Factory::NewUninitializedFixedArray is unsafe for GC. If performance
allows, we should remove the function.
Change-Id: I3f80352797e9768b788c2996c3f29e823c067f74
Reviewed-on: https://chromium-review.googlesource.com/517794
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46166}
Async generator yield* is still desugared in the parser, to be moved to the BytecodeGenerator in a future CL.
Bug: v8:6472
Change-Id: I8b33e2f9e931949f7375540099cd8ec3a6b27cf1
Reviewed-on: https://chromium-review.googlesource.com/539335
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46165}
Currently LdaNamedProperty bytecode for expressions like a.b has position before dot. This CL moves this location after dot.
It's important for later removing of Nop bytecodes in expressions like a.b() where a is local variable, property call and property load should have the same position.
R=jgruber@chromium.org
Bug: v8:6425
Change-Id: I528c5007de52215beba80851ab04693ecec038e2
Reviewed-on: https://chromium-review.googlesource.com/543047
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46163}
Completely shares first-level visitation with the Scavenger.
Remove marking recursively on the way as we cannot reliable check for
stack overflow on background tasks.
Bug: chromium:651354
Change-Id: I6da1dc787cdfb4232ea4b6cb8e72e0f736cabf10
Reviewed-on: https://chromium-review.googlesource.com/544967
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46162}
This also adds libraries recursively under the obj dir.
Dropping v8_shell from globs since it's not included in the targets.
NOTRY=true
Bug: v8:5918
Change-Id: Ibfadb60dd7b347cf4a742f07e8b110c70e67cb06
Reviewed-on: https://chromium-review.googlesource.com/544308
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46161}
Remove PageParallelJob as it is completely replaced now. It served us
well.
Bug: chromium:651354
Change-Id: I620fa7bb0dcaf7cd3710492913c501bcb162c781
Reviewed-on: https://chromium-review.googlesource.com/544950
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46159}
This piggy-backs on top of existing precise and best-effort coverage to expose
block coverage through the inspector protocol.
Coverage collection now implicitly reports block-granularity coverage when
available. A new 'isBlockCoverage' property on Inspector's FunctionCoverage
type specifies the granularity of reported coverage.
For now, only count-based block coverage is supported, but binary block
coverage should follow soon.
Support is still gated behind the --block-coverage flag.
Bug: v8:6000
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I9c4d64e1d2a098e66178b3a68dcee800de0081af
Reviewed-on: https://chromium-review.googlesource.com/532975
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46157}
Object.create is most often called with a single parameter, the
prototype, and the properties are usually omitted. So optimizing
for the common case, we remove the argument adaption.
R=jgruber@chromium.org
BUG=v8:5989
Review-Url: https://codereview.chromium.org/2953913002
Cr-Commit-Position: refs/heads/master@{#46153}
`libStart` already has ALSR slide added to it. Do not add it twice.
https: //codereview.chromium.org/2696903002/
Review-Url: https://codereview.chromium.org/2928083004
Cr-Commit-Position: refs/heads/master@{#46152}
HistoryTimer's can't run in the background because they use a timer
with a simple api of Start() and Stop(). This CL fixes this problem
by building a base class TimedHistogram that doesn't have a timer.
The class HistoryTimer is modified to use this base class so that
uses that run on the foreground thread do not need to be modified.
It also adds a new class TimedHistogramScope that defines the timer
in this class. This allows the corresopnding TimedHistogram class to
be type safe.
BUG=v8:6361
Review-Url: https://codereview.chromium.org/2929853003
Cr-Commit-Position: refs/heads/master@{#46150}
Why I want to fix this: I got a CL to replace V8_NORETURN by
[[noreturn]], but clang-format formats this as
extern "C"[[noreturn]] PRINT_FORMAT...
(i.e. missing whitespace).
Also, this is the only extern "C" function in our code base, so if we
do not need to call it from C, we should just get rid of it.
R=jochen@chromium.org
BUG=v8:6474
Change-Id: I950bdc505822eb37a107c58e63c82a61907ba515
Reviewed-on: https://chromium-review.googlesource.com/539341
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46149}
https://chromium-review.googlesource.com/530193 accidentally disabled
the timer for compilation time of individual wasm functions. This CL
reenables this, and also gets rid of the ExecuteCompilationInternal
method by using base::Optional for conditionally initializing the
HistogramTimerScope.
R=mtrofin@chromium.orgCC=ahaas@chromium.org
Change-Id: I359f0622561b82aea4d4002b7ed79fde32f1b35e
Reviewed-on: https://chromium-review.googlesource.com/544135
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46147}
In most cases, I'm using ENTER_V8 which is due to the fact that the
respective methods might end up executing script, either because they
invoke some callback, or because they might trigger a proxy trap.
Also add microtask suppression scopes in the debugger to all the places
that need one according to tests.
BUG=v8:5830
R=marja@chromium.org,jgruber@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I24cc3de37fc0d8156acfe86b290568e5f8f662b4
Reviewed-on: https://chromium-review.googlesource.com/519262
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46146}
BytecodeList::New() returns a reference to the BytecodeLabel added to the list.
Since ZoneVector can resize, this reference could become invalid. Instead
move to a ZoneLinkedList so the references never move.
Since we were using zone vectors, the old references were still valid, and
they were only mutated to set is_bound_, so only DCHECKs should have been
affected.
Change-Id: I5da850af2596dcd7f56578a6e5badd332350cb5b
Reviewed-on: https://chromium-review.googlesource.com/544941
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46145}
This CL leverages and extends the deopt-to-stub mechanisms previously
introduced to support deopting from CSA-built builtins (e.g. Array.prototype.forEach).
BUG=v8:6373
LOG=N
Review-Url: https://codereview.chromium.org/2890363002
Cr-Commit-Position: refs/heads/master@{#46144}
If the fuzzer input cannot be executed in the interpreter within a step
limit, then the interpreter does not calculate the result but instead
finishes with a RangeError. The problem with the input of the bug report
was that the interpreter finished with that RangeError, but the
execution of the compiled code still returned a result, which was
naturally not a RangeError and therefore caused the result check to fail.
With this CL the compiled code is not even executed when there is a
RangeError after the execution in the interpreter. Thereby we also
avoid executing an infinite loop.
BUG=chromium:734435
R=clemensh@chromium.org
Change-Id: If9d0fb9e14e84f06d6f11d22f882363d56c1c20b
Reviewed-on: https://chromium-review.googlesource.com/544838
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46140}
This patch also adds handling of NativeContext and BytecodeArray.
BUG=chromium:694255
Change-Id: I6d4b2db03ece7346200853bd0b80daf65672787f
Reviewed-on: https://chromium-review.googlesource.com/543237
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46139}
This is a reland of 54b42a55e7
Original change's description:
> [build] Add filter script for official build
>
> This adds a V8-side script to list the files contained in an official archive.
>
> This'll accompany the infra-side archive recipe:
> https://chromium-review.googlesource.com/c/544298/
>
> Keeping this script on the V8-side will make it easy to change the
> archived build product.
>
> NOTRY=true
>
> Bug: v8:5918
> Change-Id: I9fcb2eae183a26e7ce11c839d95a583a049cbe75
> Reviewed-on: https://chromium-review.googlesource.com/544877
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46135}
TBR=vogelheim@chromium.org
NOTRY=true
Bug: v8:5918
Change-Id: I87b58c78a2cbd97f4da37ac93fe1e8ee77bf5ca0
Reviewed-on: https://chromium-review.googlesource.com/544979
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46138}
This reverts commit 54b42a55e7.
Reason for revert: Fails on native arm builders.
Original change's description:
> [build] Add filter script for official build
>
> This adds a V8-side script to list the files contained in an official archive.
>
> This'll accompany the infra-side archive recipe:
> https://chromium-review.googlesource.com/c/544298/
>
> Keeping this script on the V8-side will make it easy to change the
> archived build product.
>
> NOTRY=true
>
> Bug: v8:5918
> Change-Id: I9fcb2eae183a26e7ce11c839d95a583a049cbe75
> Reviewed-on: https://chromium-review.googlesource.com/544877
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46135}
TBR=machenbach@chromium.org,vogelheim@chromium.org,tandrii@chromium.org,jochen@chromium.org
Change-Id: Ic3bb59b5f0864941c8f8b590b0a351c103988f93
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:5918
Reviewed-on: https://chromium-review.googlesource.com/544978
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46137}
In the failing case (see test), the loop variable (which should be context
allocated) is in a hidden scope, so we need to save and restore data for hidden
scopes too.
The !is_hidden() check was overly limiting - NeedsScopeData already handles the
"hidden leaf scope" case which is the one we want to avoid.
(Btw, this also means that the previous assumption "variables in hidden scopes
are not context allocated" was wrong.)
BUG=v8:5516
Change-Id: I1c6116654b19ef0cfd64e8a743b46af683a9fcd5
Reviewed-on: https://chromium-review.googlesource.com/544938
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46136}
This adds a V8-side script to list the files contained in an official archive.
This'll accompany the infra-side archive recipe:
https://chromium-review.googlesource.com/c/544298/
Keeping this script on the V8-side will make it easy to change the
archived build product.
NOTRY=true
Bug: v8:5918
Change-Id: I9fcb2eae183a26e7ce11c839d95a583a049cbe75
Reviewed-on: https://chromium-review.googlesource.com/544877
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46135}
The DCHECKs were checking that the data we stored about a Scope (param count
etc) matches the Scope where we're restoring the data to.
But for skipped functions, this data is not in the Scope, so it doesn't make
sense to DCHECK them.
BUG=v8:5516
Change-Id: I6ad66ec4dd5fe31da52c0d5b533b336e3956ee1d
Reviewed-on: https://chromium-review.googlesource.com/544300
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46134}
let f = function g() { ... } declares "g" inside the function. This
CL makes the preparser declare it too, and saves + restores the scope data for
it.
BUG=v8:5516
Change-Id: Id4c64f446d30f5252038cfb0f0f473b85ba24a9b
Reviewed-on: https://chromium-review.googlesource.com/544816
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46133}
Currently the descriptors are moved from the old map to the new map,
which is unsafe for the concurrent marker. This patch removes the map
mutation.
Change-Id: I3f7ce455c7344148a122c7443cf32a4eef0307be
Reviewed-on: https://chromium-review.googlesource.com/535480
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46131}
transition, check to see if we have already done this transition.
BUG=v8:6450
Review-Url: https://codereview.chromium.org/2915863004
Cr-Commit-Position: refs/heads/master@{#46129}
The test setup was as follows:
- Preparse function test() { ... }, get scope allocation data.
- Apply the scope allocation data to (function test() { ... })();
- Compare against normal scope allocation for (function test() { ... })();
But the IIFE is unnecessary - we already disable lazy parsing.
Cleaning this up is needed because in the next CL, I want to fix the Scopes
produced by PreParser in this case:
let f = function g() {
// Here we should declare g!
}
And that fix will make the variables in
function test() {
// Here we don't declare test
}
and
(function test() {
// Here we do declare test
})();
not match any more, so it doesn't make sense to compare them against each other.
BUG=v8:5516
Change-Id: I93d154c6977bb3cbe405b6ca193cf6283df297bc
Reviewed-on: https://chromium-review.googlesource.com/543341
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46128}
SeededNumberDictionaries are used to implement element backing stores of JSObjects, not internally used dictionaries. This saves space for the anyway unused PropertyDetails entry (1/3 fields).
Bug:
Change-Id: I6fe9fae6de500dd0bcb722f51a7543952c7813e9
Reviewed-on: https://chromium-review.googlesource.com/543343
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46124}
This switches all uses of the patching {BinaryOpICStub} over to the
respective existing and non-patching CSA-builtins, and removes some
supporting code. It also removes the inlined SMI handling.
R=verwaest@chromium.org
BUG=v8:6408
Change-Id: If547c0127bfcafbd01ccb33b702b1868006ebcb1
Reviewed-on: https://chromium-review.googlesource.com/541398
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46122}
This CL does same changes as
https://chromium-review.googlesource.com/c/540763/, but for async
compilation instead of for parallel compilation. The biggest difference
is that for async compilation I start background tasks again when half
of the memory is free again and not when all the memory is free again.
Original description:
It is possible that the foreground task is unable to clear the
scheduled unfinished work, eventually leading to an OOM.
We use either code_range on 64 bit, or the capacity of the code space,
as a heuristic for how much memory to use for compilation.
The change avoids blocking the background threads while we're over the
memory threshold. This is to avoid starving the GC.
R=mtrofin@chromium.org
Change-Id: I7399e2474f72f6727e6e50176dd7ba95cdcd3238
Reviewed-on: https://chromium-review.googlesource.com/543477
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46120}
This will allow for embedders to easily implement their own Platform
without duplicating the tracing controller code.
BUG=v8:6511
R=fmeawad@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I7c64933d12b2cf53f0636fbc87f6ad5d22019f5c
Reviewed-on: https://chromium-review.googlesource.com/543015
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46118}
