This CL introduced SafeForInterruptsScope. This scope overrides
outer PostponeInterruptsScopes:
- reschedule postponed interrupts if needed,
- allow requesting new interrupts.
As soon as scope removed interrupts are posponed if needed.
This scope will be:
- used to allow inspector to interrupt and terminate
DebugeEvaluate::Local,
- exposed with new flag on Isolate to implement SafeForTerminationScope
in blink.
R=yangguo@chromium.org
Bug: chromium:820640
Change-Id: I15befc10c2cee393d1e3be48cecb31ee14dae638
Reviewed-on: https://chromium-review.googlesource.com/1022969
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52743}
This is a reland of 5728b3fbc5
Original change's description:
> [builtins] Separate species protectors for Array, TypedArray, Promise
>
> Previously, there was one species protector for Array, TypedArray and
> Promise. This CL splits the protector in three separate ones. This means
> that invalidating one of them does not have negative performance
> implications for the other ones.
>
> Bug: chromium:835347, v8:7340
> Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
> Reviewed-on: https://chromium-review.googlesource.com/1023408
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52733}
Bug: chromium:835347, v8:7340
Change-Id: I0c0188a0723e206ddb362834bcf872b23cd7666d
Reviewed-on: https://chromium-review.googlesource.com/1023811
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52742}
Embedder may implement any non trivial logic using embedder fields,
e.g. creates wrappers lazily and store native pointer to native object
inside embedder fields.
R=yangguo@chromium.org
Bug: v8:7588
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Id14eb6e686f8945cb350cfe77e8a4b3c52c5ec5b
Reviewed-on: https://chromium-review.googlesource.com/1013404
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52741}
This manages input_index directly in TranslatedFrame::iterator.
I think the overhead is low enough, expecially since all uses
of the iterator, except one, compute input_index anyway.
Bug: v8:7679
Change-Id: I7e5fc08ff23a49415265afd617248c55f4d95e19
Reviewed-on: https://chromium-review.googlesource.com/1021711
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52739}
The movw/movt instructions are only available since Armv7. One of the
disassembly tests was expecting these instructions when, on Armv6, we generate a
load literal.
Change-Id: I2b11894b5de748fc185f341b0cd49fa518d005e5
Reviewed-on: https://chromium-review.googlesource.com/978143
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52738}
This adds support for i32.div_u and i32.div_s, implemented on ia32 and
x64.
R=ahaas@chromium.org
Bug: v8:6600
Change-Id: I920fb0613ecba0021dab0936690415be88d666e9
Reviewed-on: https://chromium-review.googlesource.com/1021890
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52737}
This reverts commit 5728b3fbc5.
Reason for revert: Breaks noi18n build
Original change's description:
> [builtins] Separate species protectors for Array, TypedArray, Promise
>
> Previously, there was one species protector for Array, TypedArray and
> Promise. This CL splits the protector in three separate ones. This means
> that invalidating one of them does not have negative performance
> implications for the other ones.
>
> Bug: chromium:835347, v8:7340
> Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
> Reviewed-on: https://chromium-review.googlesource.com/1023408
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52733}
TBR=sigurds@chromium.org,bmeurer@chromium.org
Change-Id: Ied8b436e7991c759eb3b98702c142aa127a7e63c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:835347, v8:7340
Reviewed-on: https://chromium-review.googlesource.com/1024151
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52736}
Previously, there was one species protector for Array, TypedArray and
Promise. This CL splits the protector in three separate ones. This means
that invalidating one of them does not have negative performance
implications for the other ones.
Bug: chromium:835347, v8:7340
Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
Reviewed-on: https://chromium-review.googlesource.com/1023408
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52733}
LoadMaybeWeakField returns a TNode<MaybeObject>, and the only way to extract
values from it is through explicit functions.
BUG=v8:7308
Change-Id: I98da6b715527bb9976b4c78ed9caaa39fbcb3ed5
Reviewed-on: https://chromium-review.googlesource.com/1014106
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52732}
At the moment, the isolate is allocated and initialized in a single
step. This has the downside that the platform cannot register the
isolate before the isolate gets initialized, and therefore the platform
is not available for the isolate during initialization. With this CL we
register the uninitialized isolate on the platform and initialize the
isolate after that.
This change is needed to allow the creation of task runners already
during the initialization of the isolate.
The related chromium CL: https://crrev.com/c/1015020R=yangguo@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I52e89388a757f2693d1a800e7aa7701aa0080795
Reviewed-on: https://chromium-review.googlesource.com/1014044
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52731}
There doesn't seem to be any reason to use our custom hashmap here,
which has a more complicated interface.
Change-Id: Ib08c2e400a3cb402a5984b925034aac29750c2ec
Reviewed-on: https://chromium-review.googlesource.com/1019445
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52724}
When attributing ticks to a function, we first check if the current pc
matches a section within the dynamic library. If we find a match here,
then we don't continue looking within dynamically generated range
information, e.g. for JS functions and builtins.
This logic breaks when embedded builtins come into play. They live
within the libv8.so shared library, and are found when looking up
statics. But what we really want is to look up the dynamically
generated code-range, which contains more precise information.
In this CL, this case is detected by matching the found symbol name.
If it's the embedded blob, then we continue to dynamic lookup.
Bug: v8:6666
Change-Id: I7cea2cd4898f5a08381a071bdbc2f862b9c80880
Reviewed-on: https://chromium-review.googlesource.com/1023422
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52723}
This CL fixes the new {CodeReference} class to comply to the style
guide. It makes it a proper class, renames private fields to end in an
underscore and simplifies the union declaration.
R=ahaas@chromium.orgCC=herhut@chromium.org
Bug: v8:7570
Change-Id: I329bbc6fca1ba3c0cb34fb4e1179eb4fa9044e76
Reviewed-on: https://chromium-review.googlesource.com/1023414
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52722}
For on-heap code, there is the nice feature of highlighting the current
pc on the "jco" gdb macro (calling {Code->Print}, {Code->Disassemble}
or {WasmCode::Disassemble}). For wasm code, this feature was missing so
far. This CL adds it.
R=ahaas@chromium.org
Change-Id: I0ee86d3c5cf9f42581f03c2ba4ec16b4c992e016
Reviewed-on: https://chromium-review.googlesource.com/1021517
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52721}
For binary operations and unary operations, we were pinning too many
registers, thereby disallowing to reuse a src register for the result.
R=ahaas@chromium.org
Bug: v8:6600
Change-Id: Id4eea1e35d29c170e191249ef42d11ed1d284490
Reviewed-on: https://chromium-review.googlesource.com/1021818
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52720}
Several functions on Array.prototype incorrectly threw a TypeError just
because their receiver was sealed or frozen.
Bug: v8:7677
Change-Id: I4ec38bfbf468f9bd676f1c0b341c8a50cf814f15
Reviewed-on: https://chromium-review.googlesource.com/1021870
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52718}
With certain ICU data bundles (such as the Node.js "small-icu"),
%GetDefaultICULocale() may return a more specific language tag (e.g.
"en-US") than what's available (e.g. "en"). In those cases, consider the
more specific language tag supported.
This CL also resolves the following Node.js issue:
https://github.com/nodejs/node/issues/15223
Bug: v8:7024
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ifda0776b3418734d5caa8af4e50c17cda95add73
Reviewed-on: https://chromium-review.googlesource.com/668350
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52716}
This CL introduces an stack abstraction for writing frame descriptions.
Previously, we managed the output offset by hand, which is verbose and
error prone. This CL introduced FrameWriter, which offers a stack
abstraction with push operations for constructing the output frame
descriptions.
The abstraction is only applied to DoComputeBuiltinContinuation;
following CLs will apply it to the other DoCompute* functions.
Bug: v8:7679
Change-Id: Ia6e34de1ed63ba9245e2a08945b1e0548562ed43
Reviewed-on: https://chromium-review.googlesource.com/1019143
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52714}
The function allocating objects in the test can be inlined in the middle
of the run. All allocations after inlining are currently not accounted.
This patch sums up allocations of the function and its outer function.
The difference between counts is now about 4%-6% (down from 15%).
Bug: chromium:834832
Change-Id: Iad071bd5bf53bb3527c9cb24d0a9ea38618c833c
Reviewed-on: https://chromium-review.googlesource.com/1021734
Reviewed-by: Ali Ijaz Sheikh <ofrobots@google.com>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52713}
This CL adds StoreFixedTypedArrayElementFromTagged to the CSA. This
method takes an array element in the form of a Number/BigInt, and
converts and stores it appropriately.
For BigInts, an existing method was refactored slightly to allow its
usage.
The added method is used in the upcoming Torque implementation
of TypedArray.p.sort.
R=jgruber@chromium.org
Bug: v8:7382
Change-Id: I5135de0eff96eb2048aaca73de327a027c1faef8
Reviewed-on: https://chromium-review.googlesource.com/1021083
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52711}
This CL adds a test for each typed element kind where the array to sort
consists of some max/min/zero elements.
When providing a custom compare function, the upcoming torque version
of TypedArray.p.sort needs to convert array elements to Number/BigInt
and back. The tests check the edge cases for that conversion.
R=jgruber@chromium.org
Bug: v8:7382
Change-Id: Ia85ca343f62ece208acdeb1595e94f17ce12b713
Reviewed-on: https://chromium-review.googlesource.com/1021080
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52710}
The existing signature is problematic for two reasons:
1. The void* -> V cast is invalid if sizeof(V) < sizeof(void*)
2. It's impossible to distinguish between a returned value of 0 and
nullptr, designating failure.
Bug: v8:6666
Change-Id: I71e8fc9119256c24a15b5bb73438f024f1af4f88
Reviewed-on: https://chromium-review.googlesource.com/1018466
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52708}
Embed a hash of the embedded blob at serialization-time, and verify it
when loading the blob.
Drive-by: Keep the size of the blob trimmed, and only page-align for
dynamic page allocation and freeing during mksnapshot.
Bug: v8:6666
Change-Id: I10b6064f4f2847d4cc400f6f1bd6961194985b8f
Reviewed-on: https://chromium-review.googlesource.com/1019144
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52707}
This implement float to i64/u64 conversions on ia32 and x64.
These conversions emit a C call on ia32, and are implemented using
native instructions on x64.
R=ahaas@chromium.org
Bug: v8:6600
Change-Id: I5b97a74d336e196598b29d407a3d06405b74ee14
Reviewed-on: https://chromium-review.googlesource.com/1014114
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52705}
To implement builtin continuations called from the deoptimizer,
we need to better support writing builtins declared with javascript
binding in Torque. This CL adds fixed number of argument support.
So you can declare in Torque, something like:
builtin javascript Foo(context: Context, receiver: Object, bar: Object):
Object {
...
}
Formerly, this would give you an error because we only supported
javascript bindings with a varargs array.
Bug: v8:7672
Change-Id: I5b5b25bdbbd5e054049c39dd2f1a4c606472dcd5
Reviewed-on: https://chromium-review.googlesource.com/1018941
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52704}
The convert operation only write an output value if the conversion
succeeded. Thus, we always initialize the buffer before calling the
conversion function.
R=ahaas@chromium.org
Change-Id: Ide230a1e608205f9067349db08adde6a90b31d6f
Reviewed-on: https://chromium-review.googlesource.com/1021377
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52703}
Instead of passing multiple pointers to input and output, or to two
input values, just pass one pointer which holds all inputs and where
the output is written.
This also reduces the size of generated Turbofan graphs, since only one
stack slot is needed and less arguments are passed to the call.
It also fixes undefined behaviour, since we were passing a pointer e.g.
as {uint64_t*}, but accessed it using {ReadUnalignedValue}. Now we pass
an Address, which does not have any alignment constraints.
R=ahaas@chromium.org
Bug: v8:3770, v8:6600
Change-Id: I54ef80b7e27f77587a9062560c0b3e01d6593e6d
Reviewed-on: https://chromium-review.googlesource.com/1019147
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52702}
This makes testing with random gc stress use the status file entrees
for gc fuzzing as well, since many test cases not suitable for one, are
not suitable for the other.
This also skips two more tests that rely on assert(Un)Optimized, which
is unreliable with gc fuzzing.
TBR=sigurds@chromium.org
Change-Id: I33a617b251d5cf65cf6e486d07ec55cde050b8ab
Reviewed-on: https://chromium-review.googlesource.com/1021082
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52701}
This is relevent for when the only "git" in your PATH is git.bat (from
depot_tools). I'd guess this is pretty common for Googlers.
Bug: v8:5960
Change-Id: I35bc49c6054afed20481ed408cfd02b7a4c346c8
Reviewed-on: https://chromium-review.googlesource.com/1019340
Commit-Queue: agrieve <agrieve@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52698}
The memory metric samples memory usage immediately after forcing GC via
LowMemoryNotification. This makes the metric sensitive to the unmapper
tasks timing.
This patch forces eager unmapping in CollectAllAvailableGarbage.
It also forces eager unmapping of non-regular chunks at the beginning
of Mark-Compact to avoid accumulation of non-regular chunks.
Bug: chromium:833291, chromium:826384
Change-Id: Iddf02cd4ab8613385d033899d29525fe6ee47fdd
Reviewed-on: https://chromium-review.googlesource.com/1017102
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52696}
