Initial feature: list functions in a module, as follows:
$ gm x64.release wami
$ out/x64.release/wami --list-functions my_module.wasm
More to come.
Change-Id: I9580437d51153e1b5ccc291fdb6a6a67315be07d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742700
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81515}
This CL implements checks in case EnforceRange is requested for a
given parameter by using TryTruncate* operators. It implements 2 such
truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
TryTruncateFloat64ToUint32.
Bug: chromium:1052746
Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81512}
Instruction selector is also modified to include a `relaxed`
boolean value to be used for future optimizations.
Change-Id: I1e314066655613846653cc0c3668167c4ef32648
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735106
Reviewed-by: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#81511}
This adds a new --experimental-value-unavailable flag, which is disabled
for now. When enabled the debugger reports values that are optimized out
by TurboFan and values of certain variables in Temporal Dead Zones (TDZ)
as unavailable. Internally we use a special `value_unavailable` accessor
info to represent these values, and on the debugger boundary we report
these properties with `value`, `get`, or `set`.
Doc: https://goo.gle/devtools-value-unavailable
Bug: chromium:1328681
Demo: devtools-dbg-stories.netlify.app/crbug-1328681-value-unavailable
Change-Id: Idb09a4a148335a950deae60f7c07caecc48826ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627510
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81509}
Make the normal CheckMaps non-calling, and add a new
CheckMapsWithMigration which still does the deferred call. Eventually
we'll want to also not mark this as calling, but keeping the two
separate is cleaner anyway.
Bug: v8:7700
Change-Id: Ideb2fcef147ab45d4a10bbdde9a85a55fbd56947
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740725
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81499}
The optimization was initially designed to support only the case where
the receiver is the holder, so make this explicit:
Cached properties were implemented before super property access and
Reflect.get, or at least around the same time, not realising it
conflicted. Cached properties are optimizations for known accessors
globalThis.window and globalThis.document. They store the result of
calling those accessors. The result of calling those accessors depends
on the receiver passed to the call, so we shouldn't simply read the
cached property off of the _holder_ of the accessor, but only do so if
the holder is the same as the receiver.
Bug: chromium:1305302
Change-Id: Iea6f4437e09d5a293798041adcb310469589d00f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738744
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81498}
Currently serialization of external pointers stored in EmbedderDataArray
is not supported but such a functionality was never needed before.
Bug: v8:13007, v8:12949
Change-Id: I56dc33592c1410ac9e234c60ef79db92a4e96a0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740724
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81497}
This opcode is being removed in favor of pre-declared non-defaultable
locals (details are still TBD).
Bug: v8:9495
Change-Id: I96ac053a1b5a852310c5dc0bbaeab0cbf5384663
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738743
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81496}
Most often, the {ValueType::Ref} constructor was called with a
constant nullability. To make things more convenient, this CL renames
{Ref} to {RefMaybeNull}, and introduces {Ref} and {RefNull}
constructors with fixed nullability.
Bug: v8:7748
Change-Id: I664ff184ca936cc752e152c3c67546d79aa24390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732936
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81494}
MarkingWorklists and MinorMarkCompactCollector each had their own
definition of MarkingWorklist. Both definition are identical.
Drop MinorMarkCompactCollector's definition.
Bug: v8:12612
Change-Id: I890f263e4de702aa34f00626a3aaa3ffb29c1ff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740723
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81493}
Upon Scavenge, nodes may generally be reclaimed or updated. This logic
did not consider the fact that objects may be Smis and thus should be
ignored.
Bug: v8:1341111
Change-Id: I62f68e673377a895d3487ec9d372001342e77e8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740722
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81492}
This makes the internal V8 name consistent with the text-format name.
Bug: v8:7748
Change-Id: I44f7ac1eb5e634b4f829e596bf1f14caeb748d54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726291
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81491}
Ctrl+X, Ctrl+V. No change in behavior.
This is a preparational step for templatizing the module decoder
for disassembler purposes.
Bug: v8:12917
Change-Id: I08a5d2e666cd16a207e9862b2691446c0473ddb0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738221
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81489}
This is no longer needed as all backing store allocations must now be
located inside the sandbox after sandboxed pointers were enabled by
default when the sandbox is enabled.
Bug: chromium:1218005
Change-Id: Id2d5feba878e1a6a5775ae3fef4012d0e7fe667a
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738742
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81488}
This was already removed as part of the lazy api accessor work, but
was never cleaned up throughout v8.
Change-Id: I00621d0e0f33c58efaed0f6b55cd22f1f8803825
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735131
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81481}
The previous combination of a conditional and an unconditional move
produced an incorrect value when dst == rhs and lhs contained the
expected result.
Fixed: chromium:1338980
Change-Id: If3f722999ed9c0ffd687736280d048d232d75736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738219
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81475}
This is a performance improvement; no change in functional
behavior is intended.
AdaptiveMap is an abstraction over a std::map or a std::vector:
after being initialized iteratively with a set of entries, it
can switch to dense vector-based storage if that would be more
efficient.
The motivation is that we expect most name sections, if they
are present at all, to give fairly complete information, so the
dense mode will likely be the typical case. However, it's easy
enough to support sparse mode as well, and parsing the name
section into a std::map at first is particularly convenient for
cases where we can't guess the expected number of entries, such
as for function locals.
Change-Id: Ia17f27576a3061eb05c912f7081411d6f38137e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726150
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81474}
If the WordAnd aims to take low 8/16/32 bits of an oprand for later cmp8/cmp16/cmp32, it can be removed.
Change-Id: I0040e596ab65a6a9255ddbdb4fca573fd765879e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3731488
Commit-Queue: Jianxiao Lu <jianxiao.lu@intel.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81473}
This is a partial reland of https://crrev.com/c/3597106
With this change, an existing Script from the compilation cache can be
reused after its top-level SharedFunctionInfo was discarded, but only if
the new script is parsed on the main thread (not deserialized from code
cache data, and not parsed on a background thread).
Bug: v8:12808
Change-Id: I1edaee2095306a89e2c3b91f2fd01ac053f3c770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3689348
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81472}
MinorMC maintained a separate marking state to support interleaved GCs.
Since MinorMC now assumes that interleaving is not possible, MinorMC can
use the same marking state as the full GC.
Bug: v8:12612
Change-Id: Ibeb7df2eb24e448f811b497c9d16b3b132f87ec2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735163
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81468}
The set of registers used for Pop/PushCallerSaved is a superset of the
ABI caller-saved registers. In the past it may have been the case that
these extra registers had to be saved, but at this point
Pop/PushCallerSaved is only used for fast C calls from JS, so we can
rely on the C-compiled functions saving callee-saved registers
correctly, and only save ABI-required registers ourselves.
Change-Id: I2a172bdbb381a1485654e54e3561d695b6672ed0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735130
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81467}
This file uses inline assembly, but inline assembly does not work
for cross-compilation. As this file only contains debug code, no-oping
this file for cross-compilation seems acceptable.
R=ishell@chromium.org
Bug: v8:12926
Change-Id: I01276cf019e8c31e4db6f7f61a3d91526f660578
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735165
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81466}
This is a necessary assumption for concurrent marking in MinorMC and
will simplify the code as it allows MinorMC to reuse the same marking
bitmap as full GCs.
Bug: v8:12612
Change-Id: I5e9be45c7d84320721ce7f7578dee1eb972d6f6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732933
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81465}
This reverts commit 83470dee90.
Reason for revert: Introduced inconsistencies with the runtime (https://crbug.com/chromium/1339320) and increased inaccuracy
(https://crbug.com/v8/12996). Even though this is currently not specified, the speed improvement doesn't seem to be worth the
lower precision.
Bug: chromium:1339320, v8:12996
Original change's description:
> [turbofan] Add fast path for Math.pow with small positive integer exponent
>
> For small positive integer exponents, calculate the result with an inlined loop.
>
> This change may improve the average runtime of JetStream2/raytrace for ~8%.
>
> Change-Id: I0e3939dc9c21b0c392c04d61fd197bf618004ab4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708024
> Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81341}
Change-Id: Idfaa229b3d37a1831f016453c6091d2498cb6bcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735129
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81463}
On old iPhones, jscvt is not availale. This CL diables jscvt on iOS in
general.
R=tebbi@chromium.org
Bug: v8:13004
Change-Id: Ib2651d7fa43892c06dc8c36e497a8c76344b5051
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726297
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81462}
We need this to expand the max input count to be big enough for our
biggest calls (and to add more bits to the op properties).
Bug: v8:7700
Change-Id: I6d63cf39b3079c3c85a32f208ce925ae795ef5a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3734811
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81461}
Stack scan during marking for shared heap broke in
https://crrev.com/c/3703837
This CL re-adds the client Isolate handling which is necessary as
those client Isolates may refer to the shared Isolate from stack.
Bug: v8:13019
Change-Id: I1ee27fb8bab173087a98a0b79f4126612427b016
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736444
Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81460}
In DebugPropertyIterator::iterator() we were assuming that the call to
JSReceiver::GetOwnPropertyDescriptor() would always yield either an
exception or a valid property descriptor. But that's not guaranteed to
be the case (anymore), because JSReceiver::GetOwnPropertyDescriptor()
nowadays can chicken out with `false` for many different reasons.
Coincidentally the callsites to DebugPropertyIterator::iterator() are
already equipped to handle the case where of an empty property
descriptor, which is basically what we get out here. So this CL adjusts
the DebugPropertyIterator to return an empty descriptor in this case.
Fixed: chromium:1291240
Change-Id: I22a9d0cde2b2c6d3966a85478ed0b87fb4c5d232
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736445
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81458}
port commit b9c4a84955
Change-Id: Id2764f7b37b287a76bd9b22e55f4153b9b619bd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736554
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81454}
