Commit Graph

4608 Commits

Author SHA1 Message Date
Jakob Kummerow
aadc5cc147 [wasm-c-api] Roll 35e1532: Properly support anyref
Change-Id: Ib28e408cb6046fd728ceff6e6bf4005a241664e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1745340
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63247}
2019-08-19 13:39:00 +00:00
Dominik Inführ
60843b426b Use list of invalidated objects for old-to-new refs
Instead of inserting "deletion" entries into the store buffer, keep a
list of invalidated objects to filter out invalid old-to-new slots.

The first CL https://crrev.com/c/1704109 got reverted because both the
sweeper and the main task were modifying the invalidated slots data
structure concurrently. This CL changes this, such that the sweeper
only modifies the invalidated slots during the final atomic pause when
the main thread is not running. The sweeper does not need to clean this
data structure after the pause, since the "update pointers" phase
already removed all invalidated slots.

The second CL https://crrev.com/c/1733081 got reverted because the
sweeper might find more free space than the full GC before it. If an
object shrinks after the pause but before the sweep, the invalidated
object might span free memory and potentially new allocated objects.
Therefore shrink invalidated objects when processing swept pages on
the main thread. Also clean recorded slots in the gap.

TBR=petermarshall@chromium.org

Bug: v8:9454
Change-Id: I80d1fa3bbc24e97f7c97a373aaad66f105456f12
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1751795
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63239}
2019-08-19 11:40:09 +00:00
Michaël Zasso
e3d7f8a588 [build] update gen-postmortem-metadata for Python 3
This change makes the code compatible with both Python 2 and Python 3.

Change-Id: I99d68af9c3163607c3a2fdbafac339a98b7471e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1751331
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63207}
2019-08-14 12:53:01 +00:00
cjihrig
39dc0be73f Update postmortem metadata generation script
Update postmortem metadata constants for V8 7.4 in Node.js.

Change-Id: I7d248b345e0326dafb776e144a6a22a381a05fc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1546049
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63189}
2019-08-13 13:48:18 +00:00
Ross McIlroy
3bd4ac9d20 [Parsing] Create canononical ScopeInfos in the read-only space.
Create canonical ScopeInfos for the global this binding and empty function in
the read only space, rather than creating them during bootstrapping for each
native context. This saves some memory, and also means we don't need to access
the native context to get the global this binding in when deserializing a
scope info, which is important since parsing should be native context independent.

BUG=chromium:992063

Change-Id: I800f576e8e9b95d46e043cba0c1a03ae19a683c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1748690
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63174}
2019-08-12 21:41:48 +00:00
Yang Guo
04a6f872f2 Use relative paths to OWNERS files
R=machenbach@chromium.org

Bug: chromium:992584
Change-Id: I301013731a502689f2edd5c90e5e7bf2136198c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1745337
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63159}
2019-08-12 13:52:52 +00:00
Santiago Aboy Solanes
5d615479b6 [cleanup] Update turbolizer tooltip with the correct number
Bug: v8:9396
Change-Id: Ic5082b91cc61a286bd6a440009bf18202e853339
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1730997
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63141}
2019-08-09 09:35:01 +00:00
Tamer Tas
941447a813 [whitespace] trigger for infra CL crrev.com/c/1745887
TBR=machenbach@chromium.org

Bug: chromium:883629
Change-Id: Ie9d4584f6fd2c59e51128b09df5de3fbf8cf8780
No-Try: True
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1745468
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63136}
2019-08-09 07:11:32 +00:00
Dominik Inführ
c9f9d1b0b4 Revert "Use list of invalidated objects for old-to-new refs"
This reverts commit e2f98ec22c.

Reason for revert: Caused performance regression in ArrayLiteralInitialSpreadSmallHoley.

Original change's description:
> Use list of invalidated objects for old-to-new refs
>
> Instead of inserting "deletion" entries into the store buffer, keep
> a list of invalidated objects to filter out invalid old-to-new slots.
>
> The first CL https://crrev.com/c/1704109 got reverted because both the sweeper and the main task were modifying the invalidated slots data structure concurrently. This CL changes this, such that the sweeper only modifies the invalidated slots during the final atomic pause when the main thread is not running. The sweeper does not need to clean this data structure after the pause, since the "update pointers" phase already removed all invalidated slots.
>
> Bug: v8:9454
> Change-Id: Iffb5bf96de2c89eee1ee1231a3414a0f2a155cbc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1733081
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63087}

TBR=ulan@chromium.org,petermarshall@chromium.org,dinfuehr@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:9454
Change-Id: I328b9f72df45fc9570d4a4d1b5389eac010638c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743970
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63131}
2019-08-08 20:42:09 +00:00
Tamer Tas
1fefb92974 [whitespace] trigger the Waterfall bots
TBR=machenbach@chromium.org

No-Try: True
Change-Id: Ie0a94f97989a6f5a7e0b68c733035e3dac264215
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743966
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63123}
2019-08-08 09:37:32 +00:00
Michael Achenbach
bc7c26040c Whitespace change to trigger bots
TBR=santa

Change-Id: I05cdd74eea6f2b02158d6d9854f35a08b455edd4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1741656
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63117}
2019-08-07 13:42:06 +00:00
Tobias Tebbi
4418a7b96a Revert "[torque] introduce JSAny type for user-accessible JavaScript values"
This reverts commit 79b00555ea.

Reason for revert: needs more discussion

Original change's description:
> [torque] introduce JSAny type for user-accessible JavaScript values
> 
> This CL introduces a JSAny type for user-exposed JavaScript values and
> a few new types to define it. Especially, it splits Symbol into
> PrivateSymbol (not exposed) and PublicSymbol (JavaScript exposed
> symbols).
> 
> The change is mostly mechanical, but a few things are interesting:
> - PropertyKey and JSPrimitive were designed to coincide with the spec
>   notions of IsPropertyKey() and primitive value, respectively.
> - Since Name is an open type, we define AnyName to be the known
>   subtypes of Name. This is not too elegant, but by using AnyName
>   instead of Name, typeswitch can properly conclude something if a
>   subtype of Name is excluded.
> 
> Small drive-by changes, which were necessary:
> - Allow subtyping on label parameters.
> - Fix the formatting of typeswitch, it was broken with union types
>   in case types.
> 
> Bug: v8:7793
> Change-Id: I14b10507f8cf316ad85e048fe8d53d1df5e0bb13
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735322
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63114}

TBR=neis@chromium.org,jgruber@chromium.org,tebbi@chromium.org

Change-Id: Ifde7881d74afe407628f40047997339d54cb2424
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1741652
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63115}
2019-08-07 11:49:20 +00:00
Tobias Tebbi
79b00555ea [torque] introduce JSAny type for user-accessible JavaScript values
This CL introduces a JSAny type for user-exposed JavaScript values and
a few new types to define it. Especially, it splits Symbol into
PrivateSymbol (not exposed) and PublicSymbol (JavaScript exposed
symbols).

The change is mostly mechanical, but a few things are interesting:
- PropertyKey and JSPrimitive were designed to coincide with the spec
  notions of IsPropertyKey() and primitive value, respectively.
- Since Name is an open type, we define AnyName to be the known
  subtypes of Name. This is not too elegant, but by using AnyName
  instead of Name, typeswitch can properly conclude something if a
  subtype of Name is excluded.

Small drive-by changes, which were necessary:
- Allow subtyping on label parameters.
- Fix the formatting of typeswitch, it was broken with union types
  in case types.

Bug: v8:7793
Change-Id: I14b10507f8cf316ad85e048fe8d53d1df5e0bb13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735322
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63114}
2019-08-07 11:44:18 +00:00
Michael Achenbach
b8ecf9faa0 Whitespace change to trigger builders
Change-Id: I035d276004b21f167ede2ecd9bc59759f135bbd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1741647
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63107}
2019-08-07 07:40:44 +00:00
Dominik Inführ
e2f98ec22c Use list of invalidated objects for old-to-new refs
Instead of inserting "deletion" entries into the store buffer, keep
a list of invalidated objects to filter out invalid old-to-new slots.

The first CL https://crrev.com/c/1704109 got reverted because both the sweeper and the main task were modifying the invalidated slots data structure concurrently. This CL changes this, such that the sweeper only modifies the invalidated slots during the final atomic pause when the main thread is not running. The sweeper does not need to clean this data structure after the pause, since the "update pointers" phase already removed all invalidated slots.

Bug: v8:9454
Change-Id: Iffb5bf96de2c89eee1ee1231a3414a0f2a155cbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1733081
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63087}
2019-08-06 09:01:59 +00:00
Michael Achenbach
cdfadf4a99 Reland "[test] Print hanging tests on linux on test-runner termination"
This is a reland of 3fc9663159

The private method on_event in timeout proc is now renamed to be truly
private.

Original change's description:
> [test] Print hanging tests on linux on test-runner termination
>
> This will print the list of processes still running before and after
> joining workers during termination. This will help debugging hanging
> tests during flake-bisect or with num-fuzzer, which both terminate
> on total timeout and currently still sometimes hang without printing
> processes.
>
> Bug: v8:8292
> Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63065}

Bug: v8:8292
Change-Id: Ibad1172666d6f4d2c07884a54edfe9d6499b57fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735318
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63072}
2019-08-05 11:50:18 +00:00
Michael Achenbach
cfdbab36d9 Revert "[test] Print hanging tests on linux on test-runner termination"
This reverts commit 3fc9663159.

Reason for revert: _on_event clashes with a the same function in timeout proc.

Original change's description:
> [test] Print hanging tests on linux on test-runner termination
> 
> This will print the list of processes still running before and after
> joining workers during termination. This will help debugging hanging
> tests during flake-bisect or with num-fuzzer, which both terminate
> on total timeout and currently still sometimes hang without printing
> processes.
> 
> Bug: v8:8292
> Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63065}

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ic29013e92c77a9905e06ee13a2449e033285eb36
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8292
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735317
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63066}
2019-08-05 10:52:53 +00:00
Michael Achenbach
3fc9663159 [test] Print hanging tests on linux on test-runner termination
This will print the list of processes still running before and after
joining workers during termination. This will help debugging hanging
tests during flake-bisect or with num-fuzzer, which both terminate
on total timeout and currently still sometimes hang without printing
processes.

Bug: v8:8292
Change-Id: I124b65fa35b8d7a6aa198fcf50f2c20df94dc51a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1735312
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63065}
2019-08-05 10:21:48 +00:00
Seth Brenith
0921e8f28b Reland "Add postmortem debugging helper library"
This is a reland of 517ab73fd7

Updates since original: now compressed pointers passed to the function
GetObjectProperties are required to be sign-extended. Previously, the
function allowed zero-extended values, but that led to ambiguity on
pointers like 0x88044919: is it compressed or is the heap range actually
centered on 0x100000000?

Original change's description:
> Add postmortem debugging helper library
>
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
>
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
>
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
>
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
>
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
>   the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
>   generated by mkgrokdump. The caller may optionally provide the
>   pointers for the first pages of various heap spaces, to avoid spurious
>   matches. If those pointers are not provided, then any matches are
>   prefixed with "maybe" in the resulting description string, such as
>   "maybe UndefinedValue (0x4288000341 <Oddball>)".
>
> Bug: v8:9376
>
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}

Bug: v8:9376
Change-Id: I866a1cc9d4c34bfe10c7b98462451fe69763cf3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1717090
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#63008}
2019-07-31 14:30:19 +00:00
Michael Achenbach
f376435425 Whitespace change to trigger bots
Change-Id: Ica3d8ca233278e50e390aad37138942d23b5b8b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1728612
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63003}
2019-07-31 09:41:27 +00:00
Sathya Gunasekaran
743ce7726d [WeakRefs] Make cleanup callback run as a task
Previously, this was run as a microtask and this CL changes it to run
as a separate task as mandated by the current WeakRef spec.

This CL also introduces a FinalizationGroup type to the V8 API
representing the JSFinalizationGroup. This has a `Cleanup`
function that runs the cleanup callback associated with it.

SetHostCleanupFinalizationGroupCallback is added to set
the embedder defined HostCleanupFinalizationGroupCallback.

ClearKeptObject is exposed on the v8::Isolate to reset the strongly
held set of objects.

The general workflow is the following:

(a) When the GC notices that a given finalization group has dirty
    cells, it calls HostCleanupFinalizationGroupCallback with the given
    finalization group.

(b) As part of HostCleanupFinalizationGroupCallback, the embedder
    enqueues a task that at some point later calls
    FinalizationGroup::Cleanup.

(c) At some point in the future, FinalizationGroup::Cleanup is called,
    which runs the cleanup callback of the finalization group.

This patch also includes d8 changes to use these new APIs. Currently,
d8 cycles through the enqueued finalization groups after a synchronous
turn (and it's microtask checkpoint) and runs the cleanup callbacks.

Change-Id: I06eb4da2c103b2792a9c62bc4b98fd4e5c4892fc
Bug: v8:8179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655655
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62984}
2019-07-30 12:19:39 +00:00
Michael Achenbach
b4dee0b1da Whitespace change to trigger bots
Change-Id: If57fdeeaef9a45ad7d17c0fc27dc89fbc83e4a02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1725627
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62983}
2019-07-30 12:16:42 +00:00
Leszek Swirski
1d4079b30c [obj-stats] Fix heap-stats label order
Data in the viewer has to be in the same order as the labels.

Change-Id: I2e64fb30ebc0e3585c7b9d364553cb6a5ec1f3cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1718159
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62921}
2019-07-25 14:43:35 +00:00
Leszek Swirski
b50ee58ca7 [obj-stats] Count more field types (Smi, boxed double, string)
Distinguish between generic Tagged and Smi in-object fields, and special
case (boxed) double values and string data rather than lumping those
into generic "raw data"

Change-Id: I5d635434ab94065c077a40110948424c31ead73d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1718154
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62914}
2019-07-25 13:04:12 +00:00
Zhi An Ng
6747e3a186 Revert "Add postmortem debugging helper library"
This reverts commit 517ab73fd7.

Reason for revert: Test failures https://bugs.chromium.org/p/v8/issues/detail?id=9538

Original change's description:
> Add postmortem debugging helper library
> 
> This change begins to implement the functionality described in
> https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
> for investigating V8 state in crash dumps.
> 
> This change adds a new library, v8_debug_helper, for providing platform-
> agnostic assistance with postmortem debugging. This library can be used
> by extensions built for debuggers such as WinDbg or lldb. Its public API
> is described by debug-helper.h; currently the only method it exposes is
> GetObjectProperties, but we'd like to add more functionality over time.
> The API surface is restricted to plain C-style structs and pointers, so
> that it's easy to link from a debugger extension built with a different
> toolchain.
> 
> This change also adds a new cctest file to exercise some basic
> interaction with the new library.
> 
> The API function GetObjectProperties takes an object pointer (which
> could be compressed, or weak, or a SMI), and returns a string
> description of the object and a list of properties the object contains.
> For now, the list of properties is entirely based on Torque object
> definitions, but we expect to add custom properties in future updates so
> that it can be easier to make sense of complex data structures such as
> dictionaries.
> 
> GetObjectProperties does several things that are intended to generate
> somewhat useful results even in cases where memory may be corrupt or
> unavailable:
> - The caller may optionally provide a type string which will be used if
>   the memory for the object's Map is inaccessible.
> - All object pointers are compared against the list of known objects
>   generated by mkgrokdump. The caller may optionally provide the
>   pointers for the first pages of various heap spaces, to avoid spurious
>   matches. If those pointers are not provided, then any matches are
>   prefixed with "maybe" in the resulting description string, such as
>   "maybe UndefinedValue (0x4288000341 <Oddball>)".
> 
> Bug: v8:9376
> 
> Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62882}

TBR=yangguo@chromium.org,mvstanton@chromium.org,jgruber@chromium.org,tebbi@chromium.org,seth.brenith@microsoft.com

Change-Id: Ia078f2e8d101d2375b5db88021b2d65d28f1b075
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9376
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1716033
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62899}
2019-07-24 16:31:54 +00:00
Seth Brenith
517ab73fd7 Add postmortem debugging helper library
This change begins to implement the functionality described in
https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit#
for investigating V8 state in crash dumps.

This change adds a new library, v8_debug_helper, for providing platform-
agnostic assistance with postmortem debugging. This library can be used
by extensions built for debuggers such as WinDbg or lldb. Its public API
is described by debug-helper.h; currently the only method it exposes is
GetObjectProperties, but we'd like to add more functionality over time.
The API surface is restricted to plain C-style structs and pointers, so
that it's easy to link from a debugger extension built with a different
toolchain.

This change also adds a new cctest file to exercise some basic
interaction with the new library.

The API function GetObjectProperties takes an object pointer (which
could be compressed, or weak, or a SMI), and returns a string
description of the object and a list of properties the object contains.
For now, the list of properties is entirely based on Torque object
definitions, but we expect to add custom properties in future updates so
that it can be easier to make sense of complex data structures such as
dictionaries.

GetObjectProperties does several things that are intended to generate
somewhat useful results even in cases where memory may be corrupt or
unavailable:
- The caller may optionally provide a type string which will be used if
  the memory for the object's Map is inaccessible.
- All object pointers are compared against the list of known objects
  generated by mkgrokdump. The caller may optionally provide the
  pointers for the first pages of various heap spaces, to avoid spurious
  matches. If those pointers are not provided, then any matches are
  prefixed with "maybe" in the resulting description string, such as
  "maybe UndefinedValue (0x4288000341 <Oddball>)".

Bug: v8:9376

Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62882}
2019-07-23 20:02:16 +00:00
Debrian Figueroa
15103f0933 Add json output arg to mg gen and analyze.
Allows writing of output error to json output path specified.

Bug: chromium:985959
Change-Id: I4bbc94dbc8b0c21f1ce75e722c69fab18eeb1f01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710205
Commit-Queue: Debrian Figueroa <debrian@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62858}
2019-07-22 19:33:20 +00:00
Michael Starzinger
224ca74ae4 [asm.js] Propagate language mode to exported functions.
This makes sure the language mode of the module is correctly propagated
through the WebAssembly module, so that exported functions are allocated
with the correct language mode. It extends the existing {ModuleOrigin}
enum to consist of three values now.

R=clemensh@chromium.org
TEST=mjsunit/regress/wasm/regress-985154
BUG=chromium:985154

Change-Id: Id7b566738b1e710cc5001b894022bcd0f2c01bc3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708484
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62826}
2019-07-19 11:47:48 +00:00
Andreas Haas
cd34523b9b [wasm][tests] Add proposal tests to the wasm spec tests
With this CL we add proposal tests to the wasm-spec-tests. For this I
extended the update-wasm-spec-tests.sh script. Additionally to
generating the spec tests it does the following:

For each proposal it identifies those tests that are different to the
spec tests, and then copies those tests also to the wasm-spec-tests
directory.

Additionally I adjusted the test runner of the wasm spec test to
run the proposal tests with the correct flags.

CC=binji@chromium.org
R=clemensh@chromium.org

Bug: v8:7581
Change-Id: Idb7aa3c0a468ddb65b2ef3421def836561579cd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706470
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62777}
2019-07-17 15:31:31 +00:00
Tamer Tas
bc96cbd68c [browser-stories] refactor reading logs
{do_raw_json} and {do_json} both read the log files to construct a dictionary of
stats.

This CL extracts that logic and eliminates code duplication

No-Try: true
Bug: v8:9448
Change-Id: I375920c25942a92cc12790ac60a4c7960cfd44b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706473
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62768}
2019-07-17 13:42:32 +00:00
Tamer Tas
10f8ecb4d0 [browser-stories] expose raw results without statistical aggregation
{json} command prints the results of benchmarks after aggregating it. This makes
accessing raw data for analysis, a tedious process.

This CL implements {raw-json} for accessing raw results.

TBR=ulan@chromium.org

No-Try: true
Bug: v8:9448
Change-Id: I7c00fc0eca23b8bd5c967db903f71c5b46eddea3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706059
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62761}
2019-07-17 10:45:42 +00:00
Dominik Inführ
da5a277ade Revert "Use list of invalidated objects for old-to-new refs"
This reverts commit dcac02ee81.

Reason for revert: TSAN discovered issue with cleaning invalidated slots in sweeper threads and inserting new slots in the main thread.

Original change's description:
> Use list of invalidated objects for old-to-new refs
> 
> Instead of inserting "deletion" entries into the store buffer, keep
> a list of invalidated objects to filter out invalid old-to-new slots.
> 
> Bug: v8:9454
> Change-Id: Icd21d8cb2159190457f54d0f8b56742ecc820419
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695474
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62744}

TBR=ulan@chromium.org,petermarshall@chromium.org,dinfuehr@chromium.org

Change-Id: I4278e9100c76657663e0a6a62f5d86bb3a343c0e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9454
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1704109
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62746}
2019-07-16 15:55:37 +00:00
Dominik Inführ
dcac02ee81 Use list of invalidated objects for old-to-new refs
Instead of inserting "deletion" entries into the store buffer, keep
a list of invalidated objects to filter out invalid old-to-new slots.

Bug: v8:9454
Change-Id: Icd21d8cb2159190457f54d0f8b56742ecc820419
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695474
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62744}
2019-07-16 15:15:25 +00:00
Tamer Tas
d270056f25 [perf] mask timeout failures if they succeed after retries
perfrunner returns a failure if the build timeouts at any point even if it's
successful after retries. It tries to surface up the timeout issue. Due to this,
some bots stay red consistently, and confuses the sheriffs.

This CL masks the timeouts if the suite succeeds in the end.

TBR=verwaest@chromium.org,sergiyb@chromium.org

Bug: v8:9494
Change-Id: I8e107e80dfaa51095501bb2e855d9fbbe4023da9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1702612
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62735}
2019-07-16 09:38:40 +00:00
Seth Brenith
14274bb16a [torque] Use @generateCppClass in some simple cases
This change is mostly mechanical, but it's worth mentioning a few
slightly interesting cases:
- A couple of field definitions didn't match the signedness of their
  corresponding accessors.
- The generated accessors for Smi data use Smi values directly, but
  usually we want C++ accessors to use ints instead. I added a macro
  that hides the generated Smi accessors and exposes int accessors,
  but we might consider generating int accessors directly.
- The data held in some fields is described in comments next to the
  accessor definition for those fields. With automatically generated
  accessors, those comments need a new home. In this change I put them
  in the Torque object definition, but I'm open to other suggestions.
- gen-postmortem-metadata couldn't find updated class definitions after
  they got split across multiple lines, so I changed its matching
  logic. (Ideally debug-support.cc should be a Torque compiler output
  rather than something that involves parsing C++ with regexes, but
  this makes it correctly report subclass relationships for now.)
- The end offsets generated by Torque were off by one from the values
  that would be generated by DEFINE_FIELD_OFFSET_CONSTANTS.

Change-Id: I3df4fcd27997b46c41ca879065b9d97f6c939f07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692192
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62719}
2019-07-15 15:29:08 +00:00
Michael Achenbach
cfe51d6bf1 [test] Add --assert-types flag to linux x64 release builders
Bug: v8:9476
Change-Id: Id3660d40fe219ee0816ac8550ee8affd1be4b95b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1698399
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62682}
2019-07-12 14:30:49 +00:00
Sam Clegg
436fcaa032 Fix some python nits in tools/testrunner/standard_runner.py
I noticed the indentation was off in one function, but also fixed
all the other flake8 issues in this file.

Change-Id: I2303ed87da7154484a872315f8355f57621514c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697054
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sam Clegg <sbc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62669}
2019-07-12 10:17:31 +00:00
Michael Achenbach
ccd3747222 [foozzie] Migrate extra-flags generation to clusterfuzz side
NOTRY=true

Bug: chromium:813833,chromium:983128
Change-Id: I449796b761f53bb15a3563604d5a4a9018035cb6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697255
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62662}
2019-07-12 07:40:58 +00:00
Mythri A
b086cb7b9a Check that function was prepared before optimizing using manually
With lazy feedback allocation and bytecode flushing we need to call
%PrepareFunctionForOptimize before we call %OptimizeFunctionOnNextCall/
%OptimizeOsr. This cl:
1. Adds an additional state in pending optimized table to check if the
optimization was triggered manually.
2. Changes the compilation pipeline to delete the entry from pending
optimized table only if the optimization was triggered through
%OptimizeFunctionOnNextCall / %OptimizeOsr.
3. Adds a check to enforce %PrepareFunctionForOptimize was called.
4. Adds a new run-time flag to only check in the d8 test runner. We
don't want this check enabled in other cases like clusterfuzz that doesn't
ensure %PrepareFunctionForOptimize is called.

Bug: v8:8394, v8:8801, v8:9183
Change-Id: I9ae2b2da812e313c746b6df0b2da864c2ed5de51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664810
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62653}
2019-07-11 14:57:49 +00:00
Michael Achenbach
80ba1aa982 [foozzie] Prepare passing the session random-seed to the fuzz config
In order to migrate the extra flags into the fuzzer and keep bisection stable,
we need to use the same RNG state for each call to generating fuzz flags.

Throughout one fuzzing session the same random-seed is used
(https://crbug.com/983128) and we'll pass it to the fuzz config in a follow up.

TBR=tmrts@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: I3203c86028a5d283238e6ef739f82eccee1302b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697254
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62646}
2019-07-11 13:52:49 +00:00
Darius Mercadier
032176246f [heap] Use generic FreeLists
Bug: v8:9329
Change-Id: I28619fef8f206fcb749b8974bb3e7547d6da402e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687423
Commit-Queue: Darius Mercadier <dmercadier@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62635}
2019-07-11 11:01:03 +00:00
Jakob Gruber
fa2bed3f74 [regexp] Move the RegExpSpeciesProtector to the native context
Prior to this CL, it was possible to pollute another context's
fast/slow-path state for RegExp builtins due to the species protector
being per-isolate rather than per-context. Among other things, this
means that iframes can slow down the main site, and slowdowns persist
across page reloads and navigation within the same tab.

This CL thus moves the RegExpSpeciesProtector to the native context.

The same should be done for all other protectors in the future.

Bug: chromium:977382, v8:5577, v8:9463
Change-Id: I577f470229cb9dfcd4a88c20b1b9111c65a9b85f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695465
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62631}
2019-07-11 09:08:34 +00:00
Pierre Langlois
f8c2b2101b [turbolizer] Fix keyboard shortcuts in info tab to reveal input/output nodes.
The info tab says that 'i' reveals outputs and 'o' reveals inputs, it should be
the opposite.

Bug: v8:7327
Change-Id: I1bf96653129e14ef315a01dc2c7a3083c9caa5bb
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692929
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Auto-Submit: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62603}
2019-07-09 14:15:52 +00:00
Tamer Tas
c1c6e3edf7 Revert "[browser-stories] gate features behind {experimental} flag"
This reverts commit 1db33e5fff.

Reason for revert: {AttributeError} 'Namespace' object has no attribute 'experimental'

Original change's description:
> [browser-stories] gate features behind {experimental} flag
> 
> Performance infra recipes use callstats.py to run web page replays. Split (v8,
> infa, perf-infra) repositories make experimenting with callstats.py hard.
> 
> This CL creates feature gating for simplifying performance infra experiments.
> 
> R=​ulan@chromium.org
> 
> No-Try: true
> Bug: v8:9448
> Change-Id: I2c3e139f4b9d6bce1ea4fdda1a44960d74d7d414
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690950
> Auto-Submit: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62565}

TBR=ulan@chromium.org,tmrts@chromium.org

Change-Id: If40be01a2edebf0538ad306fa5ded0dfa2aaf147
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9448
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692922
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62595}
2019-07-09 11:43:30 +00:00
Tamer Tas
1db33e5fff [browser-stories] gate features behind {experimental} flag
Performance infra recipes use callstats.py to run web page replays. Split (v8,
infa, perf-infra) repositories make experimenting with callstats.py hard.

This CL creates feature gating for simplifying performance infra experiments.

R=ulan@chromium.org

No-Try: true
Bug: v8:9448
Change-Id: I2c3e139f4b9d6bce1ea4fdda1a44960d74d7d414
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690950
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62565}
2019-07-08 13:09:46 +00:00
Clemens Hammacher
8e11cc395a Enable cpplint 'runtime/references' warning
Cpplint usually checks for non-const reference arguments. They are
forbidden in the style guide, and v8 does not explicitly make an
exception here.
This CL re-enables that warning, and fixes all current violations by
adding an explicit "NOLINT(runtime/references)" comment. In follow-up
CLs, we should aim to remove as many of them as possible.

TBR=mlippautz@chromium.org

Bug: v8:9429
Change-Id: If7054d0b366138b731972ed5d4e304b5ac8423bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687891
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62551}
2019-07-08 09:59:36 +00:00
Michael Achenbach
c72b5be001 Use xenial bot to run v8 tests
But does not change to xenial for test using armv7l cpu.

Bug: chromium:954890
Change-Id: I02268f469001f197210cde9c63804a3dcea06a7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687831
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62531}
2019-07-05 07:52:25 +00:00
Yun Liu
74e684700d Remove android_tools deps for v8 repo
Bug: chromium:428426
Change-Id: If50b417084f5b32390cc2ad4fd50077ea4d23b8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1684219
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Yun Liu <yliuyliu@google.com>
Cr-Commit-Position: refs/heads/master@{#62517}
2019-07-03 17:59:11 +00:00
Andreas Haas
2fe2a08b0c [wasm] Introduce WasmIndirectFunctionTable
This is the first of three CLs which refactors indirect function calls
through tables with index > 0 to work without runtime calls.

The first CL introduces the WasmIndirectFunctionTable heap object. For
a table of type anyfunc within a WebAssembly instance,
WasmIndirectFunctionTable stores the size, the signature id's, the
call targets, and the reference parameters for that table. I used the
names that are already used for the matching fields of the
WasmInstanceObject.

The second CL expands the IndirectFunctionTableEntry to work also on
WasmIndirectFunctionTable objects. All changes to a function table go
through this class.

The third CL introduces uses of the WasmIndirectFunctionTable. In this
CL I change the code generation in TurboFan to replace runime calls with
direct accesses to the new WasmIndirectFunctionTable. Additionally I
extended the initialization of WasmIndirectFunctionTable, and also
implement Table.grow.

R=jkummerow@chromium.org

Bug: v8:7581
Change-Id: I0ecfcb9565e992ddba087d46c1f0e952abfa5822
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681134
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62492}
2019-07-02 16:15:47 +00:00
Yang Guo
971b9306ff Use COMMON_OWNERS for tools/
R=machenbach@chromium.org

Change-Id: I1e85df85e8eb588a0ae97320eba6e72163d9ff18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1684175
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62484}
2019-07-02 07:25:11 +00:00
Sigurd Schneider
6b9ab7e5ae Whitespace CL to trigger build.
Trying to get luci.v8.ci/Linux%20V8%20FYI%20Release%20(NVIDIA) to pass after failure:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/Linux%20V8%20FYI%20Release%20(NVIDIA)/5698

Suspicion is that this is failure is not V8 related.

This failure is blocking LKGR.

TBR=machenbach@chromium.org

Change-Id: Idac4c412f8b14a8b08e0cff4aeafec959dd38453

Notry: true
Change-Id: Idac4c412f8b14a8b08e0cff4aeafec959dd38453
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1682569
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62454}
2019-06-30 07:39:08 +00:00
Ross McIlroy
e8f8f15f53 [tools] Strip path from library when applying targetRootFS in tickprocessor
This allows us to use this flag to specify the local location of a
shared library when processing a trace run on Android.

Change-Id: I3aa44beaed700b8c5354af12a4df176aa1cbfd0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681137
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62448}
2019-06-28 15:07:24 +00:00
Igor Sheludko
b6aa277f6b [ptr-compr][cleanup] Replace READ_[WEAK_]FIELD with TaggedField<>::load()
The latter is better because it takes field type into account when
decompressing field value.

Drive-by: use [DECL_]ACCESSOR macros for some fields.

Bug: v8:9353
Change-Id: I3d7f07d11b1e379e3e6cf0310d836af6b48c1338
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1680539
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62444}
2019-06-28 10:47:40 +00:00
Johannes Henkel
dfcc46a6c7 [DevTools] Roll inspector_protocol (v8).
New Revision: 8b7ea912e516a6daa61487c700687a9426e3a396

Update v8 files / build config accordingly.
- There's now a new library in third_party/inspector_protocol,
  bindings/bindings.h, which is configured much like encoding/encoding.h.
  It doesn't have much stuff in it yet, but will soon get more code
  that would otherwise need to go into jinja templates.
  It also comes with a new test, only a smoke test thus far.

Change-Id: I9c00a54a840c214b4bb744a3b272e5ce221954fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678273
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62442}
2019-06-28 09:37:18 +00:00
Mathias Bynens
933f23f6ed [test] Simplify output processor logic
Instead of conditionally normalizing file paths, go back to using
the basename in the dynamically-generated regular expression
pattern.

Bug: v8:7950, v8:9395, v8:9406
Change-Id: I57d2449a8229a67b038c7fcffe36218848d9a575
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681122
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62439}
2019-06-28 09:15:18 +00:00
Daniel Clark
92147e3aca [modules] Introduce SyntheticModule
This change is a partial implementation of Synthetic Module Record as specified here:
https://heycam.github.io/webidl/#synthetic-module-records

This includes:
- Introduce SyntheticModule class inheriting from Module.
- Extend v8::Module interface in v8.h to include Synthetic Module APIs, with corresponding
  implementations in api.cc.
- Provide SyntheticModule implementations of PrepareInstantiate, FinishInstantiate, and SetExport.
- Provide cctest unit tests for the implementations in the preceding item.

We will follow up with further submissions to implement the remaining members of
SyntheticModule (ResolveExport and Evaluate).

Bug: v8:9292
Change-Id: I25b1b695b5d1c3004677cd685f0dfd95283438fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1626829
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62433}
2019-06-27 22:23:46 +00:00
Sigurd Schneider
12b45fdf00 [gdb] Add gdb macro 'pn' that prints TurboFan nodes
The macro pn ensures that TurboFan nodes can be easily
printed in gdb, even in release builds where Node::Print
is sometimes not available (because all uses have been
inlined).

This CL also modifies the print function to deal gracefully
with nullptr input nodes, which is helpful for debugging.

Change-Id: Ib5f58aa13b719c8390826bc89dfe21cf58586de5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672941
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62422}
2019-06-27 13:29:08 +00:00
Mathias Bynens
5c2c5ce133 [test] Remove module pragma in favor of .mjs
d8 treats files with the .mjs extension as modules instead of
classic scripts. Thus, the `// MODULE` pragma and its corresponding
logic in test runners can be removed in favor of explicitly adding
the extension.

Bug: v8:7950, v8:9395, v8:9406
Also-By: tmrts@chromium.org
Change-Id: Ic74328dc5c5f176bb4bdf6d74bdd4d3966279ba5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675958
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Auto-Submit: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62421}
2019-06-27 13:25:48 +00:00
Sigurd Schneider
e3793ef554 [turbolizer] Don't show empty gaps in sequence view
Also show constant for ArchNops that encode assigning from a
constant.

Change-Id: I84590005dda62ebf445aada57f826f5ffcd5a802
Bug: v8:7327
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672943
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62388}
2019-06-26 14:58:29 +00:00
Michael Achenbach
1ca89b8c71 [foozzie] Enable passing extra flags on command line
Currently, probabilities for extra flags are calculated in the correctness
fuzzer harness, which makes the RNG fragile when bisecting backwards, when
the script's config changes during bisection.

This adds the possibility to pass extra flags on command line to the
script. After a grace period, we will migrate the flag calculation to
clusterfuzz.

NOTRY=true

Bug: chromium:813833
Change-Id: I515181847474515089b847f8aaffc7c6560d9390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675945
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62359}
2019-06-25 13:27:11 +00:00
Seth Brenith
f89d4e120c Don't write formatted tq files if nothing changed
This will prevent unnecessary recompilation effort on the subsequent
build, and avoids a common issue on Windows where format-torque replaces
all of the line endings in a .tq file without changing any actual
content.

Bug: v8:8805
Change-Id: Id695351c242739d92aef47cd09e651bfbe3c8f9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1673456
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62357}
2019-06-25 12:16:21 +00:00
Tamer Tas
6b52a54b9a [testrunner] generalize test loader to accept multiple extensions
testrunner assumes that each test suite has a single extension for base tests.
".mjs" extension can be used for ECMAScript modules in addition to the standard
extension ".js" we use for the base tests.

This CL generalizes the {TestLoader} to accept multiple extensions for
a single test suite.

R=mathias@chromium.org
TBR=machenbach@chromium.org
CC=​gsathya@chromium.org

Bug: v8:9395
Change-Id: Ibc155f4963472fe9f989458cd839f3642ffbddea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675961
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62356}
2019-06-25 12:12:11 +00:00
Mythri A
18fcd0b4ee [clusterfuzz] Teach clusterfuzz to use --no-lazy-feedback-allocation
To correctly fuzz the behaviour of optimized code and ICs we need to
allocate feedback vectors. So for the configurations testing these we
should turn off lazy feedback allocation.

It is also good to fuzz without lazy feedback allocation on other
configurations to flush out any other issues. So we also fuzz this with
0.35 chance. We also fuzz aggressive lazy feedback allocation (allocate
feedback vectors on first branch / return) with 0.05 chance to test
corner cases related to lazy feedback allocation.

Bug: v8:9342
Change-Id: Id0761d1396bfc0866988abb8fb20168b86a5da20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672939
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62347}
2019-06-25 09:20:19 +00:00
Mathias Bynens
e428dfd773 [objects] Rename JSValue to JSPrimitiveWrapper
We currently use the class name “JSValue” for JSObjects that wrap
primitive values. This name is a common source of confusion. This patch
switches to a name that’s more clear.

In addition to manual tweaks, the patch applies the following mechanical
global replacements:

before                          | after
--------------------------------|--------------------------------------
if_valueisnotvalue              | if_valueisnotwrapper
if_valueisvalue                 | if_valueiswrapper
js_value                        | js_primitive_wrapper
JS_VALUE_TYPE                   | JS_PRIMITIVE_WRAPPER_TYPE
JSPrimitiveWrapperType          | JSPrimitiveWrapper type
jsvalue                         | js_primitive_wrapper
JSValue                         | JSPrimitiveWrapper
_GENERATED_JSVALUE_FIELDS       | _GENERATED_JSPRIMITIVE_WRAPPER_FIELDS

Change-Id: I9d9edea784eab6067b013e1f781e4db2070f807c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672942
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62337}
2019-06-24 13:54:38 +00:00
Sigurd Schneider
76c1e829e3 [torque] Support 'real' internal classes
Rework the implementation of non-external Torque classes to use
Struct machinery rather than FixedArray machinery. This allows
Torque-only defined 'internal' classes to the automatically generate
class verifiers and printers.

As part of this change, generate C++ boilerplate accessors for
internal Torque classes, since this is a pre-requisite for the
verifiers, printers and other Struct-based functionality.

Moreover, augment the header-generating functionality in Torque
to create separate header files for field offset definitions,
internal class C++ definitions and instance types.

Bug: v8:7793
Change-Id: I47d5f1570040c2b44d378f23b6cf95d3d132dacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607645
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62317}
2019-06-21 16:09:28 +00:00
Irina Yatsenko
4965a34e0f Added !mem and !where extensions to windbg.js
The extensions require isolate address to be set but don't rely on calling
any runtime functions, which makes them viable for post-mortem debugging,
if the corresponding memory is included into the dump

!set_iso(isolate_address)
    call this function before using !mem or other heap routines

!mem or !mem(\"space1[ space2 ...]\")
    prints memory chunks from the 'space' owned by the heap in the
    isolate set by !set_iso; valid values for 'space' are:
    new, old, map, code, lo [large], nlo [newlarge], ro [readonly]
    if no 'space' specified prints memory chunks for all spaces,
    e.g. !mem(\"code\"), !mem(\"ro new old\")

!where(address)
    prints name of the space and address of the MemoryChunk the
    'address' is from, e.g. !where(0x235cb869f9)


Output from !mem would look something like this:

0:000> !mem("old")
Heap at 0x210652b8838
Im   address:	 object area start - end (size)
OldSpace (allocating at: 0x1703dae7a20):
*    0x33d9a8c0000:	 0x33d9a8c0138 - 0x33d9a8f1000 (0x31000)
     0x1703dac0000:	 0x1703dac0138 - 0x1703db00000 (0x40000)

Change-Id: Iae1a217bbc5c5a88e2cf742db88ead9bb6fc904c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669744
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62316}
2019-06-21 16:03:38 +00:00
Daniel Clark
8d8215504b [modules] Introduce SourceTextModule class
Introduce SourceTextModule as a subclass of Module.  Move all the
JavaScript-module-specific code down from Module to
SourceTextModule, with all code applicable to other future
module types remaining in Module.

With this change, Module is roughly equivalent to the spec's
Abstract Module Record and SourceTextModule is roughly equivalent
to Source Text Module Record.

Bug: v8:9292
Change-Id: I6e9cd3ece9d0c1da57e52f8af8ed5848d87dd22d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1633154
Commit-Queue: Dan Clark <daniec@microsoft.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62296}
2019-06-19 17:54:52 +00:00
Leszek Swirski
e41bdb5eb1 [tools] Remove chrome-specific gdbinit code
Change-Id: Ie38c77aafbe75f61fc568f1013ca5815d6750364
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662289
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62284}
2019-06-19 12:34:05 +00:00
Michael Achenbach
21eb5e9dba Whitespace change to trigger builders
Change-Id: Ic31d8fbffe57a477298ea0ecd870babdafd18823
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1666996
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62270}
2019-06-19 08:18:16 +00:00
Seth Brenith
e620ba139b [torque] Address remaining usages of @noVerifier in base.tq
For every @noVerifier in base.tq, this change either removes it or
ensures that it has some annotation explaining why it can't be removed.
The @noVerifier usages that can't be removed fall into the following
categories:
1. Classes that don't have their own instance types and therefore have
   no meaningful way to do an Is...() check
2. Fields that might not exist
3. Fields that are waiting for MaybeObject support in Torque

Bug: v8:9311
Change-Id: Id452d4151ec07347ae96a9b5f3b26e2ac8065d31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659134
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62263}
2019-06-18 22:44:58 +00:00
Michael Achenbach
6f7ebd0385 Make nested DEPS files commonly owned
NOTRY=true

Change-Id: Ic57b26b9a2732a43dcac4445be4f57d3bb5e7396
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664071
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62247}
2019-06-18 14:31:05 +00:00
Michael Achenbach
e733bb376e Whitespace change to trigger builders
Change-Id: I4337832c99c3644fba085102d4e7f32f5ba545e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664332
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62238}
2019-06-18 12:03:35 +00:00
Michael Achenbach
d4191cdc9a [foozzie] Reduce no-ic experiment until bugs are fixed
We have too many dupes in the no-ic comparisons. We'll increase the
experiment size again once bugs are fixed.

TBR=jarin@chromium.org
NOTRY=true

Bug: chromium:961709
Change-Id: Ic946100b45fd73e1bee59f188a766384836bcdcf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660624
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62212}
2019-06-17 12:17:39 +00:00
Tobias Tebbi
bd0b0ce8e9 Reland "[torque] introduce separate implicit parameters for JavaScript calling convention"
This is a reland of 6eff6cc9f0

Original change's description:
> [torque] introduce separate implicit parameters for JavaScript calling convention
>
> Implicit parameters for builtins with JavaScript linkage are now separate, using
> the keyword "js-implicit". They have to be one of:
> - context: Context
> - receiver: Object (this in JS)
> - target: JSFunction (arguments.callee in JS)
> - newTarget: Object (new.target in JS)
>
> Bug: v8:9120 v8:7793
>
> Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62174}

TBR=tmrts@chromium.org

Bug: v8:9120 v8:7793
Change-Id: Idb25d316d9d87e345ab74c2df583ff2648da012c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660483
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62182}
2019-06-14 14:02:13 +00:00
Sergiy Belozorov
1de4631ef4 [tools] Add support for --confidence-level flag to tools/try_perf.py
See example v8_linux64_perf_try(_triggered) builds on this CL triggered using
the following command lines:

  python tools/try_perf.py --linux64 --confidence-level 1 compile
  python tools/try_perf.py --linux64 --confidence-level 1 arewefastyet
  python tools/try_perf.py --linux64 --confidence-level 3 arewefastyet

This also fixes running tools/run_perf.py --help and adds logging for the
current confidence level, which allows users to monitor progress. Example runs:

  https://chrome-swarming.appspot.com/task?id=456e4d6e743cc510 (Compile)
  https://chrome-swarming.appspot.com/task?id=456e5145615aa510 (JetStream)
  https://chrome-swarming.appspot.com/task?id=456e53eeb9104410 (JSBench)
  https://chrome-swarming.appspot.com/task?id=456e541e0e13bc10 (AreWeFastYet)

Finally, this adds support for fractional confidence levels. Example runs:

  https://chrome-swarming.appspot.com/task?id=456e5970e6f24410 (AreWeFastYet)
  https://chrome-swarming.appspot.com/task?id=456e5a8f3f407c10 (Compile)

R=tmrts@chromium.org, machenbach@chromium.org

Bug: chromium:880724
Change-Id: I725a83060c0bdd3ef08a7f0e4df843611c712d37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660471
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62176}
2019-06-14 12:33:49 +00:00
Yang Guo
4fb050565a Revert "[torque] introduce separate implicit parameters for JavaScript calling convention"
This reverts commit 6eff6cc9f0.

Reason for revert: Presubmit failure.

Original change's description:
> [torque] introduce separate implicit parameters for JavaScript calling convention
> 
> Implicit parameters for builtins with JavaScript linkage are now separate, using
> the keyword "js-implicit". They have to be one of:
> - context: Context
> - receiver: Object (this in JS)
> - target: JSFunction (arguments.callee in JS)
> - newTarget: Object (new.target in JS)
> 
> Bug: v8:9120 v8:7793
> 
> Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62174}

TBR=sigurds@chromium.org,tebbi@chromium.org,tmrts@chromium.org,szuend@chromium.org

Change-Id: Ide206788745bd15677bd60fe32d2476321967069
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9120 v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660482
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62175}
2019-06-14 12:15:49 +00:00
Tobias Tebbi
6eff6cc9f0 [torque] introduce separate implicit parameters for JavaScript calling convention
Implicit parameters for builtins with JavaScript linkage are now separate, using
the keyword "js-implicit". They have to be one of:
- context: Context
- receiver: Object (this in JS)
- target: JSFunction (arguments.callee in JS)
- newTarget: Object (new.target in JS)

Bug: v8:9120 v8:7793

Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62174}
2019-06-14 12:02:58 +00:00
Santiago Aboy Solanes
aa82299f34 Update toggleHideDead to show dead nodes too
It was hiding the nodes, but never showing them. Therefore it wasn't
'toggling'.

Change-Id: I6fe57860f44ba05abac0f1575678a494f9d07ae8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649557
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62057}
2019-06-07 16:29:15 +00:00
Santiago Aboy Solanes
c904a46747 Update tooltips on turbolizer
Some of the tooltips had the wrong text on them when hovering over with
the mouse.

Change-Id: I4d1ba37b0fad276356b76d16710a5dba7dedc6ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649556
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62056}
2019-06-07 16:26:58 +00:00
Sigurd Schneider
f3462466e0 [turbolizer] Make sigurds@ a turbolizer OWNER
Change-Id: Ia7d37e72b16123e98b2f2e4d4e5d614f9b8c8d9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649558
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62053}
2019-06-07 14:40:38 +00:00
Jakob Kummerow
89dd87261c [grokdump] Fix outdated arm64 identifier value
Breakpad used to put a custom identifier 0x8003 into minidumps to
indicate arm64 architecture. Crashpad now uses the new standardized
value 12. This CL updates grokdump.py to understand both.

Change-Id: Ie9bf5106beba8059e89a48d42d32ac8069493925
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648258
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62047}
2019-06-07 08:30:56 +00:00
Frank Tang
2d43679007 [Intl] Add quarter, dayPeriod and fractionalSecondDigits options
quarter option- see https://github.com/tc39/ecma402/pull/345
dayPeriod option- see https://github.com/tc39/ecma402/pull/346
fractionalSecondDigits option- see https://github.com/tc39/ecma402/pull/347
2019-6-5 TC39 presentation- http://shorturl.at/mtB12
test262: https://github.com/tc39/test262/pull/2194
I2I: http://shorturl.at/beCNV (for quarter)
I2I: http://shorturl.at/bekrZ (for dayPeriod)
I2I: http://shorturl.at/flwF5 (for fractionalSecondDigits)

Bug: v8:9282,v8:9283,v8:9284

Change-Id: I99f4c0f861507c7451497b735a276780bb8aead6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621445
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62041}
2019-06-06 21:53:06 +00:00
Bill Budge
64ec1e480a [landmines] Force clean build to fix Misc V8 Linux gcc
TBR=machenbach@chromium.org

Change-Id: I401a00483425a37ea0e571b1ffa822a665da388e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649015
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62040}
2019-06-06 21:52:11 +00:00
Simon Zünd
8dcf591ffc [torque] Remove VSCode Torque extension from tools/
The extension moved to a separate Github repository found at:
https://github.com/v8/vscode-torque

The extension is best installed via the VSCode Marketplace:
https://marketplace.visualstudio.com/items?itemName=v8-torque.vscode-torque

R=tebbi@chromium.org

Bug: v8:8880
Change-Id: I38e1bc7c912002b37d367beac10fb57c58763844
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640198
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61972}
2019-06-03 21:10:39 +00:00
Yang Guo
8f4845117b Remove 'set noparent' from OWNERS files where reasonable
R=rmcilroy@chromium.org
NOPRESUBMIT=true

Bug: v8:9247
Change-Id: I355ac92c323ab34e1898c0764856ebadc3357dcc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635691
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61960}
2019-06-03 10:18:22 +00:00
Michael Achenbach
8f2f9797d9 Whitespace change to trigger builders
Change-Id: If2610987b66324a4b77531628c5058c3b31b8718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637463
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61951}
2019-05-31 15:36:37 +00:00
Michael Achenbach
9c3f9ef350 [test] Switch off detect_stack_use_after_return on windows asan
Bug: chromium:967663
Change-Id: I1f2176dfeb435d10cc5c24cbba77119575315f03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635893
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61944}
2019-05-31 12:27:27 +00:00
Yang Guo
088eda6235 Add missing owners files
R=rmcilroy@chromium.org

Bug: v8:9247
Change-Id: I2644436fd44ecf0e206a81cf28071cccb49793df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635690
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61936}
2019-05-31 07:21:01 +00:00
Jakob Kummerow
65f3861e3b [wasm-c-api] New call descriptor and stackframe kind
So far, calls to Wasm C/C++ API functions reused the call descriptors
of WasmImportWrappers, and the stack frame type of regular Wasm
functions. This CL cleans that up by introducing separate implementations
for both. No change in functionality or performance is expected.

Change-Id: I79301fa81da52283cc776ddf19d4712372f3a58b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632235
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61914}
2019-05-29 11:22:23 +00:00
Ross McIlroy
238dab8d2d [Tools] Update tickprocessor entry processing to work on Android symbols.
On Android libraries there are zero length entries within the ranged
symbols which break our range processing. This updates the logic to
only add entries for zero-length entries if they aren't within the range
of the previously added entry.

Change-Id: I511a6221817c535d967a50413948a29d9deb1e85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627985
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61903}
2019-05-28 17:04:07 +00:00
Ross McIlroy
201c50951d [Tools] Add support to tickprocessor to symbolize libraries embedded in APKs
On Android we load the native library directly from the APK. As such,
we need to convert symbols from the mapped APK to the underlying .so
when symbolizing the ticks.

This CL adds a --apk-embedded-library argument to tick processor to enable
specifying which unstripped library file was embeded in the APK and enable
symbolizing.

Change-Id: Ic992825b831f984a1217eed71847bdb158eb992b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627546
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61902}
2019-05-28 16:18:47 +00:00
Jakob Kummerow
f5ab7d38be [wasm-c-api] Add tests and fixes
In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests",
powered by gtest/gmock (like unittests).
Also fix a bunch of issues that these tests uncovered, mostly to ensure
that the stack is walkable.

Change-Id: I1d5604eea85da078ebecd4ebb7383647595f16ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627539
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61885}
2019-05-28 09:57:04 +00:00
Benedikt Meurer
70bd7cf0ef Reland "[typedarray] Move external/data pointer to JSTypedArray."
This is a reland of 4b86fea530 with
copy&paste typo in CodeStubAssembler::AllocateByteArray() fixed
(bug led to holes in new space, which was crashing reproducibly
on the ia32 bot).

Original change's description:
> [typedarray] Move external/data pointer to JSTypedArray.
>
> As the next step in supporting huge typed arrays in V8, this moves the
> external/data pointer from the FixedTypedArrayBase backing store to the
> JSTypedArray instance itself, and replaces the special backing stores
> with a plain ByteArray (removing all the code for the FixedTypedArrayBase
> class hierarchy). By doing so, we can drastically simplify the system
> around typed arrays.
>
> Note: Several places in the code base used to check the instance type
> of the elements backing store of a JSTypedArray instead of checking the
> elements kind on the JSTypedArray map directly. Those had to be fixed,
> since the backing store is now always a ByteArray.
>
> Drive-by-fix: Move all the typed elements access related code into the
> elements.cc file to properly encapsulate the accesses.
>
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
> Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
> Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61855}

Tbr: petermarshall@chromium.org
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Change-Id: I87fcdb28532c5f08cc227332a4d59546cb423810
Cq-Include-Trybots: luci.chromium.try:linux-rel, win7-rel
Cq-Include-Trybots: luci.v8.try:v8_linux_shared_compile_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631592
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61864}
2019-05-27 17:44:06 +00:00
Clemens Hammacher
e4db146ac9 Revert "[typedarray] Move external/data pointer to JSTypedArray."
This reverts commit 4b86fea530.

Reason for revert: Fails on linux shared: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20shared/31045

Original change's description:
> [typedarray] Move external/data pointer to JSTypedArray.
> 
> As the next step in supporting huge typed arrays in V8, this moves the
> external/data pointer from the FixedTypedArrayBase backing store to the
> JSTypedArray instance itself, and replaces the special backing stores
> with a plain ByteArray (removing all the code for the FixedTypedArrayBase
> class hierarchy). By doing so, we can drastically simplify the system
> around typed arrays.
> 
> Note: Several places in the code base used to check the instance type
> of the elements backing store of a JSTypedArray instead of checking the
> elements kind on the JSTypedArray map directly. Those had to be fixed,
> since the backing store is now always a ByteArray.
> 
> Drive-by-fix: Move all the typed elements access related code into the
> elements.cc file to properly encapsulate the accesses.
> 
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
> Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
> Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61855}

TBR=ulan@chromium.org,yangguo@chromium.org,titzer@chromium.org,sigurds@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,szuend@chromium.org

Change-Id: I0bc1f935de6063acf75a0f4bb8c0ba67428603fd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Cq-Include-Trybots: luci.chromium.try:linux-rel, win7-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631427
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61856}
2019-05-27 15:04:08 +00:00
Benedikt Meurer
4b86fea530 [typedarray] Move external/data pointer to JSTypedArray.
As the next step in supporting huge typed arrays in V8, this moves the
external/data pointer from the FixedTypedArrayBase backing store to the
JSTypedArray instance itself, and replaces the special backing stores
with a plain ByteArray (removing all the code for the FixedTypedArrayBase
class hierarchy). By doing so, we can drastically simplify the system
around typed arrays.

Note: Several places in the code base used to check the instance type
of the elements backing store of a JSTypedArray instead of checking the
elements kind on the JSTypedArray map directly. Those had to be fixed,
since the backing store is now always a ByteArray.

Drive-by-fix: Move all the typed elements access related code into the
elements.cc file to properly encapsulate the accesses.

Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183
Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61855}
2019-05-27 14:43:46 +00:00
Jakob Gruber
f77d110d99 Revert "[prof] Attribute ticks in embedded builtins correctly"
This reverts commit 384a51da42.

This hack is both broken (builtins now have individual symbols and no
longer resolve to v8_Default_embedded_blob_) and useless (profview
seems to detect builtins just fine without it).

Bug: v8:6666
Change-Id: I264b4de31124f1657f4dc570590eb73e53aa08d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627344
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61842}
2019-05-27 10:11:14 +00:00
Benedikt Meurer
3f07c825b0 [vim] Update CrBuild to use autoninja.
Bug: v8:9183
Change-Id: Id2ae3ee0a53133eaf41e28fcadc681edf5ffb382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630673
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61833}
2019-05-27 06:27:29 +00:00
Sergiy Belozorov
be47fd1c37 Whitespace CL
TBR=tmrts@chromium.org

No-Try: true
Change-Id: I9a7a7bd623399575f8c31b9566744f7510648775
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630147
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61831}
2019-05-25 03:51:18 +00:00
Yang Guo
f9a88acbc9 Move remaining files in src/
TBR=mvstanton@chromium.org,neis@chromium.org,ahaas@chromium.org

Bug: v8:9247
Change-Id: I5433c863a54f3412d73df0d38aba3fdbcfac7ebe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627973
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61830}
2019-05-24 18:24:36 +00:00
Frederik Gossen
0eae59594f [wasm-hints] Add tool to inject compilation hints into Wasm modules
The python script allows to inject hints into a Wasm module. Hints are
injected into a newly created custom section named "compilationHints"
that is used by the compiler to determine its compilation strategy. The
section is placed after the functions section and before the code
section.

Bug: v8:9003
Change-Id: I531c57e4269ff9ae42b95be3515d2409627d6fb9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619865
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61797}
2019-05-23 15:16:46 +00:00