Removes all V8_DEPRECATED functions that weren't recently marked as well
any V8_DEPRECATE_SOON function that relied on using the address of
an object to get hold of the Isolate.
Normally we would have advanced the V8_DEPRECATE_SOON methods to
V8_DEPRECATE in this release and removed them in the follow release, but
their continuing presence blocks the work on creating a shared
Read-Only space where some objects would not belong to any single
Isolate. In preparation chromium and node.js (via the v8/node github)
have been modified in advance.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I8b4b06189896d94aff908ebcd121b3b38f9b482a
Reviewed-on: https://chromium-review.googlesource.com/1154915
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54915}
This CL puts off-heap targets (i.e. code addresses for embedded builtins)
in the constant pool on ARM.
We are landing this CL to evaluate impact on benchmarks and code size,
and expect to revert it once we have gathered that data.
Bug: v8:6666
Change-Id: If4935a6fb162cd1ffb34489c6fa9630f10ca2c9f
Reviewed-on: https://chromium-review.googlesource.com/1154924
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54914}
This is not used in Chrome or Node anymore.
(This could also potentially be just removed at this point.)
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I59ecc216faeb3d56d3a52c548a863544570b6173
Reviewed-on: https://chromium-review.googlesource.com/1161936
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54913}
By using a built-in this functions works with SafeStack and doesn't
require an attribute disabling ASan.
BUG=chromium:864705
Change-Id: I898d42c0b39b07300f1679eba11e7f50cad42120
Reviewed-on: https://chromium-review.googlesource.com/1162669
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54912}
This reverts commit bf5ea8138c.
Reason for revert: Breaks Sanitizers
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20ASAN/26688
Original change's description:
> [tracing] allow dynamic control of tracing
>
> If the trace_buffer_ was null, we were returning a pointer to a static
> flag back that permanently disabled that particular trace point.
>
> This implied an assumption that tracing will be statically enabled at
> process startup, and once it is disabled, it will never be enabled
> again. On Node.js side we want to dynamically enable/disable tracing as per
> programmer intent.
>
> Change-Id: Ic7a7839b8450ab5c356d85e8e0826f42824907f4
> Reviewed-on: https://chromium-review.googlesource.com/1161518
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
> Cr-Commit-Position: refs/heads/master@{#54903}
TBR=yangguo@chromium.org,ofrobots@google.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: I9459992e8c2ee403b9ddc8f6b9582d204139f6e8
Reviewed-on: https://chromium-review.googlesource.com/1162122
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54911}
This reverts commit 898f880aa7.
Reason for revert: TSAN report memory leaks
This is not related to this CL, but to behavior in tracing-controller.cc. Sorry!
https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8938962708686133568/+/steps/Check_-_slow_path__flakes_/0/logs/memory_grow/0
Original change's description:
> [cpu-profiler] Turn on detailed line info for optimized code
>
> Cautiously turn on this flag by default to check the impact on
> performance bots. Could show minor regressions in old space and/or
> code_and_metadata memory buckets.
>
> Bug: v8:7983
> Change-Id: Ic4369cdb0231f4f88eada699da948e8bb48a25fd
> Reviewed-on: https://chromium-review.googlesource.com/1162234
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54908}
TBR=yangguo@chromium.org,petermarshall@chromium.org
Change-Id: If17abee873cb589fc6450231149ccc82e7ca9f7b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7983
Reviewed-on: https://chromium-review.googlesource.com/1163441
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54910}
Cautiously turn on this flag by default to check the impact on
performance bots. Could show minor regressions in old space and/or
code_and_metadata memory buckets.
Bug: v8:7983
Change-Id: Ic4369cdb0231f4f88eada699da948e8bb48a25fd
Reviewed-on: https://chromium-review.googlesource.com/1162234
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54908}
This fixes a CHECK failure in MapVerify, and gets the correct behaviour
for uses of the well-known symbols.
BUG=v8:7611, chromium:866229
R=jkummerow@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
Change-Id: I5d679357b8807ea9d1054121d8d336fe0dd43c7c
Reviewed-on: https://chromium-review.googlesource.com/1162278
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#54905}
If the trace_buffer_ was null, we were returning a pointer to a static
flag back that permanently disabled that particular trace point.
This implied an assumption that tracing will be statically enabled at
process startup, and once it is disabled, it will never be enabled
again. On Node.js side we want to dynamically enable/disable tracing as per
programmer intent.
Change-Id: Ic7a7839b8450ab5c356d85e8e0826f42824907f4
Reviewed-on: https://chromium-review.googlesource.com/1161518
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#54903}
I have a project that embeds V8 and uses a single `Isolate` from multiple
threads. The program runs just fine, but sometimes the inspector doesn't
stop on the correct line after stepping over a statement that switches
threads behind the scenes, even though the original thread is restored by
the time the next statement is executed.
After some digging, I discovered that the `Debug::ArchiveDebug` and
`Debug::RestoreDebug` methods, which should be responsible for
saving/restoring this `ThreadLocal` information when switching threads,
currently don't do anything.
This commit implements those methods using MemCopy, in the style of other
Archive/Restore methods in the V8 codebase.
Related: https://groups.google.com/forum/#!topic/v8-users/_Qf2rwljRk8
Note: I believe my employer, Meteor Development Group, has previously
signed the CLA using the group email address google-contrib@meteor.com.
R=yangguo@chromium.org,jgruber@chromium.org
CC=info@bnoordhuis.nl
Bug: v8:7230
Change-Id: Id517c873eb81cd53f7216c7efd441b956cf7f943
Reviewed-on: https://chromium-review.googlesource.com/833260
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54902}
In order to enable PIC code in builtins we need to have BranchLong
position independent.
Change-Id: I374134ff540b515f3cf385a8b936487b47c55762
Reviewed-on: https://chromium-review.googlesource.com/1152810
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#54901}
This CL fixes a bug found by Clusterfuzz, in which the functions
LoadDataViewByteOffset and -ByteLength incorrectly had a return
type of TNode<Smi> instead of TNode<Number>.
This caused a CAST() call to fail when the requested byte offset
or byte length did not fit inside a Smi, i.e. when the underlying
ArrayBuffer of the DataView had a length longer than 2^30 on
32-bit platforms.
The CL also includes a new test in mjsunit to test against this.
Bug: chromium:869313
Change-Id: Ibb7d29bda5782a12c4b506c070bb03fef8c3ec70
Reviewed-on: https://chromium-review.googlesource.com/1158582
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54900}
We have two constants for the PC load delta; this CL
consolidates them into one. The CL does not change MIPS
as the two constants are defined to different values there.
Bug: v8:6666
Change-Id: If207a59dea3ef33756a5d7330217ab8a176bdf63
Reviewed-on: https://chromium-review.googlesource.com/1161926
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54898}
After the recent bugfix, the special case for 'undefined' is no longer
needed.
Bug: v8:7813
Change-Id: Iee3fccd72c525ac86a6fa6b3c55bcd2ce8159852
Reviewed-on: https://chromium-review.googlesource.com/1161906
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54897}
This became obsolete when I rewrote CompilationDependencies.
R=jarin@chromium.org
Change-Id: Ifc567fafccd33e98be9d1bdf6264c680be3149e4
Reviewed-on: https://chromium-review.googlesource.com/1161919
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54896}
FixedArray max size is currently 1024 MB on 64 bit and 512 MB on 32 bit.
Update the max size of FixedDoubleArray to match. This doubles the max
size for arrays of doubles.
Bug: chromium:814599
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I3ac1b4caaf5b6428fe8a8c848fffdf84af8a9ae9
Reviewed-on: https://chromium-review.googlesource.com/1160235
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54892}
On all architectures except for arm64 (which has a limit of 128 MB), we
increase the maximum wasm code space from 256 MB to 512 MB. This
generally allows for bigger WebAssembly modules and tolerates the code
size increase because of Liftoff.
R=titzer@chromium.org
Bug: chromium:840292, v8:6600
Change-Id: I999cc0c96740ad3da15cc70114d7835354d67fbf
Reviewed-on: https://chromium-review.googlesource.com/1160702
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54890}
arguments.h used methods only defined in objects-inl.h and
handles-inl.h. These uses are now moved to arguments-inl.h. Since
builtins-utils.h used these methods, it also needs to be split to have
an inl header now.
R=titzer@chromium.org
Bug: v8:7754, v8:7965
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I21db7a86f7c15776eccf060f81f2bde000b92a40
Reviewed-on: https://chromium-review.googlesource.com/1160647
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54889}
Also add more test cases of Array lastIndexOf with proxy, inspired by test262.
In the path for sparse arrays, no changes are needed because element accesses
are not observable there (thanks to UseSparseVariant).
Bug: v8:7813
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ifd47149f654e92f56d0a1ed6b3debc93718702be
Reviewed-on: https://chromium-review.googlesource.com/1160307
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54887}
This reverts commit 12c81480a3.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64%20-%20msvc/3967
Original change's description:
> Update GetCurrentStackPosition to use built-in
>
> By using a built-in this functions works with SafeStack and doesn't
> require an attribute disabling ASan.
>
> BUG=chromium:864705
>
> Change-Id: I20cc818f1a0724a017a4f7f9ae3cd8fedb6245ee
> Reviewed-on: https://chromium-review.googlesource.com/1141045
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54884}
TBR=clemensh@chromium.org,vtsyrklevich@chromium.org
Change-Id: I779091eb7e98f6a8920e274df60e35693bfdc512
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:864705
Reviewed-on: https://chromium-review.googlesource.com/1161881
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54886}
This also removes the config for a non-existing builder.
TBR=sergiyb@chromium.org
NOTRY=true
Bug: v8:8009
Change-Id: Ic6d65bce46db9807ffcbeb51d507b51ca5311cfe
Reviewed-on: https://chromium-review.googlesource.com/1161802
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54885}
By using a built-in this functions works with SafeStack and doesn't
require an attribute disabling ASan.
BUG=chromium:864705
Change-Id: I20cc818f1a0724a017a4f7f9ae3cd8fedb6245ee
Reviewed-on: https://chromium-review.googlesource.com/1141045
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54884}
This enables direct uses in e.g.
unique_ptr<v8::EmbedderHeapTracer>
Bug: chromium:843903
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I11f86c916dca5c31413866d9972178fccda7df9c
Reviewed-on: https://chromium-review.googlesource.com/1160538
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54883}
There is a proposal to make this defined behaviour, so remove the
deprecation comment for now.
R=jkummerow@chromium.org
Bug: v8:3770
Change-Id: Iff50ec544473bed844c586ed242bd062e8d530d8
Reviewed-on: https://chromium-review.googlesource.com/1160238
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54882}
This skips two tests in TSAN with stress mode only. The tests are
particularly slow with isolates testing, but they're also the two
lowest hanging fruits in normal TSAN testing.
TBR=sergiyb@chromium.org
NOTRY=true
Bug: v8:8009
Change-Id: Ic262fc39dee8ee0d8d1fdad10beced0e8f9c87a0
Reviewed-on: https://chromium-review.googlesource.com/1160860
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54881}
Etc/GMT* time zones are listed in the INAN time zone database and
they should be accepted as valid.
This CL will be followed by a CL for moving time zone name checks to C++
that will accept all the time zone names (e.g. EST5EDT, Hongkong, ROK, Zulu).
Bug: chromium:364374
Test: intl/date-format/timezone.js
Test: mjsunit/regress/regress-crbug-364374
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: If0e5327d7e980504a9cb3d2b641e907ebce61180
Reviewed-on: https://chromium-review.googlesource.com/1159546
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54879}
While working on crrev.com/c/1141045 I caused 3 assertThrows() tests
under the 'Deeply nested target' tests to fail. The tests for
defineProperty, isExtensible, and preventExtensions began to fail under
a couple build configurations because my change modified the stack check
code such that it no longer inhibited tail call optimization. Under some
build configurations the methods responsible for causing a stack oveflow
for those 3 methods were tail call optimized and the tests no longer
threw an exception.
Other built-in implementations of proxy handler methods could also fail
in the future due to refactors moving variables off the stack. Change
the test to ensure v8 doesn't crash but don't rely on stack overflow
exceptions being thrown for the 'deeply nested target' test.
BUG=chromium:864705
Change-Id: Iefeaa1d5402986c1831d0f259f83025452756387
Reviewed-on: https://chromium-review.googlesource.com/1159356
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54878}
When TypedArray builtin code was still in JS, we used to completely
elide IterableToList when passed an array. This meant that it was
possible for the builtins to observe side-effects which mutated the
array when that should have been impossible.
When IterableToList was ported to CSA, it changed to clone the passed-in
array instead of passing it through. This means that there's now no
need to guard against side-effects due to ToNumber conversions, so we
can simply return the result of Object::IterationHasObservableEffects.
Though no test changes are included here, this code is covered
by the regression tests added previously when this runtime function
was added (and later modified).
This still leaves a future TODO to port IterationHasObservableEffects
to CSA.
Change-Id: If913c035b124ecb59a5f647344b653429a162a2b
Reviewed-on: https://chromium-review.googlesource.com/1159733
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54876}
Previously, removing an element in the middle made it consume space
forever. This fixes that, without changing the complexity of removal /
addition. The trade-off is that RemoveOne will shuffle indices (which should be
OK for the current users).
BUG=v8:7308
Change-Id: I0373e30f2d9d1ffb93a78d383d41b500dbbf3429
Reviewed-on: https://chromium-review.googlesource.com/1159371
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54875}
Trampolines to off-heap targets may get inlined. In this case, it is hard
to tell where the trampoline is going to; this CL adds code comments which
identify the target builtin by name.
Bug: v8:6666
Change-Id: Ib085ad118ad64551af2522f9187b4faaad6ce315
Reviewed-on: https://chromium-review.googlesource.com/1160536
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54874}
This reverts commit b556c9eaa6.
Reason for revert: Flakes in layout tests: https://crbug.com/870187
Original change's description:
> [wasm] Implement the new API for WebAssembly.instantiateStreaming
>
> This is the second V8 CL to refactor WebAssembly.instantiateStreaming to
> make it spec compliant again. The design doc where the whole change is
> discussed is available in the tracking bug. The tracking bug also
> references prototype implementations of the whole change, which includes
> the changes in this CL.
>
> R=mstarzinger@chromium.org
>
> Bug: chromium:860637
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
> Change-Id: I776c0f24959ab5663727d3dfee0248a9b0642a42
> Reviewed-on: https://chromium-review.googlesource.com/1143187
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54834}
TBR=mstarzinger@chromium.org,ahaas@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:860637
Change-Id: Icbf2603143068a49c61de162aa7185a753703e5d
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1160261
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54872}
This adds two tests that generate calls to embedded builtins, one test
inlines the trampoline, and the other uses an indirect load from the
roots array.
Bug: v8:6666, v8:7997
Change-Id: I077f4e9ed311021edb8ee74db625ebb048fdf66b
Reviewed-on: https://chromium-review.googlesource.com/1160237
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54869}
