This reverts commit 25207bf8cb.
Reason for revert: Mips compile failure: https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/16061
Original change's description:
> Remove isolate.h include from external-reference.h
>
> This triggers a bunch of other necessary include tweaks for files that
> used to work until now because they indirectly included isolate.h
> through external-reference.h.
>
> Bug: v8:6666
> Change-Id: I8d48db44dcc321fa32a6279f3ddacb41ab58f975
> Reviewed-on: https://chromium-review.googlesource.com/972042
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52103}
TBR=jgruber@chromium.org,petermarshall@chromium.org
Change-Id: I2e867d3c82b020b4fd5201aaa5cf6ed65b081ca2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/973061
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52104}
This triggers a bunch of other necessary include tweaks for files that
used to work until now because they indirectly included isolate.h
through external-reference.h.
Bug: v8:6666
Change-Id: I8d48db44dcc321fa32a6279f3ddacb41ab58f975
Reviewed-on: https://chromium-review.googlesource.com/972042
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52103}
Code is often being patched after creating, thus we don't need to flush
the icache right away.
This CL introduces a new enum to specify whether the icache should be
flushed or not, and uses this in all methods which don't always need to
flush.
Drive-by: Fix a but where SKIP_ICACHE_FLUSH was interpreted as boolean
value.
R=mstarzinger@chromium.org
Change-Id: I13ac71d2a7168a065b8a4a1086c590816de8ca28
Reviewed-on: https://chromium-review.googlesource.com/971881
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52102}
The multi-return tests and fuzzer used a custom call descriptor which
was based on the default RegisterConfiguration. This meant that for the
tests, all available registers could be used to pass parameters and to
return values. This caused a problem, because in some cases we need a
scratch register in the frame deconstruction.
With this CL I change both the tests and the fuzzer to use the
WebAssembly call descriptor. Thereby we only use 2 registers for
returns, and one of the other registers can be used as scratch
register.
WebAssembly is the only use case at the moment which wants to return
values not only through registers but also over the stack. Therefore
I think it's acceptable to only test the WebAssembly usecase.
R=mstarzinger@chromium.org
Bug: chromium:813288
Change-Id: I31bed757af5f3e8589d2b3dfb6f0112ddecd1a20
Reviewed-on: https://chromium-review.googlesource.com/970656
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52099}
Liftoff does not need to reference its own code object, so don't
allocate a handle for that purpose.
This also allows to create LiftoffAssembler instances in background
tasks where no handle scope is available.
R=ahaas@chromium.org
Bug: v8:6600
Change-Id: I2911aebd14aaa8450456cb8eea16cea547e0b671
Reviewed-on: https://chromium-review.googlesource.com/972081
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52098}
Continuations are called directly from the deoptimizer, and thus cannot
be lazy. This also changes the corresponding assertion to an
unconditional CHECK in order to catch this type of mistake early.
Drive-by: Sort Builtins::IsLazy.
Bug: chromium:823292
Change-Id: I739429ef574e40d7b9ba40cd209175054eb73349
Reviewed-on: https://chromium-review.googlesource.com/972282
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52094}
Exposing it inside Internals was a hack. The downside of this CL is that heap
object tagging is in two places now (v8.h and globals.h).
BUG=v8:7308
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ic7115ab20d67109dd2b62c772d52eeb84fa7d9f7
Reviewed-on: https://chromium-review.googlesource.com/968423
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52093}
Embedded builtins are now based off the v8_enable_embedded_builtins
gn flag instead, which conditionally defines V8_EMBEDDED_BUILTINS.
Bug: v8:6666
Change-Id: I44d40d30fce3a3ed9bbf973d46c4990ba3fade40
Reviewed-on: https://chromium-review.googlesource.com/964361
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52092}
On {mips,mips64,ppc,s390}, target addresses are specially coded into
the instruction stream, i.e. split between a series of instructions.
This adds support for that case, similar to what happens with runtime
external references.
Bug: v8:6666,v8:7571
Change-Id: Ie6f62bc0ca3183f005d8380f6f8b908fa12ea62b
Reviewed-on: https://chromium-review.googlesource.com/970824
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52091}
Following CL [1], it is required to remove the thin_archive config
everywhere complete_static_lib is set.
[1] https://chromium-review.googlesource.com/c/chromium/src/+/954344
BUG=chromium:801925
R=machenbach
Change-Id: Id75e06543545924771820500c53df3d5ee58774b
Reviewed-on: https://chromium-review.googlesource.com/972550
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52089}
This reverts commit 9afde91b94.
Reason for revert:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm/builds/6616
Original change's description:
> [builtins] Load external references from the external-reference-table
>
> Off-heap code cannot embed external references. With this CL, we load
> from the external reference table (reached through the root pointer)
> instead.
>
> In a follow-up, the table could be stored within the isolate itself,
> removing one more level of indirection.
>
> Bug: v8:6666
> Change-Id: I4c612ad3d4112ec03c3b389f5bfb9cdc3dc8a671
> Reviewed-on: https://chromium-review.googlesource.com/970468
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52073}
TBR=yangguo@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org
Change-Id: Iecc2a68e54339e153f1d1e882d8972d5c9cff442
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/971902
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52083}
The new API supersedes the old `RegisterDefaultSignalHandler` and flag
combination. Now the embedder must explicitly call
`EnableWebAssemblyTrapHandler` to activate the trap handler and optionally
install the default signal handler. The old flag is now used only by D8 to
decide whether to call this function.
Bug: v8:5277
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I05fbb2138138bfc95b14361aabd712db84789b4a
Reviewed-on: https://chromium-review.googlesource.com/963179
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52081}
This moves the Wasm-specific metadata from being fields on the
ArrayBuffer into a table managed by WasmMemoryTracker.
Bug: chromium:776273
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Id8b050bfdfe0fbe9436fb055e92c08d503d3c2ba
Reviewed-on: https://chromium-review.googlesource.com/850550
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52080}
Previously a step-dependent reference was captured, which would not
exist anymore as soon as we change steps in async compilation. This fix
makes sure that we capture the pointer by copy, not by reference.
Change-Id: I7ff7e87b67b2fd379e6642d844a4c770cadf1f6c
Reviewed-on: https://chromium-review.googlesource.com/970964
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@google.com>
Cr-Commit-Position: refs/heads/master@{#52079}
This was a bug found while working on https://crrev.com/c/850550
Change-Id: I92b04d1814e75f0a1817f8409496612a3597cd20
Reviewed-on: https://chromium-review.googlesource.com/966997
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52078}
Avoid loading to a general purpose register if the bit pattern consists
of a consecutive block of 1 bits.
Drive-by: Change a parameter from int8_t to byte such that the AVX_OP
macro works on these methods.
R=mstarzinger@chromium.org
Change-Id: Ib469ddd29d92ddeabe98460d2951b01159a6548a
Reviewed-on: https://chromium-review.googlesource.com/969123
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52077}
If FLAG_enable_embedded_constant_pool is false, the field for the
builtin index would alias the field for the constant pool offset in the
code object. This makes constant_pool() return the builtin index, but it
also makes set_constant_pool() override the builtin index (and vice
versa).
This CL fixes this by making all constant_pool accessors honor that
flag.
R=mstarzinger@chromium.org
Change-Id: I88803a4f28bd5a2fe85a310708c7a365cc457339
Reviewed-on: https://chromium-review.googlesource.com/970586
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52076}
Off-heap code cannot embed external references. With this CL, we load
from the external reference table (reached through the root pointer)
instead.
In a follow-up, the table could be stored within the isolate itself,
removing one more level of indirection.
Bug: v8:6666
Change-Id: I4c612ad3d4112ec03c3b389f5bfb9cdc3dc8a671
Reviewed-on: https://chromium-review.googlesource.com/970468
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52073}
Part of ongoing work to remove the construct_stub field of the SFI.
Generate_InternalArrayConstructor was actually incorrect for packed
internal arrays, where it would instead create a regular internal array
because it loaded the constructor function from the context every time.
Ultimately InternalArray should be removed, or the constructor ported
to CSA in the meantime. But for now, it is off the critical path for
the construct_stub removal.
Also fix a bug: Runtime_NewArray expects a type_info parameter, which
should be in rbx (on x64). Because we now go through
JSBuiltinsConstructStubHelper first, rbx is loaded with a value that
doesn't look like a heap object, which causes a crash in NewArray.
Fix that by first loading undefined explicitly (which is what the
ArrayConstructor builtin does already).
Bug: v8:7503
Change-Id: Ic92fa8864b0af2d32200eb0176ba55ccff03b114
Reviewed-on: https://chromium-review.googlesource.com/970823
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52072}
src/base/debug/stack_trace_posix.cc: suppressed unused function warnings
for functions DemangleSymbols, OutputPointer(in order to compile with
-Werror flag)
test/cctest/test-isolate-independent-builtins.cc: corrections to make
ByteInText test case compatible with aix. (affects aix only)
Change-Id: I49e45e63545404c77aaed3f51b26557f6f03455e
Reviewed-on: https://chromium-review.googlesource.com/927484
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52071}
We currently never shrink the StringTable which causes excessive memory usage
on certain websites. This CL tries to mitigate this by shrinking the
StringTable if it is very empty (nof_elements * 16 < capacity) hopefully
avoiding costly reallocations.
Bug: chromium:818642, v8:5443
Change-Id: I4e6a95b3a6992b499fa6dd59ae159c51f089965a
Reviewed-on: https://chromium-review.googlesource.com/970465
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52070}
Loading external references from off-heap builtins will be
root-pointer-relative. At least initially, these loads will happen in
CSA and thus need access to the root pointer value.
Bug: v8:6666
Change-Id: Iae4c89061df442f5afd03f93e5ba35c4e125b850
Reviewed-on: https://chromium-review.googlesource.com/970264
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52069}
The embedders should use the EmbedderGraph API. The similar structure
can be created with the following steps:
1) Create a root node for each retainer info group.
2) Iterate all handles using Isolate::VisitHandlesWithClassIds.
3) Add an edge from the retainer info node to the v8 wrapper node.
4) Add an edge from the v8 wrapper node to the retainer info node.
See how HeapSnapshotRetainedObjectInfo is converted to the new API.
Bug: chromium:749490
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I124ae3853354863b4f888e6aa2ea13777dcaa37d
Reviewed-on: https://chromium-review.googlesource.com/948842
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52067}
Port CallIndirect and CallRuntime methods. Also, implement methods
for allocation and deallocation of stack slots, which are used in
trace memory operations.
Bug: v8:6600
Change-Id: I99e0115dcf6d971229892b27b4b4f01d0c5441e8
Reviewed-on: https://chromium-review.googlesource.com/970262
Commit-Queue: Sreten Kovacevic <sreten.kovacevic@mips.com>
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#52065}
Remove the SharedFunctionInfo code field, inferring the code object
from the function_data field instead. In some cases, the function_data
field can now hold a Code object (e.g. some WASM cases).
Bug: chromium:783853
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1219a4d6aa5abaa9fee54dda883da7a3186e347a
Reviewed-on: https://chromium-review.googlesource.com/952452
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52064}
This was removed in one of the branches during weak-refs work.
Bug: v8:7574
Change-Id: Id2a1af22b1150d8c888c117c023e8c78f532b9f2
Reviewed-on: https://chromium-review.googlesource.com/970702
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52061}
The embedders should use the new EmbedderGraph API to provide retainer
info.
Bug: chromium:749490
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Iac8dc1e749ef14277b027f43e799357c5bd413ea
Reviewed-on: https://chromium-review.googlesource.com/948489
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52059}
The MessageLoopBehavior might change over time: Sometimes we want to
wait because wasm background compilation is going on, sometimes we
don't. This makes the semaphore go out of sync with the task queue (we
always notify it when a new task is scheduled, but we only sometimes
wait on it).
Using a condition variable instead of a semaphore avoids this problem.
R=ahaas@chromium.org
Change-Id: Ib9850efc634f5988d3f824895b6566bd76475985
Reviewed-on: https://chromium-review.googlesource.com/969122
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52057}
In general, TurboFan doesn't encounter phi nodes with only a single
data input in the backend. However, CSA-based builtins (especially
auto-generated ones, e.g. from Torque), may contain single-input phi nodes,
although outside the auto-generated case this doesn't happen much in practice.
Single input phi nodes (i.e. phis in blocks with one predecessor) don't have
any side effects and are essentially useless and harmless, but to avoid problems
in the backend of TurboFan (whose SSA deconstruction disallows control flow
splits that continue to blocks with phis), this CL tweaks the existing
CSA-only control flow and graph sanitization in the CSA path to ensure
no no-op phis.
Change-Id: I109f4dc6cde5ad1794585a09609a230b1848e0d5
Reviewed-on: https://chromium-review.googlesource.com/963711
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52056}
This is a reland of 40d66d8bf8
The fix disambiguates duplicate symbols in the generated embedded
builtins file.
Original change's description:
> [build] Make separate snapshot for trusted variant
>
> This enables side-by-side snapshots with and without untrusted-code
> mitigations. It'll be the default in all V8 stand-alone builds
> with external startup data. Internal snapshots are not supported.
>
> The files snapshot_blob.bin and snapshot_blob_trusted.bin will be
> bundled with V8 on swarming and the correct file is loaded dependent
> on the --untrusted-code-mitigations runtime flag.
>
> Likewise we embed two snapshots for builtins.
>
> Side-by-side snapshots won't be supported in Chromium.
>
> Bug: v8:7441
> Change-Id: I2949ddfd5773649946b1c8e74751d48ad1d9c524
> Reviewed-on: https://chromium-review.googlesource.com/960004
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52028}
Bug: v8:7441
Change-Id: I626171d4e07389f0453b4d0a698e2772fd37e8c5
Reviewed-on: https://chromium-review.googlesource.com/968623
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52055}
