This was always the intended behavior: when --embedded-variant is not
passed, we should assume "Default". What actually happened in this
case was that we'd initialize to nullptr. This CL adds the missing
nullptr check.
Bug: v8:6666
Change-Id: I87247c6c6cfec20da86d2714732a2f6044bb9b77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526193
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60278}
This is a reland of 5a61630d1d
Original change's description:
> [inspector] Allow limiting the total size of collected scripts.
>
> Introduces the setMaxCollectedScriptsSize Debugger protocol method.
> If the max size is set, the debugger will hold collected (not referenced by other v8 heap objects)
> scripts up to the specified total size of their sources.
>
> BUG=v8:8988
>
> Change-Id: I94d52866494102add91ca2d569a2044b08c9c593
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518556
> Commit-Queue: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60227}
TBR=dgozman@chromium.org
Bug: v8:8988
Change-Id: I9b1db01856a43636c1eb8ad2ec36e3727353228d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1524668
Commit-Queue: Alexei Filippov <alph@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60271}
The existing has property handling did not account for the fact an IC can have LOAD_IGNORE_OUT_OF_BOUNDS while some of the maps in the IC do not allow out of bounds loads.
bug: chromium:942068
Change-Id: I935402d9d72e9c0228510ef69154ea130d1c71f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1525876
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60269}
We have a version for each (Any, Pointer, Signed)
Bug: v8:8977
Change-Id: I1df994f96e24183a136c25818bf4917d9f8126d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1524481
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60268}
This slot has become obsolete now that all CEntry stubs are builtins
(which are part of the rootset) and no longer need to be kept alive
explicitly by a slot in the frame.
R=verwaest@chromium.org
BUG=v8:8834
Change-Id: I7b791cc509ef800bcf7aa5faab31ddf35370f944
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520725
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60267}
This asserts that we run e.g. GC finalization tasks. Without that, we
might run ouf of memory.
R=ahaas@chromium.org
Bug: chromium:938739
Change-Id: Ic80074f877183bcabb3353fbeff94842a534efab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526007
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60266}
We were just counting the number of stack elements instead of their
actual memory usage. This limits recursion a lot more and helps
avoiding OOM situations.
R=titzer@chromium.org
Bug: chromium:938739
Change-Id: I0e0ec2949f9fbad9c9e2c8677ec0223d5cd6a24b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526006
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60264}
This changes gcmole's bootstrapping script so that it always creates
binaries that link libstdc++ statically (both plugin and Clang) and do
not link against unneeded libraries (only Clang). For deployment of
gcmole on our infrastructure, it is much easier to have fewer external
dependencies.
R=machenbach@chromium.org
BUG=v8:8813
Change-Id: If6f2f3cc3b1f661f7dafbb406eaaf2e639981640
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526002
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60262}
Compiling without -fno-exceptions causes compilation errors, this
CL fixes that.
The reason for the compilation error is a mismatch of "V8_NOEXCEPT"
on mixins for base::Optional where it is not present for deleted
copy/move constructors, but present on base::Optional for defaulted
ones.
Bug: v8:8985
Change-Id: I54af77496657fde44292c050221d11533a54db03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518175
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60261}
This is a false positive of a potential evaluation order problem flagged
by the newest version of gcmole. While this is strictly speaking safe,
it is not statically known that the default argument of the fourth
parameter to {AbsoluteAndNot} is a nullptr and hence not a stale raw
reference. Since this is the only false positive of this kind in the
code base, I would vote to just avoid it by sequencing the operations.
R=jkummerow@chromium.org
BUG=v8:8813
Change-Id: I4a8f2ed4eb09766ce98e4e3d32f680a3a84eedf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523548
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60259}
Clang crashes in this configuration. See https://crbug.com/942347 for context.
BUG=chromium:942347
R=machenbach
CC=thakis
Change-Id: Iffcad9556ed92ecfbd4ee062a5ed7f8c8cac1914
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1524639
Auto-Submit: Thomas Anderson <thomasanderson@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60258}
This CL allows for either of 'minimum' or 'initial' for MemoryDescriptor
and TableDescriptor. It also adds a flag for the reflection features.
R=binji@chromium.org,adamk@chromium.org
Bug=v8:7742
Change-Id: Icfd4825f63e1eb784a39d10f740d55e81489eba7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1485243
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60256}
Introduces the setMaxCollectedScriptsSize Debugger protocol method.
If the max size is set, the debugger will hold collected (not referenced by other v8 heap objects)
scripts up to the specified total size of their sources.
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518556
> Commit-Queue: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
BUG=v8:8988
TBR=dgozman@chromium.org
Change-Id: I6f7da07c4c9ae35b5252aabddb98b693ec77b4e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1524662
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60255}
Bug: v8:7226
Change-Id: Ia2ed97b193e77a016aa10e7abd50ce59ea38f7a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518558
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60254}
This CL only provides the implementation of memory.{init,copy,fill} and
data.drop.
Bug: v8:8965
Change-Id: I439f2520bfee8f147e4b0d1d31f954aaad2e14ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1510575
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60253}
R=binji@chromium.org,adamk@chromium.org
Bug=v8:7742
Change-Id: I5b9a614dd0c8b028d756cbd401c803de4cb9437f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513159
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60252}
This CL also changes the constructor for WasmTableObject so that the
maximum_length is set to undefined instead of a default value if there's
no maximum provided.
R=binji@chromium.org,adamk@chromium.org
Bug=v8:7742
Change-Id: I6310224e9997464bf69c198e2694a6cd76e01e8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513156
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60250}
Consolidates all the work into a single TFS builtin (CreateHTML)
called by all these functions. Reduces the builtin size by
about half.
Change-Id: I92b2c7889f72db4c8c79d7ef0ce0e61036ab619e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1522727
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60248}
Since the new Objects were introduced, we can no longer cast integers to
and Object pointer and call methods on them in gdb (due to how gdb's
expression evaluator deals with temporaries). So, we add a new helper
method to our gdbinit, "$job", which takes an address and returns an
Object that is now exists in real (stack) memory.
Bug: v8:8994
Change-Id: I760a007e7d2303e3a4b1fecb87e094fb9974e91e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523329
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60245}
This should have no effect unless the embedder uses an old version
of the standard library with missing overloads of <math.h> functions,
which causes such functions to perform implicit conversion to double.
In such cases, the CL removes the implicit conversion.
Change-Id: Ib90a461c81b1f354f7acdf32df88257bff20aca8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523549
Auto-Submit: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60243}
Compilation only stores whether an error has been found, but not the
exact error or it's location. This is generated by running a validation
pass once all wire bytes have been received.
This unifies error messages by removing one more location where we
generate compilation error messages, and makes it deterministic because
a) we always report the error in the first failing function, and
b) if names are present, the error message will always contain the
function name.
R=titzer@chromium.org
Bug: chromium:926311, v8:8814
Change-Id: I79551b8bb73dcee503484de343a3ada60a6add4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1521112
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60242}
Piggybacking of splitting heap setup, this change adds a shared
read-only heap and a flag to enable it.
Also makes CallOnce use std::function instead of a raw function
pointer so the CL can use lambdas with CallOnce.
Bug: v8:7464
Change-Id: I9a97fb1baa6badca39a7381de3fd9e01f5969340
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518180
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#60241}
Main changes:
- Rename ProcessedFeedback to ElementAccessFeedback and introduce a base class
with the old name ProcessedFeedback.
- Introduce another kind of ProcessedFeedback, namely GlobalAccessFeedback for
the LoadGlobal/StoreGlobal IC. It's either a PropertyCell or a script context
slot.
- Produce such processed feedback in the serializer, when visiting LdaGlobal and
similar bytecodes.
- Consume it, and disallow heap access, in JSNativeContextSpecialization's
ReduceJSLoadGlobal and ReduceJSStoreGlobal (for --concurrent-inlining).
Minor changes:
- Introduce a FeedbackSource class (pair of FeedbackVector and FeedbackSlot)
that is used as the key of the processed feedback hash table. We already have
two similar classes, FeedbackNexus and VectorSlotPair, but both are unsuitable
for technical reasons (e.g. FeedbackNexus construction accesses the heap).
Eventually we should remove VectorSlotPair.
- Processed feedback is now returned as a pointer, which is nullptr if the
original feedback wasn't interesting (e.g. megamorphic).
The title says "partially" because the CL doesn't yet take into account named
accesses where the receiver happens to be the global proxy.
Bug: v8:7790
Change-Id: I4404d98636b91a8f2d5667115944bae4773a4770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1518184
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60240}
This simplifies some code by removing unneeded checks and early
returns. I just accidentally hit got one more instance of this, and I
think we should get rid of the requirement of only decoding LEBs that
start before the end pointer of the decoder.
R=titzer@chromium.org
Change-Id: I608c5c1c292088ac14fac20b7cb030f39c165bd7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523550
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60238}
This is a minimalistic script usable for creating packages of gcmole
together with the corresponding Clang. Such packages are used on V8's
infrastructure.
R=machenbach@chromium.org
BUG=v8:8813
Change-Id: Iee3594a3acdc7a4e5b5d5628e5557725d27d9ced
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523068
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60237}
This reverts commit 57bc36aa8f.
Reason for revert: Frame may not be allowed accesses to half size location. Reverting as a precautionary measure.
Original change's description:
> [ptr-compr] Correct size for tagged values in GetByteWidth
>
> Bug: v8:8477
> Change-Id: Id565bb8a4d420b715e3e89325786de699e30b22c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1517883
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60197}
TBR=mvstanton@chromium.org,solanes@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:8477
Change-Id: Id0482074972194d8e8c531e0ea06da762e0262b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523347
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60236}
It is a design decision of pointer compression to allow unaligned pointers,
so disable this check in UBSan.
Bug: v8:7703
Change-Id: I3fab34e77ad755cdef3cd385a3615e3d0e350c16
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523346
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60235}
We want to get rid of the atomicops library, hence switch all uses to
std::atomic.
R=mlippautz@chromium.org
Bug: v8:8926, v8:8834
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Change-Id: I9b7cca83703775b1ddee4f16f51b7ad6535bb67c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520717
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60233}
Since StreamedSource takes ownership of the ExternalSourceStream
passed into it, it should take it by unique_ptr rather than raw
pointer to signal this transfer of ownership. The old constructor
is now deprecated.
Change-Id: I24681926c2f3141f7dd3664f72019a4c6deabfd7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520713
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60232}
... and make sure that the x64 ptr-compr bots proceed testing V8 without
pointer compression in order to keep testing the full pointer mode.
Bug: v8:7703
Change-Id: Iee725deda813425a6f0722948b54976154f50909
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
Reviewed-by: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60230}
