The "Restart frame" feature was implemented as part of LiveEdit and
primarily used to support LiveEdit of active functions, but that was
previously disabled as part of https://crrev.com/c/2846892 because it's
too brittle and causes crashes when using seemingly unrelated features.
The "Restart frame" feature was also available as a context menu item
separately in the DevTools front-end, but that was also already removed
as part of https://crrev.com/c/2854681 earlier. So all uses are gone
now.
This change works by marking Debugger.restartFrame as deprecated and
having it respond with a ServerError all the time. It thus allows us to
remove a whole bunch of machinery that was essentially just put in
various places to support the restart_fp_ magic. In particular the
debugger no longer needs any machine specific builtins now.
Bug: chromium:1195927
Change-Id: I1153ba6b00e979620af57dd9f58aa1c035ec4484
Fixed: chromium:1203606
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854750
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74276}
Root slots are full pointer size. Using tagged ptr loads
will lead to errors on big endian platform.
Change-Id: I477597fadee025b6fb060d67a83bee60290aeb14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857636
Commit-Queue: Junliang Yan <junyan@redhat.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74273}
This fixes the gn check errors for configs using
v8_use_external_startup_data = false and v8_enable_vtunejit = true.
Bug: v8:7330
Change-Id: If7eb48bbf339ba53646e4722c7c90d6e5857ff22
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859162
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74272}
We don't need to iterate all heap objects here since we are only
interested in builtins.
Bug: v8:11641
Change-Id: Ib5b959010ad82b6fe50991f85a93d165030bd804
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857962
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74271}
While evaluating a class literal the containing function points to
Token::CLASS. It may have pushed a context for that class that uses
the range of the class scope. So far the class scope had a range that
started after the class name or class token in case of anonymous
classes. That means the source position of the function frame doesn't
point to a position that is included in the active context range. This
breaks the debugger because it relies on being able to find the
matching parser scope for the active context by looking at the source
position.
The fix is two-fold:
- extend the class scope source range to include Token::CLASS
- update ScopeChainRetriever::ContainsPosition to include the start
position of class scopes as a valid source position. We can't always
include start due to arrow functions that don't have braces.
Bug: chromium:1156498
Change-Id: I9ec640c6326289dadcb154bb0a329ca6f8188f8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857957
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74268}
Replacing a crash with a TypeError.
Bug: chromium:1203692
Change-Id: I6970f980b46f20033f29c1deb9bc5d49ea2014ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856842
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74266}
Drive-by: Fix type hierarchies of a few FixedArray-related classes.
Done in this CL because it's based on the changes to FixedArrayData.
Drive-by: Allow AllocateFastLiteral (now TryAllocateFastLiteral) to
fail. Needed since currently ObjectRef creation may fail.
Bug: v8:7790
Change-Id: I1f8cf35a16408ed0e327f12602c832838254bb03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853592
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74265}
In non-object-print builds, we were missing a trailing newline int
tracing output, messing up Memory.json parsing.
Tbr: machenbach@chromium.org
Change-Id: Ic826a4e20e348be6687c4981b48e6ab094f470ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857955
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74264}
GCC 7.4 has problems with combining [[nodiscard]] with
__attribute__((visibility(""))). Disable as there's enough compilation
coverage for clang to find issues.
Bug: v8:11707
Change-Id: I9e61463c4d11dbc3b03d458e2810206fb93de108
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854737
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74262}
This CL factors out a CodeRange class out of MemoryAllocator.
When V8_COMPRESS_POINTERS_IN_SHARED_CAGE is defined, there is a single
CodeRange shared by all Isolates in the process. This also turns short
builtins back for both configurations of pointer compression. When
sharing a cage, there is a single copy of the re-embedded builtins.
Since a shared pointer cage is still experimental, to avoid API churn
this CodeRange's size is not configurable and is always the maximal size
depending on the underlying platform.
Change-Id: Ie94f52746f2c5450247a999cc6071e3914d4cf0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2819206
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74261}
Use relative paths to access v8 root build rules since // means
something different in a chrome build.
Bug: v8:7330
Change-Id: I4eac73b394daaf0250b0fa2ad415af560b03c114
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856840
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74258}
Currently there are 32 gn check failures across v8 (not including
third_party). These are due to issues in cppgc and inspector, which are
not trivially resolveable, so for now 4 targets (+ third_party) are
being excluded from the checks.
Bug: v8:7330
Change-Id: I506abe8e452c26239262499fc1fe2a6347a4c84b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851886
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74255}
After the --wasm-shared-engine flag was removed (in
https://crrev.com/c/1864935), there is no point any more in holding the
wasm engine in a shared_ptr. The engine is initialized once for the
whole process, and only deallocated during global tear down.
R=jkummerow@chromium.org
Bug: v8:11384
Change-Id: Id8e96eaecfcab8b44842ec323c94529e9c5a5e25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853589
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74253}
This CL adds the new AllocationTypes kSharedOld and kSharedMap for
the allocation of objects in the shared heap. An Isolate can be converted
into a shared isolate with Isolate::UseAsSharedIsolate(). Client
isolates can then be attached to the shared isolate.
Bug: v8:11708
Change-Id: Ie2ed30b83b404e01e6f6079c5a4bdaa9302e8004
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2850709
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74252}
Moves the v8_check_header_includes part of v8_base_without_compiler into
a separate v8_source_set that depends either directly or transitively on
every rule containing a header file.
Bug: v8:7330
Change-Id: I38bf4d62b514b3bede19c0180fbf436957a75391
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854752
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74251}
The exception concerning type None actually seems avoidable and
can cause issues with incomplete nodes remaining in the graph.
Bug: chromium:1202312, chromium:1202625
Change-Id: I89062715e7f640c66b3f7cdca249db8cde768f29
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2850917
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74250}
Previously we'd allow to replace the source of functions that are on the
current execution stack under certain conditions, but this has resulted
in an endless stream of bugs due to weird edge cases, and so we're now
limiting LiveEdit to functions that don't have any activation (including
not a suspended generator / async function activation).
We might eventually add the ability to LiveEdit functions with
activations and have them "upgrade upon next invocation", but that
doesn't seem to be an extremely important use case right now.
Fixed: chromium:1195927
Change-Id: I87a45ba4d0ddcfbf867bd4e73738d76b2d789e04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2846892
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74249}
When the embedder uses microtask scopes to control microtask execution,
we check in the V8 API that there's always a microtask scope on the
stack when entering V8. However, a microtask might call into the
embedder which in turn can call into V8, so we have to put a fake scope
on the stack before executing microtasks to avoid hitting the check.
Bug: chromium:728583
Change-Id: I99bcbcca26eaaac827d0ec09064044f616fb9efc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853597
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74248}
BigInts are immutable after initialization, thus an acquire-release
synchronization point is sufficient to read safely from the background
thread. This CL introduces the `length` field as that sync point.
Bug: v8:7790
Change-Id: I977f30836b311c3851896dd29e708f78a090f547
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854745
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74245}
This renames UBSAN's lists to match the names expected by the sanitizer
config as specified in
1343ce81aa
Bug: v8:10619
Change-Id: I83f671cb68e4541735acb8d86d267f6a1a49b0a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854744
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74242}
.. which traces various stats (time, memory) related to the snapshot.
Due to various flag shuffles, it was broken as of Oct 2020, with some
line items reporting constant 0.
This also refactors --profile-deserialization and
--serialization-statistics s.t. the former only reports
deserialization times and the latter reports memory. Memory.json now
passes both flags.
Change-Id: I7dacbbbe9f7a667e0802d0f7a44703dc34524a4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854742
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74241}
Rather than pushing each root seperately, then emptying the
queue and pushing the next, instead push all roots together then
work through the queue. This reduces the number of node visits
by around 6x compared to pushing roots seperately.
BUG=v8:9684
Change-Id: I481fc177731f9d2b12e00c2a6d1be06a93429ff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854298
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74240}
Add a special builtin performing a ToBoolean operation for jumps in
baseline code, which
a) returns the original value as the first return value, to avoid
needing to save it in the caller, and
b) returns the true/false value as a Smi, to make the baseline-side
comparison a cheap comparison against zero.
This reduces JumpIfToBoolean (on x64) from ~40 to ~30 bytes.
Bug: v8:11420
Change-Id: Idee51405b1e450cdd11ccb45ed82ddbc9119ae74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854654
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74239}
With top-level await enabled by default, the behavior of
v8::Module::Evaluate is changed to always return a Promise, and should
be documented.
No-try: true
Change-Id: I8bf41a18d8d98befecd62d6423ab37fdbaac3aad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854874
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74238}
A NativeContext is initialized in two steps: First the map is allocated,
only afterwards the NativeContext. It could happen that there is a GC
happening when allocating the NativeContext. In such a case the
native_context for the Map is still set to null.
Fix this by also allowing null in Map::MapVerify.
Bug: v8:11695
Change-Id: Id8dcd6aef83aff4cbfff45a1e993e555cff8e7bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853587
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74237}
Rolling v8/build: 6273d81..94367a1
Rolling v8/third_party/aemu-linux-x64: CMJyNq6nZ3RoBUYmon01iRJ7MYYfVl4ds1kgbGFcNRMC..KmvDYKZZ-xQz7ZzzSKBh3HrWPpQv89vfFY9mBp6RDq4C
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/00b0b51..ca2c407
Rolling v8/third_party/depot_tools: c91f5f6..ae1b2b1
Rolling v8/third_party/google_benchmark/src: 86da5ec..835951a
Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289
Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289
Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: Ia1b0769152c8b3e11691c452d8f0e338ede4b3af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2855902
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74236}
MatcherBase::buffer_ defined under "gtest/gtest-matchers.h"
is a union of sizes that may be too large for Config object
currently being passed to it. This might result in `buffer_` to remain
uninitialized.
More information about the error can be found
in the comment section of this CL: https://crrev.com/c/2228887
Change-Id: Ibeef1189a7db8056f00cc85dbccec506d345a7eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854278
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#74235}
Changes:
- Add WasmInitExpr class which knows how to create initializer
expressions as pairs of {type, value}. Also define a default for every
type. Emit such pairs to a byte array with emit_init_expr().
- Add an initializer expression to every global (addGlobal() uses the
default if the argument is absent).
- Introduce wasmI64Const();
- Update tests as needed.
Change-Id: I75ffe96604891506ad78bd3677ce1efe5e0cee07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851892
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74231}
The kInt64, kUint64, and kIntPtr type definitions made no sense.
This CL removes kIntPtr and fixes+renames k(I|Ui)nt64. It also adds
some DCHECKs to avoid similar bugs in the future.
Bug: chromium:1202609
Change-Id: Ibe2e9c7501c22959b850d2b1076e819455440450
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851895
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74230}
Remove a couple of cases where builtins called by the baseline code
needed a context parameter, either because the interface descriptor
accidentally included the context, or by adding a trivial context load
from the frame where appropriate.
Bug: v8:11420
Change-Id: I3f34cd452f42dd876255375ae357feb245c78cdc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848464
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74227}
