Skip to content

V
V8
Switch branch/tag
  1. 10 May, 2021 1 commit
  3. 05 May, 2021 2 commits
    • Benedikt Meurer's avatar
      [wasm] Consider only function names from the name section. · e3f21e6d
      Benedikt Meurer authored 
      As per WebAssembly Web API[1], the engine should only consider names
from the name section to synthesize function names in the context of
call stacks. We previously also added support to harvest the exports
table here in an attempt to improve the DevTools debugging experience,
but that needs a separate fix specifically for the inspector (which
should also take into account the imports to harvest names).

[1]: https://webassembly.github.io/spec/web-api/index.html#conventions

Fixed: chromium:1164305
Change-Id: I4bde5c8398a5164f1d8ac9060ad3743ed494c41e
Bug: chromium:1159307, chromium:1164241, chromium:1071432
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874464
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74382}
      e3f21e6d
    • Manos Koukoutos's avatar
      [wasm] Complete element segment features for reftypes/typed-funcref · 37579df7
      Manos Koukoutos authored 
      Main changes:
- Allow global.get in elements segments with expressions-as-elements.
- Allow element segments with types other than funcref.

Detailed changes:
- Move WasmInitExpr to its own file. Add stream opearator << support.
- Simplify type of PrintCollection.
- Make WasmElemSegment use an array of WasmInitExpr's over the previous
  ad-hoc implementation. Move null_index to WasmModuleBuilder.
- Refactor consume_element_segment_header. Make it return a
  WasmElemSegment.
- Refactor consume_element_expr. Make it return a WasmInitExpr.
- Refactor DecodeElementSection. Make it invoke
  consume_element_segment_header, then populate its element array.
- Update module-instantiate.cc to handle global.get elements.
- Fix bug in wasm-objects.cc where the wrong type index was passed into
  module()->has_signature()
- Adapt and add tests.

Change-Id: I5abfbe424dbb750ee2dca59f91c451ffcb79f95f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857959
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74374}
      37579df7
  5. 04 May, 2021 1 commit
    • Andreas Haas's avatar
      [wasm] Change return type of WasmCode::index to int · 78fa1453
      Andreas Haas authored 
      WebAssembly.Function and functions of the C-API do not have a function
index. Their index is kAnonymousFuncIndex = -1. Therefore it is
necessary to change the return type of WasmCode::index() from uint to
int.

The changes in WasmFrame::Print produces output like the following:

[9]: CWasmEntryFrame [pc: 0x9d200084091]
[10]: Anonymous wasm wrapper [pc: 0x101c5975c972]
[11]: WASM [wasm://wasm/f4bee83a], function #1 ('fibonacci_wasm'), pc=0x101c5975c5dc (+0x7c), pos=123 (+32)

R=jkummerow@chromium.org

Bug: v8:11713
Change-Id: I1012e92713d64d24ed2a92729dd3c2e4a013b9c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2871455Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74355}
      78fa1453
  7. 29 Apr, 2021 1 commit
  9. 15 Apr, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm-gc] Implement function subtyping · e1cae86e
      Manos Koukoutos authored 
      Changes:
- Implement function subtyping in wasm-subtyping.cc.
- Add Signature::Build(), which takes initializer lists for the return
  and parameter types.
- Only throw kTrapFuncSigMismatch in call_indirect, change that trap's
  message.
- Add a missing "return 0" in function-body-decoder-impl.h
- Fix a faulty check in wasm-objects.cc.
- Improve some comments.
- Write tests. Improve readability of subtyping-unittest.

Bug: v8:7748
Change-Id: I1caba09d5bd01cfd4d6125f300cd9c16af7aba99
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2822633Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73972}
      e1cae86e
  11. 07 Apr, 2021 1 commit
  13. 30 Mar, 2021 1 commit
    • Manos Koukoutos's avatar
      [wasm-gc] Fix and extend JS roundtrip for gc types · c9063b7e
      Manos Koukoutos authored 
      Changes:
- Wrap eqref and i31ref objects in the temporary wasm object wrapper
  (in addition to dataref and anyref). Accept those types in
  IsJSCompatibleSignature().
- Handle null correctly in all cases (i.e., do not wrap/unwrap it).
- Improve some error messages.
- Handle kRttWithDepth in one case where it was omitted.
- Some small structure improvements.
- Add an extensive test.

Bug: v8:7748, v8:11606
Change-Id: Ie519f2c87421664dd02cf29fe94f9a9d7510bae2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2794422
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73725}
      c9063b7e
  15. 22 Mar, 2021 1 commit
  17. 05 Mar, 2021 2 commits
    • Manos Koukoutos's avatar
      [wasm-gc] Implement non-nullable function tables · e3acd9f8
      Manos Koukoutos authored 
      This adds the possibility to define non-nullable function tables of heap
types kFunc and user-defined functions. When such table is defined, it
is obligatory to provide an initializer expression after its limits.
Currently, this can only be a function reference.

Changes:
- Change WasmTableObject::raw_type to encode the whole entry type.
- Restructure call_indirect to load the signature only if needed, and
  do null checks only if needed.
- Add the requirement to provide an initializer expression for
  non-nullable tables in module-decoder.
- Rename "global initializer" -> "initializer expression" everywhere.
- Add table initialization in module-instantiate.
- Edit both the C++ and JS WasmModuleBuilder.
- Add and slightly improve tests.
- Format wasm-module-builder.js.

Bug: v8:9495
Change-Id: I7453ee7d567afd5b5fe48a4f1653513787cfe99a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2732673
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73215}
      e3acd9f8
    • Jakob Kummerow's avatar
      [wasm-gc][inspector] Debugging support for WasmGC · d4f31caa
      Jakob Kummerow authored 
      This adds support for WasmGC objects (structs/arrays) to the
inspector backend. For prettier printing, it also adds support
for reading the "type" and "field" subsections of the "name"
section in Wasm modules.

This patch includes a revert of most of commit
crrev.com/987a7f4a because
types are more complicated now.

Bug: v8:7748, chromium:1177784
Change-Id: Icec52cbbb32291b0e773b40be6771a678c6ec79b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2715193
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73212}
      d4f31caa
  19. 26 Feb, 2021 1 commit
  21. 23 Feb, 2021 1 commit
  23. 22 Feb, 2021 2 commits
  25. 19 Feb, 2021 1 commit
  27. 12 Feb, 2021 2 commits
    • Benedikt Meurer's avatar
      [inspector][stack-traces] Remove support for "displayName". · a9b6f3f7
      Benedikt Meurer authored 
      As outlined in the design document linked below, we're removing the
support for the non-standard Function.displayName property for the
purpose of Error.stack and DevTools Inspector stack traces. The
motivation here is that the negative lookup is costly, and we have
Function.name as a standard alternative (configurable since ES6 for
exactly this reason).

I dediced to go with JSFunction::GetDebugName(), since
JSFunction::GetName() was confusing in that it'd only get the "name"
property's value if it's a data property, but not with accessors.
JSFunction::GetDebugName() makes it clear that this is really a debug
helper function and might not give you the "name" property value.

Doc: https://bit.ly/devtools-function-displayName-removal
Bug: v8:8742, chromium:1177685, chromium:1077657, chromium:17356
Change-Id: I7717585cbace626174b2f2ed2a4f68f75429eca1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2692189
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72715}
      a9b6f3f7
    • Clemens Backes's avatar
      [wasm][debug] Implement instrumentation breakpoints · 15f3392a
      Clemens Backes authored 
      This CL adds support for instrumentation breakpoints in wasm. The
request for "break on entry" is set on the script, and we need to keep
it stored there because there might not be any instances of that wasm
module yet. Once instances get created, the flag value is transferred to
all instances. The flag stored there is then checked in the function
prologue in Liftoff debugging code. This ensures that we will stop at
the first valid break position in any function within that module.
Hitting that instrumentation breakpoint will then clear the flag from
the script and from all other live instances (in the same isolate).

A first basic test is contained in this CL. More tests will be added
later.

R=thibaudm@chromium.org, bmeurer@chromium.org

Bug: chromium:1151211
Change-Id: I5442d4044934988269becececc03699b850d51d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2690588Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72701}
      15f3392a
  29. 28 Jan, 2021 3 commits
  31. 15 Jan, 2021 1 commit
  33. 13 Jan, 2021 1 commit
    • Benedikt Meurer's avatar
      [wasm][debug] Simplify debug name handling. · 1bd5755b
      Benedikt Meurer authored 
      This moves the logic for the debug name heuristic, which derives names
for imported and exported entities from the relevant tables, into
wasm-debug.{cc,h} and stores these maps on the DebugInfoImpl rather than
on the WasmModule.

Drive-by-fix: Also use the import table based heuristic for function
names, just like we use it for everything else.

Bug: chromium:1164305
Change-Id: I8a21e0880c680079f63e6607b5b62c788049b9e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2625870
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72061}
      1bd5755b
  35. 20 Nov, 2020 2 commits
  37. 19 Nov, 2020 1 commit
  39. 16 Nov, 2020 1 commit
    • Jakob Kummerow's avatar
      [wasm-gc] Fix several bugs · 7e533de1
      Jakob Kummerow authored 
      - allow arrays to be allocated in LargeObjectSpace
- check requested array allocation length against maximum
- fix array element offsets for pointer-typed elements
- fix GC handling of arrays when there are forwarding pointers
- module builder: fix rtt.sub global initializer expressions
- debug printing: print "UNIMPLEMENTED" instead of crashing
- WasmGCTester: make some exceptions easier to diagnose

Bug: v8:7748, chromium:1141376
Change-Id: Ie0281658748f3dd5e5d90d85bab78f0ea2fc3865
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2534815Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71208}
      7e533de1
  41. 12 Nov, 2020 1 commit
    • Vicky Kontoura's avatar
      [wasm] Reverse count logic for the tiering of js-to-wasm wrappers · eb0ef4d7
      Vicky Kontoura authored 
      This CL reverses the count logic for the tiering strategy of the
js-to-wasm wrappers. The initial approach was that calls to each
function were counted up, until a threshold was reached and the function
would tier up. With this CL, each function is assigned a budget of calls
that can be handled through the generic wrapper. Calls are counted down
until the budget is exhausted, which will trigger the tier-up
for the function.

This approach comes with two advantages. Firstly, determining whether
a function's budget is exhausted is as simple as checking the flags set
from the decrement of the budget. Secondly, the code generated by the
generic wrapper does not depend on the specific value of the initial
budget.

Bug: v8:10982
Change-Id: I5e186c6cf836a9c197b41d0f7ad075b07c87a4da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2532300Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Vicky Kontoura <vkont@google.com>
Cr-Commit-Position: refs/heads/master@{#71153}
      eb0ef4d7
  43. 11 Nov, 2020 2 commits
  45. 02 Nov, 2020 1 commit
  47. 19 Oct, 2020 1 commit
  49. 15 Oct, 2020 2 commits
  51. 14 Oct, 2020 1 commit
  53. 13 Oct, 2020 1 commit
  55. 09 Oct, 2020 2 commits
    • Clemens Backes's avatar
      [wasm-gc] Fix gc-stress error on WasmJSFunctionData · cb03097d
      Clemens Backes authored 
      Always install the Abort builtin first, because heap validation might
get triggered while we compile the wasm-to-js wrapper, and it would find
an illegal WasmJSFunctionData object otherwise.

TBR=manoskouk@chromium.org

Bug: v8:9495
Change-Id: I959eb3b6e9944db8b7ad7ecd0a51eefdab98c751
No-Tree-Checks: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2463230Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70426}
      cb03097d
    • Manos Koukoutos's avatar
      [wasm-gc] Cleanup/preparation to enable call_ref with WasmJSFunction · da3c7318
      Manos Koukoutos authored 
      Changes:
- Add wasm-to-js wrapper field to WasmJSFunction. A WasmJSFunction might
  be called with call_ref without being imported to a module, and this
  provides a call target for this scenario. The wrapper is only compiled
  if --experimental-wasm-typed-funcref is set.
- Add CompileWasmToJSWrapper in wasm-compiler.
- Rename  BuildLoadFunctionDataFromExportedFunction ->
  BuildLoadFunctionDataFromJSFunction to reflect its wider usage.
- Rename BuildWasmImportCallWrapper -> BuildWasmToJsWrapper to reflect
  this function is now also used by CompileWasmToJSWrapper (unrelated to
  imports).
- (Drive-by) Remove dead arguments from wasm-module-builder.js.

Bug: v8:9495
Change-Id: I23468b69d42310cb8e96da5286ce68c701188876
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2459371Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70421}
      da3c7318
  57. 06 Oct, 2020 2 commits