...while on-heap objects are referring to it. This is accomplished
by storing a reference to its associated WasmInstanceObject on every
WasmTypeInfo object.
Details: https://bit.ly/2UxD4hW
Fixed: v8:11953
Change-Id: Ifb6f976142356021393d41c50717d210d525d521
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043959
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75863}
These mutex guards may trigger GC on the slow paths; to detect misuse
(creating these guards inside GC-disallowed scopes) more reliably,
this CL adds
DCHECK(AllowGarbageCollection::IsAllowed())
to the guard constructors.
Bug: v8:12012
Change-Id: If59514c97ba6cc9bbca3b56559bf2496cafc78d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043952
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75861}
This is a follow-up to https://crrev.com/c/3015557. Even though we
enabled trap handling and use it in wasm code, the embedder callback
still refused to handle the signal.
This CL removed an obsolete comment and simplifies the preprocessor
condition to just check for the V8_TRAP_HANDLER_SUPPORTED variable
instead of repeating the supported platforms.
R=ahaas@chromium.org
Bug: v8:11955, chromium:1231858
Change-Id: I417c790fdb755cba182578e7aa1ce4327f4c05ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045352
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75860}
- Add DropArguments() to x64 TurboAssembler to get rid of arguments on
the stack while preserving the return address.
- Add DropArgumentsAndPushNewReceiver() to x64 TurboAssembler to get rid
of arguments on the stack and push a new receiver, while preserving
the return address.
Bug: v8:11112
Change-Id: I39ea012219ae3748a73933188eb860ce794de2f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045349
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75859}
A mix of readability refactors, additional DCHECKs, and
addressed/updated TODOs.
Bug: v8:7790
Change-Id: I87ff996abd40b0ed081586e2c0da1a4c0942fed4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041665
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75858}
Move some methods that don't access the isolate from x64 MacroAssembler
to TurboAssembler.
Drive-by: Add RootAsOperand to create an operand for root-relative
constants.
Bug: v8:11112
Change-Id: Ic0b62d96af004860e5a05539f94d0ac003b06fc3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045348
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75857}
While pointer-compression still doesn't guarantee 8-byte alignment
for objects, the WasmInstanceObject definition should be prepared
for a future where that changes.
No behavioral differences are expected from this, and likely no
performance differences for now either.
Change-Id: Iedd85f4361d45e1e3cf5d645496b9ad34acf533b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038527
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75855}
Some skips are no longer required.
BUG=v8:9684
Change-Id: I921f2032ea5c19429c735120ba80a09b8f1e352e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043961
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75854}
Adds incompatibility between future/turboprop variants and stress-concurrent-inlining
due to incompatibility from both configs weakly setting --interrupt-budget. Also ensures
we maintain this incompatibility if --future is passed as an extra flag as is done on
some bots.
BUG=v8:9684
Change-Id: I4855b92a64db00da15efc2384e241d4bf0c373c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041677
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75853}
Fold the stack interrupt check to happen as part of the bytecode budget
interrupt, so that we can skip the stack check on JumpLoop. This is a
minor improvement for Ignition, but it's mainly for for Sparkplug code
as it means we don't have to emit additional stack interrupt checks.
TurboFan doesn't have budget interrupts, so it keeps the stack interrupt
check.
Bug: v8:11420
Change-Id: I055fe752946fda6a50ca2675fa3847999898a951
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041674
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75851}
The MapRef constructor contains a ParkedSharedMutexGuard which may
trigger gc; and MapRefs may be created for any HeapObjectRef (or
subclass) creation. Thus, calls to (Try)MakeRef must happen in
contexts in which garbage collection is allowed.
Bug: v8:7790,v8:12012
Change-Id: If0cb9e2dae7150b0aa5193a90ec3bc9cd9ac3b81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043951
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75850}
Rolling v8/base/trace_event/common: d41864d..ad56859
Rolling v8/build: 51d7849..66e6c2e
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6a2f664..9ac1fdf
Rolling v8/tools/clang: c81b8b9..131233f
Rolling v8/tools/luci-go: git_revision:6387586e5b3279aebdf22bdab7ae619dbc156b66..git_revision:9ee8b1d719c0d3c268e0e19282351ca78024af2d
Rolling v8/tools/luci-go: git_revision:6387586e5b3279aebdf22bdab7ae619dbc156b66..git_revision:9ee8b1d719c0d3c268e0e19282351ca78024af2d
Rolling v8/tools/luci-go: git_revision:6387586e5b3279aebdf22bdab7ae619dbc156b66..git_revision:9ee8b1d719c0d3c268e0e19282351ca78024af2d
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I1fb8aa68f5afba116d2f214f2128553a77e6ca7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045038
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75849}
RegExp match indices have shipped since M90
Bug: v8:9548
Change-Id: I8bf54ce1a50b5079aad71140f75c979a09aae5bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042842
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75848}
This is a reland of 4cc547c759
Change: prevent a memcpy to nullptr by skipping the call to copy_out()
when the length is zero.
Original change's description:
> [wasm][eh] Add WebAssembly.Tag.type
>
> R=ahaas@chromium.org
>
> Bug: v8:8091
> Change-Id: Id069ffbf76bf836b613287788b1b1fccbb577475
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021173
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75815}
Bug: v8:8091
Change-Id: I22f400b6e36d1322a4eabd20a68b4bdd70d61377
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041436
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75847}
Allow CrossThreadPersistent and its weak form to access ASAN poisoned
memory from the GC entry points.
In general, payloads of to-be-finalized objects are poisoned until the
finalizer actually runs to avoid accidentally touching that payload.
In the case of cross-thread handles, these may need to be cleared by a
different thread before the finalizer actually runs. In order to clear
those references, the slot needs to be unpoisoned.
This is issue is ASAN-only and does not affect production or other
debug builds.
Bug: chromium:1230599, chromium:1056170
Change-Id: If4d0808953047319b02653821abbb5c638084dc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040845
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75846}
This adds a little {Simulator::ProbeMemory} method that is used from
several places in the arm64 simulator to test if a memory address can be
accessed, and trigger a signal from a specific location such that the
trap-handler can handle it. In case of a trap, the simulator is
redirected to the landing pad and stops executing the memory
instruction that triggered the trap.
Standard memory accesses and SIMD memory loads and stores are
instrumented to probe the memory. This passes all existing tests. In
case this CL misses certain spots, we can still add them later. This
will not be a security problem, since we do not use the simulator in
production.
R=ahaas@chromium.orgCC=mseaborn@chromium.org, v8-arm-ports@googlegroups.com
Bug: v8:11955
Change-Id: I52a81341e99fabc5fcf9e41ef4d8dd2226092803
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3015557
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75843}
The concurrent sweeper destroyed large pages directly in case no
finalizer was needed during sweeping. This is unsafe as the logic of
BasePage::Destroy is not concurrency safe.
Bug: chromium:1056170, chromium:1231053
Change-Id: I8ae9b27b916f8c4aee0c239c7ac8f2ec61d92c56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041671
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75842}
Since most Torque-defined extern classes use @generateCppClass, it makes
more sense to instead annotate the small number that don't. This is part
of the cleanup work that Nico recommended in [1].
Classes that still have to opt out:
- Those that can be converted by https://crrev.com/c/3015666
- HeapObject: sort of special since it's the root of the inheritance
hierarchy. Generated code would include two declarations that don't
compile until HeapObject is defined:
bool IsHeapObject_NonInline(HeapObject o);
explicit TorqueGeneratedHeapObject(
Address ptr, HeapObject::AllowInlineSmiStorage allow_smi);
- SmallOrdered*: these classes use templates on the C++ side, which is
not currently representable in Torque.
- SwissNameDictionary: according to a comment, the Torque generation for
this class is incorrect. I haven't investigated further.
Drive-by fix: make the Torque formatter keep LF on Windows rather than
writing CRLF.
[1] https://docs.google.com/document/d/1q_gZLnXd4bGnCx3IUfbln46K3bSs9UHBGasy9McQtHI/edit#
Bug: v8:8952
Change-Id: I1fbb5290f0c645842b84c53816c09bb3398206a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028721
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#75841}
We add additional num_types and liftoff parameters
for GetValueType to be able to generate user-def reftypes.
num_types is the number of types in the program and
liftoff checks if we could add reftypes or not.
The additional method (NumTypes) was added to WasmModuleBuilder and
additional field (liftoff) to WasmGenerator constructor.
Bug: v8:11954
Change-Id: I4904a41043264c65d5cba5b22129184d6a486bfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041426
Commit-Queue: Rakhim Khismet <khismet@google.com>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75840}
This was triggered by the inspector fuzzer, which terminates execution
after two seconds. This is done by triggering a termination exception
via an interrupt. In this case, the runtime function should return
immediately, and return the exception sentinel.
This CL fixes the WasmDebugBreak runtime function to do that correctly.
R=thibaudm@chromium.org
Bug: chromium:1215711
Change-Id: Idf8e9769809f135b426e4d1a0ef82fae826050b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041423
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75838}
This reverts commit 0cd8a913a7.
Reason for revert: There are reports of this check failing.
It's still unclear why it's failing and what the implications of
that are. The check had been disabled for many years so it seems
safe to disable it again for now (it's in --debug-code anyways).
Original change's description:
> [ia32] Restore FP stack check in the deoptimizer
>
> This restores the check that was removed in
> https://chromiumcodereview.appspot.com/12300020/
>
> Bug: chromium:736643
>
> Change-Id: I82e218b9f2572953a7f433d713dff0528574eea1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848469
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74168}
Bug: chromium:1208057
Change-Id: I2f8ecfca3f4732583378a5d5b2a38ad636914e1c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041673
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75837}
This reverts commit e24fa91327.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/18917/overview
Original change's description:
> [offthread] Template deserializer on Isolate
>
> Make the deserializer class templated on Isolate/LocalIsolate. This
> allows the ObjectSerializer to be split into a main-thread and offthread
> variant, with the latter taking a LocalIsolate.
>
> Eventually, we probably want to anyway split off the code-cache de/serializer
> to a separate implementation (for various reasons), and this the only one that
> wants off-thread finalization, and at this point the deserializer can revert
> back to being un-templated, used only for bootstrapping. However, this is the
> simplest way, for now, to enable off-thread deserialization.
>
> Bug: chromium:1075999
> Change-Id: I49c0d2c5409f0aa58183673785296756c3714f22
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562254
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75834}
Bug: chromium:1075999
Change-Id: Id699ebe0c17d3a61ec35b0f78417306175271647
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041675
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75836}
Currently deopt fuzzer passes --future and so should skip the same tests
as the future variant.
BUG=v8:9684
Change-Id: I3d10dae7ba7cffc36bd4777941ac053c42c80cef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041668
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75835}
Make the deserializer class templated on Isolate/LocalIsolate. This
allows the ObjectSerializer to be split into a main-thread and offthread
variant, with the latter taking a LocalIsolate.
Eventually, we probably want to anyway split off the code-cache de/serializer
to a separate implementation (for various reasons), and this the only one that
wants off-thread finalization, and at this point the deserializer can revert
back to being un-templated, used only for bootstrapping. However, this is the
simplest way, for now, to enable off-thread deserialization.
Bug: chromium:1075999
Change-Id: I49c0d2c5409f0aa58183673785296756c3714f22
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562254
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75834}
The JSFunction::set_context call happens 1. only on script functions
and 2. before the function is executed, and therefore the compiler
only ever sees the final value.
Bug: v8:7790
Change-Id: I618673c7ec6284dcf3d80b1edd7be516b048ed2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041664
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75833}
This also fixes a little mistake from
https://chromium-review.googlesource.com/c/v8/v8/+/2992914.
The label must be far here.
Change-Id: Ie53cb3713b1b5db6c10e4ce6ed177a510da847f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031897
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Ji Qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/master@{#75832}
With lazy feedback allocation we don't tier up to baseline early. This
test requires us to tier up to baseline. So add
--lazy_feedback_allocation as a required flag.
Bug: v8:12009
Change-Id: Ibbc1d1cc74ae368ef414f513a0cd46e9bf068186
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042718
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75829}
This makes the V8 dcheck control independent of Chromium's and
prepares switching Chromium's default behavior without affecting V8
developers or builders.
Preparation for: https://crrev.com/c/2893204
Bug: chromium:1225701
Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75827}
... which will update both the CodeObjectSlot contents and the cached
value of the code entry point when the pointed Code object is
evacuated.
This is done by introducing an OLD_TO_CODE remembered set which is
populated with the recorded slots containing pointers to Code objects.
CodeDataContainer is the only kind of holder that can contain Code
pointers, so having a CodeObjectSlot is enough to compute the holder
CodeDataContainer object and update the cached code entry point there.
This CL fixes the data race in the previous implementation which were
updating the code entry point during Code object migration.
Bug: v8:11880
Change-Id: I44aa46af4bad7eb4eaa922b6876d5f2f836e0791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035084
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75826}
Avoiding the builtin call, and potentially enabling other Turbofan
optimizations to apply.
This required teaching the MemoryLowering pass how to produce
Wasm-style isolate-independent code, where external references won't
work, and builtin calls have to be encoded differently.
Bug: v8:7748
Change-Id: Ib6d87da644330e7c3623c11aa333b23074aeae19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038524
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75824}
Earlier CL: https://chromium-review.googlesource.com/c/v8/v8/+/3030711
used esi register to load code object. When we use CallRuntime we
expect esi to contain Context object. So, restore this value from
the frame before calling into runtime.
Bug: chromium:1230936
Change-Id: I1f34aa85ff77555c5cbbe2d5b5401056b36278af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041425
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75822}
Hashing FunctionSigs can be quite expensive for large modules;
luckily in some cases we can avoid doing that work.
Change-Id: Ia18060b4c27ab34b44bda4bb81ea05299ecb0f49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038523
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75819}
This CL fixes a previous change in String.prototype.startsWith which
didn't throw an exception (in the optimized version) when `undefined`
was passed as a receiver and the search string was the empty string.
Bug: chromium:1230260
Change-Id: I835bd409b09b78bf7235c77596f62b588c95611d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040841
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75818}
Most Torque-defined extern classes already use @generateCppClass. As
Nico pointed out in [1], it would be nice to convert the remaining
classes and remove this option. This change converts most of those
remaining classes. I know that the future of Torque-defined classes is a
subject of some debate right now, but I think that it's worth doing a
few mechanical changes to reduce the existing variety of options.
Changes that don't exactly follow the usual pattern:
1. BigIntBase, MutableBigInt: we can define these without a body, and
then Torque treats them as "really external" rather than "kind of
external, but with some Torque-generated parts".
2. RegExpMatchInfo: moved its inline functions into a separate file,
which the generated -tq.cc file requires.
[1] https://docs.google.com/document/d/1q_gZLnXd4bGnCx3IUfbln46K3bSs9UHBGasy9McQtHI/edit#
Bug: v8:8952
Change-Id: I84c7958a295caa0bab847683c05022e18c921cad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027742
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#75817}
