Skip to content

V
V8
Switch branch/tag
  1. 06 May, 2020 1 commit
    • Jakob Gruber's avatar
      [snapshot] Clear reconstructable data prior to d8 stress_snapshot run · 3c422d1c
      Jakob Gruber authored 
      The serializer currently cannot handle a heap state containing
arbitrary compiled Code objects. As a quick fix for the
--stress-snapshot d8 flag, we clear compiled data from the isolate
prior to the serialize-deserialize-verify pass.

With this change, mjsunit tests pass on x64.

The %SerializeDeserializeNow() runtime function would require more
work, since it is not possible to mutate the heap to this extent while
still preserving a runnable host context and isolate. We will need
another solution there.

Drive-by: Skip the stress_snapshot variant except for the mjsunit
suite.

Tbr: machenbach@chromium.org
Bug: v8:10493,v8:10416
Change-Id: Ie110da8b51613fcd69c7f391d3cf8589d6b04dd8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2182429Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67585}
      3c422d1c
  3. 28 Apr, 2020 1 commit
    • Clemens Backes's avatar
      [wasm] Remove the --wasm-interpret-all flag · 6f4991fa
      Clemens Backes authored 
      The interpreter will be moved to be test-only, hence
--wasm-interpret-all also needs to be removed.

Since we don't have any non-compiling tier any more, we also remove the
implication from --jitless to --wasm-lazy-compilation. Instead, we add
another CHECK that we can't be in jitless mode if we trigger any wasm
compilation.

All tests that just ran other tests and additionally passed
--wasm-interpret-all become redundant and are deleted. Also all
regression tests that explicitly specify --wasm-interpret-all are not
needed any more.

R=thibaudm@chromium.org

Bug: v8:10389
Change-Id: I5ddf20a842117a6c05e277a5308f5cfe42e6bfa5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164792
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67419}
      6f4991fa
  5. 27 Apr, 2020 1 commit
  7. 16 Apr, 2020 1 commit
    • Shu-yu Guo's avatar
      [weakrefs] Port FinalizationRegistry cleanup loop to Torque · dbbaccca
      Shu-yu Guo authored 
      To avoid shrinking the unregister token map on each pop of the cleared
cell list, the Torque implementation of the cleanup loop avoids
shrinking the map until the end of the loop.

To support that, PopClearedCellHoldings is refactored to the Torque
PopClearedCell which calls the
JSFinalization::RemoveCellFromUnregisterTokenMap and the runtime
ShrinkFinalizationRegistryUnregisterTokenMap. The former cannot GC is
and is implemented in CSA as a fast C call. The latter can GC and is a
runtime call.

This also incidentally makes uses of FinalizationRegistry without
unregister token a fast path that doesn't have to leave Torque.

Bug: v8:8179
Change-Id: Ia0c3c5800d26e31319a818f164f6bd3267355aa6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137950
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67161}
      dbbaccca
  9. 15 Apr, 2020 1 commit
  11. 08 Apr, 2020 1 commit
  13. 31 Mar, 2020 1 commit
  15. 26 Mar, 2020 2 commits
  17. 25 Feb, 2020 1 commit
  19. 18 Feb, 2020 1 commit
  21. 10 Feb, 2020 1 commit
  23. 09 Feb, 2020 1 commit
    • Michael Achenbach's avatar
      Revert "[weakrefs] Schedule FinalizationGroup cleanup tasks from within V8" · 72fc962b
      Michael Achenbach authored 
      This reverts commit 31d8ff7a.

Reason for revert: https://crbug.com/v8/10190

Original change's description:
> [weakrefs] Schedule FinalizationGroup cleanup tasks from within V8
> 
> Deprecate the following explicit FinalizationGroup APIs in favor of
> automatic handling of FinalizationGroup cleanup callbacks:
>   - v8::Isolate::SetHostCleanupFinalizationGroupCallback
>   - v8::FinaliationGroup::Cleanup
> 
> If no HostCleanupFinalizationGroupCallback is set, then
> FinalizationGroup cleanup callbacks are automatically scheduled by V8
> itself as non-nestable foreground tasks.
> 
> When a Context being disposed, all FinalizationGroups that are
> associated with it are removed from the dirty list, cancelling
> scheduled cleanup.
> 
> Bug: v8:8179
> Change-Id: Ic09313a11dd00af36d1f698250b3d735155f45e8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1986392
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66184}

TBR=ulan@chromium.org,rmcilroy@chromium.org,syg@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:8179
Change-Id: If7869e9a5841803c10e748691f019a7d28f3b62e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043807Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66190}
      72fc962b
  25. 08 Feb, 2020 1 commit
  27. 05 Feb, 2020 1 commit
    • Sathya Gunasekaran's avatar
      [callprinter] Correctly point to the incorrect spread arg · 1d0693e2
      Sathya Gunasekaran authored 
      The source position is set to the function call (console.log) not the
spread (..x), in the bytecode generator, as the spread operation is
done as part of the CallWithSpread bytecode.

The CallPrinter stops at the function call and doesn't look at the
arguments as well (in CallPrinter::VisitCall) to see if the error is
from an incorrect spread operation.


With this patch, we pass some state to the CallPrinter in the
CallWithSpread error case and check that in CallPrinter::VisitCall
before returning.

For the given source string:
```
x = undefined;
console.log(1, ...x);
```

Previously, the error was -

```
test.js:2: TypeError: console.log is not iterable (cannot read property Symbol(Symbol.iterator))
console.log(1, ...x);
        ^
TypeError: console.log is not iterable (cannot read property Symbol(Symbol.iterator))
    at test.js:2:9
```


Now, the error is -

```
_test.js:2: TypeError: x is not iterable (cannot read property undefined)
console.log(1, ...x);
                  ^
TypeError: x is not iterable (cannot read property undefined)
    at _test.js:2:9
```

Bug: v8:10038
Change-Id: I199de9997f1d949c6f9b7b4f41d51f422b8b5131
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037431Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66131}
      1d0693e2
  29. 03 Feb, 2020 1 commit
  31. 30 Jan, 2020 1 commit
  33. 29 Jan, 2020 1 commit
  35. 21 Jan, 2020 1 commit
  37. 14 Jan, 2020 1 commit
    • Ng Zhi An's avatar
      [wasm-simd][liftoff] Support SIMD locals · ba14c2f3
      Ng Zhi An authored 
      Add kWasmS128 to the list of supported types, and implement Fill for all
the architectures so that LocalGet works.

Add a new test file to contain tests that run only on Liftoff, and
assert that the code is indeed compiled by Liftoff.
We cannot rely on the nooptimization variant for testing
because by default, if Liftoff compilation fails, it will fall back to
Turbofan, and we accidentally get a test passing.

We skip these tests on mips architecture that don't support SIMD, since
there is no way to implement these, and we don't have a "lowering" phase
for Liftoff.

As we implement more of SIMD in Liftoff, we can add more
tests to this file and ensure correctness. Future patches will introduce
support for globals and params.

Bug: v8:9909
Change-Id: I7fc911f2d588d60c709ddb258b2efc1f22805fab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1999470
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65768}
      ba14c2f3
  39. 09 Jan, 2020 1 commit
  41. 05 Nov, 2019 1 commit
    • Eric Leese's avatar
      V8 Wasm locations should always be based on byte offsets · 5c23e6b5
      Eric Leese authored 
      Currently there are two ways wasm locations are represented in the
inspector. This remains unchanged for now. Also, currently there are
multiple ways location is represented within V8, with the line number
sometimes being a function index and sometimes being 0, and the column
number being a byte offset which is sometimes function relative and
sometimes module relative. With this change, the line number is never
used within V8 (it is always 0), and the column number is always a
byte offset from the beginning of the module. This simplifies
translation logic and keeps it in one place, and will simplify future
changes to wasm location representation in the inspector API.

Bug: chromium:1013527
Change-Id: I8813d47c881988f9ab49d7529fb81fe10dbbccff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1886915
Commit-Queue: Eric Leese <leese@chromium.org>
Reviewed-by: 's avatarSimon Zünd <szuend@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64774}
      5c23e6b5
  43. 24 Oct, 2019 1 commit
  45. 22 Oct, 2019 1 commit
  47. 11 Oct, 2019 1 commit
  49. 08 Oct, 2019 1 commit
  51. 26 Sep, 2019 1 commit
  53. 24 Sep, 2019 1 commit
  55. 30 Aug, 2019 2 commits
    • Leszek Swirski's avatar
      Reland "[destructuring] Elide coercible check for simple keys" · ef2df57a
      Leszek Swirski authored 
      This is a reland of 1fba0441
Chromium expectation tests have been disabled, and will be enabled

Original change's description:
> [destructuring] Elide coercible check for simple keys
>
> Simple object destructuring, such as `let {a,b} = o`, is less efficient
> than the equivalent assignments `let a = o.a; let b = o.b`. This is
> because it does a nil check of `o` before the assignments. However, this
> nil check is not strictly necessary for simple (i.e. non-computed) names,
> as there will be an equivalent nil check on the first access to o in
> `o.a`. For computed names the computation is unfortunately obervable.
>
> So, we can elide the nil check when the first property (if any) of the
> destructuring target is a non-computed name. This messes a bit with our
> error messages, so we re-use the CallPrinter to also find destructuring
> assignment based errors, and fiddle with the error message there. As
> a side-effect, we also get out the object name in the AST, so we can
> output a slightly nicer error message.
>
> Change-Id: Iafa858e27ed771a146cd3ba57903cc73bb46951d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773254
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63453}

TBR=verwaest@chromium.org

Bug: chromium:999473
Change-Id: Ib0b2e4be433c50521ba1722e1c06b672bfefa405
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1777702Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63477}
      ef2df57a
    • Joyee Cheung's avatar
      [class] implement private accessors · df12eb19
      Joyee Cheung authored 
      This patch implements the access of private accessors by loading the
referenced component from the AccessorPair associated with private
name variables. It also makes the error messages for invalid kind
of private accessor access more specific.

Bug: v8:8330
Design doc: https://docs.google.com/document/d/10W4begYfs7lmldSqBoQBBt_BKamgT8igqxF9u50RGrI/edit

Change-Id: I6d441cffb85f8d9cd0417ec9b6ae20f3e34ef418
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695205Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#63474}
      df12eb19
  57. 29 Aug, 2019 2 commits
    • Adam Klein's avatar
      Revert "[destructuring] Elide coercible check for simple keys" · 28fa4cb4
      Adam Klein authored 
      This reverts commit 1fba0441.

Reason for revert: blocks V8 roll due to layout test failures caused by error message changes:
https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/347

Original change's description:
> [destructuring] Elide coercible check for simple keys
> 
> Simple object destructuring, such as `let {a,b} = o`, is less efficient
> than the equivalent assignments `let a = o.a; let b = o.b`. This is
> because it does a nil check of `o` before the assignments. However, this
> nil check is not strictly necessary for simple (i.e. non-computed) names,
> as there will be an equivalent nil check on the first access to o in
> `o.a`. For computed names the computation is unfortunately obervable.
> 
> So, we can elide the nil check when the first property (if any) of the
> destructuring target is a non-computed name. This messes a bit with our
> error messages, so we re-use the CallPrinter to also find destructuring
> assignment based errors, and fiddle with the error message there. As
> a side-effect, we also get out the object name in the AST, so we can
> output a slightly nicer error message.
> 
> Change-Id: Iafa858e27ed771a146cd3ba57903cc73bb46951d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773254
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63453}

TBR=leszeks@chromium.org,verwaest@chromium.org

Change-Id: I74cf06ebd987e5b8bbe1831b0042c085edf37f5b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776994Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63465}
      28fa4cb4
    • Leszek Swirski's avatar
      [destructuring] Elide coercible check for simple keys · 1fba0441
      Leszek Swirski authored 
      Simple object destructuring, such as `let {a,b} = o`, is less efficient
than the equivalent assignments `let a = o.a; let b = o.b`. This is
because it does a nil check of `o` before the assignments. However, this
nil check is not strictly necessary for simple (i.e. non-computed) names,
as there will be an equivalent nil check on the first access to o in
`o.a`. For computed names the computation is unfortunately obervable.

So, we can elide the nil check when the first property (if any) of the
destructuring target is a non-computed name. This messes a bit with our
error messages, so we re-use the CallPrinter to also find destructuring
assignment based errors, and fiddle with the error message there. As
a side-effect, we also get out the object name in the AST, so we can
output a slightly nicer error message.

Change-Id: Iafa858e27ed771a146cd3ba57903cc73bb46951d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773254Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63453}
      1fba0441
  59. 08 Aug, 2019 1 commit
  61. 08 Jul, 2019 1 commit
  63. 03 Jul, 2019 3 commits
  65. 28 Jun, 2019 2 commits
  67. 27 Jun, 2019 1 commit