diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-10-26 13:57:00 +0200 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-11-02 11:31:01 +0000 |
| commit | 1943b3c2a1dcee36c233724fc4ee7613d71b9cf6 (patch) | |
| tree | 8c1b5f12357025c197da5427ae02cfdc2f3570d6 /chromium/v8/src/runtime | |
| parent | 21ba0c5d4bf8fba15dddd97cd693bad2358b77fd (diff) | |
| download | qtwebengine-chromium-1943b3c2a1dcee36c233724fc4ee7613d71b9cf6.tar.gz | |
BASELINE: Update Chromium to 94.0.4606.111
Change-Id: I924781584def20fc800bedf6ff41fdb96c438193
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/v8/src/runtime')
22 files changed, 553 insertions, 375 deletions
diff --git a/chromium/v8/src/runtime/runtime-array.cc b/chromium/v8/src/runtime/runtime-array.cc index bdfb666ab7c..fbf0dfe508f 100644 --- a/chromium/v8/src/runtime/runtime-array.cc +++ b/chromium/v8/src/runtime/runtime-array.cc @@ -33,7 +33,8 @@ RUNTIME_FUNCTION(Runtime_TransitionElementsKind) { .IsNothing()) { // TODO(victorgomes): EffectControlLinearizer::LowerTransitionElementsKind // does not handle exceptions. - FATAL("Fatal JavaScript invalid array size"); + FATAL( + "Fatal JavaScript invalid size error when transitioning elements kind"); UNREACHABLE(); } return *object; @@ -312,7 +313,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIncludes_Slow) { // Let elementK be the result of ? Get(O, ! ToString(k)). Handle<Object> element_k; { - LookupIterator::Key key(isolate, static_cast<double>(index)); + PropertyKey key(isolate, static_cast<double>(index)); LookupIterator it(isolate, object, key); ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, element_k, Object::GetProperty(&it)); @@ -373,7 +374,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIndexOf) { if (fp > len) return Smi::FromInt(-1); if (V8_LIKELY(fp >= static_cast<double>(std::numeric_limits<int64_t>::min()))) { - DCHECK(fp < std::numeric_limits<int64_t>::max()); + DCHECK(fp < static_cast<double>(std::numeric_limits<int64_t>::max())); start_from = static_cast<int64_t>(fp); } else { start_from = std::numeric_limits<int64_t>::min(); @@ -409,7 +410,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIndexOf) { // Let elementK be the result of ? Get(O, ! ToString(k)). Handle<Object> element_k; { - LookupIterator::Key key(isolate, static_cast<double>(index)); + PropertyKey key(isolate, static_cast<double>(index)); LookupIterator it(isolate, object, key); Maybe<bool> present = JSReceiver::HasProperty(&it); MAYBE_RETURN(present, ReadOnlyRoots(isolate).exception()); diff --git a/chromium/v8/src/runtime/runtime-atomics.cc b/chromium/v8/src/runtime/runtime-atomics.cc index 6ea4e04d637..32a13531775 100644 --- a/chromium/v8/src/runtime/runtime-atomics.cc +++ b/chromium/v8/src/runtime/runtime-atomics.cc @@ -24,7 +24,44 @@ namespace internal { namespace { -#if V8_CC_GNU +#if defined(V8_OS_STARBOARD) + +template <typename T> +inline T ExchangeSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T CompareExchangeSeqCst(T* p, T oldval, T newval) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T AddSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T SubSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T AndSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T OrSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +template <typename T> +inline T XorSeqCst(T* p, T value) { + UNIMPLEMENTED(); +} + +#elif V8_CC_GNU // GCC/Clang helpfully warn us that using 64-bit atomics on 32-bit platforms // can be slow. Good to know, but we don't have a choice. diff --git a/chromium/v8/src/runtime/runtime-classes.cc b/chromium/v8/src/runtime/runtime-classes.cc index 8fb37cec32a..1cf4f9f644d 100644 --- a/chromium/v8/src/runtime/runtime-classes.cc +++ b/chromium/v8/src/runtime/runtime-classes.cc @@ -41,13 +41,20 @@ RUNTIME_FUNCTION(Runtime_ThrowConstructorNonCallableError) { DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, constructor, 0); Handle<String> name(constructor->shared().Name(), isolate); + + Handle<Context> context = handle(constructor->native_context(), isolate); + DCHECK(context->IsNativeContext()); + Handle<JSFunction> realm_type_error_function( + JSFunction::cast(context->get(Context::TYPE_ERROR_FUNCTION_INDEX)), + isolate); if (name->length() == 0) { THROW_NEW_ERROR_RETURN_FAILURE( - isolate, - NewTypeError(MessageTemplate::kAnonymousConstructorNonCallable)); + isolate, NewError(realm_type_error_function, + MessageTemplate::kAnonymousConstructorNonCallable)); } THROW_NEW_ERROR_RETURN_FAILURE( - isolate, NewTypeError(MessageTemplate::kConstructorNonCallable, name)); + isolate, NewError(realm_type_error_function, + MessageTemplate::kConstructorNonCallable, name)); } @@ -136,10 +143,10 @@ Handle<Name> KeyToName<NumberDictionary>(Isolate* isolate, Handle<Object> key) { // method's shared function info indicates that method does not have a // shared name. template <typename Dictionary> -MaybeHandle<Object> GetMethodAndSetName( - Isolate* isolate, - RuntimeArguments& args, // NOLINT(runtime/references) - Smi index, Handle<String> name_prefix, Handle<Object> key) { +MaybeHandle<Object> GetMethodAndSetName(Isolate* isolate, + RuntimeArguments& args, Smi index, + Handle<String> name_prefix, + Handle<Object> key) { int int_index = index.value(); // Class constructor and prototype values do not require post processing. @@ -168,10 +175,8 @@ MaybeHandle<Object> GetMethodAndSetName( // This is a simplified version of GetMethodAndSetName() // function above that is used when it's guaranteed that the method has // shared name. -Object GetMethodWithSharedName( - Isolate* isolate, - RuntimeArguments& args, // NOLINT(runtime/references) - Object index) { +Object GetMethodWithSharedName(Isolate* isolate, RuntimeArguments& args, + Object index) { DisallowGarbageCollection no_gc; int int_index = Smi::ToInt(index); @@ -204,19 +209,12 @@ Handle<Dictionary> ShallowCopyDictionaryTemplate( template <typename Dictionary> bool SubstituteValues(Isolate* isolate, Handle<Dictionary> dictionary, - RuntimeArguments& args, // NOLINT(runtime/references) - bool* install_name_accessor = nullptr) { - Handle<Name> name_string = isolate->factory()->name_string(); - + RuntimeArguments& args) { // Replace all indices with proper methods. ReadOnlyRoots roots(isolate); for (InternalIndex i : dictionary->IterateEntries()) { Object maybe_key = dictionary->KeyAt(i); if (!Dictionary::IsKey(roots, maybe_key)) continue; - if (install_name_accessor && *install_name_accessor && - (maybe_key == *name_string)) { - *install_name_accessor = false; - } Handle<Object> key(maybe_key, isolate); Handle<Object> value(dictionary->ValueAt(i), isolate); if (value->IsAccessorPair()) { @@ -282,8 +280,7 @@ bool AddDescriptorsByTemplate( Isolate* isolate, Handle<Map> map, Handle<DescriptorArray> descriptors_template, Handle<NumberDictionary> elements_dictionary_template, - Handle<JSObject> receiver, - RuntimeArguments& args) { // NOLINT(runtime/references) + Handle<JSObject> receiver, RuntimeArguments& args) { int nof_descriptors = descriptors_template->number_of_descriptors(); Handle<DescriptorArray> descriptors = @@ -403,8 +400,7 @@ bool AddDescriptorsByTemplate( Handle<Dictionary> properties_dictionary_template, Handle<NumberDictionary> elements_dictionary_template, Handle<FixedArray> computed_properties, Handle<JSObject> receiver, - bool install_name_accessor, - RuntimeArguments& args) { // NOLINT(runtime/references) + RuntimeArguments& args) { int computed_properties_length = computed_properties->length(); // Shallow-copy properties template. @@ -442,20 +438,9 @@ bool AddDescriptorsByTemplate( } // Replace all indices with proper methods. - if (!SubstituteValues<Dictionary>(isolate, properties_dictionary, args, - &install_name_accessor)) { + if (!SubstituteValues<Dictionary>(isolate, properties_dictionary, args)) { return false; } - if (install_name_accessor) { - PropertyAttributes attribs = - static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY); - PropertyDetails details(kAccessor, attribs, - PropertyDetails::kConstIfDictConstnessTracking); - Handle<Dictionary> dict = ToHandle(Dictionary::Add( - isolate, properties_dictionary, isolate->factory()->name_string(), - isolate->factory()->function_name_accessor(), details)); - CHECK_EQ(*dict, *properties_dictionary); - } UpdateProtectors(isolate, receiver, properties_dictionary); @@ -469,7 +454,7 @@ bool AddDescriptorsByTemplate( // Atomically commit the changes. receiver->set_map(*map, kReleaseStore); - receiver->set_raw_properties_or_hash(*properties_dictionary); + receiver->set_raw_properties_or_hash(*properties_dictionary, kRelaxedStore); if (elements_dictionary->NumberOfElements() > 0) { receiver->set_elements(*elements_dictionary); } @@ -492,7 +477,7 @@ bool InitClassPrototype(Isolate* isolate, Handle<JSObject> prototype, Handle<HeapObject> prototype_parent, Handle<JSFunction> constructor, - RuntimeArguments& args) { // NOLINT(runtime/references) + RuntimeArguments& args) { Handle<Map> map(prototype->map(), isolate); map = Map::CopyDropDescriptors(isolate, map); map->set_is_prototype_map(true); @@ -524,31 +509,27 @@ bool InitClassPrototype(Isolate* isolate, map->set_may_have_interesting_symbols(true); map->set_construction_counter(Map::kNoSlackTracking); - // Class prototypes do not have a name accessor. - const bool install_name_accessor = false; - if (V8_ENABLE_SWISS_NAME_DICTIONARY_BOOL) { Handle<SwissNameDictionary> properties_dictionary_template = Handle<SwissNameDictionary>::cast(properties_template); return AddDescriptorsByTemplate( isolate, map, properties_dictionary_template, - elements_dictionary_template, computed_properties, prototype, - install_name_accessor, args); + elements_dictionary_template, computed_properties, prototype, args); } else { Handle<NameDictionary> properties_dictionary_template = Handle<NameDictionary>::cast(properties_template); return AddDescriptorsByTemplate( isolate, map, properties_dictionary_template, - elements_dictionary_template, computed_properties, prototype, - install_name_accessor, args); + elements_dictionary_template, computed_properties, prototype, args); } } } -bool InitClassConstructor( - Isolate* isolate, Handle<ClassBoilerplate> class_boilerplate, - Handle<HeapObject> constructor_parent, Handle<JSFunction> constructor, - RuntimeArguments& args) { // NOLINT(runtime/references) +bool InitClassConstructor(Isolate* isolate, + Handle<ClassBoilerplate> class_boilerplate, + Handle<HeapObject> constructor_parent, + Handle<JSFunction> constructor, + RuntimeArguments& args) { Handle<Map> map(constructor->map(), isolate); map = Map::CopyDropDescriptors(isolate, map); DCHECK(map->is_prototype_map()); @@ -585,32 +566,28 @@ bool InitClassConstructor( map->set_may_have_interesting_symbols(true); map->set_construction_counter(Map::kNoSlackTracking); - // All class constructors have a name accessor. - const bool install_name_accessor = true; - if (V8_ENABLE_SWISS_NAME_DICTIONARY_BOOL) { Handle<SwissNameDictionary> properties_dictionary_template = Handle<SwissNameDictionary>::cast(properties_template); return AddDescriptorsByTemplate( isolate, map, properties_dictionary_template, - elements_dictionary_template, computed_properties, constructor, - install_name_accessor, args); + elements_dictionary_template, computed_properties, constructor, args); } else { Handle<NameDictionary> properties_dictionary_template = Handle<NameDictionary>::cast(properties_template); return AddDescriptorsByTemplate( isolate, map, properties_dictionary_template, - elements_dictionary_template, computed_properties, constructor, - install_name_accessor, args); + elements_dictionary_template, computed_properties, constructor, args); } } } -MaybeHandle<Object> DefineClass( - Isolate* isolate, Handle<ClassBoilerplate> class_boilerplate, - Handle<Object> super_class, Handle<JSFunction> constructor, - RuntimeArguments& args) { // NOLINT(runtime/references) +MaybeHandle<Object> DefineClass(Isolate* isolate, + Handle<ClassBoilerplate> class_boilerplate, + Handle<Object> super_class, + Handle<JSFunction> constructor, + RuntimeArguments& args) { Handle<Object> prototype_parent; Handle<HeapObject> constructor_parent; @@ -695,8 +672,7 @@ enum class SuperMode { kLoad, kStore }; MaybeHandle<JSReceiver> GetSuperHolder(Isolate* isolate, Handle<JSObject> home_object, - SuperMode mode, - LookupIterator::Key* key) { + SuperMode mode, PropertyKey* key) { if (home_object->IsAccessCheckNeeded() && !isolate->MayAccess(handle(isolate->context(), isolate), home_object)) { isolate->ReportFailedAccessCheck(home_object); @@ -706,18 +682,19 @@ MaybeHandle<JSReceiver> GetSuperHolder(Isolate* isolate, PrototypeIterator iter(isolate, home_object); Handle<Object> proto = PrototypeIterator::GetCurrent(iter); if (!proto->IsJSReceiver()) { - MessageTemplate message = mode == SuperMode::kLoad - ? MessageTemplate::kNonObjectPropertyLoad - : MessageTemplate::kNonObjectPropertyStore; + MessageTemplate message = + mode == SuperMode::kLoad + ? MessageTemplate::kNonObjectPropertyLoadWithProperty + : MessageTemplate::kNonObjectPropertyStoreWithProperty; Handle<Name> name = key->GetName(isolate); - THROW_NEW_ERROR(isolate, NewTypeError(message, name, proto), JSReceiver); + THROW_NEW_ERROR(isolate, NewTypeError(message, proto, name), JSReceiver); } return Handle<JSReceiver>::cast(proto); } MaybeHandle<Object> LoadFromSuper(Isolate* isolate, Handle<Object> receiver, Handle<JSObject> home_object, - LookupIterator::Key* key) { + PropertyKey* key) { Handle<JSReceiver> holder; ASSIGN_RETURN_ON_EXCEPTION( isolate, holder, @@ -737,7 +714,7 @@ RUNTIME_FUNCTION(Runtime_LoadFromSuper) { CONVERT_ARG_HANDLE_CHECKED(JSObject, home_object, 1); CONVERT_ARG_HANDLE_CHECKED(Name, name, 2); - LookupIterator::Key key(isolate, name); + PropertyKey key(isolate, name); RETURN_RESULT_OR_FAILURE(isolate, LoadFromSuper(isolate, receiver, home_object, &key)); @@ -754,7 +731,7 @@ RUNTIME_FUNCTION(Runtime_LoadKeyedFromSuper) { CONVERT_ARG_HANDLE_CHECKED(Object, key, 2); bool success; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return ReadOnlyRoots(isolate).exception(); RETURN_RESULT_OR_FAILURE( @@ -764,8 +741,8 @@ RUNTIME_FUNCTION(Runtime_LoadKeyedFromSuper) { namespace { MaybeHandle<Object> StoreToSuper(Isolate* isolate, Handle<JSObject> home_object, - Handle<Object> receiver, - LookupIterator::Key* key, Handle<Object> value, + Handle<Object> receiver, PropertyKey* key, + Handle<Object> value, StoreOrigin store_origin) { Handle<JSReceiver> holder; ASSIGN_RETURN_ON_EXCEPTION( @@ -787,7 +764,7 @@ RUNTIME_FUNCTION(Runtime_StoreToSuper) { CONVERT_ARG_HANDLE_CHECKED(Name, name, 2); CONVERT_ARG_HANDLE_CHECKED(Object, value, 3); - LookupIterator::Key key(isolate, name); + PropertyKey key(isolate, name); RETURN_RESULT_OR_FAILURE( isolate, StoreToSuper(isolate, home_object, receiver, &key, value, @@ -805,7 +782,7 @@ RUNTIME_FUNCTION(Runtime_StoreKeyedToSuper) { CONVERT_ARG_HANDLE_CHECKED(Object, value, 3); bool success; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return ReadOnlyRoots(isolate).exception(); RETURN_RESULT_OR_FAILURE( diff --git a/chromium/v8/src/runtime/runtime-compiler.cc b/chromium/v8/src/runtime/runtime-compiler.cc index 1586e35e254..7088e4074e4 100644 --- a/chromium/v8/src/runtime/runtime-compiler.cc +++ b/chromium/v8/src/runtime/runtime-compiler.cc @@ -171,9 +171,8 @@ RUNTIME_FUNCTION(Runtime_InstantiateAsmJs) { } shared->set_is_asm_wasm_broken(true); #endif - DCHECK(function->code() == - isolate->builtins()->builtin(Builtins::kInstantiateAsmJs)); - function->set_code(isolate->builtins()->builtin(Builtins::kCompileLazy)); + DCHECK_EQ(function->code(), *BUILTIN_CODE(isolate, InstantiateAsmJs)); + function->set_code(*BUILTIN_CODE(isolate, CompileLazy)); DCHECK(!isolate->has_pending_exception()); return Smi::zero(); } @@ -241,6 +240,8 @@ RUNTIME_FUNCTION(Runtime_VerifyType) { static bool IsSuitableForOnStackReplacement(Isolate* isolate, Handle<JSFunction> function) { + // Don't OSR during serialization. + if (isolate->serializer_enabled()) return false; // Keep track of whether we've succeeded in optimizing. if (function->shared().optimization_disabled()) return false; // TODO(chromium:1031479): Currently, OSR triggering mechanism is tied to the diff --git a/chromium/v8/src/runtime/runtime-debug.cc b/chromium/v8/src/runtime/runtime-debug.cc index 90ae087d209..cb92eae13c6 100644 --- a/chromium/v8/src/runtime/runtime-debug.cc +++ b/chromium/v8/src/runtime/runtime-debug.cc @@ -12,6 +12,7 @@ #include "src/debug/debug-scopes.h" #include "src/debug/debug.h" #include "src/debug/liveedit.h" +#include "src/deoptimizer/deoptimizer.h" #include "src/execution/arguments-inl.h" #include "src/execution/frames-inl.h" #include "src/execution/isolate-inl.h" @@ -193,13 +194,17 @@ MaybeHandle<JSArray> Runtime::GetInternalProperties(Isolate* isolate, Handle<Object> object) { auto result = ArrayList::New(isolate, 8 * 2); if (object->IsJSObject()) { - PrototypeIterator iter(isolate, Handle<JSObject>::cast(object)); - Handle<Object> prototype = PrototypeIterator::GetCurrent(iter); - if (!prototype->IsNull(isolate)) { - result = ArrayList::Add( - isolate, result, - isolate->factory()->NewStringFromStaticChars("[[Prototype]]"), - prototype); + PrototypeIterator iter(isolate, Handle<JSObject>::cast(object), + kStartAtReceiver); + if (iter.HasAccess()) { + iter.Advance(); + Handle<Object> prototype = PrototypeIterator::GetCurrent(iter); + if (!prototype->IsNull(isolate)) { + result = ArrayList::Add( + isolate, result, + isolate->factory()->NewStringFromStaticChars("[[Prototype]]"), + prototype); + } } } if (object->IsJSBoundFunction()) { @@ -331,7 +336,7 @@ MaybeHandle<JSArray> Runtime::GetInternalProperties(Isolate* isolate, isolate->factory()->NewNumberFromSize(byte_length)); // Use the backing store pointer as a unique ID - EmbeddedVector<char, 32> buffer_data_vec; + base::EmbeddedVector<char, 32> buffer_data_vec; int len = SNPrintF(buffer_data_vec, V8PRIxPTR_FMT, reinterpret_cast<Address>(js_array_buffer->backing_store())); @@ -359,6 +364,9 @@ MaybeHandle<JSArray> Runtime::GetInternalProperties(Isolate* isolate, } else if (object->IsWasmModuleObject()) { result = AddWasmModuleObjectInternalProperties( isolate, result, Handle<WasmModuleObject>::cast(object)); + } else if (object->IsWasmTableObject()) { + result = AddWasmTableObjectInternalProperties( + isolate, result, Handle<WasmTableObject>::cast(object)); #endif // V8_ENABLE_WEBASSEMBLY } return isolate->factory()->NewJSArrayWithElements( @@ -679,7 +687,7 @@ RUNTIME_FUNCTION(Runtime_DebugOnFunctionCall) { // Ensure that the callee will perform debug check on function call too. Handle<SharedFunctionInfo> shared(fun->shared(), isolate); isolate->debug()->DeoptimizeFunction(shared); - if (isolate->debug()->last_step_action() >= StepIn || + if (isolate->debug()->last_step_action() >= StepInto || isolate->debug()->break_on_next_function_call()) { DCHECK_EQ(isolate->debug_execution_mode(), DebugInfo::kBreakpoints); isolate->debug()->PrepareStepIn(fun); diff --git a/chromium/v8/src/runtime/runtime-forin.cc b/chromium/v8/src/runtime/runtime-forin.cc index 08e68ee996e..b3cb9d2fd3b 100644 --- a/chromium/v8/src/runtime/runtime-forin.cc +++ b/chromium/v8/src/runtime/runtime-forin.cc @@ -52,7 +52,7 @@ MaybeHandle<Object> HasEnumerableProperty(Isolate* isolate, Handle<Object> key) { bool success = false; Maybe<PropertyAttributes> result = Just(ABSENT); - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return isolate->factory()->undefined_value(); LookupIterator it(isolate, receiver, lookup_key); for (; it.IsFound(); it.Next()) { diff --git a/chromium/v8/src/runtime/runtime-function.cc b/chromium/v8/src/runtime/runtime-function.cc index 0d1879c16a1..98df87ceed1 100644 --- a/chromium/v8/src/runtime/runtime-function.cc +++ b/chromium/v8/src/runtime/runtime-function.cc @@ -80,7 +80,7 @@ RUNTIME_FUNCTION(Runtime_Call) { int const argc = args.length() - 2; CONVERT_ARG_HANDLE_CHECKED(Object, target, 0); CONVERT_ARG_HANDLE_CHECKED(Object, receiver, 1); - ScopedVector<Handle<Object>> argv(argc); + base::ScopedVector<Handle<Object>> argv(argc); for (int i = 0; i < argc; ++i) { argv[i] = args.at(2 + i); } diff --git a/chromium/v8/src/runtime/runtime-internal.cc b/chromium/v8/src/runtime/runtime-internal.cc index 6d569c2be2e..f9dce4d271c 100644 --- a/chromium/v8/src/runtime/runtime-internal.cc +++ b/chromium/v8/src/runtime/runtime-internal.cc @@ -7,7 +7,7 @@ #include "src/api/api.h" #include "src/ast/ast-traversal-visitor.h" #include "src/ast/prettyprinter.h" -#include "src/baseline/baseline-osr-inl.h" +#include "src/baseline/baseline-batch-compiler.h" #include "src/baseline/baseline.h" #include "src/builtins/builtins.h" #include "src/common/message-template.h" @@ -329,11 +329,12 @@ RUNTIME_FUNCTION(Runtime_StackGuardWithGap) { return isolate->stack_guard()->HandleInterrupts(); } -RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterruptFromBytecode) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); +namespace { + +void BytecodeBudgetInterruptFromBytecode(Isolate* isolate, + Handle<JSFunction> function) { function->SetInterruptBudget(); + bool should_mark_for_optimization = function->has_feedback_vector(); if (!function->has_feedback_vector()) { IsCompiledScope is_compiled_scope( function->shared().is_compiled_scope(isolate)); @@ -342,32 +343,71 @@ RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterruptFromBytecode) { // Also initialize the invocation count here. This is only really needed for // OSR. When we OSR functions with lazy feedback allocation we want to have // a non zero invocation count so we can inline functions. - function->feedback_vector().set_invocation_count(1); - if (FLAG_sparkplug) { - if (V8_LIKELY(FLAG_use_osr)) { - JavaScriptFrameIterator it(isolate); - DCHECK(it.frame()->is_unoptimized()); - UnoptimizedFrame* frame = UnoptimizedFrame::cast(it.frame()); - OSRInterpreterFrameToBaseline(isolate, function, frame); - } else { - OSRInterpreterFrameToBaseline(isolate, function, nullptr); - } + function->feedback_vector().set_invocation_count(1, kRelaxedStore); + } + if (CanCompileWithBaseline(isolate, function->shared()) && + !function->ActiveTierIsBaseline()) { + if (FLAG_baseline_batch_compilation) { + isolate->baseline_batch_compiler()->EnqueueFunction(function); + } else { + IsCompiledScope is_compiled_scope( + function->shared().is_compiled_scope(isolate)); + Compiler::CompileBaseline(isolate, function, Compiler::CLEAR_EXCEPTION, + &is_compiled_scope); } - return ReadOnlyRoots(isolate).undefined_value(); } - { + if (should_mark_for_optimization) { SealHandleScope shs(isolate); isolate->counters()->runtime_profiler_ticks()->Increment(); isolate->runtime_profiler()->MarkCandidatesForOptimizationFromBytecode(); - return ReadOnlyRoots(isolate).undefined_value(); } } +} // namespace + +RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterruptWithStackCheckFromBytecode) { + HandleScope scope(isolate); + DCHECK_EQ(1, args.length()); + CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); + TRACE_EVENT0("v8.execute", "V8.BytecodeBudgetInterruptWithStackCheck"); + + // Check for stack interrupts here so that we can fold the interrupt check + // into bytecode budget interrupts. + StackLimitCheck check(isolate); + if (check.JsHasOverflowed()) { + // We ideally wouldn't actually get StackOverflows here, since we stack + // check on bytecode entry, but it's possible that this check fires due to + // the runtime function call being what overflows the stack. + // if our function entry + return isolate->StackOverflow(); + } else if (check.InterruptRequested()) { + Object return_value = isolate->stack_guard()->HandleInterrupts(); + if (!return_value.IsUndefined(isolate)) { + return return_value; + } + } + + BytecodeBudgetInterruptFromBytecode(isolate, function); + return ReadOnlyRoots(isolate).undefined_value(); +} + +RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterruptFromBytecode) { + HandleScope scope(isolate); + DCHECK_EQ(1, args.length()); + CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); + TRACE_EVENT0("v8.execute", "V8.BytecodeBudgetInterrupt"); + + BytecodeBudgetInterruptFromBytecode(isolate, function); + return ReadOnlyRoots(isolate).undefined_value(); +} RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterruptFromCode) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(FeedbackCell, feedback_cell, 0); + // TODO(leszeks): Consider checking stack interrupts here, and removing + // those checks for code that can have budget interrupts. + DCHECK(feedback_cell->value().IsFeedbackVector()); FeedbackVector::SetInterruptBudget(*feedback_cell); diff --git a/chromium/v8/src/runtime/runtime-literals.cc b/chromium/v8/src/runtime/runtime-literals.cc index c4285f2403b..31e50fa3e8f 100644 --- a/chromium/v8/src/runtime/runtime-literals.cc +++ b/chromium/v8/src/runtime/runtime-literals.cc @@ -34,13 +34,11 @@ void PreInitializeLiteralSite(Handle<FeedbackVector> vector, vector->SynchronizedSet(slot, Smi::FromInt(1)); } -enum DeepCopyHints { kNoHints = 0, kObjectIsShallow = 1 }; - template <class ContextObject> class JSObjectWalkVisitor { public: - JSObjectWalkVisitor(ContextObject* site_context, DeepCopyHints hints) - : site_context_(site_context), hints_(hints) {} + explicit JSObjectWalkVisitor(ContextObject* site_context) + : site_context_(site_context) {} V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> StructureWalk( Handle<JSObject> object); @@ -64,7 +62,6 @@ class JSObjectWalkVisitor { private: ContextObject* site_context_; - const DeepCopyHints hints_; }; template <class ContextObject> @@ -72,9 +69,8 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( Handle<JSObject> object) { Isolate* isolate = this->isolate(); bool copying = ContextObject::kCopying; - bool shallow = hints_ == kObjectIsShallow; - if (!shallow) { + { StackLimitCheck check(isolate); if (check.HasOverflowed()) { @@ -84,6 +80,8 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( } if (object->map(isolate).is_deprecated()) { + base::SharedMutexGuard<base::kExclusive> mutex_guard( + isolate->boilerplate_migration_access()); JSObject::MigrateInstance(isolate, object); } @@ -103,8 +101,6 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( DCHECK(copying || copy.is_identical_to(object)); - if (shallow) return copy; - HandleScope scope(isolate); // Deep copy own properties. Arrays only have 1 property "length". @@ -126,7 +122,8 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( isolate, value, VisitElementOrProperty(copy, value), JSObject); if (copying) copy->FastPropertyAtPut(index, *value); } else if (copying && details.representation().IsDouble()) { - uint64_t double_value = HeapNumber::cast(raw).value_as_bits(); + uint64_t double_value = + HeapNumber::cast(raw).value_as_bits(kRelaxedLoad); auto value = isolate->factory()->NewHeapNumberFromBits(double_value); copy->FastPropertyAtPut(index, *value); } @@ -213,6 +210,7 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( break; case FAST_STRING_WRAPPER_ELEMENTS: case SLOW_STRING_WRAPPER_ELEMENTS: + case WASM_ARRAY_ELEMENTS: UNREACHABLE(); #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) case TYPE##_ELEMENTS: @@ -245,7 +243,6 @@ class DeprecationUpdateContext { Handle<AllocationSite> EnterNewScope() { return Handle<AllocationSite>(); } Handle<AllocationSite> current() { UNREACHABLE(); - return Handle<AllocationSite>(); } static const bool kCopying = false; @@ -313,7 +310,7 @@ class AllocationSiteCreationContext : public AllocationSiteContext { MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object, DeprecationUpdateContext* site_context) { - JSObjectWalkVisitor<DeprecationUpdateContext> v(site_context, kNoHints); + JSObjectWalkVisitor<DeprecationUpdateContext> v(site_context); MaybeHandle<JSObject> result = v.StructureWalk(object); Handle<JSObject> for_assert; DCHECK(!result.ToHandle(&for_assert) || for_assert.is_identical_to(object)); @@ -322,7 +319,7 @@ MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object, MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object, AllocationSiteCreationContext* site_context) { - JSObjectWalkVisitor<AllocationSiteCreationContext> v(site_context, kNoHints); + JSObjectWalkVisitor<AllocationSiteCreationContext> v(site_context); MaybeHandle<JSObject> result = v.StructureWalk(object); Handle<JSObject> for_assert; DCHECK(!result.ToHandle(&for_assert) || for_assert.is_identical_to(object)); @@ -330,9 +327,8 @@ MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object, } MaybeHandle<JSObject> DeepCopy(Handle<JSObject> object, - AllocationSiteUsageContext* site_context, - DeepCopyHints hints) { - JSObjectWalkVisitor<AllocationSiteUsageContext> v(site_context, hints); + AllocationSiteUsageContext* site_context) { + JSObjectWalkVisitor<AllocationSiteUsageContext> v(site_context); MaybeHandle<JSObject> copy = v.StructureWalk(object); Handle<JSObject> for_assert; DCHECK(!copy.ToHandle(&for_assert) || !for_assert.is_identical_to(object)); @@ -517,26 +513,13 @@ Handle<JSObject> CreateArrayLiteral( copied_elements_values->length(), allocation); } -inline DeepCopyHints DecodeCopyHints(int flags) { - DeepCopyHints copy_hints = - (flags & AggregateLiteral::kIsShallow) ? kObjectIsShallow : kNoHints; - if (FLAG_track_double_fields) { - // Make sure we properly clone mutable heap numbers on 32-bit platforms. - copy_hints = kNoHints; - } - return copy_hints; -} - template <typename LiteralHelper> MaybeHandle<JSObject> CreateLiteralWithoutAllocationSite( Isolate* isolate, Handle<HeapObject> description, int flags) { Handle<JSObject> literal = LiteralHelper::Create(isolate, description, flags, AllocationType::kYoung); - DeepCopyHints copy_hints = DecodeCopyHints(flags); - if (copy_hints == kNoHints) { - DeprecationUpdateContext update_context(isolate); - RETURN_ON_EXCEPTION(isolate, DeepWalk(literal, &update_context), JSObject); - } + DeprecationUpdateContext update_context(isolate); + RETURN_ON_EXCEPTION(isolate, DeepWalk(literal, &update_context), JSObject); return literal; } @@ -555,8 +538,6 @@ MaybeHandle<JSObject> CreateLiteral(Isolate* isolate, CHECK(literals_slot.ToInt() < vector->length()); Handle<Object> literal_site(vector->Get(literals_slot)->cast<Object>(), isolate); - DeepCopyHints copy_hints = DecodeCopyHints(flags); - Handle<AllocationSite> site; Handle<JSObject> boilerplate; @@ -593,8 +574,7 @@ MaybeHandle<JSObject> CreateLiteral(Isolate* isolate, // Copy the existing boilerplate. AllocationSiteUsageContext usage_context(isolate, site, enable_mementos); usage_context.EnterNewScope(); - MaybeHandle<JSObject> copy = - DeepCopy(boilerplate, &usage_context, copy_hints); + MaybeHandle<JSObject> copy = DeepCopy(boilerplate, &usage_context); usage_context.ExitScope(site, boilerplate); return copy; } diff --git a/chromium/v8/src/runtime/runtime-module.cc b/chromium/v8/src/runtime/runtime-module.cc index 1862b504fef..52fadb8c8c2 100644 --- a/chromium/v8/src/runtime/runtime-module.cc +++ b/chromium/v8/src/runtime/runtime-module.cc @@ -28,7 +28,9 @@ RUNTIME_FUNCTION(Runtime_DynamicImportCall) { Handle<Script> script(Script::cast(function->shared().script()), isolate); while (script->has_eval_from_shared()) { - script = handle(Script::cast(script->eval_from_shared().script()), isolate); + Object maybe_script = script->eval_from_shared().script(); + CHECK(maybe_script.IsScript()); + script = handle(Script::cast(maybe_script), isolate); } RETURN_RESULT_OR_FAILURE(isolate, diff --git a/chromium/v8/src/runtime/runtime-object.cc b/chromium/v8/src/runtime/runtime-object.cc index 13493125da1..42bbb10d92e 100644 --- a/chromium/v8/src/runtime/runtime-object.cc +++ b/chromium/v8/src/runtime/runtime-object.cc @@ -39,7 +39,7 @@ MaybeHandle<Object> Runtime::GetObjectProperty( } bool success = false; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return MaybeHandle<Object>(); LookupIterator it = LookupIterator(isolate, receiver, lookup_key, lookup_start_object); @@ -279,7 +279,7 @@ Maybe<bool> Runtime::DeleteObjectProperty(Isolate* isolate, if (DeleteObjectPropertyFast(isolate, receiver, key)) return Just(true); bool success = false; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return Nothing<bool>(); LookupIterator it(isolate, receiver, lookup_key, LookupIterator::OWN); @@ -366,7 +366,7 @@ RUNTIME_FUNCTION(Runtime_ObjectHasOwnProperty) { // TODO(ishell): To improve performance, consider performing the to-string // conversion of {property} before calling into the runtime. bool success; - LookupIterator::Key key(isolate, property, &success); + PropertyKey key(isolate, property, &success); if (!success) return ReadOnlyRoots(isolate).exception(); Handle<Object> object = args.at(0); @@ -441,7 +441,7 @@ RUNTIME_FUNCTION(Runtime_HasOwnConstDataProperty) { CONVERT_ARG_HANDLE_CHECKED(Object, property, 1); bool success; - LookupIterator::Key key(isolate, property, &success); + PropertyKey key(isolate, property, &success); if (!success) return ReadOnlyRoots(isolate).undefined_value(); if (object->IsJSObject()) { @@ -525,15 +525,26 @@ MaybeHandle<Object> Runtime::SetObjectProperty( Handle<Object> value, StoreOrigin store_origin, Maybe<ShouldThrow> should_throw) { if (object->IsNullOrUndefined(isolate)) { - THROW_NEW_ERROR( - isolate, - NewTypeError(MessageTemplate::kNonObjectPropertyStore, key, object), - Object); + MaybeHandle<String> maybe_property = + Object::NoSideEffectsToMaybeString(isolate, key); + Handle<String> property_name; + if (maybe_property.ToHandle(&property_name)) { + THROW_NEW_ERROR( + isolate, + NewTypeError(MessageTemplate::kNonObjectPropertyStoreWithProperty, + object, property_name), + Object); + } else { + THROW_NEW_ERROR( + isolate, + NewTypeError(MessageTemplate::kNonObjectPropertyStore, object), + Object); + } } // Check if the given key is an array index. bool success = false; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return MaybeHandle<Object>(); LookupIterator it(isolate, object, lookup_key); @@ -848,7 +859,7 @@ RUNTIME_FUNCTION(Runtime_StoreDataPropertyInLiteral) { CONVERT_ARG_HANDLE_CHECKED(Object, key, 1); CONVERT_ARG_HANDLE_CHECKED(Object, value, 2); - LookupIterator::Key lookup_key(isolate, key); + PropertyKey lookup_key(isolate, key); LookupIterator it(isolate, object, lookup_key, LookupIterator::OWN); Maybe<bool> result = JSObject::DefineOwnPropertyIgnoreAttributes( @@ -1084,14 +1095,17 @@ RUNTIME_FUNCTION(Runtime_DefineDataPropertyInLiteral) { *function_map == function->map()); } - LookupIterator::Key key(isolate, name); + PropertyKey key(isolate, name); LookupIterator it(isolate, object, key, object, LookupIterator::OWN); // Cannot fail since this should only be called when // creating an object literal. CHECK(JSObject::DefineOwnPropertyIgnoreAttributes(&it, value, attrs, Just(kDontThrow)) .IsJust()); - return *object; + + // Return the value so that BaselineCompiler::VisitStaDataPropertyInLiteral + // doesn't have to save the accumulator. + return *value; } RUNTIME_FUNCTION(Runtime_CollectTypeProfile) { @@ -1216,7 +1230,7 @@ RUNTIME_FUNCTION(Runtime_CopyDataPropertiesWithExcludedProperties) { MaybeHandle<Object>()); } - ScopedVector<Handle<Object>> excluded_properties(args.length() - 1); + base::ScopedVector<Handle<Object>> excluded_properties(args.length() - 1); for (int i = 1; i < args.length(); i++) { Handle<Object> property = args.at(i); uint32_t property_num; @@ -1335,7 +1349,7 @@ RUNTIME_FUNCTION(Runtime_CreateDataProperty) { CONVERT_ARG_HANDLE_CHECKED(Object, key, 1); CONVERT_ARG_HANDLE_CHECKED(Object, value, 2); bool success; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) return ReadOnlyRoots(isolate).exception(); LookupIterator it(isolate, o, lookup_key, LookupIterator::OWN); MAYBE_RETURN(JSReceiver::CreateDataProperty(&it, value, Just(kThrowOnError)), diff --git a/chromium/v8/src/runtime/runtime-promise.cc b/chromium/v8/src/runtime/runtime-promise.cc index 0ade310cfb5..516a597e567 100644 --- a/chromium/v8/src/runtime/runtime-promise.cc +++ b/chromium/v8/src/runtime/runtime-promise.cc @@ -112,15 +112,6 @@ RUNTIME_FUNCTION(Runtime_PromiseStatus) { return Smi::FromInt(promise->status()); } -RUNTIME_FUNCTION(Runtime_PromiseMarkAsHandled) { - SealHandleScope shs(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_CHECKED(JSPromise, promise, 0); - - promise.set_has_handler(true); - return ReadOnlyRoots(isolate).undefined_value(); -} - RUNTIME_FUNCTION(Runtime_PromiseHookInit) { HandleScope scope(isolate); DCHECK_EQ(2, args.length()); diff --git a/chromium/v8/src/runtime/runtime-proxy.cc b/chromium/v8/src/runtime/runtime-proxy.cc index 038aeb4369e..9249affb9f2 100644 --- a/chromium/v8/src/runtime/runtime-proxy.cc +++ b/chromium/v8/src/runtime/runtime-proxy.cc @@ -53,7 +53,7 @@ RUNTIME_FUNCTION(Runtime_GetPropertyWithReceiver) { #endif bool success = false; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) { DCHECK(isolate->has_pending_exception()); return ReadOnlyRoots(isolate).exception(); @@ -73,7 +73,7 @@ RUNTIME_FUNCTION(Runtime_SetPropertyWithReceiver) { CONVERT_ARG_HANDLE_CHECKED(Object, receiver, 3); bool success = false; - LookupIterator::Key lookup_key(isolate, key, &success); + PropertyKey lookup_key(isolate, key, &success); if (!success) { DCHECK(isolate->has_pending_exception()); return ReadOnlyRoots(isolate).exception(); diff --git a/chromium/v8/src/runtime/runtime-regexp.cc b/chromium/v8/src/runtime/runtime-regexp.cc index f80316e34dd..c52449a642b 100644 --- a/chromium/v8/src/runtime/runtime-regexp.cc +++ b/chromium/v8/src/runtime/runtime-regexp.cc @@ -5,6 +5,7 @@ #include <functional> #include "src/base/small-vector.h" +#include "src/base/strings.h" #include "src/common/message-template.h" #include "src/execution/arguments-inl.h" #include "src/execution/isolate-inl.h" @@ -149,7 +150,7 @@ class CompiledReplacement { }; template <typename Char> - bool ParseReplacementPattern(Vector<Char> characters, + bool ParseReplacementPattern(base::Vector<Char> characters, FixedArray capture_name_map, int capture_count, int subject_length) { // Equivalent to String::GetSubstitution, except that this method converts @@ -269,7 +270,7 @@ class CompiledReplacement { break; } - Vector<Char> requested_name = + base::Vector<Char> requested_name = characters.SubVector(name_start_index, closing_bracket_index); // Let capture be ? Get(namedCaptures, groupName). @@ -410,8 +411,9 @@ void CompiledReplacement::Apply(ReplacementStringBuilder* builder, } } -void FindOneByteStringIndices(Vector<const uint8_t> subject, uint8_t pattern, - std::vector<int>* indices, unsigned int limit) { +void FindOneByteStringIndices(base::Vector<const uint8_t> subject, + uint8_t pattern, std::vector<int>* indices, + unsigned int limit) { DCHECK_LT(0, limit); // Collect indices of pattern in subject using memchr. // Stop after finding at most limit values. @@ -428,12 +430,14 @@ void FindOneByteStringIndices(Vector<const uint8_t> subject, uint8_t pattern, } } -void FindTwoByteStringIndices(const Vector<const uc16> subject, uc16 pattern, - std::vector<int>* indices, unsigned int limit) { +void FindTwoByteStringIndices(const base::Vector<const base::uc16> subject, + base::uc16 pattern, std::vector<int>* indices, + unsigned int limit) { DCHECK_LT(0, limit); - const uc16* subject_start = subject.begin(); - const uc16* subject_end = subject_start + subject.length(); - for (const uc16* pos = subject_start; pos < subject_end && limit > 0; pos++) { + const base::uc16* subject_start = subject.begin(); + const base::uc16* subject_end = subject_start + subject.length(); + for (const base::uc16* pos = subject_start; pos < subject_end && limit > 0; + pos++) { if (*pos == pattern) { indices->push_back(static_cast<int>(pos - subject_start)); limit--; @@ -442,8 +446,9 @@ void FindTwoByteStringIndices(const Vector<const uc16> subject, uc16 pattern, } template <typename SubjectChar, typename PatternChar> -void FindStringIndices(Isolate* isolate, Vector<const SubjectChar> subject, - Vector<const PatternChar> pattern, +void FindStringIndices(Isolate* isolate, + base::Vector<const SubjectChar> subject, + base::Vector<const PatternChar> pattern, std::vector<int>* indices, unsigned int limit) { DCHECK_LT(0, limit); // Collect indices of pattern in subject. @@ -469,9 +474,10 @@ void FindStringIndicesDispatch(Isolate* isolate, String subject, String pattern, DCHECK(subject_content.IsFlat()); DCHECK(pattern_content.IsFlat()); if (subject_content.IsOneByte()) { - Vector<const uint8_t> subject_vector = subject_content.ToOneByteVector(); + base::Vector<const uint8_t> subject_vector = + subject_content.ToOneByteVector(); if (pattern_content.IsOneByte()) { - Vector<const uint8_t> pattern_vector = + base::Vector<const uint8_t> pattern_vector = pattern_content.ToOneByteVector(); if (pattern_vector.length() == 1) { FindOneByteStringIndices(subject_vector, pattern_vector[0], indices, @@ -485,9 +491,10 @@ void FindStringIndicesDispatch(Isolate* isolate, String subject, String pattern, pattern_content.ToUC16Vector(), indices, limit); } } else { - Vector<const uc16> subject_vector = subject_content.ToUC16Vector(); + base::Vector<const base::uc16> subject_vector = + subject_content.ToUC16Vector(); if (pattern_content.IsOneByte()) { - Vector<const uint8_t> pattern_vector = + base::Vector<const uint8_t> pattern_vector = pattern_content.ToOneByteVector(); if (pattern_vector.length() == 1) { FindTwoByteStringIndices(subject_vector, pattern_vector[0], indices, @@ -497,7 +504,8 @@ void FindStringIndicesDispatch(Isolate* isolate, String subject, String pattern, limit); } } else { - Vector<const uc16> pattern_vector = pattern_content.ToUC16Vector(); + base::Vector<const base::uc16> pattern_vector = + pattern_content.ToUC16Vector(); if (pattern_vector.length() == 1) { FindTwoByteStringIndices(subject_vector, pattern_vector[0], indices, limit); @@ -953,8 +961,6 @@ RUNTIME_FUNCTION( } RUNTIME_FUNCTION(Runtime_RegExpBuildIndices) { - DCHECK(FLAG_harmony_regexp_match_indices); - HandleScope scope(isolate); DCHECK_EQ(3, args.length()); CONVERT_ARG_HANDLE_CHECKED(RegExpMatchInfo, match_info, 1); @@ -1058,7 +1064,8 @@ class VectorBackedMatch : public String::Match { public: VectorBackedMatch(Isolate* isolate, Handle<String> subject, Handle<String> match, int match_position, - Vector<Handle<Object>> captures, Handle<Object> groups_obj) + base::Vector<Handle<Object>> captures, + Handle<Object> groups_obj) : isolate_(isolate), match_(match), match_position_(match_position), @@ -1118,7 +1125,7 @@ class VectorBackedMatch : public String::Match { Handle<String> subject_; Handle<String> match_; const int match_position_; - Vector<Handle<Object>> captures_; + base::Vector<Handle<Object>> captures_; bool has_named_captures_; Handle<JSReceiver> groups_obj_; @@ -1559,7 +1566,7 @@ RUNTIME_FUNCTION(Runtime_StringReplaceNonGlobalRegExpWithFunction) { THROW_NEW_ERROR_RETURN_FAILURE( isolate, NewRangeError(MessageTemplate::kTooManyArguments)); } - ScopedVector<Handle<Object>> argv(argc); + base::ScopedVector<Handle<Object>> argv(argc); int cursor = 0; for (int j = 0; j < m; j++) { @@ -1669,7 +1676,7 @@ RUNTIME_FUNCTION(Runtime_RegExpSplit) { { const int argc = 2; - ScopedVector<Handle<Object>> argv(argc); + base::ScopedVector<Handle<Object>> argv(argc); argv[0] = recv; argv[1] = new_flags; @@ -1931,7 +1938,7 @@ RUNTIME_FUNCTION(Runtime_RegExpReplaceRT) { isolate, NewRangeError(MessageTemplate::kTooManyArguments)); } - ScopedVector<Handle<Object>> argv(argc); + base::ScopedVector<Handle<Object>> argv(argc); int cursor = 0; for (uint32_t j = 0; j < captures_length; j++) { @@ -1958,8 +1965,8 @@ RUNTIME_FUNCTION(Runtime_RegExpReplaceRT) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, groups_obj, Object::ToObject(isolate, groups_obj)); } - VectorBackedMatch m(isolate, string, match, position, VectorOf(captures), - groups_obj); + VectorBackedMatch m(isolate, string, match, position, + base::VectorOf(captures), groups_obj); ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, replacement, String::GetSubstitution(isolate, &m, replace)); } diff --git a/chromium/v8/src/runtime/runtime-scopes.cc b/chromium/v8/src/runtime/runtime-scopes.cc index e925e1f7f99..f49689c2920 100644 --- a/chromium/v8/src/runtime/runtime-scopes.cc +++ b/chromium/v8/src/runtime/runtime-scopes.cc @@ -52,7 +52,7 @@ Object DeclareGlobal(Isolate* isolate, Handle<JSGlobalObject> global, RedeclarationType redeclaration_type) { Handle<ScriptContextTable> script_contexts( global->native_context().script_context_table(), isolate); - ScriptContextTable::LookupResult lookup; + VariableLookupResult lookup; if (ScriptContextTable::Lookup(isolate, *script_contexts, *name, &lookup) && IsLexicalVariableMode(lookup.mode)) { // ES#sec-globaldeclarationinstantiation 6.a: @@ -869,7 +869,7 @@ RUNTIME_FUNCTION(Runtime_StoreGlobalNoHoleCheckForReplLetOrConst) { Handle<ScriptContextTable> script_contexts( native_context->script_context_table(), isolate); - ScriptContextTable::LookupResult lookup_result; + VariableLookupResult lookup_result; bool found = ScriptContextTable::Lookup(isolate, *script_contexts, *name, &lookup_result); CHECK(found); diff --git a/chromium/v8/src/runtime/runtime-strings.cc b/chromium/v8/src/runtime/runtime-strings.cc index bd651c646c6..78759e8a59f 100644 --- a/chromium/v8/src/runtime/runtime-strings.cc +++ b/chromium/v8/src/runtime/runtime-strings.cc @@ -320,7 +320,7 @@ RUNTIME_FUNCTION(Runtime_StringToArray) { DisallowGarbageCollection no_gc; String::FlatContent content = s->GetFlatContent(no_gc); if (content.IsOneByte()) { - Vector<const uint8_t> chars = content.ToOneByteVector(); + base::Vector<const uint8_t> chars = content.ToOneByteVector(); // Note, this will initialize all elements (not only the prefix) // to prevent GC from seeing partially initialized array. position = CopyCachedOneByteCharsToArray(isolate->heap(), chars.begin(), diff --git a/chromium/v8/src/runtime/runtime-test-wasm.cc b/chromium/v8/src/runtime/runtime-test-wasm.cc index 54976dcc05b..8425b1fa189 100644 --- a/chromium/v8/src/runtime/runtime-test-wasm.cc +++ b/chromium/v8/src/runtime/runtime-test-wasm.cc @@ -6,6 +6,7 @@ #include "src/base/platform/mutex.h" #include "src/execution/arguments-inl.h" #include "src/execution/frames-inl.h" +#include "src/heap/heap-inl.h" #include "src/logging/counters.h" #include "src/objects/smi.h" #include "src/runtime/runtime-utils.h" @@ -237,7 +238,7 @@ RUNTIME_FUNCTION(Runtime_IsAsmWasmCode) { return ReadOnlyRoots(isolate).false_value(); } if (function.shared().HasBuiltinId() && - function.shared().builtin_id() == Builtins::kInstantiateAsmJs) { + function.shared().builtin_id() == Builtin::kInstantiateAsmJs) { // Hasn't been compiled yet. return ReadOnlyRoots(isolate).false_value(); } @@ -267,10 +268,9 @@ RUNTIME_FUNCTION(Runtime_IsWasmCode) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSFunction, function, 0); - bool is_js_to_wasm = - function.code().kind() == CodeKind::JS_TO_WASM_FUNCTION || - (function.code().is_builtin() && - function.code().builtin_index() == Builtins::kGenericJSToWasmWrapper); + Code code = function.code(); + bool is_js_to_wasm = code.kind() == CodeKind::JS_TO_WASM_FUNCTION || + (code.builtin_id() == Builtin::kGenericJSToWasmWrapper); return isolate->heap()->ToBoolean(is_js_to_wasm); } @@ -293,7 +293,7 @@ RUNTIME_FUNCTION(Runtime_GetWasmRecoveredTrapCount) { return *isolate->factory()->NewNumberFromSize(trap_count); } -RUNTIME_FUNCTION(Runtime_GetWasmExceptionId) { +RUNTIME_FUNCTION(Runtime_GetWasmExceptionTagId) { HandleScope scope(isolate); DCHECK_EQ(2, args.length()); CONVERT_ARG_HANDLE_CHECKED(WasmExceptionPackage, exception, 0); @@ -301,9 +301,9 @@ RUNTIME_FUNCTION(Runtime_GetWasmExceptionId) { Handle<Object> tag = WasmExceptionPackage::GetExceptionTag(isolate, exception); CHECK(tag->IsWasmExceptionTag()); - Handle<FixedArray> exceptions_table(instance->exceptions_table(), isolate); - for (int index = 0; index < exceptions_table->length(); ++index) { - if (exceptions_table->get(index) == *tag) return Smi::FromInt(index); + Handle<FixedArray> tags_table(instance->tags_table(), isolate); + for (int index = 0; index < tags_table->length(); ++index) { + if (tags_table->get(index) == *tag) return Smi::FromInt(index); } UNREACHABLE(); } @@ -355,11 +355,11 @@ RUNTIME_FUNCTION(Runtime_DeserializeWasmModule) { CHECK(!wire_bytes->WasDetached()); Handle<JSArrayBuffer> wire_bytes_buffer = wire_bytes->GetBuffer(); - Vector<const uint8_t> wire_bytes_vec{ + base::Vector<const uint8_t> wire_bytes_vec{ reinterpret_cast<const uint8_t*>(wire_bytes_buffer->backing_store()) + wire_bytes->byte_offset(), wire_bytes->byte_length()}; - Vector<uint8_t> buffer_vec{ + base::Vector<uint8_t> buffer_vec{ reinterpret_cast<uint8_t*>(buffer->backing_store()), buffer->byte_length()}; @@ -435,8 +435,8 @@ RUNTIME_FUNCTION(Runtime_WasmTierUpFunction) { CONVERT_ARG_HANDLE_CHECKED(WasmInstanceObject, instance, 0); CONVERT_SMI_ARG_CHECKED(function_index, 1); auto* native_module = instance->module_object().native_module(); - isolate->wasm_engine()->CompileFunction( - isolate, native_module, function_index, wasm::ExecutionTier::kTurbofan); + wasm::GetWasmEngine()->CompileFunction(isolate, native_module, function_index, + wasm::ExecutionTier::kTurbofan); CHECK(!native_module->compilation_state()->failed()); return ReadOnlyRoots(isolate).undefined_value(); } @@ -444,14 +444,14 @@ RUNTIME_FUNCTION(Runtime_WasmTierUpFunction) { RUNTIME_FUNCTION(Runtime_WasmTierDown) { HandleScope scope(isolate); DCHECK_EQ(0, args.length()); - isolate->wasm_engine()->TierDownAllModulesPerIsolate(isolate); + wasm::GetWasmEngine()->TierDownAllModulesPerIsolate(isolate); return ReadOnlyRoots(isolate).undefined_value(); } RUNTIME_FUNCTION(Runtime_WasmTierUp) { HandleScope scope(isolate); DCHECK_EQ(0, args.length()); - isolate->wasm_engine()->TierUpAllModulesPerIsolate(isolate); + wasm::GetWasmEngine()->TierUpAllModulesPerIsolate(isolate); return ReadOnlyRoots(isolate).undefined_value(); } diff --git a/chromium/v8/src/runtime/runtime-test.cc b/chromium/v8/src/runtime/runtime-test.cc index 00a4124dcef..69b0f6241bd 100644 --- a/chromium/v8/src/runtime/runtime-test.cc +++ b/chromium/v8/src/runtime/runtime-test.cc @@ -3,8 +3,8 @@ // found in the LICENSE file. #include "src/api/api-inl.h" +#include "src/base/numbers/double.h" #include "src/base/platform/mutex.h" -#include "src/baseline/baseline-osr-inl.h" #include "src/codegen/assembler-inl.h" #include "src/codegen/compiler.h" #include "src/codegen/pending-optimization-table.h" @@ -42,9 +42,17 @@ V8_WARN_UNUSED_RESULT Object CrashUnlessFuzzing(Isolate* isolate) { return ReadOnlyRoots(isolate).undefined_value(); } -// Returns |value| unless fuzzing is enabled, otherwise returns undefined_value. +V8_WARN_UNUSED_RESULT bool CrashUnlessFuzzingReturnFalse(Isolate* isolate) { + CHECK(FLAG_fuzzing); + return false; +} + +// Returns |value| unless correctness-fuzzer-supressions is enabled, +// otherwise returns undefined_value. V8_WARN_UNUSED_RESULT Object ReturnFuzzSafe(Object value, Isolate* isolate) { - return FLAG_fuzzing ? ReadOnlyRoots(isolate).undefined_value() : value; + return FLAG_correctness_fuzzer_suppressions + ? ReadOnlyRoots(isolate).undefined_value() + : value; } // Assert that the given argument is a number within the Int32 range @@ -78,7 +86,7 @@ RUNTIME_FUNCTION(Runtime_ConstructDouble) { CONVERT_NUMBER_CHECKED(uint32_t, hi, Uint32, args[0]); CONVERT_NUMBER_CHECKED(uint32_t, lo, Uint32, args[1]); uint64_t result = (static_cast<uint64_t>(hi) << 32) | lo; - return *isolate->factory()->NewNumber(uint64_to_double(result)); + return *isolate->factory()->NewNumber(base::uint64_to_double(result)); } RUNTIME_FUNCTION(Runtime_ConstructConsString) { @@ -199,46 +207,45 @@ RUNTIME_FUNCTION(Runtime_IsMidTierTurboprop) { !FLAG_turboprop_as_toptier); } +RUNTIME_FUNCTION(Runtime_IsAtomicsWaitAllowed) { + SealHandleScope shs(isolate); + DCHECK_EQ(0, args.length()); + return isolate->heap()->ToBoolean(isolate->allow_atomics_wait()); +} + namespace { enum class TierupKind { kTierupBytecode, kTierupBytecodeOrMidTier }; -Object OptimizeFunctionOnNextCall(RuntimeArguments& args, Isolate* isolate, - TierupKind tierup_kind) { - if (args.length() != 1 && args.length() != 2) { - return CrashUnlessFuzzing(isolate); - } - - CONVERT_ARG_HANDLE_CHECKED(Object, function_object, 0); - if (!function_object->IsJSFunction()) return CrashUnlessFuzzing(isolate); - Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); - +bool CanOptimizeFunction(Handle<JSFunction> function, Isolate* isolate, + TierupKind tierup_kind, + IsCompiledScope* is_compiled_scope) { // The following conditions were lifted (in part) from the DCHECK inside // JSFunction::MarkForOptimization(). if (!function->shared().allows_lazy_compilation()) { - return CrashUnlessFuzzing(isolate); + return CrashUnlessFuzzingReturnFalse(isolate); } // If function isn't compiled, compile it now. - IsCompiledScope is_compiled_scope( - function->shared().is_compiled_scope(isolate)); - if (!is_compiled_scope.is_compiled() && + if (!is_compiled_scope->is_compiled() && !Compiler::Compile(isolate, function, Compiler::CLEAR_EXCEPTION, - &is_compiled_scope)) { - return CrashUnlessFuzzing(isolate); + is_compiled_scope)) { + return CrashUnlessFuzzingReturnFalse(isolate); } - if (!FLAG_opt) return ReadOnlyRoots(isolate).undefined_value(); + if (!FLAG_opt) return false; if (function->shared().optimization_disabled() && function->shared().disable_optimization_reason() == BailoutReason::kNeverOptimize) { - return CrashUnlessFuzzing(isolate); + return CrashUnlessFuzzingReturnFalse(isolate); } #if V8_ENABLE_WEBASSEMBLY - if (function->shared().HasAsmWasmData()) return CrashUnlessFuzzing(isolate); + if (function->shared().HasAsmWasmData()) { + return CrashUnlessFuzzingReturnFalse(isolate); + } #endif // V8_ENABLE_WEBASSEMBLY if (FLAG_testing_d8_test_runner) { @@ -254,6 +261,26 @@ Object OptimizeFunctionOnNextCall(RuntimeArguments& args, Isolate* isolate, if (FLAG_testing_d8_test_runner) { PendingOptimizationTable::FunctionWasOptimized(isolate, function); } + return false; + } + + return true; +} + +Object OptimizeFunctionOnNextCall(RuntimeArguments& args, Isolate* isolate, + TierupKind tierup_kind) { + if (args.length() != 1 && args.length() != 2) { + return CrashUnlessFuzzing(isolate); + } + + CONVERT_ARG_HANDLE_CHECKED(Object, function_object, 0); + if (!function_object->IsJSFunction()) return CrashUnlessFuzzing(isolate); + Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); + + IsCompiledScope is_compiled_scope( + function->shared().is_compiled_scope(isolate)); + if (!CanOptimizeFunction(function, isolate, tierup_kind, + &is_compiled_scope)) { return ReadOnlyRoots(isolate).undefined_value(); } @@ -262,7 +289,7 @@ Object OptimizeFunctionOnNextCall(RuntimeArguments& args, Isolate* isolate, CONVERT_ARG_HANDLE_CHECKED(Object, type, 1); if (!type->IsString()) return CrashUnlessFuzzing(isolate); if (Handle<String>::cast(type)->IsOneByteEqualTo( - StaticCharVector("concurrent")) && + base::StaticCharVector("concurrent")) && isolate->concurrent_recompilation_enabled()) { concurrency_mode = ConcurrencyMode::kConcurrent; } @@ -380,7 +407,7 @@ RUNTIME_FUNCTION(Runtime_PrepareFunctionForOptimization) { if (!sync_object->IsString()) return CrashUnlessFuzzing(isolate); Handle<String> sync = Handle<String>::cast(sync_object); if (sync->IsOneByteEqualTo( - StaticCharVector("allow heuristic optimization"))) { + base::StaticCharVector("allow heuristic optimization"))) { allow_heuristic_optimization = true; } } @@ -411,6 +438,32 @@ RUNTIME_FUNCTION(Runtime_PrepareFunctionForOptimization) { return ReadOnlyRoots(isolate).undefined_value(); } +RUNTIME_FUNCTION(Runtime_OptimizeFunctionForTopTier) { + // TODO(rmcilroy): Ideally this should be rolled into + // OptimizeFunctionOnNextCall, but there is no way to mark the tier to be + // optimized using the regular optimization marking system. + HandleScope scope(isolate); + if (args.length() != 1) { + return CrashUnlessFuzzing(isolate); + } + + CONVERT_ARG_HANDLE_CHECKED(Object, function_object, 0); + if (!function_object->IsJSFunction()) return CrashUnlessFuzzing(isolate); + Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); + + IsCompiledScope is_compiled_scope( + function->shared().is_compiled_scope(isolate)); + if (!CanOptimizeFunction(function, isolate, + TierupKind::kTierupBytecodeOrMidTier, + &is_compiled_scope)) { + return ReadOnlyRoots(isolate).undefined_value(); + } + + Compiler::CompileOptimized(isolate, function, ConcurrencyMode::kNotConcurrent, + CodeKindForTopTier()); + return ReadOnlyRoots(isolate).undefined_value(); +} + RUNTIME_FUNCTION(Runtime_OptimizeOsr) { HandleScope scope(isolate); DCHECK(args.length() == 0 || args.length() == 1); @@ -478,21 +531,11 @@ RUNTIME_FUNCTION(Runtime_OptimizeOsr) { RUNTIME_FUNCTION(Runtime_BaselineOsr) { HandleScope scope(isolate); - DCHECK(args.length() == 0 || args.length() == 1); - - Handle<JSFunction> function; - - // The optional parameter determines the frame being targeted. - int stack_depth = 0; - if (args.length() == 1) { - if (!args[0].IsSmi()) return CrashUnlessFuzzing(isolate); - stack_depth = args.smi_at(0); - } + DCHECK_EQ(0, args.length()); // Find the JavaScript function on the top of the stack. JavaScriptFrameIterator it(isolate); - while (!it.done() && stack_depth--) it.Advance(); - if (!it.done()) function = handle(it.frame()->function(), isolate); + Handle<JSFunction> function = handle(it.frame()->function(), isolate); if (function.is_null()) return CrashUnlessFuzzing(isolate); if (!FLAG_sparkplug || !FLAG_use_osr) { return ReadOnlyRoots(isolate).undefined_value(); @@ -501,8 +544,10 @@ RUNTIME_FUNCTION(Runtime_BaselineOsr) { return ReadOnlyRoots(isolate).undefined_value(); } - UnoptimizedFrame* frame = UnoptimizedFrame::cast(it.frame()); - OSRInterpreterFrameToBaseline(isolate, function, frame); + IsCompiledScope is_compiled_scope( + function->shared().is_compiled_scope(isolate)); + Compiler::CompileBaseline(isolate, function, Compiler::CLEAR_EXCEPTION, + &is_compiled_scope); return ReadOnlyRoots(isolate).undefined_value(); } @@ -553,9 +598,9 @@ RUNTIME_FUNCTION(Runtime_GetOptimizationStatus) { CONVERT_ARG_HANDLE_CHECKED(Object, sync_object, 1); if (!sync_object->IsString()) return CrashUnlessFuzzing(isolate); Handle<String> sync = Handle<String>::cast(sync_object); - if (sync->IsOneByteEqualTo(StaticCharVector("no sync"))) { + if (sync->IsOneByteEqualTo(base::StaticCharVector("no sync"))) { sync_with_compiler_thread = false; - } else if (sync->IsOneByteEqualTo(StaticCharVector("sync")) || + } else if (sync->IsOneByteEqualTo(base::StaticCharVector("sync")) || sync->length() == 0) { DCHECK(sync_with_compiler_thread); } else { @@ -581,12 +626,13 @@ RUNTIME_FUNCTION(Runtime_GetOptimizationStatus) { } if (function->HasAttachedOptimizedCode()) { - if (function->code().marked_for_deoptimization()) { + Code code = function->code(); + if (code.marked_for_deoptimization()) { status |= static_cast<int>(OptimizationStatus::kMarkedForDeoptimization); } else { status |= static_cast<int>(OptimizationStatus::kOptimized); } - if (function->code().is_turbofanned()) { + if (code.is_turbofanned()) { status |= static_cast<int>(OptimizationStatus::kTurboFanned); } } @@ -632,6 +678,34 @@ RUNTIME_FUNCTION(Runtime_UnblockConcurrentRecompilation) { return ReadOnlyRoots(isolate).undefined_value(); } +RUNTIME_FUNCTION(Runtime_DisableOptimizationFinalization) { + DCHECK_EQ(0, args.length()); + DCHECK(!FLAG_block_concurrent_recompilation); + CHECK(isolate->concurrent_recompilation_enabled()); + isolate->optimizing_compile_dispatcher()->AwaitCompileTasks(); + isolate->optimizing_compile_dispatcher()->InstallOptimizedFunctions(); + isolate->optimizing_compile_dispatcher()->set_finalize(false); + return ReadOnlyRoots(isolate).undefined_value(); +} + +RUNTIME_FUNCTION(Runtime_WaitForBackgroundOptimization) { + DCHECK_EQ(0, args.length()); + DCHECK(!FLAG_block_concurrent_recompilation); + CHECK(isolate->concurrent_recompilation_enabled()); + isolate->optimizing_compile_dispatcher()->AwaitCompileTasks(); + return ReadOnlyRoots(isolate).undefined_value(); +} + +RUNTIME_FUNCTION(Runtime_FinalizeOptimization) { + DCHECK_EQ(0, args.length()); + DCHECK(!FLAG_block_concurrent_recompilation); + CHECK(isolate->concurrent_recompilation_enabled()); + isolate->optimizing_compile_dispatcher()->AwaitCompileTasks(); + isolate->optimizing_compile_dispatcher()->InstallOptimizedFunctions(); + isolate->optimizing_compile_dispatcher()->set_finalize(true); + return ReadOnlyRoots(isolate).undefined_value(); +} + static void ReturnNull(const v8::FunctionCallbackInfo<v8::Value>& args) { args.GetReturnValue().SetNull(); } @@ -859,7 +933,7 @@ RUNTIME_FUNCTION(Runtime_DebugTrackRetainingPath) { if (args.length() == 2) { CONVERT_ARG_HANDLE_CHECKED(String, str, 1); const char track_ephemeron_path[] = "track-ephemeron-path"; - if (str->IsOneByteEqualTo(StaticCharVector(track_ephemeron_path))) { + if (str->IsOneByteEqualTo(base::StaticCharVector(track_ephemeron_path))) { option = RetainingPathOption::kTrackEphemeronPath; } else { CHECK_EQ(str->length(), 0); @@ -1093,7 +1167,7 @@ RUNTIME_FUNCTION(Runtime_RegexpHasNativeCode) { CONVERT_BOOLEAN_ARG_CHECKED(is_latin1, 1); bool result; if (regexp.TypeTag() == JSRegExp::IRREGEXP) { - result = regexp.Code(is_latin1).IsCode(); + result = regexp.Code(is_latin1).IsCodeT(); } else { result = false; } @@ -1334,7 +1408,7 @@ RUNTIME_FUNCTION(Runtime_EnableCodeLoggingForTesting) { }; static base::LeakyObject<NoopListener> noop_listener; #if V8_ENABLE_WEBASSEMBLY - isolate->wasm_engine()->EnableCodeLogging(isolate); + wasm::GetWasmEngine()->EnableCodeLogging(isolate); #endif // V8_ENABLE_WEBASSEMBLY isolate->code_event_dispatcher()->AddListener(noop_listener.get()); return ReadOnlyRoots(isolate).undefined_value(); diff --git a/chromium/v8/src/runtime/runtime-trace.cc b/chromium/v8/src/runtime/runtime-trace.cc index 3b9a039670f..87249607f31 100644 --- a/chromium/v8/src/runtime/runtime-trace.cc +++ b/chromium/v8/src/runtime/runtime-trace.cc @@ -26,9 +26,7 @@ namespace internal { namespace { void AdvanceToOffsetForTracing( - interpreter::BytecodeArrayIterator& - bytecode_iterator, // NOLINT(runtime/references) - int offset) { + interpreter::BytecodeArrayIterator& bytecode_iterator, int offset) { while (bytecode_iterator.current_offset() + bytecode_iterator.current_bytecode_size() <= offset) { @@ -41,8 +39,7 @@ void AdvanceToOffsetForTracing( } void PrintRegisters(UnoptimizedFrame* frame, std::ostream& os, bool is_input, - interpreter::BytecodeArrayIterator& - bytecode_iterator, // NOLINT(runtime/references) + interpreter::BytecodeArrayIterator& bytecode_iterator, Handle<Object> accumulator) { static const char kAccumulator[] = "accumulator"; static const int kRegFieldWidth = static_cast<int>(sizeof(kAccumulator) - 1); diff --git a/chromium/v8/src/runtime/runtime-wasm.cc b/chromium/v8/src/runtime/runtime-wasm.cc index 40af2938351..df4ea141648 100644 --- a/chromium/v8/src/runtime/runtime-wasm.cc +++ b/chromium/v8/src/runtime/runtime-wasm.cc @@ -85,7 +85,6 @@ class V8_NODISCARD ClearThreadInWasmScope { }; Object ThrowWasmError(Isolate* isolate, MessageTemplate message) { - HandleScope scope(isolate); Handle<JSObject> error_obj = isolate->factory()->NewWasmRuntimeError(message); JSObject::AddProperty(isolate, error_obj, isolate->factory()->wasm_uncatchable_symbol(), @@ -133,6 +132,7 @@ RUNTIME_FUNCTION(Runtime_WasmMemoryGrow) { RUNTIME_FUNCTION(Runtime_ThrowWasmError) { ClearThreadInWasmScope flag_scope(isolate); + HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_SMI_ARG_CHECKED(message_id, 0); return ThrowWasmError(isolate, MessageTemplateFromInt(message_id)); @@ -168,19 +168,9 @@ RUNTIME_FUNCTION(Runtime_WasmThrow) { // TODO(wasm): Manually box because parameters are not visited yet. Handle<WasmExceptionTag> tag(tag_raw, isolate); Handle<FixedArray> values(values_raw, isolate); - - Handle<Object> exception = isolate->factory()->NewWasmRuntimeError( - MessageTemplate::kWasmExceptionError); - Object::SetProperty( - isolate, exception, isolate->factory()->wasm_exception_tag_symbol(), tag, - StoreOrigin::kMaybeKeyed, Just(ShouldThrow::kThrowOnError)) - .Check(); - Object::SetProperty( - isolate, exception, isolate->factory()->wasm_exception_values_symbol(), - values, StoreOrigin::kMaybeKeyed, Just(ShouldThrow::kThrowOnError)) - .Check(); - - isolate->wasm_engine()->SampleThrowEvent(isolate); + Handle<WasmExceptionPackage> exception = + WasmExceptionPackage::New(isolate, tag, values); + wasm::GetWasmEngine()->SampleThrowEvent(isolate); return isolate->Throw(*exception); } @@ -188,7 +178,7 @@ RUNTIME_FUNCTION(Runtime_WasmReThrow) { ClearThreadInWasmScope clear_wasm_flag(isolate); HandleScope scope(isolate); DCHECK_EQ(1, args.length()); - isolate->wasm_engine()->SampleRethrowEvent(isolate); + wasm::GetWasmEngine()->SampleRethrowEvent(isolate); return isolate->ReThrow(args[0]); } @@ -238,7 +228,7 @@ void ReplaceWrapper(Isolate* isolate, Handle<WasmInstanceObject> instance, WasmInstanceObject::GetWasmExternalFunction(isolate, instance, function_index) .ToHandleChecked(); - exported_function->set_code(*wrapper_code); + exported_function->set_code(*wrapper_code, kReleaseStore); WasmExportedFunctionData function_data = exported_function->shared().wasm_exported_function_data(); function_data.set_wrapper_code(*wrapper_code); @@ -341,8 +331,8 @@ RUNTIME_FUNCTION(Runtime_WasmI32AtomicWait) { // Should have trapped if address was OOB. DCHECK_LT(offset, array_buffer->byte_length()); - // Trap if memory is not shared. - if (!array_buffer->is_shared()) { + // Trap if memory is not shared, or wait is not allowed on the isolate + if (!array_buffer->is_shared() || !isolate->allow_atomics_wait()) { return ThrowWasmError(isolate, MessageTemplate::kAtomicsWaitNotAllowed); } return FutexEmulation::WaitWasm32(isolate, array_buffer, offset, @@ -364,8 +354,8 @@ RUNTIME_FUNCTION(Runtime_WasmI64AtomicWait) { // Should have trapped if address was OOB. DCHECK_LT(offset, array_buffer->byte_length()); - // Trap if memory is not shared. - if (!array_buffer->is_shared()) { + // Trap if memory is not shared, or if wait is not allowed on the isolate + if (!array_buffer->is_shared() || !isolate->allow_atomics_wait()) { return ThrowWasmError(isolate, MessageTemplate::kAtomicsWaitNotAllowed); } return FutexEmulation::WaitWasm64(isolate, array_buffer, offset, @@ -381,9 +371,7 @@ Object ThrowTableOutOfBounds(Isolate* isolate, if (isolate->context().is_null()) { isolate->set_context(instance->native_context()); } - Handle<Object> error_obj = isolate->factory()->NewWasmRuntimeError( - MessageTemplate::kWasmTrapTableOutOfBounds); - return isolate->Throw(*error_obj); + return ThrowWasmError(isolate, MessageTemplate::kWasmTrapTableOutOfBounds); } } // namespace @@ -561,7 +549,13 @@ RUNTIME_FUNCTION(Runtime_WasmDebugBreak) { // Stepping can repeatedly create code, and code GC requires stack guards to // be executed on all involved isolates. Proactively do this here. StackLimitCheck check(isolate); - if (check.InterruptRequested()) isolate->stack_guard()->HandleInterrupts(); + if (check.InterruptRequested()) { + Object interrupt_object = isolate->stack_guard()->HandleInterrupts(); + // Interrupt handling can create an exception, including the + // termination exception. + if (interrupt_object.IsException(isolate)) return interrupt_object; + DCHECK(interrupt_object.IsUndefined(isolate)); + } // Enter the debugger. DebugScope debug_scope(isolate->debug()); @@ -629,12 +623,61 @@ RUNTIME_FUNCTION(Runtime_WasmDebugBreak) { RUNTIME_FUNCTION(Runtime_WasmAllocateRtt) { ClearThreadInWasmScope flag_scope(isolate); HandleScope scope(isolate); - DCHECK_EQ(2, args.length()); + DCHECK_EQ(3, args.length()); CONVERT_UINT32_ARG_CHECKED(type_index, 0); CONVERT_ARG_HANDLE_CHECKED(Map, parent, 1); + CONVERT_SMI_ARG_CHECKED(raw_mode, 2); Handle<WasmInstanceObject> instance(GetWasmInstanceOnStackTop(isolate), isolate); - return *wasm::AllocateSubRtt(isolate, instance, type_index, parent); + return *wasm::AllocateSubRtt(isolate, instance, type_index, parent, + static_cast<WasmRttSubMode>(raw_mode)); +} + +namespace { +inline void* ArrayElementAddress(Handle<WasmArray> array, uint32_t index, + int element_size_bytes) { + return reinterpret_cast<void*>(array->ptr() + WasmArray::kHeaderSize - + kHeapObjectTag + index * element_size_bytes); +} +} // namespace + +// Assumes copy ranges are in-bounds. +RUNTIME_FUNCTION(Runtime_WasmArrayCopy) { + ClearThreadInWasmScope flag_scope(isolate); + HandleScope scope(isolate); + DCHECK_EQ(5, args.length()); + CONVERT_ARG_HANDLE_CHECKED(WasmArray, dst_array, 0); + CONVERT_UINT32_ARG_CHECKED(dst_index, 1); + CONVERT_ARG_HANDLE_CHECKED(WasmArray, src_array, 2); + CONVERT_UINT32_ARG_CHECKED(src_index, 3); + CONVERT_UINT32_ARG_CHECKED(length, 4); + bool overlapping_ranges = + dst_array->ptr() == src_array->ptr() && + (dst_index < src_index ? dst_index + length > src_index + : src_index + length > dst_index); + wasm::ValueType element_type = src_array->type()->element_type(); + if (element_type.is_reference()) { + ObjectSlot dst_slot = dst_array->ElementSlot(dst_index); + ObjectSlot src_slot = src_array->ElementSlot(src_index); + if (overlapping_ranges) { + isolate->heap()->MoveRange(*dst_array, dst_slot, src_slot, length, + UPDATE_WRITE_BARRIER); + } else { + isolate->heap()->CopyRange(*dst_array, dst_slot, src_slot, length, + UPDATE_WRITE_BARRIER); + } + } else { + int element_size_bytes = element_type.element_size_bytes(); + void* dst = ArrayElementAddress(dst_array, dst_index, element_size_bytes); + void* src = ArrayElementAddress(src_array, src_index, element_size_bytes); + size_t copy_size = length * element_size_bytes; + if (overlapping_ranges) { + MemMove(dst, src, copy_size); + } else { + MemCopy(dst, src, copy_size); + } + } + return ReadOnlyRoots(isolate).undefined_value(); } } // namespace internal diff --git a/chromium/v8/src/runtime/runtime.cc b/chromium/v8/src/runtime/runtime.cc index 9e553b12af1..47f184a3a09 100644 --- a/chromium/v8/src/runtime/runtime.cc +++ b/chromium/v8/src/runtime/runtime.cc @@ -264,8 +264,8 @@ const Runtime::Function* Runtime::RuntimeFunctionTable(Isolate* isolate) { if (!isolate->runtime_state()->redirected_intrinsic_functions()) { size_t function_count = arraysize(kIntrinsicFunctions); Function* redirected_functions = new Function[function_count]; - base::Memcpy(redirected_functions, kIntrinsicFunctions, - sizeof(kIntrinsicFunctions)); + memcpy(redirected_functions, kIntrinsicFunctions, + sizeof(kIntrinsicFunctions)); for (size_t i = 0; i < function_count; i++) { ExternalReference redirected_entry = ExternalReference::Create(static_cast<Runtime::FunctionId>(i)); diff --git a/chromium/v8/src/runtime/runtime.h b/chromium/v8/src/runtime/runtime.h index eea742f2c99..045ffb36418 100644 --- a/chromium/v8/src/runtime/runtime.h +++ b/chromium/v8/src/runtime/runtime.h @@ -46,7 +46,7 @@ namespace internal { F(ArrayIsArray, 1, 1) \ F(ArraySpeciesConstructor, 1, 1) \ F(GrowArrayElements, 2, 1) \ - I(IsArray, 1, 1) \ + F(IsArray, 1, 1) \ F(NewArray, -1 /* >= 3 */, 1) \ F(NormalizeElements, 1, 1) \ F(TransitionElementsKind, 2, 1) \ @@ -171,7 +171,7 @@ namespace internal { FOR_EACH_INTRINSIC_TRACE_FEEDBACK(F, I) #define FOR_EACH_INTRINSIC_FUNCTION(F, I) \ - I(Call, -1 /* >= 2 */, 1) \ + F(Call, -1 /* >= 2 */, 1) \ F(FunctionGetScriptSource, 1, 1) \ F(FunctionGetScriptId, 1, 1) \ F(FunctionGetScriptSourcePosition, 1, 1) \ @@ -206,58 +206,59 @@ namespace internal { #define FOR_EACH_INTRINSIC_INTL(F, I) #endif // V8_INTL_SUPPORT -#define FOR_EACH_INTRINSIC_INTERNAL(F, I) \ - F(AccessCheck, 1, 1) \ - F(AllocateByteArray, 1, 1) \ - F(AllocateInYoungGeneration, 2, 1) \ - F(AllocateInOldGeneration, 2, 1) \ - F(AllocateSeqOneByteString, 1, 1) \ - F(AllocateSeqTwoByteString, 1, 1) \ - F(AllowDynamicFunction, 1, 1) \ - I(CreateAsyncFromSyncIterator, 1, 1) \ - F(CreateListFromArrayLike, 1, 1) \ - F(DoubleToStringWithRadix, 2, 1) \ - F(FatalProcessOutOfMemoryInAllocateRaw, 0, 1) \ - F(FatalProcessOutOfMemoryInvalidArrayLength, 0, 1) \ - F(GetAndResetRuntimeCallStats, -1 /* <= 2 */, 1) \ - F(GetTemplateObject, 3, 1) \ - F(IncrementUseCounter, 1, 1) \ - F(BytecodeBudgetInterruptFromBytecode, 1, 1) \ - F(BytecodeBudgetInterruptFromCode, 1, 1) \ - F(NewError, 2, 1) \ - F(NewReferenceError, 2, 1) \ - F(NewSyntaxError, 2, 1) \ - F(NewTypeError, -1 /* [1, 4] */, 1) \ - F(OrdinaryHasInstance, 2, 1) \ - F(PromoteScheduledException, 0, 1) \ - F(ReportMessageFromMicrotask, 1, 1) \ - F(ReThrow, 1, 1) \ - F(RunMicrotaskCallback, 2, 1) \ - F(PerformMicrotaskCheckpoint, 0, 1) \ - F(StackGuard, 0, 1) \ - F(StackGuardWithGap, 1, 1) \ - F(Throw, 1, 1) \ - F(ThrowApplyNonFunction, 1, 1) \ - F(ThrowCalledNonCallable, 1, 1) \ - F(ThrowConstructedNonConstructable, 1, 1) \ - F(ThrowConstructorReturnedNonObject, 0, 1) \ - F(ThrowInvalidStringLength, 0, 1) \ - F(ThrowInvalidTypedArrayAlignment, 2, 1) \ - F(ThrowIteratorError, 1, 1) \ - F(ThrowSpreadArgError, 2, 1) \ - F(ThrowIteratorResultNotAnObject, 1, 1) \ - F(ThrowNotConstructor, 1, 1) \ - F(ThrowPatternAssignmentNonCoercible, 1, 1) \ - F(ThrowRangeError, -1 /* >= 1 */, 1) \ - F(ThrowReferenceError, 1, 1) \ - F(ThrowAccessedUninitializedVariable, 1, 1) \ - F(ThrowStackOverflow, 0, 1) \ - F(ThrowSymbolAsyncIteratorInvalid, 0, 1) \ - F(ThrowSymbolIteratorInvalid, 0, 1) \ - F(ThrowThrowMethodMissing, 0, 1) \ - F(ThrowTypeError, -1 /* >= 1 */, 1) \ - F(ThrowTypeErrorIfStrict, -1 /* >= 1 */, 1) \ - F(Typeof, 1, 1) \ +#define FOR_EACH_INTRINSIC_INTERNAL(F, I) \ + F(AccessCheck, 1, 1) \ + F(AllocateByteArray, 1, 1) \ + F(AllocateInYoungGeneration, 2, 1) \ + F(AllocateInOldGeneration, 2, 1) \ + F(AllocateSeqOneByteString, 1, 1) \ + F(AllocateSeqTwoByteString, 1, 1) \ + F(AllowDynamicFunction, 1, 1) \ + I(CreateAsyncFromSyncIterator, 1, 1) \ + F(CreateListFromArrayLike, 1, 1) \ + F(DoubleToStringWithRadix, 2, 1) \ + F(FatalProcessOutOfMemoryInAllocateRaw, 0, 1) \ + F(FatalProcessOutOfMemoryInvalidArrayLength, 0, 1) \ + F(GetAndResetRuntimeCallStats, -1 /* <= 2 */, 1) \ + F(GetTemplateObject, 3, 1) \ + F(IncrementUseCounter, 1, 1) \ + F(BytecodeBudgetInterruptFromBytecode, 1, 1) \ + F(BytecodeBudgetInterruptWithStackCheckFromBytecode, 1, 1) \ + F(BytecodeBudgetInterruptFromCode, 1, 1) \ + F(NewError, 2, 1) \ + F(NewReferenceError, 2, 1) \ + F(NewSyntaxError, 2, 1) \ + F(NewTypeError, -1 /* [1, 4] */, 1) \ + F(OrdinaryHasInstance, 2, 1) \ + F(PromoteScheduledException, 0, 1) \ + F(ReportMessageFromMicrotask, 1, 1) \ + F(ReThrow, 1, 1) \ + F(RunMicrotaskCallback, 2, 1) \ + F(PerformMicrotaskCheckpoint, 0, 1) \ + F(StackGuard, 0, 1) \ + F(StackGuardWithGap, 1, 1) \ + F(Throw, 1, 1) \ + F(ThrowApplyNonFunction, 1, 1) \ + F(ThrowCalledNonCallable, 1, 1) \ + F(ThrowConstructedNonConstructable, 1, 1) \ + F(ThrowConstructorReturnedNonObject, 0, 1) \ + F(ThrowInvalidStringLength, 0, 1) \ + F(ThrowInvalidTypedArrayAlignment, 2, 1) \ + F(ThrowIteratorError, 1, 1) \ + F(ThrowSpreadArgError, 2, 1) \ + F(ThrowIteratorResultNotAnObject, 1, 1) \ + F(ThrowNotConstructor, 1, 1) \ + F(ThrowPatternAssignmentNonCoercible, 1, 1) \ + F(ThrowRangeError, -1 /* >= 1 */, 1) \ + F(ThrowReferenceError, 1, 1) \ + F(ThrowAccessedUninitializedVariable, 1, 1) \ + F(ThrowStackOverflow, 0, 1) \ + F(ThrowSymbolAsyncIteratorInvalid, 0, 1) \ + F(ThrowSymbolIteratorInvalid, 0, 1) \ + F(ThrowThrowMethodMissing, 0, 1) \ + F(ThrowTypeError, -1 /* >= 1 */, 1) \ + F(ThrowTypeErrorIfStrict, -1 /* >= 1 */, 1) \ + F(Typeof, 1, 1) \ F(UnwindAndFindExceptionHandler, 0, 1) #define FOR_EACH_INTRINSIC_LITERALS(F, I) \ @@ -276,7 +277,7 @@ namespace internal { F(ArrayBufferMaxByteLength, 0, 1) \ F(GetHoleNaNLower, 0, 1) \ F(GetHoleNaNUpper, 0, 1) \ - I(IsSmi, 1, 1) \ + F(IsSmi, 1, 1) \ F(MaxSmi, 0, 1) \ F(NumberToStringSlow, 1, 1) \ F(StringParseFloat, 1, 1) \ @@ -308,9 +309,9 @@ namespace internal { F(GetProperty, -1 /* [2, 3] */, 1) \ F(HasFastPackedElements, 1, 1) \ F(HasInPrototypeChain, 2, 1) \ - I(HasProperty, 2, 1) \ + F(HasProperty, 2, 1) \ F(InternalSetPrototype, 2, 1) \ - I(IsJSReceiver, 1, 1) \ + F(IsJSReceiver, 1, 1) \ F(JSReceiverPreventExtensionsDontThrow, 1, 1) \ F(JSReceiverPreventExtensionsThrow, 1, 1) \ F(JSReceiverGetPrototypeOf, 1, 1) \ @@ -338,11 +339,11 @@ namespace internal { F(ShrinkNameDictionary, 1, 1) \ F(ShrinkSwissNameDictionary, 1, 1) \ F(ToFastProperties, 1, 1) \ - I(ToLength, 1, 1) \ + F(ToLength, 1, 1) \ F(ToName, 1, 1) \ - I(ToNumber, 1, 1) \ + F(ToNumber, 1, 1) \ F(ToNumeric, 1, 1) \ - I(ToObject, 1, 1) \ + F(ToObject, 1, 1) \ F(ToString, 1, 1) \ F(TryMigrateInstance, 1, 1) \ F(SwissTableAdd, 4, 1) \ @@ -375,7 +376,6 @@ namespace internal { F(PromiseHookInit, 2, 1) \ F(AwaitPromisesInit, 5, 1) \ F(AwaitPromisesInitOld, 5, 1) \ - F(PromiseMarkAsHandled, 1, 1) \ F(PromiseRejectEventFromStack, 2, 1) \ F(PromiseRevokeReject, 1, 1) \ F(PromiseStatus, 1, 1) \ @@ -397,7 +397,7 @@ namespace internal { F(SetPropertyWithReceiver, 4, 1) #define FOR_EACH_INTRINSIC_REGEXP(F, I) \ - I(IsRegExp, 1, 1) \ + F(IsRegExp, 1, 1) \ F(RegExpBuildIndices, 3, 1) \ F(RegExpExec, 4, 1) \ F(RegExpExecTreatMatchAtEndAsFailure, 4, 1) \ @@ -463,8 +463,9 @@ namespace internal { #define FOR_EACH_INTRINSIC_TEST(F, I) \ F(Abort, 1, 1) \ - F(AbortJS, 1, 1) \ F(AbortCSAAssert, 1, 1) \ + F(AbortJS, 1, 1) \ + F(ArrayIteratorProtector, 0, 1) \ F(ArraySpeciesProtector, 0, 1) \ F(BaselineOsr, -1, 1) \ F(ClearFunctionFeedback, 1, 1) \ @@ -481,10 +482,10 @@ namespace internal { F(DisallowCodegenFromStrings, 1, 1) \ F(DisassembleFunction, 1, 1) \ F(DynamicCheckMapsEnabled, 0, 1) \ - F(IsTopTierTurboprop, 0, 1) \ - F(IsMidTierTurboprop, 0, 1) \ F(EnableCodeLoggingForTesting, 0, 1) \ F(EnsureFeedbackVectorForFunction, 1, 1) \ + F(DisableOptimizationFinalization, 0, 1) \ + F(FinalizeOptimization, 0, 1) \ F(GetCallable, 0, 1) \ F(GetInitializerFunction, 1, 1) \ F(GetOptimizationStatus, -1, 1) \ @@ -495,7 +496,6 @@ namespace internal { F(HasElementsInALargeObjectSpace, 1, 1) \ F(HasFastElements, 1, 1) \ F(HasFastProperties, 1, 1) \ - F(HasOwnConstDataProperty, 2, 1) \ F(HasFixedBigInt64Elements, 1, 1) \ F(HasFixedBigUint64Elements, 1, 1) \ F(HasFixedFloat32Elements, 1, 1) \ @@ -509,6 +509,7 @@ namespace internal { F(HasFixedUint8Elements, 1, 1) \ F(HasHoleyElements, 1, 1) \ F(HasObjectElements, 1, 1) \ + F(HasOwnConstDataProperty, 2, 1) \ F(HasPackedElements, 1, 1) \ F(HasSloppyArgumentsElements, 1, 1) \ F(HasSmiElements, 1, 1) \ @@ -518,44 +519,48 @@ namespace internal { F(ICsAreEnabled, 0, 1) \ F(InLargeObjectSpace, 1, 1) \ F(InYoungGeneration, 1, 1) \ + F(Is64Bit, 0, 1) \ + F(IsAtomicsWaitAllowed, 0, 1) \ F(IsBeingInterpreted, 0, 1) \ + F(IsConcatSpreadableProtector, 0, 1) \ F(IsConcurrentRecompilationSupported, 0, 1) \ F(IsDictPropertyConstTrackingEnabled, 0, 1) \ - F(RegexpHasBytecode, 2, 1) \ - F(RegexpHasNativeCode, 2, 1) \ - F(RegexpTypeTag, 1, 1) \ - F(RegexpIsUnmodified, 1, 1) \ + F(IsMidTierTurboprop, 0, 1) \ + F(IsTopTierTurboprop, 0, 1) \ F(MapIteratorProtector, 0, 1) \ - F(ArrayIteratorProtector, 0, 1) \ F(NeverOptimizeFunction, 1, 1) \ + F(NewRegExpWithBacktrackLimit, 3, 1) \ F(NotifyContextDisposed, 0, 1) \ + F(OptimizeFunctionForTopTier, 1, 1) \ F(OptimizeFunctionOnNextCall, -1, 1) \ - F(TierupFunctionOnNextCall, -1, 1) \ F(OptimizeOsr, -1, 1) \ - F(NewRegExpWithBacktrackLimit, 3, 1) \ F(PrepareFunctionForOptimization, -1, 1) \ F(PretenureAllocationSite, 1, 1) \ F(PrintWithNameForAssert, 2, 1) \ + F(PromiseSpeciesProtector, 0, 1) \ + F(RegexpHasBytecode, 2, 1) \ + F(RegexpHasNativeCode, 2, 1) \ + F(RegexpIsUnmodified, 1, 1) \ + F(RegExpSpeciesProtector, 0, 1) \ + F(RegexpTypeTag, 1, 1) \ F(RunningInSimulator, 0, 1) \ F(RuntimeEvaluateREPL, 1, 1) \ + F(ScheduleGCInStackCheck, 0, 1) \ F(SerializeDeserializeNow, 0, 1) \ F(SetAllocationTimeout, -1 /* 2 || 3 */, 1) \ F(SetForceSlowPath, 1, 1) \ F(SetIteratorProtector, 0, 1) \ F(SimulateNewspaceFull, 0, 1) \ - F(ScheduleGCInStackCheck, 0, 1) \ F(StringIteratorProtector, 0, 1) \ F(SystemBreak, 0, 1) \ + F(TierupFunctionOnNextCall, -1, 1) \ F(TraceEnter, 0, 1) \ F(TraceExit, 1, 1) \ F(TurbofanStaticAssert, 1, 1) \ F(TypedArraySpeciesProtector, 0, 1) \ F(UnblockConcurrentRecompilation, 0, 1) \ - I(DeoptimizeNow, 0, 1) \ - F(PromiseSpeciesProtector, 0, 1) \ - F(IsConcatSpreadableProtector, 0, 1) \ - F(RegExpSpeciesProtector, 0, 1) \ - F(Is64Bit, 0, 1) + F(WaitForBackgroundOptimization, 0, 1) \ + I(DeoptimizeNow, 0, 1) #define FOR_EACH_INTRINSIC_TYPEDARRAY(F, I) \ F(ArrayBufferDetach, 1, 1) \ @@ -588,13 +593,14 @@ namespace internal { F(WasmCompileWrapper, 2, 1) \ F(WasmTriggerTierUp, 1, 1) \ F(WasmDebugBreak, 0, 1) \ - F(WasmAllocateRtt, 2, 1) + F(WasmAllocateRtt, 3, 1) \ + F(WasmArrayCopy, 5, 1) #define FOR_EACH_INTRINSIC_WASM_TEST(F, I) \ F(DeserializeWasmModule, 2, 1) \ F(DisallowWasmCodegen, 1, 1) \ F(FreezeWasmLazyCompilation, 1, 1) \ - F(GetWasmExceptionId, 2, 1) \ + F(GetWasmExceptionTagId, 2, 1) \ F(GetWasmExceptionValues, 1, 1) \ F(GetWasmRecoveredTrapCount, 0, 1) \ F(IsAsmWasmCode, 1, 1) \ @@ -799,8 +805,8 @@ class Runtime : public AllStatic { V8_WARN_UNUSED_RESULT static MaybeHandle<Object> HasProperty( Isolate* isolate, Handle<Object> object, Handle<Object> key); - V8_WARN_UNUSED_RESULT static MaybeHandle<JSArray> GetInternalProperties( - Isolate* isolate, Handle<Object>); + V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static MaybeHandle<JSArray> + GetInternalProperties(Isolate* isolate, Handle<Object>); V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ThrowIteratorError( Isolate* isolate, Handle<Object> object); |