evaluate() bypassed CSP for unsafe-eval by default. This is a useful
option for debugging clients, but is not always what we want.
e.g. in the devtools console we want to match the page's CSP settings
to make debugging CSP issues on the page easier.
Add a toggle that keeps the current behavior by default.
Bug: chromium:1084558
Change-Id: Ia01142d5be00f8ef5f65e5eeba17549efc6f9120
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2250245
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68432}
The reference types wasm proposal dropped all subtyping. Subsequently,
the 'anyref' type was renamed to externref.
This changes all references of the *type* anyref to externref.
Additionally, the flag that permits this extension is renamed to
"reftypes" to mirror the proposal name.
Bug: v8:7748
Change-Id: Icf323f13b9660fd10540e65125af053fca3a03f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2232941
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68270}
Previously both the length and the endColumn for Wasm scripts were
reported as 0, and that was sort of okayish, since the front-end
was ignoring both of these fields in case of Wasm, and was applying
special cases. But these special casing lead to some subtle bugs,
and this is the first step towards a more uniform treatment.
Source positions for Wasm are in terms of the bytecode, and the
column field contains the bytecode offset here, while the line
number field is always 0. Hence we send 0 for both startLine and
endLine as before, but endColumn now corresponds to the bytecode
size.
Bug: chromium:1056632
Change-Id: Ia8a9cfe454ed250b87a524f5cbcbbbe242205db6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2215817
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67997}
This adds the wasm instance to the module scope. The instance
contains the exported entities that can now be inspected.
Bug: chromium:1043034
Change-Id: I9236ac9c126f3bc4b1e056990fe34956bbe8ed6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2213433
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67961}
Convert wasm-value into internal::WasmValue, then to debug::WasmValue.
This is then copied into a CDP protocol object via a new class,
WasmValueMirror.
Bug: v8:10347
Change-Id: I5778d2cc5701caf82e4a97ac329303e510695b74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151130
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67908}
TSan handles SIGPROF incorrectly, hence we don't get the samples we
expect on that test, and it quite frequently times out on TSan bots.
Skip it for now, until the TSan issue is fixed.
R=petermarshall@chromium.org
Bug: v8:9869
Change-Id: I27c65cdd10c53b441faad216e00d6c60b42229e6
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2208857
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67892}
There should be a space between the quantity and the unit symbol
as per the SI, so this commit fixes this issue.
Change-Id: I3356942391d96906f3e3840c7bb802e10f29eb4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2190230
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67789}
Currently WebAssembly breakpoint information survive disabling and
re-enabling the debugger. This is different from JavaScript, where
they are all removed. The frontend is expected to re-set the
breakpoint then.
Thus this CL remembers all wasm scripts where breakpoints have been set
in the Debug object, and clears them all when the debugger gets
disabled.
R=bmeurer@chromium.org
Bug: v8:10403
Change-Id: I5f8a8f3123727c954921920897ee7bf3b73f0ae8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2184969
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67639}
The serializer currently cannot handle a heap state containing
arbitrary compiled Code objects. As a quick fix for the
--stress-snapshot d8 flag, we clear compiled data from the isolate
prior to the serialize-deserialize-verify pass.
With this change, mjsunit tests pass on x64.
The %SerializeDeserializeNow() runtime function would require more
work, since it is not possible to mutate the heap to this extent while
still preserving a runnable host context and isolate. We will need
another solution there.
Drive-by: Skip the stress_snapshot variant except for the mjsunit
suite.
Tbr: machenbach@chromium.org
Bug: v8:10493,v8:10416
Change-Id: Ie110da8b51613fcd69c7f391d3cf8589d6b04dd8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182429
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67585}
Wasm modules generated by emscripten today have two ways to point to
debug symbol files, the source mapping url and external debug info
custom sections. To support both, this CL extends CDP to appropriately
report the symbol type and location.
Bug: chromium:1064248
Change-Id: I9076034f6d73901d8a9c5cfd7c2988fb30bb14c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2116208
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67571}
Allow the DevTools frontend to evaluate variables in a wasm frame context by
reusing the existing Debugger expression evaluation API. Where previously the
API expected JavaScript expressions, which would in general just fail, now the
expression is expected to be base64 encoded Wasm that creates a JSON string in
linear memory.
Bug: chromium:1020120 chromium:1068571
Change-Id: I4b31fdb9d3b21b4e08c4995ec2f07880923959e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2087396
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67568}
Add a test to stop at a trap, inspect values, and step from there.
For inspection, we need to spill all registers, which we usually don't
do because the trap never returns, so the values won't be used
afterwards.
R=thibaudm@chromium.org
Bug: v8:10235
Change-Id: Ia1c21aa0faa3ca656e40aae626e8e912eaf2c233
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169890
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67477}
When RO_SPACE is to be shared, this constructs SharedReadOnlySpace
object (via ReadOnlySpace::DetachPagesAndAddToArtifacts) that contains
the shared artifacts and the original ReadOnlySpace is destroyed. This
is mostly a conceptual change and SharedReadOnlySpace behaves
identically to ReadOnlySpace (and subclasses it).
Also adds ReadOnlyArtifacts that contains the shared artifacts and which
is stored as a std::weak_ptr in a global so it can be destroyed when all
std::shared_ptrs to it are destroyed. Since this allows the ReadOnlyHeap
to be reconstructed when all Isolates are destroyed,
ReadOnlyHeap::ClearSharedHeapForTest is removed along with all uses
since that is now done automatically.
The ReadOnlyArtifacts class now owns all the shared artifacts and is
responsible for deleting them on exit (mostly via unique_ptr).
Bug: v8:10454
Change-Id: I2fe7110a4ab9cf8719dd198bafc1d083bee641b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154204
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67440}
Moves the Script line-end initialization for profiling out of
CreateScript and into FinalizeScriptCompilation. This ensures that
scripts created off-thread still get line-ends when necessary.
Bug: chormium:1011762
Change-Id: If16ad17b2b3ec96908420107bd5f9161eab9492f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122020
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67363}
On-heap TypedArrays have empty ArrayBuffers that are not supposed to be
accessed directly. Such ArrayBuffers materialize properly when accessed
via their TypedArrays.
The queryObjects() sidesteps the bottleneck and finds empty ArrayBuffers
by iterating the heap. When preview TypedArrays are constructed for the
found ArrayBuffers, they get nullptr data pointers.
This CL converts all on-heap TypedArrays into off-heap TypedArrays in
queryObjects to make sure that all found ArrayBuffers are valid.
Bug: chromium:992442
Change-Id: Ie77d1e75aa2007b4a976c72206b9a4e215c9ef53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150601
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67174}
For example, when --fuzzing is off, %OptimizeFunctionOnNextCall now
crashes when given a non-function argument.
The following behaviors remain unchanged for now:
- %DeoptimizeFunction continues to do nothing if the function is not
optimized.
- %DeoptimizeNow continues to do nothing if the top-most JS function
is not optimized.
- %OptimizeOSR continues to do nothing if the function already has
optimized code.
Bug: v8:10249
Change-Id: I35d2f3d50ce3f94c8ffccabe50fb4df2b70ce028
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137406
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67121}
v8.1 has a stability issue where we free code too early. Thus disable
for now, such that we can merge this back to v8.1.
v8.2 does not have this problem, since https://crrev.com/c/2078583 fixed
it. This CL is not easily backmergable though.
R=tebbi@chromium.org
Bug: chromium:1070199, chromium:1070182
Change-Id: I4bf468b3e7b5b1e66b314907f844d4195b3ff029
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144966
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67103}
Port 4482650907
Original Commit Message:
This flips the --debug-in-liftoff flag to be on by default.
There are still some outstanding issues with that configuration, but not
more than with the interpreter configuration. Thus flip now, such that
we can fully focus on stabilizing that config.
R=clemensb@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ie18137fe5f1b9533a0882b5e57d8c320ee340387
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2142311
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67066}
This is a reland of 4482650907.
TSan issue were fixed in https://crrev.com/c/2139574. One test
failing in the 'stress' variant is skipped for now, until we figure
out what the intended behaviour actually is.
Original change's description:
> [wasm] Debug in Liftoff by default
>
> This flips the --debug-in-liftoff flag to be on by default.
> There are still some outstanding issues with that configuration, but not
> more than with the interpreter configuration. Thus flip now, such that
> we can fully focus on stabilizing that config.
>
> R=ecmziegler@chromium.org
>
> Bug: v8:10351
> Change-Id: I7681f40aa2516557ef3ab4efd9a2c1f88e3b4df7
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135727
> Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67018}
Bug: v8:10351, v8:10403
Change-Id: I4c2f1af46233546d6ebeb638c7ef10aac56cd92d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2139575
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67049}
This removes the stack from the local scope, as the stack is now
in its own scope.
Bug: chromium:1043034
Change-Id: I595604da71ecf4362ef67134ade8b3987086d258
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2128049
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67038}
Currently, only one memory is supported.
For memory, we would use name as follows.
1. If import: use <import_module>.<field_name> from WasmImport.
2. If export: use <field_name> from WasmExport.
3. Use memory<index>.
Doc: https://docs.google.com/document/d/1XoXWONLBgZWQ9dhtoMpQPvD0fnnWA50OorsuSXfME3g
Bug: v8:10242
Change-Id: Ifd342bcd86ac302f5b43f2ee88a8ea21a28b5a0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2132724
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67020}
This reverts commit 4482650907.
Reason for revert: Broke V8 Linux64 TSAN https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/30932?
Original change's description:
> [wasm] Debug in Liftoff by default
>
> This flips the --debug-in-liftoff flag to be on by default.
> There are still some outstanding issues with that configuration, but not
> more than with the interpreter configuration. Thus flip now, such that
> we can fully focus on stabilizing that config.
>
> R=ecmziegler@chromium.org
>
> Bug: v8:10351
> Change-Id: I7681f40aa2516557ef3ab4efd9a2c1f88e3b4df7
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135727
> Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67018}
TBR=clemensb@chromium.org,ecmziegler@chromium.org
Change-Id: Idd0f7f6101e55785fba9afc3d9af09c0324d7c3b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10351
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137565
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67019}
This flips the --debug-in-liftoff flag to be on by default.
There are still some outstanding issues with that configuration, but not
more than with the interpreter configuration. Thus flip now, such that
we can fully focus on stabilizing that config.
R=ecmziegler@chromium.org
Bug: v8:10351
Change-Id: I7681f40aa2516557ef3ab4efd9a2c1f88e3b4df7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135727
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67018}
For globals, we would use name as follows.
1. If import: use <import_module>.<field_name> from WasmImport.
2. If export: use <field_name> from WasmExport.
3. Use global<index>.
Add DecodeGlobalNames similar to DecodeFunctionNames.
Doc: https://docs.google.com/document/d/1XoXWONLBgZWQ9dhtoMpQPvD0fnnWA50OorsuSXfME3g
Bug: v8:10242
Change-Id: I11131528fc6ae6ca50727e9b428f76e76b0000e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122523
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66910}
The last test will not be fixed in the context of enabling debugging in
Liftoff. Instead, it will fail until we implement anyref in Liftoff.
Thus, assign the new tracking bug to it.
R=thibaudm@chromium.org
Bug: v8:10351, v8:10356
Change-Id: Ic184f390841b0994bf37bbf5f7ecc13e6cf1f957
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124322
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66905}
When stepping in from JS, the stepping frame ID will not be set.
Instead of ensuring to set it properly, we can just skip the check for
the frame ID. It was needed before, when we didn't properly reset
stepping information. Now, it's redundant anyway.
Also, ensure that we don't redirect to the interpreter if the
--debug-in-liftoff flag is set.
Drive-by: Fix and clang-format some parts of the test (no semantic
change).
R=thibaudm@chromium.org, szuend@chromium.org
Bug: v8:10351
Change-Id: I58a3cd68937006c2d6b755a4465e793abcf8a20c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124317
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66904}
The output extends by four more breaks, since when stepping out of the
function that has the breakpoint, we now also step through the two
other functions on the stack.
R=thibaudm@chromium.org
Bug: v8:10351
Change-Id: I4b042cad0d88b923c3894fe979c43837260eb958
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124315
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66892}
There are only three tests with differing behaviour if Liftoff is used
for debugging.
This CL thus stages the --debug-in-liftoff flag behind --future (tested
by the "future" variant) and excludes the three tests.
This allows us to test the other (already working) tests for
regressions, and iteratively shrinking down the list of failing tests.
Drive-by: Tier down modules in tests before testing debugging features
to avoid hitting a DCHECK in Liftoff recompilation for debugging.
R=thibaudm@chromium.org, ecmziegler@chromium.org
Bug: v8:10351
Change-Id: I3b1dd1a29258ecf13c1f60020fb06358005558d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122021
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66889}
This patch changes the order in which stack values are shown
in the stack scope. As a result, changes to the stack show up
at the end of the stack.
Bug: chromium:1043034
Change-Id: I735fc29d3957b6484589554ce046114e1b7bd9e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122987
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66884}
This is a minor cosmetic fix. Wasm opcodes are bytes, hence they should
always be printed as an even number of hexadecimal digits.
Note that currently we only print a single byte anyway, but in the
future we will want to extend this to correctly parse multi-byte
opcodes. Those will also be printed as an even number of characters
then.
R=thibaudm@chromium.org
Bug: v8:10351
Change-Id: I2423277b470d74c1c72cb619c2a43bb978423bc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122025
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66883}
