TryLookupCode can be passed arbitrary addresses, e.g. by tentative
name lookups during disassembly. This CL makes sure that addresses
within non-builtin-code sections of the embedded blob (metadata or
padding) are handled properly.
Bug: v8:6666, v8:8334
Change-Id: I42eca57062e30eabd7bb1b069786aa809706cd2c
Reviewed-on: https://chromium-review.googlesource.com/c/1292060
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56865}
This removes a bunch of porting helpers, e.g. scopes that mark
the addressability of ebx, printing embedded builtin candidates, and
the call/jump mechanism through a virtual target register.
This also disables root register verification by default on ia32. It
can be completely removed in a bit.
Bug: v8:6666
Change-Id: I4705d61991ddc57c30981c311a1c8c5e2f8ddf4d
Reviewed-on: https://chromium-review.googlesource.com/c/1288271
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56864}
Typically compiler does not have to compile one-shot code but, there
are some cases where user can capture IIFEs and execute it multiple times.
Adding counter to track number of such closures compiled with one-shot
bytecodes.
Bug: v8:8072
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I752a12cff6ee9bb751323f4d58897cdd41c6890c
Reviewed-on: https://chromium-review.googlesource.com/c/1237679
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56862}
This removes some unnecessary runtime calls when encoding/decoding
values stored in exception objects. It reduces code size of the
generated code.
R=clemensh@chromium.org
BUG=v8:8341
Change-Id: I2394994be01d3071e58bfa2bfbba8bf72a6a04a5
Reviewed-on: https://chromium-review.googlesource.com/c/1293373
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56860}
This CL introduces a new fast-path for `Promise.all(a)` for the case
that elements in `a` are native promises, and the Promise.prototype
and Promise function itself are intact. If so, we can skip the lookups
of "resolve" on Promise and "then" on the result of invoking "resolve",
which are both quite expensive, and we can instead directly call the
PerformPromiseThen() operation on the element of `a`.
In addition to that we don't need to create and chain a result promise,
since this is only used when either async_hooks or DevTools are enabled.
Otherwise it's a "throwaway promise" only used to satisfy the operation
parameter signature (see https://github.com/tc39/ecma262/pull/1146).
This results in a significant performance improvement on `Promise.all()`
heavy code. For example the parallel-promises-es2015-native test goes
from around 84ms to roughly 68ms, which is almost a 20% improvement.
Bug: v8:7253
Ref: tc39/ecma262#1146
Change-Id: Iab9c57edb26d13a467b0653fd8de6149c382efc6
Reviewed-on: https://chromium-review.googlesource.com/c/1293374
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56858}
This removes the {error} and {verror} methods of {ResultBase} and
introduces a named constructor {Error} instead. This allows to
construct an error result in a single expression, and moves {Result}
closer to a container that is initialized once and is immutable
afterwards (just the {MoveErrorFrom} method is still violating this
pattern).
R=titzer@chromium.org
Bug: v8:8238
Change-Id: Iec16c8c6d66300ee82a48e8a9e941c72ae26e202
Reviewed-on: https://chromium-review.googlesource.com/c/1293370
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56857}
Making --data-path a subdir of --user-data-dir makes it easier to clean up
data after a benchmark run.
Bug: chromium:861668
Change-Id: If44527163ea396b11346d65d76411d03a5b9a424
Reviewed-on: https://chromium-review.googlesource.com/c/1292065
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56856}
This changes the encoding of values stored in exception objects from a
typed uint16 array (a JSObject) to a {FixedArray} instead. Note that it
increases the memory footprint of the encoding, but will allow accessing
elements directly from generated code and also encode reference types
properly. The memory footprint can/should be optimized only after the
implementation is feature complete.
R=clemensh@chromium.org
BUG=v8:8341
Change-Id: If67c4e498d815e14f95d014e6a1f7a6725aa0b3a
Reviewed-on: https://chromium-review.googlesource.com/c/1293371
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56854}
Change the status files to only run on release bots and furthermore
exclude those that run on an arm simultaor. This should still provide
sufficient coverage while keeping resource usage at bay.
Bug: v8:8331, v8:8332
Change-Id: I515e68929af660932a1224294bd09ebc05705324
Reviewed-on: https://chromium-review.googlesource.com/c/1292061
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56850}
This improves the performance of copying Smi or Object arrays if
the new array is allocated in new space.
Bug: v8:7980
Change-Id: I8e91a879f603d118b4bb1393e7b8b92f4c0b3696
Reviewed-on: https://chromium-review.googlesource.com/c/1283053
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56849}
This improves the error message for []=>{}. Now rather than pointing
at ] and saying that's the unexpected token, it reports
"SyntaxError: Malformed arrow function parameter list", pointing at [.
Change-Id: I88457dc9f929a7c2b07b36ea798f11e9a7d24414
Reviewed-on: https://chromium-review.googlesource.com/c/1293369
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56847}
Two zones in ExecuteCompilation have the same scope, so we can combine
them.
In addition I moved measurement code at the end of the function so that
we don't have to store the result of the compilation in a helper.
R=clemensh@chromium.org
Bug: v8:8238
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I3b4790fa62adbe361d41be188c7f0510b12d957c
Reviewed-on: https://chromium-review.googlesource.com/c/1291072
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56842}
This adds an attribute field to the binary encoding of exception types
in the exceptions and import section. Currently the attribute value is
not used and expected to be zero, but it ensures the binary encoding is
extensible for future changes.
R=clemensh@chromium.org
TEST=unittests/WasmModuleVerifyTest
BUG=v8:8153
Change-Id: I6f0e10cb1b6515177d8200ebf1f4f0b122832868
Reviewed-on: https://chromium-review.googlesource.com/c/1291075
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56841}
Avoid calling Map::TransitionToPrototype (which reads and writes the
JS heap) by skipping the JSCallReducer optimization of Function#bind
whenever the receiver has a custom prototype.
Bug: v8:7790
Change-Id: Ie21475c5dc5c53d90c6afae8198837deb40dac8e
Reviewed-on: https://chromium-review.googlesource.com/c/1288631
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56840}
With async_hooks it's also possible that the "current microtask" is an
await task, whose generator is already suspended, when there's an
exception thrown in the AFTER callback. In that case we cannot build
a meaningful async stack trace.
Bug: chromium:897406, v8:7522
Change-Id: I682dc1fc3ebb1864e1c2061041ff99ced0313f0c
Reviewed-on: https://chromium-review.googlesource.com/c/1292057
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56839}
This CL adds OnFailure::DUMP_ON_FAILURE representing a scope where base::
DumpWithoutCrash is called when V8 execution is detected. As V8 can't call base
functions, this CL also adds Platform::DumpWithoutCrash.
Doc: https://docs.google.com/document/d/1PStT6dPlSM7QfGUJQD6t6LNLTv_48gNMhY5RdEpt3XQ/edit?disco=AAAACJ6Xg0o&ts=5bc0be1b
BUG=chromium:870606
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I5df62fd99ed78adb4e2505aeaee3d526d6786e59
Reviewed-on: https://chromium-review.googlesource.com/c/1276325
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Hajime Hoshi <hajimehoshi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56838}
Originally timestamps were added in crrev.com/c/1159361 to ease debugging. Since
then, however, timestamps were introduce to the LogDog viewer and are rendered
in a separate column, making it easier to scan text for important messages
starting with '>>>'. We do keep the log level, but make sure that it always
takes a fixed width such that the actual messages are aligned vertically.
R=machenbach@chromium.org
No-Try: true
Change-Id: I3a741069824aa25e674aca79da03a725017cb956
Reviewed-on: https://chromium-review.googlesource.com/c/1291370
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56834}
In the process:
- add volatile types for FastJSArray and remove the length_fast accessor
from JSArray with the application of more rigorous typing.
- add micro benchmarks for testing all the interesting slice cases
Also update a few assorted places in .tq code to make them more
idiomatic.
The original version of this patch had an overly agressive assert that has
been loosened.
TBR=jgruber@chromium.org
Change-Id: I56870862f4b124d1b38372daa326182a526c874c
Reviewed-on: https://chromium-review.googlesource.com/c/1291375
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56829}
This method only recorded stats of the generated code object. Since
both counters that are updated are thread-safe anyway, we can just
update them from the background instead (during {ExecuteCompilation}).
R=mstarzinger@chromium.org
Bug: v8:7921
Change-Id: Ia6074be8339b100f328938136ecb10144fc79f12
Reviewed-on: https://chromium-review.googlesource.com/c/1291074
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56827}
And remove the TurboFan/Liftoff specific {FinishCompilation}
implementations completely. Compilation errors are now stored in the
{WasmCompilationUnit} directly as a {Result<WasmCode*>}. They are
retrieved via {WasmCompilationUnit::ReportError}, which moves the error
to the {ErrorThrower}.
This prepares more changes to completely remove the {FinishCompilation}
phase.
R=titzer@chromium.org
Bug: v8:7921
Change-Id: I4f9a6e919359aeab074880d0d38211500b76e4ec
Reviewed-on: https://chromium-review.googlesource.com/c/1290975
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56826}
Previously, this was just a field on the WasmResult, which is not
allowed according to the style guide.
A special r-value accessor for the value is needed for the cases where
the contained type is not copyable, e.g. unique_ptr.
R=titzer@chromium.org
Bug: v8:8238
Change-Id: Ia3c14c4c62c3c2e07f1dc4594f1bc9d1da88f91e
Reviewed-on: https://chromium-review.googlesource.com/c/1290974
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56823}
RewritableExpression always contain Assignment until rewriting; which
we only do after parsing a function. We don't call ->Is on possibly
rewritten expressions afterwards (we'll simply visit them instead).
Change-Id: I3be91e9f6701994a571d280515c9da34257f5425
Reviewed-on: https://chromium-review.googlesource.com/c/1291071
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56821}
The atomics and compare-exchange stress tests are intended to test
code generation only anyway and can be quite slow. So skip all the
variants.
Notry: true
Change-Id: Idf443b134558990c7eac43301fa816399794b9d5
Reviewed-on: https://chromium-review.googlesource.com/c/1291077
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56820}
The atomics stress tests use shared array buffers to record
non-deterministic interleaving of execution in web workers. This
produces non-deterministic heap results even in predictable mode.
NOTRY=true
Change-Id: Ic41c53bb6f5c67393fed7b9670c13cee6bc3481b
Reviewed-on: https://chromium-review.googlesource.com/c/1290979
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56819}
Port commit a63987a41a
Original message:
>This JSAsyncFunctionObject represents the implicit generator object
>inside of async functions, and also holds the outer promise for the
>async functions. This in turn allows us to get rid of the .promise
>in the Parser / BytecodeGenerator completely, and will make it
>possible to build zero-cost async stack traces independent of the
>concrete synchronous part of the stack frame (which currently breaks
>in Node.js).
>
>In the bytecode all the async function operations now take this new
>JSAsyncFunctionObject instead of passing both the .generator_object
>and the .promise, which further simplifies and shrinks the bytecode.
>It also reduces the size of async function frames, potentially making
>the suspend/resume cheaper.
>
>This also changes `await` to use intrinsics instead of calling to
>special JSFunctions on the native context, and thus reduces the size of
>the native contexts.
>
>Drive-by-fix: Introduce a dedicated JSCreateAsyncFunctionObject operator
>to TurboFan.
>
>Bug: v8:7253, v8:7522
>Change-Id: I2305302285156aa1f71328ecac70377abdd92c80
>Ref: nodejs/node#11865
>Design-Document: http://bit.ly/v8-zero-cost-async-stack-traces
>Reviewed-on: https://chromium-review.googlesource.com/c/1273049
>Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
>Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
>Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
>Reviewed-by: Maya Lekova <mslekova@chromium.org>
>Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
>Cr-Commit-Position: refs/heads/master@{#56554}
Change-Id: I5a11bd31bf2aac2e2b94779fa03b85ee88d7dbc4
Reviewed-on: https://chromium-review.googlesource.com/c/1288811
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#56818}
Added to crucial productions that will incur in any infinite recursion:
- In ParsePrimaryExpression
- In all ParseUnaryExpression subrules
- In ParseDoWhileStatement
- In ParseBlock
Change-Id: Iaee295eb5652e57712d029999b36078fea3b7dab
Reviewed-on: https://chromium-review.googlesource.com/c/1290794
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56816}
