Commit Graph

5694 Commits

Author SHA1 Message Date
Igor Sheludko
e7ffb2570c [ext-code-space] Enable external code space on x64 and desktop arm64
This is a reland #2. The fixes were landed separately.

Perf Sheriffs: this CL might regress some benchmarks while improving
the others.

Bug: v8:11880
Change-Id: I397aef5ad5cce42ef189ee10b482805c90ec925a
Cq-Include-Trybots: luci.v8.try:v8_android_arm64_compile_dbg
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417000
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78817}
2022-01-27 18:03:03 +00:00
Nico Hartmann
517ed4ad00 Reland "[Torque] Generalize Torque literals to larger size"
Previously, literals in Torque were stored as double values, which
made it impossible to precisely represent 64 bit integer values.
This CL replaces the old literal expression with an integer and
floating point literal expression that are unbounded in size. We
allow implicit conversion of these literals to arbitary integer
and floating point types respectively and insert a corresponding
bounds check into generated CSA.

Changes in the reland: Simplified IntegerLiteral to single digit.

Bug: v8:7793, chromium:1289282
Change-Id: I31c762c2f31165c7a1d0b07842b764e5851ce189
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3406750
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78811}
2022-01-27 13:39:16 +00:00
Thibaud Michaud
fd122c4221 [wasm] Return chained promise on suspend
Create and return the chained promise, which resumes the suspended wasm
continuation once the JS promise resolves:
- Add stub for the WasmResume builtin, which will resume the given
suspender.
- Add the JS function wrapper for the builtin.
- On suspension, return promise.then(onFulfilled) to the prompt.

R=ahaas@chromium.org
CC=​fgm@chromium.org

Bug: v8:12191
Change-Id: I2d6136b2bd610daa4be1880f347b7bdf897e75ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3404776
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78787}
2022-01-26 18:04:51 +00:00
Victor Gomes
096455ea0f [gm] Fuchsia support
Adds the archs fuchsia_x64 and fuchsia_arm64.

No-Try: true
Change-Id: I5e12a436fc206fecc910965e9597b7e05be23e26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416247
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78779}
2022-01-26 15:52:19 +00:00
Michael Achenbach
aefa66da28 Revert "[ext-code-space] Enable external code space on x64 and desktop arm64"
This reverts commit fd608d18b5.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan%20-%20builder/838/overview

Original change's description:
> [ext-code-space] Enable external code space on x64 and desktop arm64
>
> Perf Sheriffs: this CL might regress some benchmarks while improving
> the others.
>
> Bug: v8:11880
> Change-Id: I857526d0971fc858b56126cbc276d9bd4157d71f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416244
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78774}

Bug: v8:11880
Change-Id: Ie1009824936a65790e743cbc01ca2e5bec5dec90
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417432
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78776}
2022-01-26 15:26:24 +00:00
Igor Sheludko
fd608d18b5 [ext-code-space] Enable external code space on x64 and desktop arm64
Perf Sheriffs: this CL might regress some benchmarks while improving
the others.

Bug: v8:11880
Change-Id: I857526d0971fc858b56126cbc276d9bd4157d71f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416244
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78774}
2022-01-26 13:31:41 +00:00
legendecas
10a777ee7e [ShadowRealm] Part 1 - Skeleton
1. Expose all the functions to empty builtins.
2. Wire up the basic structure of ShadowRealm and internal slots.

Bug: v8:11989
Change-Id: If7545fe18a74b2bd4b70a1a25776e41f03aaff89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195532
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#78757}
2022-01-25 18:10:57 +00:00
Nico Hartmann
776126acfd Revert "[ext-code-space] Enable external code space on x64 and desktop arm64"
This reverts commit 7fc4868e47.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Linux64%20-%20release%20builder/26331/overview

Original change's description:
> [ext-code-space] Enable external code space on x64 and desktop arm64
>
> Perf Sheriffs: this CL might regress some benchmarks while improving
> the others.
>
> Bug: v8:11880
> Change-Id: Iddaba0512100eedf61d8b106da0be0a08d273b67
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3412072
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78743}

Bug: v8:11880
Change-Id: I238bb143b3781fc0b865edf4e7cb0ae52cbad0c7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3412078
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78744}
2022-01-24 16:05:35 +00:00
Igor Sheludko
7fc4868e47 [ext-code-space] Enable external code space on x64 and desktop arm64
Perf Sheriffs: this CL might regress some benchmarks while improving
the others.

Bug: v8:11880
Change-Id: Iddaba0512100eedf61d8b106da0be0a08d273b67
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3412072
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78743}
2022-01-24 15:55:05 +00:00
Nico Hartmann
362e265d4c Revert "[Torque] Generalize Torque literals to larger size"
This reverts commit 757830b02b.

Reason for revert: Speculatively revert due to a number of
performance regressions

Original change's description:
> [Torque] Generalize Torque literals to larger size
>
> Previously, literals in Torque were stored as double values, which
> made it impossible to precisely represent 64 bit integer values.
> This CL replaces the old literal expression with an integer and
> floating point literal expression that are unbounded in size. We
> allow implicit conversion of these literals to arbitary integer
> and floating point types respectively and insert a corresponding
> bounds check into generated CSA.
>
> Bug: v8:7793
> Change-Id: I46c231aab92bc2f0c26955d1876079f306b358c6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3329792
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78671}

Bug: v8:7793
Change-Id: I9896e28b3c69b8cf2488bf93e993ec320d8c5d2e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401866
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78706}
2022-01-20 17:13:39 +00:00
Jakob Gruber
0a6c1a778a Remove the turboprop implementation
Bug: v8:12552
Change-Id: I99e4d8e8aeba5460f11e54cc1b2bcaea98a5276d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3400964
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78698}
2022-01-20 12:31:39 +00:00
Nico Hartmann
757830b02b [Torque] Generalize Torque literals to larger size
Previously, literals in Torque were stored as double values, which
made it impossible to precisely represent 64 bit integer values.
This CL replaces the old literal expression with an integer and
floating point literal expression that are unbounded in size. We
allow implicit conversion of these literals to arbitary integer
and floating point types respectively and insert a corresponding
bounds check into generated CSA.

Bug: v8:7793
Change-Id: I46c231aab92bc2f0c26955d1876079f306b358c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3329792
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78671}
2022-01-18 15:16:24 +00:00
Victor Gomes
55be041933 [runtime] Adds a hashtable object (name => index)
In preparation to use the hash table in the scope_info, we
setup a hashtable from name to indices.

Bug: v8:12315
Change-Id: I77f1eb40191c2fb2d40127e1e84dbc41ca2e4b70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386804
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78646}
2022-01-17 12:09:34 +00:00
Jakob Gruber
bd1cc7b009 [compiler] Remove support for --no-concurrent-inlining
Now that concurrent inlining is shipping on stable, remove support
--no-concurrent-inlining.

Note that it's still possible to run Turbofan exclusively on the
main thread by passing --no-concurrent-recompilation.

Bug: v8:7790, v8:12142, chromium:1240585
Change-Id: I1943bbbcad7dea7e3a3c337c239f14f7d96c23cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3308798
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78644}
2022-01-17 11:29:48 +00:00
Thibaud Michaud
b8440171c9 [wasm] Add suspend wrapper stub
- Add suspend asm builtin stub, and call it from the suspending
wasm-to-js wrapper
- Rename frame type to match both builtins (prompt and suspend)
- Add suspend bool to the import cache key

R=ahaas@chromium.org
CC=​​fgm@chromium.org

Bug: v8:12191
Change-Id: Ie5a8ca7cbe4bcb91697e05b6470e3d632d608993
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3345004
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78628}
2022-01-14 16:45:42 +00:00
Victor Gomes
63c6b2d541 [runtime] Adds kScopeInfoMaxInlinedLocalNamesSize
kScopeInfoMaxInlinedLocalNamesSize is a threshold for inlined storage,
otherwise local names will be stored in a hash table.

Bug: v8:12315
Change-Id: Ibfa5bec5222c9e60765c3663707623544895ec0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386601
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78622}
2022-01-14 14:07:24 +00:00
Dominik Inführ
93f28d16c7 Reland "[heap] Optimize time to reach global safepoint"
This is a reland of 86038ecfdc

Compared to the previous CL this one is adding a TSAN suppression
for GlobalSafepoint::EnterSafepointScope. local_heaps_mutex_ of client
isolates may be locked in any order. This would be detected by TSAN as a
potential race. Add some additional DCHECKs to compensate for that
missing test coverage.

As a cleanup this CL also removes the unused methods ContainsLocalHeap()
and ContainsAnyLocalHeap() from LocalHeap.

Original change's description:
> [heap] Optimize time to reach global safepoint
>
> Initial support for global safepoints kept it simple by entering a
> safepoint for each of them one after another. This means
> time-to-global-safepoint is the sum of all time-to-safepoint operations.
> We can improve this slightly by splitting up the safepoint iteration
> into two operations:
>
> 1) Initiate safepoint lock (locks local_heaps_mutex_, arms the barrier
>    and sets SafepointRequested flag for all client threads)
> 2) Block until all runnning client threads reach a safepoint
>
> We now perform operation 1) for all clients first and only then start
> with operation 2).
>
> Bug: v8:11708
> Change-Id: Iaafd3c6d70bcf7026f722633e9250b04148b3da6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310910
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78308}

Bug: v8:11708, v8:12492
Change-Id: I7087ba23c08f2d4edb9b632eef3c218fc76342e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3328786
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78583}
2022-01-12 10:35:25 +00:00
Andreas Haas
eb129a5cf1 Reland "[wasm] Lazy compilation after deserialization"
The original CL introduced a test that does not work when it is executed
concurrently on multiple isolates. This CL skips this test
configuration.

Original change's description:
> [wasm] Lazy compilation after deserialization
>
> The serialization format contains one boolean flag per function which
> specifies whether the function code exists in the serialized module or
> not. With this CL, this boolean flag is extended to a three-value flag
> which indicates whether the function exists, and if not, whether the
> function was executed before serialization. This information can then be
> used upon deserialization to compile only those functions that were
> executed before serialization.
>
> Design doc: https://docs.google.com/document/d/1U3uqq4njqLqFhr1G2sU_bmpQxY-3bvfG55udSb-DvA4/edit?usp=sharing
>
> Bug: v8:12281

Change-Id: I36ce90b37736172aa01c47ab04e154ec8ea2d8aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3380590
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78564}
2022-01-11 13:13:56 +00:00
JianxiaoLuIntel
e7f92432db [tool] fix typo in heap-layout and system-analyzer
Change-Id: I443d6e84fb3ca9d27456300b777105319ec0fe25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3352457
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78563}
2022-01-11 13:06:21 +00:00
Lu Yahan
87483842cb [riscv64] Implement simd128 in swap
enable simd on riscv64

Change-Id: I446d6b14e4f89164b49a66367340d904ba104911
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3347493
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#78553}
2022-01-11 03:40:16 +00:00
Clemens Backes
8d8a021c8d Revert "[wasm] Lazy compilation after deserialization"
This reverts commit fbcdb28178.

Reason for revert: New test fails for multiple (concurrent) isolates: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/45152/overview

Original change's description:
> [wasm] Lazy compilation after deserialization
>
> The serialization format contains one boolean flag per function which
> specifies whether the function code exists in the serialized module or
> not. With this CL, this boolean flag is extended to a three-value flag
> which indicates whether the function exists, and if not, whether the
> function was executed before serialization. This information can then be
> used upon deserialization to compile only those functions that were
> executed before serialization.
>
> Design doc: https://docs.google.com/document/d/1U3uqq4njqLqFhr1G2sU_bmpQxY-3bvfG55udSb-DvA4/edit?usp=sharing
>
> Bug: v8:12281
> Change-Id: I465e31e5422fa45163256be0e6594045865f0174
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364089
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78545}

Bug: v8:12281
Change-Id: If0e327d02e8257a4d1cfcf8b82381af11f28e91c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3377126
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78546}
2022-01-10 17:37:03 +00:00
Andreas Haas
fbcdb28178 [wasm] Lazy compilation after deserialization
The serialization format contains one boolean flag per function which
specifies whether the function code exists in the serialized module or
not. With this CL, this boolean flag is extended to a three-value flag
which indicates whether the function exists, and if not, whether the
function was executed before serialization. This information can then be
used upon deserialization to compile only those functions that were
executed before serialization.

Design doc: https://docs.google.com/document/d/1U3uqq4njqLqFhr1G2sU_bmpQxY-3bvfG55udSb-DvA4/edit?usp=sharing

Bug: v8:12281
Change-Id: I465e31e5422fa45163256be0e6594045865f0174
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364089
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78545}
2022-01-10 16:35:48 +00:00
Benedikt Meurer
765ca6a0d3 [inspector] Capture stack trace only once for JSError objects.
When creating a new JSError object (or using the non-standard API
`Error.captureStackTrace`) V8 would previously capture the "simple stack
trace" (as FixedArray of CallSiteInfo instances) to be used for the non-
standard `error.stack` property, and if the inspector was active also
capture the "detailed stack trace" (as FixedArray of StackFrameInfo
instances). This turns out to be quite a lot of overhead, both in terms
of execution time as well as memory pressure, especially since the
information needed for the inspector is a proper subset of the
information needed by `error.stack`.

So this CL addresses the above issue by capturing only the "simple stack
trace" (in the common case) and computing the "detailed stack trace"
from the "simple stack trace" when on demand. This is accomplished by
introducing a new ErrorStackData container that is used to store the
stack trace information on JSErrors when the inspector is active. When
capturing stack trace for a JSError object while the inspector is
active, we take the maximum of the program controlled stack trace limit
and the inspector requested stack trace limit, and memorize the program
controlled stack trace limit for later formatting (to ensure that the
presence of the inspector is not observable by the program).

On the `standalone.js` benchmark from crbug.com/1283162 (with the
default max call stack size of 200) we reduce execution time by around
16% compared to ToT. And compared to V8 9.9.4 (the version prior to the
regression in crbug.com/1280831), we are 6% faster now.

Doc: https://bit.ly/v8-cheaper-inspector-stack-traces
Bug: chromium:1280831, chromium:1278650, chromium:1258599
Bug: chromium:1280803, chromium:1280832, chromium:1280818
Fixed: chromium:1283162
Change-Id: I57dac73e0ecf7d50ea57c3eb4981067deb28133e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3366660
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78542}
2022-01-10 14:55:18 +00:00
Clemens Backes
33273f099e [testrunner] Add missing comma
Without the comma, the two strings '--no-enable-sse3' and
'--noenable-ssse3' will be concatenated, resulting in missing detection
for the no_simd_hardware flag.

R=liviurau@chromium.org

Bug: v8:12521
Change-Id: Icbdc5e8057d1eeead472f76efd52c379bffbe5b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3372914
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78528}
2022-01-10 10:06:52 +00:00
Frank Tang
f811e89269 [Temporal] Part2 Add constructor and simple getters.
Bug: v8:11544

Change-Id: I3206ca3e0c505b14e4497ccb2af25a31940a1c1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2967755
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78518}
2022-01-07 19:18:33 +00:00
Clemens Backes
b04d9eea02 [gdbinit] Also look for OS::DebugBreak frames
If such a frame is near the top of the stack frame, move to the frame
below instead, which is the caller of OS::DebugBreak.
Also, rename dcheck_stop_handler to v8_stop_handler since we handle more
than DCHECKs there.

R=leszeks@chromium.org

No-Try: true
Change-Id: Ib31c2dc8278ec779a00babfdc952453e66e5f110
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3366238
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78481}
2022-01-04 15:51:18 +00:00
Anton Bershanskiy
f3214885ec Fix gen-keywords-gen-h.py
Commit 84f3877c15 moved IsInRange to
base::IsInRange and updated src/parsing/keywords-gen.h, but did not
update tools/gen-keywords-gen-h.py.

Bug: v8:12507
Change-Id: I914ba73feac3bac6fd5d08d14d17149faf6c5c76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3356200
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78467}
2022-01-03 16:38:27 +00:00
JianxiaoLuIntel
257b0a43ac [tool] heap layout trace file visualization tool
Design doc:
https://docs.google.com/document/d/1rxM3sDd-ZiOLznqw7MvYraulAPWJSVqC_CztO4YpUTQ/edit

Change-Id: I471ff31f32b7bdd22cb03005c1dcc18aa485ad77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3313793
Auto-Submit: Jianxiao Lu <jianxiao.lu@intel.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/main@{#78428}
2021-12-22 02:07:35 +00:00
Samuel Groß
277fdd1de7 V8 Sandbox rebranding
This CL renames a number of things related to the V8 sandbox.
Mainly, what used to be under V8_HEAP_SANDBOX is now under
V8_SANDBOXED_EXTERNAL_POINTERS, while the previous V8 VirtualMemoryCage
is now simply the V8 Sandbox:

V8_VIRTUAL_MEMORY_CAGE => V8_SANDBOX
V8_HEAP_SANDBOX => V8_SANDBOXED_EXTERNAL_POINTERS
V8_CAGED_POINTERS => V8_SANDBOXED_POINTERS
V8VirtualMemoryCage => Sandbox
CagedPointer => SandboxedPointer
fake cage => partially reserved sandbox
src/security => src/sandbox

This naming scheme should simplify things: the sandbox is now the large
region of virtual address space inside which V8 mainly operates and
which should be considered untrusted. Mechanisms like sandboxed pointers
are then used to attempt to prevent escapes from the sandbox (i.e.
corruption of memory outside of it). Furthermore, the new naming scheme
avoids the confusion with the various other "cages" in V8, in
particular, the VirtualMemoryCage class, by dropping that name entirely.

Future sandbox features are developed under their own V8_SANDBOX_X flag,
and will, once final, be merged into V8_SANDBOX. Current future features
are sandboxed external pointers (using the external pointer table), and
sandboxed pointers (pointers guaranteed to point into the sandbox, e.g.
because they are encoded as offsets). This CL then also introduces a new
build flag, v8_enable_sandbox_future, which enables all future features.

Bug: v8:10391
Change-Id: I5174ea8f5ab40fb96a04af10853da735ad775c96
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3322981
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78384}
2021-12-15 17:09:36 +00:00
Benedikt Meurer
b8e2a423e0 [debug] Introduce a dedicated StackFrameInfo for v8::StackFrame.
This is the final change list in the list of refactorings to split off
the implementations of v8::StackFrame and CallSite objects (as used by
the V8 JavaScript stack API). See https://bit.ly/v8-stack-frame for the
whole story.

This CL adds the v8::internal::StackFrameInfo class as new backing
implementation of v8::StackFrame, and puts it into debug-objects.tq
to indicate that it's used for the debugger API only. This new class
is lightweight and only holds on to static information about the
stack frame, and is thus usable for the V8 inspector to implement
async stack traces in a cheaper manner going forward.

Doc: https://bit.ly/v8-stack-frame
Bug: chromium:1258599, chromium:1278650
Fixed: chromium:1278647
Change-Id: I4dbf2d850f47797263af225895129499169aad02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302794
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78382}
2021-12-15 06:16:46 +00:00
Benedikt Meurer
4ecf143801 [refactor] Rename StackFrameInfo to CallSiteInfo.
This is the second step in the refactoring to make v8::StackFrame
more lightweight and usable for (long time storage) by the V8
inspector (see https://bit.ly/v8-stack-frame for an overview).

This is a purely mechanical change without any functional aspects.
The intention is to make the use case for the CallSiteInfo objects
clear, namely to serve as the backing store for the CallSite objects
exposed via the Error.prepareStackTrace() API and used under the
hood to implement the error.stack accessor.

Doc: https://bit.ly/v8-stack-frame
Bug: chromium:1258599, chromium:1278647, chromium:1278650
Change-Id: I39dffd1f1a8e5158ddc56f2a0a2b1b28321f487a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300138
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78361}
2021-12-14 10:03:25 +00:00
Nico Weber
282e678881 Remove absolute paths in ninja files for v8windbg gn file
No behavior change.

Bug: chromium:1278777
Change-Id: I18deed9571acb9f953cb6cddee12e27733de98b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3332197
Auto-Submit: Nico Weber <thakis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78352}
2021-12-13 16:22:54 +00:00
Dominik Inführ
a0ed6096f3 [heap] Introduce CLIENT_TO_SHARED remembered set
During a shared GC we need to iterate the twice: for marking and later
when updating pointers after evacuation. This CL introduces a new
remembered set to avoid the second heap iteration, the remembered set
is created when iterating the client heaps for marking. When updating
pointers, the GC only needs to visit slots in the remembered set.
CLIENT_TO_SHARED is only used during GC atm.

Bug: v8:11708
Change-Id: Ie7482babb53b5f6ca2115daafe6f208acae98d6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3315443
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78332}
2021-12-10 07:29:41 +00:00
Leszek Swirski
3b9091c827 [compiler-dispatcher] Move Job pointer to SFI
Reduce the enqueuing cost of compiler-dispatcher jobs by getting rid of
the sets and hashmaps, and instead:

  1. Turning the pending job set into a queue, and
  2. Making the SharedFunctionInfo's UncompiledData hold a pointer to
     the LazyCompilerDispatcher::Job, instead of maintaining an
     IdentityMap from one to the other.

To avoid bloating all UncompiledData, this adds two new UncompiledData
subclasses, making it four subclasses total, for with/without Preparse
data and with/without a Job pointer. "should_parallel_compile"
FunctionLiterals get allocated an UncompiledData with a job pointer by
default, otherwise enqueueing a SFI without a job pointer triggers a
reallocation of the UncompiledData to add a job pointer.

Since there is no longer a set of all Jobs (aside from one for
debug-only), we need to be careful to manually clear the Job pointer
from the UncompiledData whenever we finish a Job (whether successfully
or by aborting) and we have to make sure that we implicitly can reach
all Jobs via the pending/finalizable lists, or the set of currently
running jobs.

Change-Id: I3aae78e6dfbdc74f5f7c1411de398433907b2705
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3314833
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78302}
2021-12-08 16:03:35 +00:00
Shu-yu Guo
a4b83dcf22 Reland "[top-level-await] Remove --harmony-top-level-await"
This is a reland of 3ee4804f83.

The CL was originally reverted for blink test failures. Since the
revert, the blink top-level await flag has been removed.

Original change's description:
> [top-level-await] Remove --harmony-top-level-await
>
> TLA has been shipped since v8.9.
>
> Bug: v8:9344, chromium:1271114
> Change-Id: Ibebf21da8bacb1f0d212390133847495ad8553e5
> Reviewed-on:
https://chromium-review.googlesource.com/c/v8/v8/+/3307103
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78169}

Bug: v8:9344, chromium:1271114
Change-Id: I96a9641967a23a12ba2467a69e5859ad8647f3e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3318717
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78261}
2021-12-06 23:02:33 +00:00
Shu-yu Guo
b6030dbac5 [string] Make String::MakeThin threadsafe for shared strings
For shared strings, String::MakeThin is protected by using the map word
of the string being migrated as a spinlock.

Note that this CL does not make it safe yet to access character data
from multiple threads. The spinlock here only protects write-write races
in String::MakeThin.

For more information, see the following two design docs:

https://docs.google.com/document/d/1c5i8f2EfKIQygGZ23hNiGxouvRISjUMnJjNsOodj6z0/edit
https://docs.google.com/document/d/1Drzigf17t4ofy0evDmaIL5p0MDZuAl95c9fSeX-QjVg/edit

Bug: v8:12007
Change-Id: I9c47412c6ec7360a672b65a8576b4f6156ee5846
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3313429
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78257}
2021-12-06 20:27:06 +00:00
Tamer Tas
78a475c898 [v8_perf] remove deprecated builder options from v8 perf trybot
R=machenbach@chromium.org,liviurau@chromium.org

Bug: v8:11211,v8:12462
Change-Id: If13e9ac6eaa3edc6b99c77c9cf16f5441f5c33e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3310898
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78203}
2021-12-02 11:02:32 +00:00
Manos Koukoutos
c2f7f5964d [wasm] Disable spec. inlining by flag implications
--wasm-speculative-inlining makes no sense if --liftoff-only or
--no-liftoff, since it needs type feedback from Liftoff and is appied
by Turbofan. Therefore, it should be disabled in these cases.
Specifically, --wasm-speculative-inlining implies
--wasm-dynamic-tiering, which contradicts --liftoff-only.

Bug: v8:12166
Change-Id: Idc5e0d7ceb7dbdf82ea6fd14ffc8386fe35a1257
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306554
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78200}
2021-12-02 09:57:22 +00:00
Junji Watanabe
55a26dc4f1 Remove --isolated from mb.py
This flag is not supported now.

Bug: chromium:1271841
Change-Id: I6a80ebed79a03164f58f1757b8ebaca74a681441
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306786
Auto-Submit: Junji Watanabe <jwata@google.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78198}
2021-12-02 08:31:19 +00:00
Richard Stotz
286747bb97 [wasm] Remove CallRefData
This CL removes the CallRefData data structure and accesses a funcref's
target and instance through the funcref.

Bug: v8:7748
Change-Id: Ic46b127f7775052d5df13b03c447e3b15328ad74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3306486
Commit-Queue: Richard Stotz <rstz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78194}
2021-12-01 18:46:59 +00:00
Leszek Swirski
5ab1ec1e06 [compiler-dispatcher] Enqueue tasks for non-eager inner funcs
Add suppose for compiling non-eager, non-top-level inner functions in
parallel, using the compiler dispatcher. This behaviour can be enabled
with --parallel-compile-tasks-for-lazy.

There are a couple of consequences:

  * To support this we need support for off-thread ScopeInfo
    deserialization, so this adds that too.
  * The previous --parallel-compile-tasks flag is renamed to the more
    descriptive --parallel-compile-tasks-for-eager-toplevel.
  * Both parallel-compile-tasks flags are moved onto
    UnoptimizedCompileFlags so that they can be enabled/disabled on a
    per-compile basis (e.g. enabled for streaming, disabled for
    re-parsing).
  * asm.js compilations can now happen without an active Context (in
    the compiler dispatcher's idle finalization) so we can't get a
    ContextId for metric reporting; we'd need to somehow fix this if we
    wanted asm.js UKM but for now it's probably fine.
  * Took the opportunity to clean up some of the "can preparse" logic in
    the parser.

Change-Id: I20b1ec6a6bacfe268808edc8d812b92370c5840d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3281924
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78183}
2021-12-01 13:14:09 +00:00
Frank Tang
2b352df062 [intl] Update Intl.Locale.weekInfo sync latest
Implement the changes in
https://github.com/tc39/proposal-intl-locale-info/pull/44
So weekInfo will return weekend as an array instead of weekendStart
and weekendEnd.

Bug: v8:11638
Change-Id: I775b003b36f67179943911faa7f77a323ad9f6f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3307685
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78172}
2021-11-30 23:17:28 +00:00
Adam Klein
6f60dea6b8 Revert "[top-level-await] Remove --harmony-top-level-await"
This reverts commit 3ee4804f83.

Reason for revert: breaks blink_unit_tests:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux/15074/overview

Original change's description:
> [top-level-await] Remove --harmony-top-level-await
>
> TLA has been shipped since v8.9.
>
> Bug: v8:9344, chromium:1271114
> Change-Id: Ibebf21da8bacb1f0d212390133847495ad8553e5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3307103
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78169}

Bug: v8:9344, chromium:1271114
Change-Id: I0874bcaba18fde3b48f5ef7eeae89f2fa4978d51
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3308422
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78170}
2021-11-30 22:14:41 +00:00
Shu-yu Guo
3ee4804f83 [top-level-await] Remove --harmony-top-level-await
TLA has been shipped since v8.9.

Bug: v8:9344, chromium:1271114
Change-Id: Ibebf21da8bacb1f0d212390133847495ad8553e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3307103
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78169}
2021-11-30 20:18:48 +00:00
Camillo Bruni
e24deb89fe [tools] Various system-analyzer fixes
- Handle empty script sources
- Fix list-panel groups, order by count

Bug: v8:10644
Change-Id: I03d3915f709d47429040b591c0271e951eca58e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3289642
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78165}
2021-11-30 15:16:21 +00:00
Michael Achenbach
7b1b62e56e [numfuzz] Extend numfuzz with more interrupt-budget fuzzing
This also fuzzes values of --budget-for-feedback-vector-allocation.
Boundaries for the intervals are the default values in the code.

No-Try: true
Bug: v8:12434
Change-Id: I0a9d7421408a51c717c2edfe0e67c459f0a2834c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303792
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78111}
2021-11-26 15:08:50 +00:00
Michael Achenbach
5cb3a80a8c [numfuzz] Enable feedback-vector-budget flag again.
Bug seems to not reproduce anymore as shown by:
https://chromium-review.googlesource.com/c/v8/v8/+/3302803/1

No-Try: true
Bug: v8:10243
Change-Id: Ic892b2c08d917f805ab6893e9dba86d112790abc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302803
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78109}
2021-11-26 14:43:20 +00:00
Michael Achenbach
41285962bc [numfuzz] Add an interrupt-budget fuzzer
This fuzzes more values of interrupt-budget on numfuzz. For now
as a single instance. In a follow up we add it also to combined
flags.

No-Try: true
Bug: v8:12434
Change-Id: I836c5e829ffeabfa4a4686d4d3d2fd43fce1ee88
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302797
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78107}
2021-11-26 13:23:52 +00:00
Michael Achenbach
823c44d397 [owners] Includes infra team as tools owners
Not all infra members are common owners, but own several parts of the
tools directory.

No-Try: true
Change-Id: I48ab2e95b67d13a01a88fef34b86e992da4b9fba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3301462
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78083}
2021-11-25 07:55:08 +00:00
Manos Koukoutos
f60132e96a [wasm] Internal representation for function references
Design doc: bit.ly/3jEVgzz

We separate the internal representation of function references in Wasm
from their JSFunction-based (external) representation. This improves
performance of call_ref by requiring less indirections to load the
context and call target from a function reference. In the boundary
between wasm and JS/the C API, we add transformations between the two
representations.

Detailed changes:
- Introduce WasmInternalFunction, containing fields required by
  call_ref, as well as a reference to the corresponding
  WasmExternalFunction. Add a reference to the WasmInternalFunction in
  WasmFunctionData. The {WasmInternalFunction::FromExternal} helper
  extracts the internal out of an external function.
- Change {WasmInstanceObject::external_functions()} to internal
  functions.
- Change wasm function tables to contain internal functions.
- Change the following code to use internal functions:
  - call_ref in liftoff and Turbofan
  - function type checks in liftoff and Turbofan
  - CallRefIC and GenericJSToWasmWrapper builtins
  - {InitExprInterface::RefFunc}
  - module-compiler.cc in {ProcessTypeFeedback}
  - In module-instantiate.cc, in function-rtt creation.
- Add transformations between internal and external functions in:
  - WasmWrapperGraphBuilder::{ToJS, BuildUnpackObjectWrapper, FromJS,
    BuildJSToJSWrapper}.
  - debug-wasm-objects.cc in {FunctionProxy::Get},
    {WasmValueObject::New} and {AddWasmTableObjectInternalProperties}.
  - runtime-wasm.cc in ReplaceWrapper
  - the C and JS APIs
  - module-instantiate.cc, in import and export processing, as well as
    {InitializeIndirectFunctionTables}
  - WasmTableObject::{IsValidElement, SetFunctionTableEntry}
  - {WasmGlobalObject::SetFuncRef}
- Simplify body descriptors of WasmExternalFunction variants.
- Adjust tests.

Bug: v8:11510

Change-Id: I8377f46f55c3771391ae1c5c8201a83854ee7878
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3277878
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78068}
2021-11-24 13:07:28 +00:00