This is needed for proper deserialization of code and has the nice
side effect of fixing the nasty race condition that led us to
introducing a lock on the signature map.
R=mtrofin@chromium.orgCC=clemensh@chromium.org
Bug:
Change-Id: I6a018344ad8b58b088b20756d3b00ae08232bbb9
Reviewed-on: https://chromium-review.googlesource.com/718937
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48589}
With the introduction of the WasmContext, compiled code is no longer
specialized to the memory start and size (or recently, globals_start).
This CL uses the same WasmContext between the interpreter and compiled
code, removing the need for UpdateMemory() and cached instance info.
R=clemensh@chromium.org
Bug:
Change-Id: I0bd52352c9b6f3029246e94e239dc29f635e7920
Reviewed-on: https://chromium-review.googlesource.com/712734
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48584}
Also fix asan environment for testing on windows.
TBR=sergiyb@chromium.org
Bug: chromium:726584
Change-Id: Ic9e6afa714f4757ad1b0f2ebfa742e742e1c04b9
Reviewed-on: https://chromium-review.googlesource.com/720811
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48583}
With parallel marking enabled, both visitors have to be equal wrt. to
actual visitation.
The differences are captured by template parameters:
- Retaining path tracing which we only do for full GCs.
- Incremental marking of FixedArray.
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux64_tsan_rel;master.tryserver.v8:v8_linux64_tsan_concurrent_marking_rel_ng;master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel
Bug: chromium:694255, chromium:750084
Change-Id: I177aeb0ee4f6a35e2f592ba257c9ddc14f88fd99
Reviewed-on: https://chromium-review.googlesource.com/704935
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48582}
This CL removes the code specialization for WASM functions that access
globals. Previously, we were embedding the start address of the globals
memory (globals_start) as a constant in the code, which required
patching for every instance. We now put this base in to the WasmContext,
which is available as a parameter to every WasmFunction.
R=ahaas@chromium.org,
CC=mtrofin@chromium.org
Bug:
Change-Id: I04bb739e898cc5a3b7dd081cc166483022d113fd
Reviewed-on: https://chromium-review.googlesource.com/712595
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48581}
They can be...eliminated.
Bug:
Change-Id: I234dddfb059fa15daf09c2095f1ea1813aa8428f
Reviewed-on: https://chromium-review.googlesource.com/720802
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48580}
In Array.prototype.map, we have to store the map result in an output array.
If we know we are storing objects, or special objects like boolean, rather
than a number, then we can reduce the amount of checks we have to do to
transition the output array to the appropriate ElementsKind.
Likewise, if we know we've got floating point values, we can specialize
appropriately to a double array.
Bug: v8:6896
Change-Id: I375daf604562b53638ea749945c1a4c907e33547
Reviewed-on: https://chromium-review.googlesource.com/711845
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48579}
This patch introduces assertPromiseFulfills and assertPromiseFulfills as
a replacement for assertPromiseResult because it’s more JavaScript-y.
BUG=v8:6921
R=ahaas@chromium.org
Also-By: ahaas@chromium.org
Change-Id: I2f865dba3992ddf3b58987bf0b376d143edb5c31
Reviewed-on: https://chromium-review.googlesource.com/718746
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48578}
Win asan needs separate "clang" config as clang is not the default on windows.
TBR=sergiyb@chromium.org
NOTRY=true
Bug: chromium:726584
Change-Id: Ic49eedf9a229eb3f81774c8d03c9d19ba1211c3d
Reviewed-on: https://chromium-review.googlesource.com/720801
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48576}
When looking at /proc/self/maps, we need to take into account the offset
in addition to the start and end addresses, otherwise --prof get's
confused with binaries produced by lld.
Change-Id: If6b484a8080a0393e91174c114dafe9a11964e8d
Reviewed-on: https://chromium-review.googlesource.com/720371
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48574}
R=gsathya@chromium.org
Bug:
Change-Id: I66bc6cffddea540e382b7f59f519a4d902a0c1b6
Reviewed-on: https://chromium-review.googlesource.com/712050
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48569}
Bug: v8:6921
Change-Id: I0ce0a285181561f1940a0a1823134fbc87e698bc
Reviewed-on: https://chromium-review.googlesource.com/720237
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48568}
We should explain why we default to StackFrame::OPTIMIZED rather
than StackFrame::INTERPRETED when we don't have a great idea
about what kind of frame we are looking at.
Bug:
Change-Id: I9d3cc84def6164ef79a4792822d52c11dfe8a448
Reviewed-on: https://chromium-review.googlesource.com/668450
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48565}
Enabling trap handlers has been causing problems with sanitizers, stress bots,
clusterfuzz, etc. Some of these fixes will require more in depth changes. In the
meantime, this restores the original behavior so the bots can turn green again.
This change reverts https://crrev.com/c/673548.
Bug: v8:6924
Change-Id: I4277ae53bc98f9896b800d015fda2ce68ae9e6f5
Cq-Include-Trybots: master.tryserver.v8:v8_linux64_tsan_concurrent_marking_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/718480
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48563}
As a simple and backmergeable fix for crbug.com/774459.
Bug: chromium:774459
Tbr: bmeurer@chromium.org
Change-Id: Ibe55ad13fe6be63a76dc3079a0288356ce35de9f
Reviewed-on: https://chromium-review.googlesource.com/719461
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48561}
Reuses the existing logic for BigInt.parseInt, adapted slightly
to allow octal and binary radix prefixes (and to support parsing
of a raw character buffer, rather than a v8::internal::String).
Bug: v8:6791
Change-Id: I41904b2204721eac452e0765fa9ff0ab26ee343b
Reviewed-on: https://chromium-review.googlesource.com/711334
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48560}
New OWNERS jbarboza and mmallick and remove bjaideep.
Bug:
Change-Id: I3d7b8d13cad441bd60b1d598e5553716799ef739
Reviewed-on: https://chromium-review.googlesource.com/714136
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#48559}
The type of StringIndexOf nodes is never recomputed since the operation
is simply changed on the original node.
Bug: chromium:769923
Change-Id: I3a2956ea69d43a56d22aff0607ac9869cf65533c
Reviewed-on: https://chromium-review.googlesource.com/718758
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48558}
New code should use nullptr instead of NULL.
This patch updates existing use of NULL to nullptr where applicable,
making the code base more consistent.
BUG=v8:6928,v8:6921
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I4687f5b96fcfd88b41fa970a2b937b4f6538777c
Reviewed-on: https://chromium-review.googlesource.com/718338
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48557}
We are trying to get rid of ZoneList now that List is gone, so here is a
decent place to start.
Bug: v8:6333, v8:6921
Change-Id: Ie02d3f95767a5d9946586b0efbd64ec265326fbc
Reviewed-on: https://chromium-review.googlesource.com/718377
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48554}
Previously, Function("++f`...`) would not throw an exception until the
created function was called. Now, it throws an early ReferenceError.
This change matches the behaviour in JavaScriptCore and SpiderMonkey.
Ordinary calls such as Function("++f()") are still thrown at runtime,
also compatible with JavaScriptCore and SpiderMonkey.
BUG=v8:4480, v8:6910
R=marja@chromium.org, littledan@chromium.org
Change-Id: If31c6d360a0464744eff5d8dd377ebff184ae00e
Reviewed-on: https://chromium-review.googlesource.com/712794
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48553}
A machine load is an effectful operation, but we didn't include
it in the effect chain.
Bug: v8:6929
Change-Id: I08a09c71dafd9dd7e5e40440a24751f2c5bcfae9
Reviewed-on: https://chromium-review.googlesource.com/718456
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48548}
This is part of JSSP removal for arm64. The padding is needed so
that the extra arguments, which are pushed separately from the rest
of the arguments, will take up an even number of slots, to avoid
copying the rest of the arguments one slot down.
Bug: v8:6644
Change-Id: I00a8730c375e4b4cc8fa0c8b6372751f92754466
Reviewed-on: https://chromium-review.googlesource.com/713255
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48547}
Not all interface implementations can handle unreachable code
correctly. The baseline compiler will fail if it tries to pop a value
from an empty stack. Instead of fixing this in the interface (the
baseline compiler in this case), this CL fixes this by not calling the
interface for unreachable instructions.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: I567783ce4191ff907b2f90e73b66274728064092
Reviewed-on: https://chromium-review.googlesource.com/715638
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Andreas Rossberg <rossberg@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48544}
This adds and explicit check for the constructability of the new.target
value in the lowering of {JSCall} nodes known to call Reflect.construct.
The {JSConstruct} operator does not perform this check and relies on the
implicit validity of new.target in all other use cases.
R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-768080
BUG=chromium:768080
Change-Id: I7c1921e787bae64ba83de3eb08aa00fc5523e251
Reviewed-on: https://chromium-review.googlesource.com/718100
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48543}
First allocatable register must be same as the argument
count register.
This change fixes problems with optimized tests.
Bug:
Change-Id: I06731c7f27c5f6a761ebdeb3c3c7b2a6c14d7c1d
Reviewed-on: https://chromium-review.googlesource.com/716224
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#48540}
