=ahaas@chromium.org
Bug: v8:8562
Change-Id: I8e461a8e16b618abdb772098fad3a6b721d54902
Reviewed-on: https://chromium-review.googlesource.com/c/1371564
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58156}
Uses the JavaScript BigInt Object to represent Wasm's 64bits integers.
Attention, 32 bits architectures are not supported yet.
Bug: v8:7741
Change-Id: I28b718fa567bca5103b2f38a879049cd20a46f12
Reviewed-on: https://chromium-review.googlesource.com/c/1355144
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58152}
This is purely a renaming change. The ES spec uses the term 'detach'
for the process of removing the backing store of a typed array, while
V8 uses the historical term 'neuter'. Update our internal implementation,
including method names and flag names, to match the spec.
Note that some error messages still use the term 'neuter' since error
messages are asserted by some embedder tests, like layout tests.
R=bmeurer@chromium.org, yangguo@chromium.org, mstarzinger@chromium.org, mlippautz@chromium.org
BUG=chromium:913887
Change-Id: I62f1c3ac9ae67ba01d612a5221afa3d92deae272
Reviewed-on: https://chromium-review.googlesource.com/c/1370036
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58149}
Update is_compiled() and has_feedback_vector() to return false in the case
where the SFI's bytecode has been flushed, but the JSFunction hasn't yet been
reset to uncompiled. Also add code to reset the JSFunction when it is recompiled
lazily.
BUG=v8:8394
Change-Id: I7c5f79066603ac1ae097a0a62c625b1a8e39431c
Reviewed-on: https://chromium-review.googlesource.com/c/1363138
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58148}
This callback is not being used by now, so we can just change it
without the deprecation dance.
Instead of the WasmModuleObject, it now receives the new
CompiledWasmModule wrapper which contains a shared pointer to the
NativeModule. This is all that's needed for serialization.
Some classes are pulled out of WasmModuleObject to allow reuse.
R=adamk@chromium.org, mstarzinger@chromium.org
CC=bbudge@chromium.org
Bug: chromium:912031
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icedb64efa92e66bec45cf8742942a07ae22f59c8
Reviewed-on: https://chromium-review.googlesource.com/c/1363140
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58142}
This patch changes the output from:
function fn() {
^
SyntaxError: Unexpected end of input
to:
function fn() {
^
SyntaxError: missing '}' after function body
Bug: v8:6513, v8:7321
Change-Id: I4ca8a40fa0be246da2a3ff776b3fb3c87b4ba4e0
Also-By: gsathya@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/1367448
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58116}
Moving Frame-inspection functionality to Torque is a prerequisite
for porting the CSA-based arguments code, which is a great candidate
to simplify/cleanup with Torque.
Change-Id: I1f4cb94cb357aae5864c2e84f3bf5a07549b27f8
Reviewed-on: https://chromium-review.googlesource.com/c/1357050
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58106}
in order to make it also work with optional registers.
Bug: v8:8562
Change-Id: Iaea905913cc9fd1637026b83e9356c740965e128
Reviewed-on: https://chromium-review.googlesource.com/c/1367807
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58105}
This is a reland of f849396c3a
Original change's description:
> [nojit] Remove code stubs
>
> All stubs have been migrated to builtins. This CL removes most related
> code.
>
> Bug: v8:7777, v8:5784
> Change-Id: I4470cfef34788e6c8e0fd5fd09e40e250d088dad
> Reviewed-on: https://chromium-review.googlesource.com/c/1365284
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58093}
Tbr: mstarzinger@chromium.org,yangguo@chromium.org,jkummerow@chromium.org,bmeurer@chromium.org
Bug: v8:7777, v8:5784
Change-Id: I005ee2a820d49a75a90481d262a310e4ccfd1391
Reviewed-on: https://chromium-review.googlesource.com/c/1367746
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58101}
We need to be able to serialize a NativeModule, which is not bound to
any Isolate. Hence we should not want to pass any Isolate to the
serializer. This CL removes the dependence by not using the
ExternalReferenceTable from the Isolate, but instead using its own
ExternalReferenceList for serialization and deserialization. This
ExternalReferenceList only contains isolate-independent external
references.
R=mstarzinger@chromium.org
Bug: chromium:912043, chromium:912031
Change-Id: Iea5abd95dce9c54e618255cc577b6b43f002ac5d
Reviewed-on: https://chromium-review.googlesource.com/c/1363135
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58099}
All stubs have been migrated to builtins. This CL removes most related
code.
Bug: v8:7777, v8:5784
Change-Id: I4470cfef34788e6c8e0fd5fd09e40e250d088dad
Reviewed-on: https://chromium-review.googlesource.com/c/1365284
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58093}
(mostly for roots, handles and stack locations).
Thi CL also changes RootVisitor interface to use FullObjectSlots instead of
ObjectSlots.
Bug: v8:8518
Change-Id: I217c7ae176387a8c64f4754e62339727bdb36018
Reviewed-on: https://chromium-review.googlesource.com/c/1366035
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58091}
This migrates the JSEntryStub to three dedicated builtins:
JSEntry
JSConstructEntry
JSRunMicrotasksEntry
Drive-by: Tweaks to make the code isolate-independent (e.g. using the
correct macro assembler method to load and store external references
through the kRootRegister).
Drive-by: The context slot on x64/ia32 must be set up after
kRootRegister is initialized, so we first reserve the slot and later
load its value.
Drive-by: Update all remaining comments referencing JSEntryStub.
Bug: v8:7777
Change-Id: Ie3ba17ffb3bde6f18ec1d26d778b258719b2d4ef
Reviewed-on: https://chromium-review.googlesource.com/c/1365275
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58088}
Now that `do` expressions have been removed [1], we should remove the
corresponding golden file as well.
[1]: 58988c6c63
Change-Id: I4a6908d4d53b2bce1d9f2d616c672b4caf15adac
Reviewed-on: https://chromium-review.googlesource.com/c/1365283
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58084}
which will require different handling for compressed pointers case.
Bug: v8:8518
Change-Id: I99cb103bad57b134ecb8d7dd7018cf16ed3d8f25
Reviewed-on: https://chromium-review.googlesource.com/c/1365272
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58073}
A spec change to simplify IsRegExp has been proposed:
https://github.com/tc39/ecma262/pull/1318
This CL adds use counters for cases in which the spec change would
alter behavior:
1. o[@@match] is trueish but o is not a JSRegExp
2. o[@@match] is falseish (but not undefined) and o is a JSRegExp
This is the V8 side of required changes.
The Chromium-side CL: https://crrev.com/c/1360730
Drive-by: TNodeify IsRegExp.
Tbr: yangguo@chromium.org
Bug: v8:8522
Change-Id: I3766e02977f256a80d0e59472d3bafa9c692af9e
Reviewed-on: https://chromium-review.googlesource.com/c/1360630
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58064}
A WasmModuleObject represents an instance of WebAssembly.Module. It is
called WasmModuleObject internally, so also use that name externally.
We still have a typedef for WasmCompiledModule which will be deprecated
once chromium has been updated to use WasmModuleObject.
R=titzer@chromium.org, adamk@chromium.org
Bug: v8:8238, chromium:912031
Change-Id: I2d7708d4dc183cb4f4714f741b1ea0c153014430
Reviewed-on: https://chromium-review.googlesource.com/c/1362048
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58055}
Large code objects are allocated in CODE_LO_SPACE on the heap instead of
CODE_SPACE. Add a test that checks that these objects are still
considered 'InV8' according to the unwinder API.
Bug: v8:8116
Change-Id: I65968913cd92858fac2b1a689df2904d0574641f
Reviewed-on: https://chromium-review.googlesource.com/c/1363134
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58047}
If the size of a large code object is larger than
kMaxRegularHeapObjectSize, then it should be allocated in the large code
space. Currently if the size is > kMaxRegularHeapObjectSize but <
512000, then it can still be allocated in the normal code space.
Change-Id: I72dbd38803c3d5d414bae85e9e0b15482e50e1c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363137
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58046}
This reverts commit ed3d647284.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20noi18n%20-%20debug/24178
Original change's description:
> Reland "[code-comments] Put code comments into the code object"
>
> This is a reland of e774cffe2b
>
> This reland disables a test as v8:8548 is blocking it, which was
> broken by a recent CL. CQ did not catch this because the merge-base
> CQ used did not yet contain the CL that caused v8:8548.
>
> Original change's description:
> > [code-comments] Put code comments into the code object
> >
> > Code comments in the snapshot can now be enabled with gn
> > arg 'v8_enable_snapshot_code_comments'
> >
> > Bug: v8:7989
> > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#58020}
>
> TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
>
> Bug: v8:7989, v8:8548
> Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
> Reviewed-on: https://chromium-review.googlesource.com/c/1361166
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58028}
TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org
Change-Id: I1075bb09de7cb8dad71e31ff51a4e7bb6a200a8b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7989, v8:8548
Reviewed-on: https://chromium-review.googlesource.com/c/1362043
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58029}
This is a reland of e774cffe2b
This reland disables a test as v8:8548 is blocking it, which was
broken by a recent CL. CQ did not catch this because the merge-base
CQ used did not yet contain the CL that caused v8:8548.
Original change's description:
> [code-comments] Put code comments into the code object
>
> Code comments in the snapshot can now be enabled with gn
> arg 'v8_enable_snapshot_code_comments'
>
> Bug: v8:7989
> Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58020}
TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
Bug: v8:7989, v8:8548
Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
Reviewed-on: https://chromium-review.googlesource.com/c/1361166
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58028}
Building on https://chromium-review.googlesource.com/c/v8/v8/+/1349243,
which asserted on calls to GetChars() that weren't in a
DisallowHeapAllocation scope, this CL takes a reference to the scope
in order to provide static protection in all builds.
Bug: v8:8238
Change-Id: I481a1dbbd3ae57eb35c5f828c5e242691635be27
Reviewed-on: https://chromium-review.googlesource.com/c/1354038
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58022}
Code comments in the snapshot can now be enabled with gn
arg 'v8_enable_snapshot_code_comments'
Bug: v8:7989
Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
Reviewed-on: https://chromium-review.googlesource.com/c/1329173
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58020}
The flakiness of this test was fixed by
https://chromium-review.googlesource.com/c/v8/v8/+/1280436 which removed
calls to StartTickSample() and FinishTickSample() from tests as this
causes a race.
Bug: v8:6133, v8:5193
Change-Id: Ia6bcfa75cce64547b00a185343ada803d082a12e
Reviewed-on: https://chromium-review.googlesource.com/c/1361163
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58019}
It's possible that we encounter incorrect SP or FP values while
unwinding the stack. One reason is that third-party code like virus
protection may change the stack. If we encounter values for SP or FP
that don't make sense, we should bail out of unwinding and return false.
Bug: v8:8116, chromium:909957
Change-Id: I630fef3f619382c7035be50b86072be349ed185c
Reviewed-on: https://chromium-review.googlesource.com/c/1358514
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58018}
and also its pure-static subclass PrototypeUsers, whose porting
is a no-op.
Bug: v8:3770
Change-Id: I075806f784a0631058692149e71c45e455e90f73
Reviewed-on: https://chromium-review.googlesource.com/c/1355631
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58003}
This is to address the first issue reported on v8:8453
Page::kPageSize is 524288
MemoryAllocator::GetCommitPageSize() returns 65536 on ppc
ObjectEndOffsetInCodePage() returns 458752
ObjectStartOffsetInCodePage() returns (65536 + 65536) => 131072
Therefore, memory = 327680, which is less than
kMaxRegularHeapObjectSize(507136), which causes the DCHECK to fail.
Bug: v8:8453
Change-Id: I6048192ded4234a6987371ec4d4b2a8553756c25
Reviewed-on: https://chromium-review.googlesource.com/c/1355422
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58001}
- Rename methods,
- Introduce flags for tokens to lookup IsKeyword and IsPropertyName
- Remove "contextual keyword" leftover code.
- Inline ParsePropertyName into ParsePropertyNameOrPrivatePropertyName
since public is more likely than private.
Change-Id: Ib7633ef3c46889ecafc7a6c929029845bb8ef15c
Reviewed-on: https://chromium-review.googlesource.com/c/1357052
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57993}
The `readonly: true` key-value pair is redundant since it gets
ignored anyhow. This patch removes it.
Also, `configurable: false` is implied when
using `Object.defineProperty` (just like `enumerable: false`
and `writable: false`). Therefore, specifying only `configurable`
but not `enumerable` and `writable` gave the impression that
configurability was somehow the deciding factor for this test.
Instead, the only important data property for this test is
`writable: false`. This patch lists all four data property
attributes explicitly, making it clear that only `writable` has
a “special” value.
Bug: v8:8175, v8:8238
Change-Id: Icfc6262f246712a64cdfcffff7b648f5681a711e
Reviewed-on: https://chromium-review.googlesource.com/c/1357048
Reviewed-by: Caitlin Potter <caitp@igalia.com>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57986}
This is a reland of 10ea3f8a1d
Original change's description:
> [Compiler] Introduce IsCompiledScope which prevents flushing of compiled code
>
> Introduces a IsCompiledScope object which can be used to check whether a
> function is compiled, and ensure it remains compiled for the lifetime
> of the scope without being uncompiled by bytecode flushing. The Compile
> functions are modified to take a scope so that calling code can ensure
> the function remains compiled for the lifetime they require.
>
> Also, don't allocate a feedback vector for asm-wasm code as this
> is never used, and will be reallocated if the asm-wasm code fails to
> instantiate the module and we fallback to regular JavaScript.
>
> Also restructure Compiler::PostInstantiation() to allocate the feedback
> vector once, and do the optimized code check before optimizing for
> always opt.
>
> BUG=v8:8395
>
> Change-Id: I3f1a71143fcae3d1a0c01eefe91ebb4b8594221a
> Reviewed-on: https://chromium-review.googlesource.com/c/1352295
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57971}
TBR=jgruber@chromium.org,mstarzinger@chromium.org
Bug: v8:8395
Change-Id: I8dc00798a5680997990c879c3380fe4febd47297
Reviewed-on: https://chromium-review.googlesource.com/c/1357045
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57982}
to the new design.
Bug: v8:3770
Change-Id: I63291cc8eccfa1da20e84c6d3e9f48f253409396
Reviewed-on: https://chromium-review.googlesource.com/c/1355627
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57981}
This reverts commit 10ea3f8a1d.
Reason for revert: Causing failure on gc_stress bot:
https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8928421099411850688/+/steps/Bisect_10ea3f8a/0/steps/Retry/0/logs/collections-construct../0
Original change's description:
> [Compiler] Introduce IsCompiledScope which prevents flushing of compiled code
>
> Introduces a IsCompiledScope object which can be used to check whether a
> function is compiled, and ensure it remains compiled for the lifetime
> of the scope without being uncompiled by bytecode flushing. The Compile
> functions are modified to take a scope so that calling code can ensure
> the function remains compiled for the lifetime they require.
>
> Also, don't allocate a feedback vector for asm-wasm code as this
> is never used, and will be reallocated if the asm-wasm code fails to
> instantiate the module and we fallback to regular JavaScript.
>
> Also restructure Compiler::PostInstantiation() to allocate the feedback
> vector once, and do the optimized code check before optimizing for
> always opt.
>
> BUG=v8:8395
>
> Change-Id: I3f1a71143fcae3d1a0c01eefe91ebb4b8594221a
> Reviewed-on: https://chromium-review.googlesource.com/c/1352295
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57971}
TBR=rmcilroy@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org
Change-Id: I1449a02a0aceb9757440757628e586df33972a40
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8395
Reviewed-on: https://chromium-review.googlesource.com/c/1357042
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57974}
Introduces a IsCompiledScope object which can be used to check whether a
function is compiled, and ensure it remains compiled for the lifetime
of the scope without being uncompiled by bytecode flushing. The Compile
functions are modified to take a scope so that calling code can ensure
the function remains compiled for the lifetime they require.
Also, don't allocate a feedback vector for asm-wasm code as this
is never used, and will be reallocated if the asm-wasm code fails to
instantiate the module and we fallback to regular JavaScript.
Also restructure Compiler::PostInstantiation() to allocate the feedback
vector once, and do the optimized code check before optimizing for
always opt.
BUG=v8:8395
Change-Id: I3f1a71143fcae3d1a0c01eefe91ebb4b8594221a
Reviewed-on: https://chromium-review.googlesource.com/c/1352295
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57971}
Remove the test-api/InitializeDefaultIsolateOnSecondaryThread_ResourceConstraints
test which was setting max-old-space-size limit without acutally using it. This
caused repetitive failures, resulting in the test being effectively disabled.
Bug: v8:8521
R=ulan@chromium.org, yangguo@chromium.org
Change-Id: Iad39cc95df86963d256816bf56d0bc5f62f7d5c9
Reviewed-on: https://chromium-review.googlesource.com/c/1356506
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57964}
Termination exceptions tear down V8 to the bottom-most V8 call. If there is a
v8::TryCatch scope around that call, it returns true for HasTerminated() and
HasCaught(). However, Isolate::IsExecutionTerminating() returns false and we
can call into V8 from still inside the v8::TryCatch scope.
Changes that this patch introduces:
- You need to leave the v8::TryCatch scope around the bottom-most call to
reset the termination state, in order to resume.
- Explicitly check for termination exception and reporting it through the
DevTools protocol after Runtime.evaluate and Debugger.evaluateOnCallFrame.
Bug: v8:8455
Change-Id: I1f36f7a365985469813c2619bf16f18ee69aa4b8
Reviewed-on: https://chromium-review.googlesource.com/c/1337582
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57963}
This is a reland of 9436e8a817
This CL simplifies the wasm/futex.js test so that it doesn't push the
limits of d8.
Original change's description:
> [wasm] Add I64AtomicWait implementation
>
> Bug=v8:8075
> R=adamk@chromium.org,binji@chromium.org
>
> Change-Id: I11ef5daccd043123b23e60c93ee0df79cabe9ccd
> Reviewed-on: https://chromium-review.googlesource.com/c/1342948
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Ben Smith <binji@chromium.org>
> Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57917}
Change-Id: Ifd26f1ecdb9fe24a1896162bb4d4285f9188a9ba
Reviewed-on: https://chromium-review.googlesource.com/c/1351304
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57953}
Make sure to check that the number of declared functions (specified in the
function section) matches the number of function bodies, even if the code
section is omitted.
Note that it is valid to have a function section with zero declared functions
and an omitted code section, and vice versa.
Bug: v8:8514
Change-Id: I4effa5abe2ed6d71146a665d2df6a2f48b5a84be
Reviewed-on: https://chromium-review.googlesource.com/c/1351306
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57949}
The problem were missing V8_EXPORT_PRIVATE and V8_EXPORT.
The unittests test if the trap handler only handles those traps it
is supposed to handle:
* Only handle traps when the thread-in-wasm flag is set.
* Only handle traps of the right type, i.e. memory access violations.
* Only handle traps at recorded instructions.
The tests also test the consistency of the thread-in-wasm flag. I made
one change in the trap handler where that consistency could be
violated.
All tests are executed with the default trap handler provided by V8,
and with the trap handler callback installed in a test signal/exception
handler.
Patchset 1 is the original CL.
R=mstarzinger@chromium.org
Change-Id: I172d94f24cdba4c3a1f7f344825b059dbb59da79
Reviewed-on: https://chromium-review.googlesource.com/c/1351024
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57947}
This adds a new target :generated_cc_files which generates all
generated .cc files and is quick to build (~5sec on my machine).
TBR=yangguo@chromium.org
Change-Id: I51485635671b55302b06f1ea300e86ef1745931e
Bug: v8:8526
Reviewed-on: https://chromium-review.googlesource.com/c/1354881
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57941}
This refactors Map operations to update the instance descriptors and
the number of own descriptors via the SetInstanceDescriptors bottleneck.
This will allow us to add a special marking barrier for these updates.
Bug: v8:8486
Change-Id: Ie9c746d4bcdd6166d38402622734693fa59faf21
Reviewed-on: https://chromium-review.googlesource.com/c/1354883
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57934}
This CL marks v8::Isolate::GetEnteredContext as deprecated in favor of
replacing it with GetEnteredOrMicrotaskContext. Blink no longer uses it,
and Node.js does not use this too.
GetEnteredOrMicrotaskContext() is relevant for all known cases over
GetEnteredContext(), and it costs 2% of a benchmark score to maintain
the entered contexts under the nestable microtask context.
https://crrev.com/c/1322290 is a context for the bencmark and nestable
microtask contexts.
Bug: v8:8124
Change-Id: I260e32daadf34dc587926a1e20ab950ff2e31699
Reviewed-on: https://chromium-review.googlesource.com/c/1353025
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57927}
This reverts commit ddaa1f0a0d.
Reason for revert:
Still flaky on windows. Maybe reland and keep skipped on windows?
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win32%20-%20nosnap%20-%20shared/31002https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64/27826
Original change's description:
> Reland "[cpu-profiler] Fix stack iterability for fast C calls with no exit frame"
>
> This is a reland of d5f4a33eb8
>
> Original change's description:
> > [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
> >
> > Before fast C calls, store the current FP and PC on the isolate. When
> > iterating frames in SafeStackFrameIterator, check if these fields are
> > set and start iterating at the calling frame's FP instead of the current
> > FP, which will be in C++ code. We need to do this because c_entry_fp is
> > not set on the Isolate for Fast-C-Calls because we don't build an exit
> > frame.
> >
> > This change makes stack samples that occur within 'Fast-C-Calls'
> > iterable, meaning we can properly attribute ticks within the JS caller.
> >
> > Fast-C-Calls can't call back into JS code, so we can only ever have one
> > such call on the stack at a time, allowing us to store the FP on the
> > isolate rather than the stack.
> >
> > TBR=v8-mips-ports@googlegroups.com
> >
> > Bug: v8:8464, v8:7202
> > Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
> > Reviewed-on: https://chromium-review.googlesource.com/c/1340241
> > Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
> > Reviewed-by: Alexei Filippov <alph@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#57896}
>
> TBR=v8-mips-ports@googlegroups.com
> TBR=jgruber@chromium.org
>
> Bug: v8:8464, v8:7202
> Change-Id: I5f37ded4ea572e8e9890ba186aa3d74a0dfc1274
> Reviewed-on: https://chromium-review.googlesource.com/c/1354042
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57912}
TBR=alph@chromium.org,jgruber@chromium.org,petermarshall@chromium.org,martyn.capewell@arm.com,v8-arm-ports@googlegroups.com,v8-mips-ports@googlegroups.com,ibogosavljevic@wavecomp.com
Change-Id: If810648dbf60df2ff70455b6e8ef466136c90145
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8464, v8:7202
Reviewed-on: https://chromium-review.googlesource.com/c/1354461
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57925}
TransitionArray, NormalizedMapCache, DependentCode to the new design.
Bug: v8:3770
Change-Id: I8bd56f231fb62b146e0fb05989418aedb62a628b
Reviewed-on: https://chromium-review.googlesource.com/c/1350287
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57921}
Bug=v8:8075
R=adamk@chromium.org,binji@chromium.org
Change-Id: I11ef5daccd043123b23e60c93ee0df79cabe9ccd
Reviewed-on: https://chromium-review.googlesource.com/c/1342948
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57917}
This is a reland of d5f4a33eb8
Original change's description:
> [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
>
> Before fast C calls, store the current FP and PC on the isolate. When
> iterating frames in SafeStackFrameIterator, check if these fields are
> set and start iterating at the calling frame's FP instead of the current
> FP, which will be in C++ code. We need to do this because c_entry_fp is
> not set on the Isolate for Fast-C-Calls because we don't build an exit
> frame.
>
> This change makes stack samples that occur within 'Fast-C-Calls'
> iterable, meaning we can properly attribute ticks within the JS caller.
>
> Fast-C-Calls can't call back into JS code, so we can only ever have one
> such call on the stack at a time, allowing us to store the FP on the
> isolate rather than the stack.
>
> TBR=v8-mips-ports@googlegroups.com
>
> Bug: v8:8464, v8:7202
> Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
> Reviewed-on: https://chromium-review.googlesource.com/c/1340241
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57896}
TBR=v8-mips-ports@googlegroups.comTBR=jgruber@chromium.org
Bug: v8:8464, v8:7202
Change-Id: I5f37ded4ea572e8e9890ba186aa3d74a0dfc1274
Reviewed-on: https://chromium-review.googlesource.com/c/1354042
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57912}
These two tests fail if the memory used by builtins increases too much.
They aren't intended to monitor the memory used by builtins, so these
failures are spurious.
Bug: v8:8521
Change-Id: I67e61abe30aaf69aeb3e6a2c885795061a318851
Reviewed-on: https://chromium-review.googlesource.com/c/1354041
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57911}
This reverts commit d5f4a33eb8.
Reason for revert: Seems to cause a no snapshot build failure - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20nosnap%20-%20debug/21967
Original change's description:
> [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
>
> Before fast C calls, store the current FP and PC on the isolate. When
> iterating frames in SafeStackFrameIterator, check if these fields are
> set and start iterating at the calling frame's FP instead of the current
> FP, which will be in C++ code. We need to do this because c_entry_fp is
> not set on the Isolate for Fast-C-Calls because we don't build an exit
> frame.
>
> This change makes stack samples that occur within 'Fast-C-Calls'
> iterable, meaning we can properly attribute ticks within the JS caller.
>
> Fast-C-Calls can't call back into JS code, so we can only ever have one
> such call on the stack at a time, allowing us to store the FP on the
> isolate rather than the stack.
>
> TBR=v8-mips-ports@googlegroups.com
>
> Bug: v8:8464, v8:7202
> Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
> Reviewed-on: https://chromium-review.googlesource.com/c/1340241
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57896}
TBR=alph@chromium.org,jgruber@chromium.org,petermarshall@chromium.org,martyn.capewell@arm.com,v8-arm-ports@googlegroups.com,v8-mips-ports@googlegroups.com,ibogosavljevic@wavecomp.com
Change-Id: I85f846e57b6fa845e7770c616435cebffdb2a245
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8464, v8:7202
Reviewed-on: https://chromium-review.googlesource.com/c/1352302
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57899}
The test was flaky because it assumed that AllocatedAssemblerBuffer
would eventually return an address within near-call range. Rarely, this
did not happen (within the retry limit), and so the test would crash.
This fix allocates a single, kMaxWasmCodeMemory-sized buffer for the
test, and generates call sequences within that buffer.
BUG=v8:8245
Change-Id: I4b44d897c6cbda15a18ab992fa57805de3b2db29
Reviewed-on: https://chromium-review.googlesource.com/c/1347484
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jacob Bramley <jacob.bramley@arm.com>
Cr-Commit-Position: refs/heads/master@{#57898}
Before fast C calls, store the current FP and PC on the isolate. When
iterating frames in SafeStackFrameIterator, check if these fields are
set and start iterating at the calling frame's FP instead of the current
FP, which will be in C++ code. We need to do this because c_entry_fp is
not set on the Isolate for Fast-C-Calls because we don't build an exit
frame.
This change makes stack samples that occur within 'Fast-C-Calls'
iterable, meaning we can properly attribute ticks within the JS caller.
Fast-C-Calls can't call back into JS code, so we can only ever have one
such call on the stack at a time, allowing us to store the FP on the
isolate rather than the stack.
TBR=v8-mips-ports@googlegroups.com
Bug: v8:8464, v8:7202
Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
Reviewed-on: https://chromium-review.googlesource.com/c/1340241
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57896}
Only log incrementally deserialized maps with --trace-maps instead of
iterating the whole heap and print all existing maps on every partial
deserialization for new contexts. This should greatly improve
performance of --trace-maps on websites with many iframes.
- Add helpers to share code: LogNewObjectEvents, LogScriptEvents,
LogNewMapEvents
- Link AllocationSites before any GC
Change-Id: I5322421a83e057518f871540691511c80bc7786a
Reviewed-on: https://chromium-review.googlesource.com/c/1342029
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57874}
This unifies the order of i-cache flushing and permission changing
throughout V8. According to cctest/test-icache flushing after the
permission change is not robust on some ARM32 and ARM64 devices.
There have been observed failures of {TestFlushICacheOfExecutable} on
some devices. So far there haven't been any observed failures of the
corresponding {TestFlushICacheOfWritable} test.
Also the order of flushing before the permission change is the natural
order in which the GC currently performs operations. Until we see
concrete data substantiating the opposite, the following is the
supported and intended order throughout V8:
exec -> perm(RW) -> patch -> flush -> perm(RX) -> exec
This CL tries to establish said order throughout the codebase.
R=ulan@chromium.org
TEST=cctest/test-icache
BUG=v8:8507,chromium:845877
Change-Id: Ic945082e643aa2d142d222a7913a99816aff4644
Reviewed-on: https://chromium-review.googlesource.com/c/1351025
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57869}
This reverts commit 4644b32e02.
Reason for revert: Link errors on win64: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64%20-%20debug/25950
Original change's description:
> [wasm] Add more unit tests for trap handler
>
> The unittests test if the trap handler only handles those traps it
> is supposed to handle:
> * Only handle traps when the thread-in-wasm flag is set.
> * Only handle traps of the right type, i.e. memory access violations.
> * Only handle traps at recorded instructions.
>
> The tests also test the consistency of the thread-in-wasm flag. I made
> one change in the trap handler where that consistency could be
> violated.
>
> All tests are executed with the default trap handler provided by V8,
> and with the trap handler callback installed in a test signal/exception
> handler.
>
> Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e
> Reviewed-on: https://chromium-review.googlesource.com/c/1340246
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57858}
TBR=mstarzinger@chromium.org,ahaas@chromium.org,mark@chromium.org
Change-Id: Iac2f20c73744226885ea1810813863a21c5faf8c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1351021
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57861}
The unittests test if the trap handler only handles those traps it
is supposed to handle:
* Only handle traps when the thread-in-wasm flag is set.
* Only handle traps of the right type, i.e. memory access violations.
* Only handle traps at recorded instructions.
The tests also test the consistency of the thread-in-wasm flag. I made
one change in the trap handler where that consistency could be
violated.
All tests are executed with the default trap handler provided by V8,
and with the trap handler callback installed in a test signal/exception
handler.
Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e
Reviewed-on: https://chromium-review.googlesource.com/c/1340246
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57858}
This CL makes it easier to organize the Context classes hierarchy and
simplifies Context class definition.
Bug: v8:8238
Change-Id: I65b8255daf255649c597dc195edf436d9471e3ea
Reviewed-on: https://chromium-review.googlesource.com/c/1350109
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57848}
This patch gives DescriptorArray its own visitor id and its
own layout that is independent from the layout of WeakFixedArray.
This allows us to use raw 16-bit integers for keeping track of
the number of descriptors (total, non-slack, and marked).
As a side-effect, we save one word per descriptor array on 64-bit.
v8:8486
Change-Id: If8389dde446319e5b3491abc948b52539dba235c
Reviewed-on: https://chromium-review.googlesource.com/c/1349245
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57845}
- Remove heap-inl.h includes from places where it looked unnecessary. (This is a
non-scientific approach, because it's probably pulled in indirectly anyway.)
- Annotate places which include heap-inl.h because they need heap/ internals.
- ACCESSORS legitimately needs heap-inl.h because of Heap::FromWritableHeapObject.
- Add includes to heap/heap-write-barrier(-inl).h
- A bunch of IWYU fixes discovered when working on this CL (includes which were
missing because heap-inl.h pulls them in indirectly).
BUG=v8:7490,v8:8238,v8:8499
Change-Id: I00f9a74d430f13d7c080dca77a92b03bcca7ef96
Reviewed-on: https://chromium-review.googlesource.com/c/1349241
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57814}
to the new design.
Bug: v8:3770
Change-Id: I3cd0a66eefefedc98a641494302fc79d897a153a
Reviewed-on: https://chromium-review.googlesource.com/c/1345910
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57801}
+ fixing other files which were depending on context-inl.h pulling in the
missing includes.
BUG=v8:7490,v8:8238
Change-Id: I90d37599bdfb69ac8fd7e62b8fb78d9d77c77234
Reviewed-on: https://chromium-review.googlesource.com/c/1349277
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57775}
This API allows the embedder to provide a stack and PC, FP and
SP registers. V8 will then attempt to unwind the stack to the C++ frame
that called into JS. This API is signal-safe, meaning it does not call
any signal-unsafe OS functions or read/write any V8 state.
Bug: v8:8116
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I7e3e73753b711737020b6a5f11946096658afa6f
Reviewed-on: https://chromium-review.googlesource.com/c/1186724
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57749}
