... in favor of Isolate*. It seems that it's better to be uniform in
using Isolate* or isolate root value, so if we decide to pass isolate
root value instead of Isolate* it should better be done everywhere and
it will be a separate CL anyway.
Regarding the "optionality" of the isolate parameter - C++ compilers
are smart enough to optimize it away during inlining.
Bug: v8:9353
Change-Id: Idf86a792476f49393041ced1c54b8671f5b1794a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1653121
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62107}
https://chromium-review.googlesource.com/1649554 introduced a typo into
Runtime_CloneObjectIC_Miss, where it wouldn't update the IC state UNLESS
the source map is deprecated, which is the wrong way around of course.
Bug: chromium:973045, v8:7611, v8:9114, v8:9183, v8:9343
Change-Id: I7d6e0709e66ce4aaaf4a628d64ab801b84c8993c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655291
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62106}
Currently, in wasm-function stack traces, v8 displays the decimal offset
from the start of the function. However, the WebAssembly WebAPI
specification says that it should be a hex offset into the module.
This change makes the stack trace display with hex module offsets, as
well as fixing all the unit tests that depended on the old behaviour.
R=fgm@chromium.org, titzer@chromium.org, yangguo@chromium.org
Bug: v8:9172
Change-Id: I73737a319a42dd665521ab8a4b825199ae11c87f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1646846
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Guanzhong Chen <gzchen@google.com>
Cr-Commit-Position: refs/heads/master@{#62103}
It was a good flag, but it's time to say goodbye. Let us take a moment
to remember the good times we've had during its short time on earth.
It shipped in Chrome 74.
BUG=v8:8523
R=adamk@chromium.org, mathias@chromium.org, gsathya@chromium.org
Change-Id: I37e58360614c0bb3582b8bbfac795d5ed3e5a149
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641205
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Auto-Submit: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#62099}
elements.cc invokes ApplyAttributesToDictionary using NumberDictionary as its template
parameter. But the declaration of the template method is in js-object.cc, so nobody
can actually compile the version for number dictionary. This is fixed requesting
explicit instantiation for NumberDictionary.
This was breaking GCC build.
Bug: chromium:819294
Change-Id: I685ddc5b97e129d1a534dbdb04025c0932bc5ecd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649565
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: José Dapena Paz <jose.dapena@lge.com>
Cr-Commit-Position: refs/heads/master@{#62097}
This helps debugging incorrect usage of the SnapshotCreator API in
debug mode.
Change-Id: Ibd9db76a5f460cdf7ea6d14e865592ebaf69aeef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648240
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62095}
Changes calls to conversion builtins in Wasm wrappers to use the builtin
address directly rather than going via the Code object which results in
the trampoline being unnecessarily executed.
Bug: v8:9338
Change-Id: I74593dbda3c8bd308be65bc98ce85213a98f78b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648274
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62094}
This CL adds lint errors for unused Torque macros. To prevent lots of
noisy warnings, the check is rather narrow. Macros declared as "extern"
or marked with "@export" are ignored. Also macros starting with "Convert",
"Cast" or "FromConstexpr" are not checked.
Drive-by: Removing some unused macros.
Bug: v8:7793
Change-Id: Ie0d2e445f8882a9b0ebbda45876b342abf341248
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645312
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62092}
This reverts commit 69fafb5fe3.
Reason for revert: V8 Linux64 GC Stress - custom snapshot
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/26291
Original change's description:
> Enable lazy source positions by default
>
> Also adds a compile time flag which allows the default to be configured
> so node can disable it since it hangs the node cpu profiler tests.
>
> Bug: v8:8510
> Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62089}
TBR=rmcilroy@chromium.org,delphick@chromium.org
Change-Id: I92a64ddc63e36ec326e6d8ba1a5b68af38e3134b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1653112
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62091}
An error object's 'stack' property is lazily formatted once the
property is first read. It is thus possible that lazy formatting
happens in a different realm than where the error object was
constructed.
In this case, we should use the origin-realm's prepareStackTrace
function to format the stack trace.
This CL implements that behavior by fetching prepareStackTrace from
the given error object's context's error function.
Bug: v8:7848
Change-Id: Ibc383cf24f2c0dab2fd8bb7bc740f1488d9954a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1113438
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62090}
Also adds a compile time flag which allows the default to be configured
so node can disable it since it hangs the node cpu profiler tests.
Bug: v8:8510
Change-Id: Idf4785036dc6242769410091518a67ac9179b718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62089}
Add exception to possible type for the source position table.
Bug: v8:8510
Change-Id: Ia97bba2b88d80ca572be21f236ad85448b6dd6f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1653110
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62087}
This CL changes the types of some fields on StackFrameInfo and
StackTraceFrame from the generic 'tagged' value, to more specific
types. This improves the auto-generated object verifiers.
Bug: v8:8742
Change-Id: Ica7f34a61798fb7ab0655ffa269ba86afe8a52fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649788
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62086}
This CL adds a lint error for variables that are unnecessarily bound
with 'let' when they could be bound using 'const. This test is skipped
for struct types. For struct types, the "constness" also depends on
the struct methods called and whether these methods write to the struct
or not. This is not straight-forward to detect.
Drive-by: Fix all the newly introduced lint errors.
Bug: v8:7793
Change-Id: I0522ffcc4321350eef2e9573b8430bc78200ddce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645322
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62085}
This includes a bunch of individual changes:
- Refactor IC::OnFeedbackChanged() and remove the now unused
GetHostFunction().
- Remove constant_pool, pc and fp from the IC, since it was
only used for --trace-ic by now, and here we can now use the
JavaScriptFrameIterator instead.
- Use FLAG_max_polymorphic_map_count consistently instead of having a
separate kMaxKeyedPolymorphism constant in some cases.
- Remove dead IC::TraceHandlerCacheHitStats() method.
- Remove the unused maybe_handler_ field.
Bug: v8:9183
Change-Id: I29680519ab84b2790c73f50fca966a66918a7e31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649567
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62083}
This CL creates global-context.cc and moves the GlobalContext
constructor impl to this new file. Preparatory refactoring for import
syntax.
This CL also removes one unused static method from GlobalContext
and changes two use-sites where Get() was used together with a static
accessor.
Drive-by: "Include what you use" for global-context.h
Bug: v8:9183
Change-Id: Iafd877d03af9ad65b1c99ebd9743be64192f45c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649790
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62081}
This CL introduces an 'import' statement. It does not produce any AST
node. The AST contextual directly collects what source id imports what other
source id.
Currently the import map is unused. In the future, import syntax will be
used to implement partial compilation.
Bug: v8:7793
Change-Id: I5f09e6254d7ca2e7bc1a93d2e2d82e202cafc8ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649357
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62080}
This addresses a TODO and makes the CAST explicit at the use sites,
which in turn makes it easier to understand the implications there.
Bug: v8:9183
Change-Id: I5b285a5a0ba6b754b4de9d60ff6e18c2e807bf98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649569
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62079}
This CL adds two mjsunit tests that transition an error object to
dictionary mode before and after Error.stack is formatted and verify
that the custom 'stack' property accessor works as intended.
Bug: v8:8742
Change-Id: I4beb52c75b94533c10fac007f41117ab8915fac8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649789
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62078}
This reverts commit 02103b276b.
Reason for revert: Speculative revert for breakage on roll:
https://chromium-review.googlesource.com/c/chromium/src/+/1650264
Failing build in breakpad:
https://ci.chromium.org/p/chromium/builders/try/linux_chromium_asan_rel_ng/298512
Original change's description:
> Add Crash Keys support
>
> This adds crash keys containing the isolate address and addresses of
> the read_only, map, and code spaces to crash report minidumps.
> When not compiling V8 with Chrome, a noop implementation is used.
>
> Bug: v8:9323
> Change-Id: I8523630e7a4ff792855163c06bf76dab35b1b9e5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641326
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62059}
TBR=jkummerow@chromium.org,tmrts@chromium.org,irinayat@microsoft.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9323
Change-Id: I29138292dd474cf60e2bf3cc9b0629a085abd31c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649787
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62077}
This CL is the starting point to convert all FrameArray users to
use StackTraceFrame objects instead.
Bug: v8:8742
Change-Id: I7bd0081dfd428e9914dedebd5065ac262aacec0b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627332
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62076}
This CL changes IncrementalStringBuilder to write short strings
directly to {current_part_} instead of shortening {current_part},
allocating a new part and concatenate everything using ConsString.
This optimization requires the IncrementalStringBuilder to either
use two byte encoding, or the incoming string is flat with one byte
representation.
This CL improves stack trace serialization micro benchmarks up to 10%.
Bug: v8:8742
Change-Id: I5cc8339be8035c42438381883544d108591fb945
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1647696
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62075}
Quotes have been added around the token to make the message clearer.
Bug: chromium:943636
Change-Id: Ic38f3e6d307157af2c0146e69fb611a2cfb46564
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593307
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62074}
The path for sealed elements is handled by using the same path for SmiOrObjectElementKind, just need to extend a DCHECK in CodeStubAssembler::IsFixedArrayWithKind.
The only special case is when we write to a hole in holey sealed elements. Since we can not write in that case, just bail out.
Bug: chromium:967101
Change-Id: Ibf837ae053fe609bca83da432f298ef056f3aced
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632830
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62071}
This is reland of Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
Just fix lint error for unused arguments in Torque.
> Original commit message:
> The fast path for IsExtensible proxy trap is already implemented, we just need to use this for ReflectIsExtensible.
Now, ReflectIsExtensible is now a Torque builtin (previously CPP). Other cases will fall back to runtime.
> Bug: v8:6664
> Change-Id: Ib1c3f78d1f1a44c6628d351fed3bcdc91ca08cb5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645438
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Cr-Commit-Position: refs/heads/master@{#62031}
Bug: v8:6664
Change-Id: If44ac321ce712a969b3f5076411573eb3968cc14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1646900
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62070}
The introduction of the FeedbackVector solved the problem of
inconsistent feedback between ICs in unoptimized and optimized
code.
Bug: v8:2029, v8:9183
Tbr: jkummerow@chromium.org
Change-Id: Id61033c1661e5a2efb740988552de76f7f148d0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649566
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62065}
The CloneObject bytecode was only able to handle objects, null and
undefined, and explicit bytecode had to be generated to perform the
ToObject outside the bytecode (unlike the other IC bytecodes that
just perform the ToObject implicitly). That means the simplest possible
object cloning would also generate a sequence of 5 bytecodes (at least):
```
Mov <register>, a0
JumpIfNull @1
JumpIfUndefined @1
ToObject <register>
1: CloneObject <register>
```
That is quite wasteful and unnecessary, since the core logic in the
runtime already does the ToObject properly anyways. This change
refactors the CloneObjectIC slightly to behave more like the other ICs
and do the ToObject implicitly when necessary.
Bug: v8:7611, v8:9114, v8:9183, v8:9343
Change-Id: I11973e90bf875f154a5a7739287bee17041e4a7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649554
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62064}
PrintWasmText is used for disassembling wasm code in DevTools, but many
instructions are not implemented. This test should make it easier to
remember to implement this when adding new instructions.
Change-Id: I6030a70113320f11a1ac0436bf0d220b5c41e6d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1647475
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62063}
The DoubleToFloat32 helper takes care of everything, so use it
consistently.
Bug: chromium:969498
Change-Id: If71e5374684b89615006548cb0329f4d4cb7fd6d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648253
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62062}
This adds crash keys containing the isolate address and addresses of
the read_only, map, and code spaces to crash report minidumps.
When not compiling V8 with Chrome, a noop implementation is used.
Bug: v8:9323
Change-Id: I8523630e7a4ff792855163c06bf76dab35b1b9e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1641326
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62059}
The linked lists of FreeLists could contain empty elements
(FreeListCategories whose `top()` is null). The code is carefuly
written so that this case won't break anything (probably just slow
things a little bit). When `FreeList::FindNodeIn` (the fast path of
`FreeList::Allocate`) found such an empty `FreeListCategory`, it
removed it by calling `FreeList::RemoveCategory`, and looked in the
next `FreeListCategory` of the same size. However, on the slow path of
`FreeList::Allocate`, the functions that iterates the
`FreeListCategory` are `FreeList::TryFindNodeIn` and
`FreeListCategory::PickNodeFromList`, none of which removed empty
elements. Therefore, it could happen that a `FreeListCategory` "real"
first element could be used, but was never considered due to the top of
the linked list being empty. The behavior for the slow path should be
the same as for the fast path on that regard.
The problem was actually deeper than that: FreeListCategories were not
always in a consistent state, since they could have empty members. The
removal of those empty elements should be done as soon as they are
created, ie when allocating the last element.
This CL ensures that empty FreeListCategories are removed as soon as
they become empty.
Bug: v8:9329
Change-Id: Idda8096dc5978745894854a0405da59f7e8691a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648476
Commit-Queue: Darius Mercadier <dmercadier@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62058}
